On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks
The Internet of Things (IoT) and 5G networks play important roles in the latest systems for managing and monitoring various types of data. These 5G based IoT environments collect various data in real-time using micro-sensors as IoT things devices and sends the collected data to a server for further...
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2022-04-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/12/9/4265 |
| _version_ | 1797505730805235712 |
|---|---|
| author | Kisung Park Youngho Park |
| author_facet | Kisung Park Youngho Park |
| author_sort | Kisung Park |
| collection | DOAJ |
| description | The Internet of Things (IoT) and 5G networks play important roles in the latest systems for managing and monitoring various types of data. These 5G based IoT environments collect various data in real-time using micro-sensors as IoT things devices and sends the collected data to a server for further processing. In this scenario, a secure authentication and key agreement scheme is needed to ensure privacy when exchanging data between IoT nodes and the server. Recently, Cao et al. in “LSAA: A lightweight and secure access authentication scheme for both UE and mMTC devices in 5G networks” presented a new authentication scheme to protect user privacy. They contend that their scheme not only prevents various protocol attacks, but also achieves mutual authentication, session key security, unlinkability, and perfect forward/backward secrecy. This paper demonstrates critical security weaknesses of their scheme using informal and formal (mathemati) analysis: it does not prevent a single point of failure and impersonation attacks. Further, their proposed scheme does not achieve mutual authentication and correctness of security assumptions, and we perform simulation analysis using a formal verification tool to its security flaws. To ensure attack resilience, we put forward some solutions that can assist constructing more secure and efficient access authentication scheme for 5G networks. |
| first_indexed | 2024-03-10T04:22:58Z |
| format | Article |
| id | doaj.art-86c11b8aea434a54aadd889269a97a69 |
| institution | Directory Open Access Journal |
| issn | 2076-3417 |
| language | English |
| last_indexed | 2024-03-10T04:22:58Z |
| publishDate | 2022-04-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj.art-86c11b8aea434a54aadd889269a97a692023-11-23T07:46:35ZengMDPI AGApplied Sciences2076-34172022-04-01129426510.3390/app12094265On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G NetworksKisung Park0Youngho Park1Blockchain Research Center, Electronics and Telecommunications Research Institute, Daejeon 34129, KoreaSchool of Electronics Engineering, Kyungpook National University, Daegu 41566, KoreaThe Internet of Things (IoT) and 5G networks play important roles in the latest systems for managing and monitoring various types of data. These 5G based IoT environments collect various data in real-time using micro-sensors as IoT things devices and sends the collected data to a server for further processing. In this scenario, a secure authentication and key agreement scheme is needed to ensure privacy when exchanging data between IoT nodes and the server. Recently, Cao et al. in “LSAA: A lightweight and secure access authentication scheme for both UE and mMTC devices in 5G networks” presented a new authentication scheme to protect user privacy. They contend that their scheme not only prevents various protocol attacks, but also achieves mutual authentication, session key security, unlinkability, and perfect forward/backward secrecy. This paper demonstrates critical security weaknesses of their scheme using informal and formal (mathemati) analysis: it does not prevent a single point of failure and impersonation attacks. Further, their proposed scheme does not achieve mutual authentication and correctness of security assumptions, and we perform simulation analysis using a formal verification tool to its security flaws. To ensure attack resilience, we put forward some solutions that can assist constructing more secure and efficient access authentication scheme for 5G networks.https://www.mdpi.com/2076-3417/12/9/42655GauthenticationInternet of Things (IoT)key agreementsecurity weaknesses |
| spellingShingle | Kisung Park Youngho Park On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks Applied Sciences 5G authentication Internet of Things (IoT) key agreement security weaknesses |
| title | On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks |
| title_full | On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks |
| title_fullStr | On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks |
| title_full_unstemmed | On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks |
| title_short | On the Security of a Lightweight and Secure Access Authentication Scheme for Both UE and mMTC Devices in 5G Networks |
| title_sort | on the security of a lightweight and secure access authentication scheme for both ue and mmtc devices in 5g networks |
| topic | 5G authentication Internet of Things (IoT) key agreement security weaknesses |
| url | https://www.mdpi.com/2076-3417/12/9/4265 |
| work_keys_str_mv | AT kisungpark onthesecurityofalightweightandsecureaccessauthenticationschemeforbothueandmmtcdevicesin5gnetworks AT younghopark onthesecurityofalightweightandsecureaccessauthenticationschemeforbothueandmmtcdevicesin5gnetworks |