DocumentCode :
79703
Title :
Security Analysis of Handover Key Management in 4G LTE/SAE Networks
Author :
Chan-Kyu Han ; Hyoung-Kee Choi
Author_Institution :
Samsung Electron., Suwon, South Korea
Volume :
13
Issue :
2
fYear :
2014
fDate :
Feb. 2014
Firstpage :
457
Lastpage :
468
Abstract :
The goal of 3GPP Long Term Evolution/System Architecture Evolution (LTE/SAE) is to move mobile cellular wireless technology into its fourth generation. One of the unique challenges of fourth-generation technology is how to close a security gap through which a single compromised or malicious device can jeopardize an entire mobile network because of the open nature of these networks. To meet this challenge, handover key management in the 3GPP LTE/SAE has been designed to revoke any compromised key(s) and as a consequence isolate corrupted network devices. This paper, however, identifies and details the vulnerability of this handover key management to what are called desynchronization attacks; such attacks jeopardize secure communication between users and mobile networks. Although periodic updates of the root key are an integral part of handover key management, our work here emphasizes how essential these updates are to minimizing the effect of desynchronization attacks that, as of now, cannot be effectively prevented. Our main contribution, however, is to explore how network operators can determine for themselves an optimal interval for updates that minimizes the signaling load they impose while protecting the security of user traffic. Our analytical and simulation studies demonstrate the impact of the key update interval on such performance criteria as network topology and user mobility.
Keywords :
3G mobile communication; 4G mobile communication; Long Term Evolution; cellular radio; mobility management (mobile radio); telecommunication network topology; telecommunication security; 3GPP Long Term Evolution-system architecture evolution; 4G LTE-SAE networks; communication security; compromised key; corrupted network devices; desynchronization attacks; fourth-generation technology; handover key management; key update interval; malicious device; mobile cellular wireless technology; mobile network; network operators; network topology; periodic updates; security analysis; security gap; signaling load; user mobility; user network; user traffic security protection; Base stations; Computer architecture; Mobile communication; Mobile computing; Security; Authentication and key agreement; evolved packet system; handover key management; long-term evolution security; mobile networks; system architecture evolution;
fLanguage :
English
Journal_Title :
Mobile Computing, IEEE Transactions on
Publisher :
ieee
ISSN :
1536-1233
Type :
jour
DOI :
10.1109/TMC.2012.242
Filename :
6365188
Link To Document :
بازگشت