Light-Weight Authentication Scheme for Handoff in Long Term Evolution (LTE)
Moazzam Khan1, Shubha dubey2 Dept of Computer Science & Engg. Radharaman Institute of Technology & Science
Bhopal, India
Abstract— Long Term Evolution (LTE) is a 4G
communication standard in mobile communication developed by 3GPP. LTE assure reliability, broad coverage, low latency and faster speed as compared to 3G. Seamless handover is the key for the mobile users. LTE provides good handoff solutions to assure the get connected status to the user. The fundamental LTE model has not enriched with security measures during handoff. Various researchers have proposed a numerous solution related to authentication in LTE handover. Most of them have used the concept of the PKI cryptography to achieve the same. In this paper, we have proposed a Light-Weight Authentication (LWA) system for LTE during handoff. The idea behind the proposed approach is to Authentication Digest (AD) with Hash function which has been exchange between UE’s to eNB (Home AP) and same AD has been exchanged between eNB to eNB (Visitor AP). Proposed system has generated a hash random number called AD which has been further used to authenticate the UE’s onto the eNB. Hence LWA has eliminated the need of PKI such RSA (Key generation and Validation) and save the costs. Obtained results shows that proposed LWA outperform than existing methods.
Keywords- AD, eNB, Hash, Handover, LTE.
I. INTRODUCTION
As the interest in LTE as a mobile communication technology increases, there is a growing need for instruments able to characterize the performance of LTE systems in order to tune and optimize them. This need is present at various stages: for the standardization of future version of the technology, as well as for the design and implementation of devices and network equipments and the roll-out of LTE network infrastructures. LTE is a rather complex technology, and for this reason traditional performance evaluation methods based on analytical models can be applied only to very small portions of it. As consequences, researchers and engineers most often rely on simulators to assess the performance of LTE systems.
In particular, open source network simulation tools are highly valued by researchers, because of their usually wider acceptance within the research community. In the literature, several LTE simulators have been proposed for different purposes. Physical layer simulation tools such as [3] and [4] are quite limited in that they consider the performance at the physical layer only, normally focusing on a single transmitter-receiver pair. System level simulators, such as for instance [5] and [6], go beyond the
physical layer by normally introducing the MAC layer together with an abstract model of the higher layers.
They are usually adopted in the research community for the evaluation of Radio Resource Management (RRM) algorithms, but due to their abstraction of the higher layers they cannot provide an accurate evaluation of the end-to-end performance and of the behavior of the network as a whole.
The most promising solution to this problem is represented by network simulators, which feature an accurate implementation of all the protocol layers from the MAC up to the application. A first step in this direction is done with [7], which is an open source LTE network simulator that supports single and multi-cell environments, QoS management, multiuser environment, user mobility, handover procedures, scheduling, and frequency reuse techniques. Unfortunately, since this simulator aims at supporting LTE only, it lacks the many features of general purpose network simulator like ns-3, for example the availability of a full-fledged TCP/IP protocol stack, the support for other wireless technologies such as WiFi and WiMAX, the possibility of integration with test beds and real application binaries, etc.
The simulation module that we describe in this paper was explicitly designed in order to fill this gap. It introduces support for the simulation of the LTE technology in the ns-3 simulator, with a particular attention on modeling the most relevant aspects of the Evolved Universal Terrestrial Radio Access (E-UTRA), which is the radio interface of LTE [8].
Author of [9] has addresses the necessity of robust and lightweight authentication scheme for LTE (Long Term Evolution) 4G network.
According to article [9], to support Evolved Packet System (EPS) in the Long Term Evolution (LTE) networks, the 3rd Generation Partnership Project (3GPP) has proposed an authentication and key agreement (AKA) protocol, named EPS-AKA, which has become an emerging standard for fourth-generation (4G) wireless communications.
However, due to the requirement of backward compatibility, EPS-AKA inevitably inherits some defects of its predecessor UMTS-AKA protocol that cannot resist several frequent attacks like –
• Denial of Service (DoS) attack.
• Meanwhile, there are additional security issues associated with the EPS-AKA protocol, i.e., the lack of privacy-preservation and key forward/backward secrecy (KFS/KBS). In addition, there are new challenges with the emergence of group based communication scenarios in authentication. In this paper [9], Chengzhe Lai and et. Al proposed a secure and efficient AKA protocol, called SE-AKA, which can fit in with all of the group authentication scenarios in the LTE networks. Specifically, SE-AKA uses Elliptic Curve Diffie-Hellman (ECDH) to realize KFS/KBS, and it also adopts an asymmetric key cryptosystem to protect users’ privacy. For group authentication, it simplifies the whole authentication procedure by computing a group temporary key (GTK). Compared with other authentication protocols, SE-AKA cannot only provide strong security including privacy-preservation and KFS/KBS, but also provide a group authentication mechanism which can effectively authenticate group devices. Extensive security analysis and formal verification by using proverif have shown that the proposed SE-AKA is secure against various malicious attacks. In addition, elaborate performance evaluations in terms of communication, computational and storage overhead also demonstrates that SE-AKA is more efficient than those existing protocols as author described.
• To validate the proposed authentication scheme author has used ProVerif Tool.
• While author of [10], has talking about the authentication scheme during Handover operation in LTE network.
• Author [10] proposed a fast and secure handover authentication scheme, which is to fit in with most of the mobility scenarios in the LTE networks. Compared with other handover schemes, author’s scheme cannot only achieve a simple authentication process with desirable efficiency, but also provide several security features including perfect forward/backward secrecy (PFS/PBS), which have never been achieved by the previous works.
• The experiment results and formal verification by using the automated validation of internet security protocols and applications (AVISPA) tool show that the proposed scheme is efficient and secure against various malicious attacks.
This paper has mainly focused on following agenda related to the problems identified and proposed a Light Weight Authentication system during handoff-
• There is urgent need to secure the current communication network from various harmful attacks. LTE is the latest fast and IP based 4G network which provides higher data rate with seamless handover to the user. Since its release in 2010 (latest version) by 3GPP there is need of
more robust authentication scheme that can provide defends against various types of attack in wireless network i.e. LTE network. Many schemes have been proposed but they have their own limitation.
• Our proposed work is closely related to the article [9] and [10] scheme. Following problem has been identified as research agenda –
• Light weight and robust authentication scheme for the LTE network while maintaining seamless handover.
• Defense against Denial of Service attack in lte network.
• Our proposed work is based on the idea of [9] and [10] the main extension which will achieve during thesis and research development is to test the above mentioned point by applying various test bed to validate the proposed scheme with applying various simulation parameter like Mobility ratio, Handover and without Handover and etc.
• To evaluate the proposed solutions Network Simulator-3 (NS-3.22) has been used as a test bed for LTE (4G) network simulation.
Rest of the article is organized as follow, Section II presents the idea of proposed LWA scheme in detail, Section III discusses the results and performance of the proposed LWA and finally Section IV concludes the papers with the future directions of this work.
II. LIGHT-WEIGHT AUTHENTICATION SYSTEM
LTE is a next generation 4G technology, and still it demands to evaluate and experiments the performance for better and speedily accessing to the back bone internet network.
This paper proposed an evolutionary experiment of LTE 4G technology under various parameters to enhance its performance and optimization. The main propaganda of the proposed method is to propose the light weight authentication system during handover for the LTE users. The main idea has been derived from the hash function and message digests which assure the integrity and authentication. Additionally, proposed systems also evaluate of LTE (Long Term Evaluation) QoS (Quality of Service) in different network scenario. Followings are the key domain of the research-
Following points will be consider in proposed work- 1. There is urgent need to secure the current
2. Our proposed work is closely related to the article [9] and [10] scheme. Following problem has been identified as research agenda –
a. Light weight and robust authentication scheme for the LTE network while maintaining seamless handover.
b. Defense against Denial of Service attack in lte network.
c. Our proposed work is based on the idea of [9] and [10] the main extension which will achieve during thesis and research development is to test the above mentioned point by applying various test bed to validate the proposed scheme with applying various simulation parameter like Mobility ratio, Handover and without Handover and etc.
For setting up LTE scenario along with the proposed method implementation NS-3.22 simulator has been use as a TESTBED on UBUNTU 14.04 system.
A. Performance metrics
Following parameters has been used to evaluate the performance of LTE system on NS-3 test bed.
1) Mobility Models
Following mobility models have been used to evaluate the performance of routing in LTE
Constant Acceleration Mobility Model
Constant Velocity Mobility Model
Guass Markov Mobility Model
Random Waypoint Mobility Model
2) Evaluation Metrics
Followings standardized metrics will be used for evaluations.
a) Packet Delivery Ratio b) Throughput
c) Packet Loss
d) End-to-End Delay (Latency)
3) Performance metrics for Proposed Light Weight Authentication System
Following parameters has been used to evaluate the light weight authentication proposed system for Handover in LTE system on NS-3 test bed. Following parameters has been used to evaluate the UE’s(User Equipment) and AP (Access Point) both-
a) Exponentiation (EXP) b) Multiplication (MU) c) Hash calculation (HASH)
d) Arithmetic's Calculation Time (AR) e) RV (RSA Verification)
f) Point Multiplications (MP) g) Tate Pairing (TP)
Note- In proposed system only, HASH, AR and TP has been used due to make it light-weight authentication system.
B. Proposed Algorithm:
Building a LTE scenario is the initially required step to validate the proposed approach.
Motivation Factor
Our proposed work is closely related to the article [9] and [10] scheme. Following problem has been identified as research agenda –
• Heavy weight authentication • Communication Overhead • Computational Cost • Storage Overhead • Denial of Service attack
Algorithm – Light Wight Authentication System 1. Generating Authentication Digest (AD)
int Generate_AD () {
t = rand(16); ad = Hash (t) return ad; }
2. Sending AD while connecting with eNB void
ConnectionRequesteNB (std::string context, uint64_t imsi,
uint16_t ad, uint16_t rnti) {
std::cout << context
<< " UE IMSI " << imsi << ": connected to CellId " << ad << " with RNTI " << rnti << std::endl;
}
3. Acknowledge and validating
NotifyConnectionEstablishedUe (std::string context, uint64_t imsi,
uint16_t cellid,
uint16_t rnti, uint16_t ad1) {
std::cout << context
<< " UE IMSI " << imsi
<< ": connected to CellId " << cellid << " with RNTI " << rnti
<<ad1 <<std::endl; }
III. RESULTS AND PERFRMANCE MEASUREMENT OF
LWA
A. System model
Fig. 1.1 System Model of Proposed Light-Weight Authentication System for LTE
B. Simulation Snapshot
These snapshots has been captured after deploying LTE Handover environment with varying numbers of nodes (UE’s) distance at 20 m apart using random waypoint model of NS-3.
Fig. 1.2: LTE Handover Simulation with 3 UE’s nodes
C. Results and Discussion
Following parameters has been used to evaluate the performance of the proposed Light-Weight Authentication System at UE’s and AP side
1) Exponentiation 2) Multiplication 3) Hash
4) Arithmetic 5) RSA
6) Point Multiplication 7) Tate Pairing
Table 1.1 shows the outcome of the proposed LWA system at UE’s side and AP (eNB’s) side-
Operation Cost m/s
Device
E
X
P
M
U
HA
SH
A
R
R
V
P
M
TP
U
E
Prop
osed
Met
hod
0
0
.03
55
.0
09
0
0
0
30.
0
Exis
ting
Met
hod
1.
69
8
0.0
13
2
0.0
356
.0
09
4
0.
95
7
1.
53
7
38.
37
6
A
P
Prop
osed
Met
hod
.5
0
.18
.0
02
8
0
0
15.
00
Exis
ting
Met
hod
0.
52
5
.00
42
.01
21
.0
03
3
.0
30
1
0.
47
5
16.
32
2
Table 1.1 Obtained Results of LWA
IV. CONCLUSION
With the advance in wireless technology and the demands of high bandwidth, total channel utilization, global roaming etc. In 4G networks, integration of existing wireless standards is an imminent solution. However, it has been observed that along with such an integration, there would be technical challenges to envision it. Resource allocation which deals with channels utilization, bandwidth usage and various other network efficiency features is the most important technical issue in layer 2. Two type of resource allocation methods were analyzed and performance analysis and the importance of the allocation schemes were studied.
biggest challenge. 3GPP has announces (in 2008) and release the LTE/LENA (Long Term Evolution) as 4G series communication technology alternative related to mobile communication. Faster and reliable with always get connected at lower cost (pay) is the first choice of the users to choose the technology. LTE has provided very good mobility and Handoff support to the users. While handover of the user device (UE’s) to the home AP (eNB) to the visitor AP is the responsibility of the HeNB to negotiate and do the agreement with the nearby VeNB. It has been observed that the security is biggest limitation during handoff in 4G. Authentication is the key to be secured. But LTE has not any strong authentication mechanism to fill the gap. Various methods have been proposed for authentication in LTE with the blend of the cryptographic technique such as RSA public key cryptography. Such methods have their own pros and cons. RSA validation and key generation is costly related to the computation. A computational cost does matter especially for the battery driven tick devices (such as mobile).
This dissertation has survey various security methods related to the LTE and its handover operation. It has been identified that the computational cost to ensure authentication in LTE has come the high cost. This thesis has presented a new approach to make handover secured using Light weight authentication system. Proposed method has adopted the idea of the message digest for exchanging the authentication key with AP’s (eNB to UE’s and eNB to eNB) and termed as AD (Authentication Digest). For making immune to attack the AD has been covered it with hash function. This method is better than existing cryptographic method due to hash function and elimination of the cryptographic computational overhead (RSA KEY generation and Validation including exponentiation overhead).
Obtained results proved that proposed light-weight authentication systems perform better and produce better results with the blend of the security during handover in LTE.
FUTURE WORK
This section discusses a few areas where the current work can be taken further is Scalability of the proposed LWA methods.
REFERENCES
[1] Amitavaghosh, Rapeepatratasuk, Bishwarup Mondal, Nitin Mangalvedhe and Tim Thomas “LTE-Advanced: Next-Generation Wireless Broadband Technology”, IEEE, 2010.
[2] 3GPP TR 36.913, “Requirements for Further Advance-ments for Evolved Universal Terrestrial Radio Access (E-UTRA),” v. 8.0.1, Mar. 2009; ftp://ftp.3gpp.org.
[3] S. Ascent. 3GPP LTE toolbox and blockset. [OnLine] Available: http://www.steepestascent.com/content/default.asp?page=s2_10. [4] mimoOn. mi!Mobile. [OnLine] Available:
http://www.mimoon.de/pages/Products/miMobile/.
[5] J. C. Ikuno, M. Wrulich, and M. Rupp. System level simulation of LTE networks. In Proc. of IEEE Veh.Technol. Conf., VTC Spring, Taipei, Taiwan, May.2010.
[6] D. Gonzalez, S. Ruiz, M. Garcia-Lozano, J. Olmos, and A. Serra. System level evaluation of LTE networks with semidistributed
intercell interference coordination. In Proc. of IEEE PIRMC 2009, Tokyo, Japan, Sep. 2009.
[7] G. Piro, L. A. Grieco, G. Boggia, F. Capozzi, and P. Camarda. Simulating LTE cellular systems: an open source framework. IEEE Trans. Veh. Technol., 2010.
[8] 3GPP. Evolved Universal Terrestrial Radio Access (E-UTRA); Overall description; Stage 2, 3GPP TS 36.300.
[9] Chengzhe Lai, Hui Li, Rongxing Lu and Xuemin (Sherman) Shen “SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks”, Elsevier Science Direct, Computer Networks xxx (2013) xxx–xxx, 2013.
