Next Article in Journal
Consistent Optimization of Blast Furnace Ironmaking Process Based on Controllability Assurance Soft Sensor Modeling
Next Article in Special Issue
Geodesic Path Model for Indoor Propagation Loss Prediction of Narrowband Channels
Previous Article in Journal
Path Loss Model for 3.5 GHz and 5.6 GHz Bands in Cascaded Tunnel Environments
Previous Article in Special Issue
An Optimization Model for Appraising Intrusion-Detection Systems for Network Security Communications: Applications, Challenges, and Solutions
Article

A Secure Blockchain-Based Authentication and Key Agreement Scheme for 3GPP 5G Networks

by 1 and 2,*
1
School of Electrical and Electronic Engineering, Nanyang Technological University, Singapore 639798, Singapore
2
College of Engineering, Qatar University, Doha P.O. Box 2713, Qatar
*
Author to whom correspondence should be addressed.
Academic Editor: Luis Velasco
Sensors 2022, 22(12), 4525; https://doi.org/10.3390/s22124525
Received: 23 May 2022 / Revised: 12 June 2022 / Accepted: 12 June 2022 / Published: 15 June 2022
(This article belongs to the Special Issue Feature Papers in Communications Section 2022)
The futuristic fifth-generation cellular network (5G) not only supports high-speed internet, but must also connect a multitude of devices simultaneously without compromising network security. To ensure the security of the network, the Third Generation Partnership Project (3GPP) has standardized the 5G Authentication and Key Agreement (AKA) protocol for mutually authenticating user equipment (UE), base stations, and the core network. However, it has been found that 5G-AKA is vulnerable to many attacks, including linkability attacks, denial-of-service (DoS) attacks, and distributed denial-of-service (DDoS) attacks. To address these security issues and improve the robustness of the 5G network, in this paper, we introduce the Secure Blockchain-based Authentication and Key Agreement for 5G Networks (5GSBA). Using blockchain as a distributed database, our 5GSBA decentralizes authentication functions from a centralized server to all base stations. It can prevent single-point-of-failure and increase the difficulty of DDoS attacks. Moreover, to ensure the data in the blockchain cannot be used for device impersonation, our scheme employs the one-time secret hash function as the device secret key. Furthermore, our 5GSBA can protect device anonymity by mandating the encryption of device identities with Subscription Concealed Identifiers (SUCI). Linkability attacks are also prevented by deprecating the sequence number with Elliptic Curve Diffie–Hellman (ECDH). We use Burrows–Abadi–Needham (BAN) logic and the Scyther tool to formally verify our protocol. The security analysis shows that 5GSBA is superior to 5G-AKA in terms of perfect forward secrecy, device anonymity, and mutual Authentication and Key Agreement (AKA). Additionally, it effectively deters linkability attacks, replay attacks, and most importantly, DoS and DDoS attacks. Finally, the performance evaluation shows that 5GSBA is efficient for both UEs and base stations with reasonably low computational costs and energy consumption. View Full-Text
Keywords: 5G; 5G-AKA; authentication; blockchain; BAN logic; Scyther 5G; 5G-AKA; authentication; blockchain; BAN logic; Scyther
Show Figures

Figure 1

MDPI and ACS Style

Chow, M.C.; Ma, M. A Secure Blockchain-Based Authentication and Key Agreement Scheme for 3GPP 5G Networks. Sensors 2022, 22, 4525. https://doi.org/10.3390/s22124525

AMA Style

Chow MC, Ma M. A Secure Blockchain-Based Authentication and Key Agreement Scheme for 3GPP 5G Networks. Sensors. 2022; 22(12):4525. https://doi.org/10.3390/s22124525

Chicago/Turabian Style

Chow, Man C., and Maode Ma. 2022. "A Secure Blockchain-Based Authentication and Key Agreement Scheme for 3GPP 5G Networks" Sensors 22, no. 12: 4525. https://doi.org/10.3390/s22124525

Find Other Styles
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop