摘要:The 3rd generation partnership project (3GPP) has been enhancing the security of the 5G AKA (authentication and key agreement) protocol. However, there may still be some shortcomings in the latest version of the 5G AKA protocol. According to the analysis of the latest version of the 5G AKA protocol, this paper points out seven of its shortcomings. To overcome these shortcomings, an improved primary authentication and key agreement protocol for 5G networks is proposed, which is named 5G-IPAKA. Compared with the latest version of the 5G AKA protocol, the main improvements include that the pre-shared key between the user equipment (UE) and the home network (HN) is replaced with a derivation key as the pre-shared key, the challenge-–response mechanism for the serving network (SN) is added, the mutual authentication and key confirmation occurs between the UE and the SN, and the message authentication code (MAC) failure procedure is replaced with a timeout mechanism on the HN. Then, the 5G-IPAKA protocol is proven secure in the mixed strand space model for mixed protocols. Further discussion and comparative analysis show that the 5G-IPAKA protocol can overcome the above shortcomings of the latest version of the 5G AKA protocol, and is better than the recently improved 5G AKA protocols. Additionally, the 5G-IPAKA protocol is efficient and backward-compatible.
