Secure UMTS/EPS Authentication and Key Agreement

This paper addresses security vulnerabilities of Universal Mobile Telecommunications System (UMTS) and Evolved Packet System (EPS), mobile cellular technology standards introduced by the 3rd Generation Partnership Project (3GPP). UMTS and EPS secure data confidentiality and signaling data integrity for user equipment (UE) through security architectures and provide security services for mobile communication that is safe from various threats. However, there are security vulnerabilities in the Authentication and Key Agreement(AKA) protocol, one of the security setup processes for UMTS/EPS and UE. Attacker uses these security vulnerabilities and carries out reply attack, man-in-the-middle attack, and DoS attack, etc. This paper proposes a secure AKA protocol that can provide mobile communication that is safe from such threats. Proposed protocol solves the vulnerabilities of AKA protocol. The least amount of modification was made on the existing AKA protocol and we aimed to apply this to UMTS and EPS in practice.