Improved EAP-AKA Protocol Based on Redirection Defense

Author

Binbin Yu ; Jianwu Zhang ; Zhendong Wu

Author_Institution

Coll. of Telecommun. Eng., Hangzhou Dianzi Univ., Hangzhou, China

fYear

2014

fDate

8-10 Nov. 2014

Firstpage

543

Lastpage

547

Abstract

With the substantial popularity of smartphones and the increasing development of wireless technology, users have higher and higher demands for seamless data connection, which involves the vertical handover and unified authentication between heterogeneous networks. 3G-WLAN network is the most widely studied and used scheme which uses EAP-AKA protocol as its authentication protocol. However, EAP-AKA protocol contains a number of security vulnerabilities of AKA. The most serious problem of them is the complete trust in APs. This paper analyzes the security flaws of EAP-AKA protocol, and presents a kind of redirection attack based on the complete trust in APs, and then simulates it. Finally we propose an improved EAP-AKA protocol to prevent redirection attack.

Keywords

3G mobile communication; cryptographic protocols; mobile computing; telecommunication computing; trusted computing; wireless LAN; 3G-WLAN network; AKA security vulnerabilities; EAP-AKA authentication protocol; extensible authentication protocol-authentication and key agreement protocol; heterogeneous networks; redirection attack; redirection defense; seamless data connection; smartphones; wireless technology; Authentication; Computer hacking; Handover; Protocols; Servers; Wireless LAN; 3G; EAP-AKA; WLAN; heterogeneous networks; redirection attack;

fLanguage

English

Publisher

ieee

Conference_Titel

P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC), 2014 Ninth International Conference on

Conference_Location

Guangdong

Type

conf

DOI

10.1109/3PGCIC.2014.106

Filename

7024643