Is the Session Mix-up Attack on the UMTS/LTE AKA Protocol Practical?
Abstract
Tsay and Mjølsnes [1, 2, 3] have detected a protocol-level security vulnerability in the specifications of the Authentication and Key Agreement (AKA) protocols of the GSM/UMTS/LTE family of mobile network systems. It is still open how this error in the specified protocol will present a threat to the actual operations of the access networks, and whether there a practical attack can be constructed based on the theoretical session mix-up possibility. This project will attempt to answer these questions, both by understanding which security mechanisms are recommended in the standards and other relevant documentations, and by trying to acquire information about and assess the current practice and operation with respect to communication security techniques used between the serving and home network in the roaming situation, and within each mobile operator domain communication with the Authentication Center (AuC). Then, based on the collected information and its best interpretation, try to construct a realistic scenario and software simulation that shows that a mix-up attack can be attainable in practice. References [1] Stig Frode Mjølsnes and Joe-Kay Tsay. Computational Security Analysis of the UMTS and LTE AKA. Submitted on 17 Mar 2012 to ArXiv.org http://arxiv.org/abs/1203.3866. [2] Stig Frode Mjølsnes and Joe-Kay Tsay. Computational Analysis of the UMTS and LTE Authentication and Key Agreement Protocols. In the Eighth Workshop on Formal and Computation Cryptography FCC 2012, June 27-28. [3] Stig Frode Mjølsnes and Joe-Kay Tsay. A Vulnerability in the UMTS and LTE Authentication and Key Agreement Protocols. In Sixth International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, NTNU, 2012, October 16-19.