Bakkiam David DEEBAK, Rajappa MUTHAIAH, Karuppuswamy THENMOZHI, Pitchai Iyer SWAMINATHAN

Analyzing the mutual authenticated session key in IP multimedia server-client systems for 4G networks

This paper scrutinizes the authentication and key agreement protocol adopted by the Universal Mobile Telecommunication System to meet the standards of a fourth-generation network. Lately, communication of multimedia (CoM) has drawn the attention of researchers for the future of secure wireless mobile communication. However, the CoM has not had any defensive mechanism to fulfil the specifications of 3GPP and reduce the computation and communication overheads and susceptible attacks like redirection, man-in-the-middle, and denial of service attacks. In addition, this paper has thoroughly investigated some existing protocols from the literature for the identification of new challenges in server-client authentication. To probe the challenges of the existing schemes realistically, the multimedia client and multimedia server components (proxy, interrogating, serving, and home subscriber server) were physically deployed on the Linux platform to examine the specifications of 3GPP, vulnerable attacks, computation, and communication overheads. We observed that the examined existing schemes are not able to fulfill the above criteria. We thus propose addition of the mutual authenticated session key (MASK) to the physical environment of the multimedia server-client. To satisfy the 3GPP specifications, the protocol of MASK offers mutual authenticity to the multimedia server-client. Moreover, the feature of mutual authenticity reduces the computation and communication overheads of the multimedia server-client. Since the session keys are jointly shared between the multimedia server and client, the protocol of MASK can additionally provide privacy preservation and forward secrecy

PDF

___

[1] Camarillo G, Garcia Martin MA. The 3G IP Multimedia Subsystem (IMS): Merging the Internet and the Cellular Worlds. 2nd ed. New York, NY, USA: Wiley, 2006.
[2] Third Generation Partnership Project. Technical Specification Group Services and System Aspects: 3G Security and Access Security for IP-Based Services. 3GPP TS 33.203 2008; V7.9.0.
[3] Third Generation Partnership Project. Technical Specification Group Services and System Aspects: 3G Security Network Domain Security IP Network Layer Security. 3GPP TS 33.210 2010; V6.6.0.
[4] Almasalha F, Agarwal N, Khokhar A. Secure multimedia transmission over RTP. In: Tenth IEEE International Symposium on Multimedia; 1517 December 2008; Berkeley, CA, USA. pp. 404-411.
[5] Shamir A. Identity-based cryptosystems and signature schemes. In: Advances in Cryptology - CRYPTO 84; 1922 August 1984; Santa Barbara, CA, USA. pp. 47-53.
[6] Boneh D, Franklin M. Identity based encryption from the Weil pairing. SIAM J Comput 2003; 32: 586-615.
[7] Sui A, Hui L, Yiu S, Chow K, Tsang W, Chong C, Pun K, Chan H. An improved authenticated key agreement protocol with perfect forward secrecy for wireless mobile communication. In: 2005 IEEE Wireless Communications and Networking Conference; 1317 March 2005; New Orleans, LA, USA. pp. 2088-2093.
[8] Liao YP, Wang SS. A secure dynamic ID based remote user authentication scheme for multi-server environment. Comput Stand Inter 2009; 31: 24-29.
[9] Lu R, Cao Z, Zhu H. An enhanced authenticated key agreement protocol for wireless mobile communication. Comput Stand Inter 2007; 29: 647-652.
[10] Chang CC, Chang SC. An improved authentication key agreement protocol based on elliptic curve for wireless mobile networks. In: 2008 International Conference on Intelligent Information Hiding and Multimedia Signal Processing; 1517 August 2008; Harbin, China. pp. 1375-1378.
[11] Kılın¸c HH, Allaberdiyev Y, Yanık T, Erdem SS. Efficient ID based authentication and key agreement protocols for the session initiation protocol. Turk J Electr Eng Co 2015; 23: 560-579.
[12] Zhang Z, Qi Q, Kumar N, Chilamkurti N, Jeong HY. A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography. Multimed Tools Appl 2015; 74: 3477-3488.
[13] Third Generation Partnership Project. Technical Specification Group Services and System Aspects: 3G Security Formal Analysis of the 3G Authentication Protocol. 3GPP TR 33.902 1999; V3.1.0.
[14] Diffie W, Hellman M. New directions in cryptography. IEEE T Inform Theory 1976; 22: 644-654.
[15] ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE T Inform Theory 1985; 31: 469-472.
[16] Rivest R, Shamir A, Adelman L. A method for obtaining digital signature and public key cryptosystem. Commun ACM 1978; 21: 120-126.
[17] Tseng YM, Wu TY, Wu JD. A pairing-based user authentication scheme for wireless clients with smart cards. Informatica 2008; 19: 285-302.
[18] Nam J, Lee J, Kim S, Won D. DDH-based group key agreement in a mobile environment. J Syst Software 2005; 78: 73-83.
[19] Tseng YM. GPRS/UMTS-aided authentication protocol for wireless LANs. IEE P-Commun 2006; 153: 810-817.
[20] Tseng YM. A resource-constrained group key agreement protocol for imbalance wireless networks. Comput Secur 2007; 26: 331-337.
[21] Jakobsson M, Pointcheval D. Mutual authentication for low-power mobile devices. In: Fifth International Conference on Financial Cryptography; 1922 February 2001; Grand Cayman, British West Indies. pp. 178-195.
[22] Wong DS, Chan AH. Efficient and mutually authenticated key exchange for low power computing devices. In: Advances in Cryptology - ASIACRYPT01; 913 December 2001; Gold Coast, Australia. pp. 172-289.
[23] Smart NP. An identity based authenticated key agreement protocol based on the Weil pairing. Electron Lett 2002; 38: 630-632.
[24] Shim K. Efficient ID-based authenticated key agreement protocol based on the Weil pairing. Electron Lett 2003; 39: 653-654.
[25] Chen L, Cheng Z, Smart NP. Identity-based key agreement protocols from pairings. Int J Inf Secur 2007; 6: 213-241.
[26] Chen L, Kudla C. Identity-based authenticated key agreement from pairings. In: 16th IEEE Computer Security Foundation Workshop; 30 June2 July 2003; Pacific Grove, CA, USA. pp. 219-233.
[27] Choie YJ, Jeong E, Lee E. Efficient identity-based authenticated key agreement protocol from pairings. Appl Math Comput 2005; 162: 179-188.
[28] Wang S, Cao Z, Bao H. Two-pass ID-based authenticated key agreement protocol with key confirmation using pairings. In: First International Multi-Symposiums on Computer and Computational Sciences; 2024 June 2006; Hangzhou, China. pp. 109-112.
[29] Li CT, Hwang MS. An efficient biometrics-based remote user authentication scheme using smart cards. J Netw Comput Appl 2010; 33: 1-5.
[30] Li X, Niu JW, Ma J, Wang WD, Liu CL. Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards. J Netw Comput Appl 2011; 34: 73-79.
[31] Das AK. Analysis and improvement on an eficient biometric-based remote user authentication scheme using smart cards. IET Inform Secur 2011; 5: 145-151.
[32] Yoon EJ, Yoo KY. Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem. J Supercomput 2013; 63: 235-255.
[33] Kim HH, Jeon WR, Lee KW, Lee YH, Won DH. Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme. In: 2nd International Conference on Computational Science and Its Applications; 1821 June 2012; Salvador de Bahia, Brazil. pp. 391-406.
[34] Li X, Niu JW, Wang ZB, Chen C. Applying biometrics to design three factor remote user authentication scheme with key agreement. Secur Commun Netw 2013; 7: 1488-1497.
[35] Lee CC, Hsu CW. A secure biometric-based remote user authentication with key agreement scheme using extended chaotic maps. Nonlinear Dynam 2013; 71: 201-211.
[36] Deebak BD, Muthaiah R, Thenmozhi K, Swaminathan PI. Analyzing secure key authentication and key agreement protocol for promising features of IP multimedia subsystem using IP multimedia server-client systems. Multimed Tools Appl 2016; 75: 2111-2143.
[37] Arkko J, Carrara E, Lindholm F, Naslund M, Norrman K. MIKEY: Multimedia Internet KEYing. Internet Engineering Task Force 2004; RFC 3830.
[38] Wang S, Cao Z, Cao F. Efficient identity-based authenticated key agreement protocol with PKG forward secrecy. Int J Netw Secur 2008; 7: 181-186.
[39] Wang S, Cao Z, Choo KK. Provably secure identity-based authenticated key agreement protocols without random oracles. Cryptology ePrint Archive, Report 2006/252, 2006, available at https://eprint.iacr.org/2006/446.pdf.
[40] Wang S, Cao Z, Dong X. Provably secure identity based authenticated key agreement protocols in the standard model. Chinese J Comput 2007; 30: 1842-1854.
[41] Tian HB, Susilo W, Ming Y, Wang YM. A provable secure ID-based explicit authenticated key agreement protocol without random oracles. J Comput Sci Technol 2008; 23: 832-842.
[42] Yeh HT, Sun HM. Password-based user authentication and key distribution protocols for clientserver applications. J Syst Software 2004; 72: 91-103.