The goal of 3GPP Long Term Evolution/System
Architecture Evolution (LTE/SAE) is to move mobile cellular wireless technology
into its fourth generation. One of the unique challenges of fourth-generation
technology is how to close a security gap through which a single compromised or
malicious device can jeopardize an entire mobile network because of the open nature
of these networks. To meet this challenge, handover key management in the 3GPP
LTE/SAE has been designed to revoke any compromised key(s) and as a consequence
isolate corrupted network devices. This paper, however, identifies and details
the vulnerability of this handover key management to what are called de
synchronization attacks; such attacks jeopardize secure communication between
users and mobile networks. Although periodic updates of the root key are an
integral part of handover key management, our work here emphasizes how
essential these updates are to minimizing the effect of de synchronization
attacks that, as of now, cannot be effectively prevented. Our main
contribution, however, is to explore how network operators can determine for
themselves an optimal interval for updates that minimizes the signaling load
they impose while protecting the security of user traffic. Our analytical and
simulation studies demonstrate the impact of the key update interval on such
performance criteria as network topology and user mobility
No comments:
Post a Comment