Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif
As a critical component of the security architecture of 5G network, the authentication protocol plays a role of the first safeguard in ensuring the communication security, such as the confidentiality of user data. EAP-TLS is one of such protocols being defined in the 5G standards to provide key serv...
Gespeichert in:
Veröffentlicht in: | IEEE access 2020, Vol.8, p.23674-23688 |
---|---|
Hauptverfasser: | , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
container_end_page | 23688 |
---|---|
container_issue | |
container_start_page | 23674 |
container_title | IEEE access |
container_volume | 8 |
creator | Zhang, Jingjing Yang, Lin Cao, Weipeng Wang, Qiang |
description | As a critical component of the security architecture of 5G network, the authentication protocol plays a role of the first safeguard in ensuring the communication security, such as the confidentiality of user data. EAP-TLS is one of such protocols being defined in the 5G standards to provide key services in the specific IoT circumstances. This protocol is currently under the process of standardization, and it is vital to guarantee that the standardized protocol is free from any design flaws, which may result in severe vulnerabilities and serious consequences when implemented in real systems. However, it is still unclear whether the proposed 5G EAP-TLS authentication protocol provides the claimed security guarantees. To fill this gap, we present in this work a comprehensive formal analysis of the security related properties of the 5G EAP-TLS authentication protocol based on the symbolic model checking approach. Specifically, we build the first formal model of the 5G EAP-TLS authentication protocol in the applied pi calculus, and perform an automated security analysis of the formal protocol model by using the ProVerif model checker. Our analysis results show that there are some subtle flaws in the current protocol design that may compromise the claimed security objectives. To this end, we also propose and verify a possible fix that is able to mitigate these flaws. To the best of our knowledge, this is the first thorough formal analysis of the 5G EAP-TLS authentication protocol. |
doi_str_mv | 10.1109/ACCESS.2020.2969474 |
format | Article |
fullrecord | <record><control><sourceid>proquest_ieee_</sourceid><recordid>TN_cdi_proquest_journals_2454735619</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><ieee_id>8970242</ieee_id><doaj_id>oai_doaj_org_article_4be6e465a2ba455db2aa812457a2526e</doaj_id><sourcerecordid>2454735619</sourcerecordid><originalsourceid>FETCH-LOGICAL-c408t-aee687f20520b59508f4c148c04b3df722a5365c3534c2a300591ebab3dd87433</originalsourceid><addsrcrecordid>eNqNkV9L5DAUxcviwor6CXwp-CidTW7-NHks3dEVBhRGn0OauXUz1EaTzorf3owV9dG8JPfmnJvDL0VxSsmCUqJ_N227XK8XQIAsQEvNa_6jOAQqdcUEkwdfzr-Kk5S2JC-VW6I-LP5chPhgh7IZ7fCSfCpDX4rLctncVLerddnspn84Tt7ZyYexvIlhCi4M5V3y4_2-_I_R98fFz94OCU_e96Pi7mJ52_6tVteXV22zqhwnaqosolR1D0QA6YQWRPXcUa4c4R3b9DWAzRmFy0m5A8sIEZpiZ_PlRtWcsaPiap67CXZrHqN_sPHFBOvNWyPEe2NjDjug4R1K5FJY6CwXYtOBtYoCF7UFARLzrLN51mMMTztMk9mGXcwUkskqXjMhqc4qNqtcDClF7D9epcTs6ZuZvtnTN-_0s0vNrmfsQp-cx9HhhzPTFyCY1mr_EbL10xvcNuzGKVvPv2_N6tNZ7RE_VUrXBDiwV78Knk4</addsrcrecordid><sourcetype>Open Website</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2454735619</pqid></control><display><type>article</type><title>Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif</title><source>IEEE Open Access Journals</source><source>DOAJ Directory of Open Access Journals</source><source>Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals</source><source>Web of Science - Science Citation Index Expanded - 2020<img src="https://exlibris-pub.s3.amazonaws.com/fromwos-v2.jpg" /></source><creator>Zhang, Jingjing ; Yang, Lin ; Cao, Weipeng ; Wang, Qiang</creator><creatorcontrib>Zhang, Jingjing ; Yang, Lin ; Cao, Weipeng ; Wang, Qiang</creatorcontrib><description>As a critical component of the security architecture of 5G network, the authentication protocol plays a role of the first safeguard in ensuring the communication security, such as the confidentiality of user data. EAP-TLS is one of such protocols being defined in the 5G standards to provide key services in the specific IoT circumstances. This protocol is currently under the process of standardization, and it is vital to guarantee that the standardized protocol is free from any design flaws, which may result in severe vulnerabilities and serious consequences when implemented in real systems. However, it is still unclear whether the proposed 5G EAP-TLS authentication protocol provides the claimed security guarantees. To fill this gap, we present in this work a comprehensive formal analysis of the security related properties of the 5G EAP-TLS authentication protocol based on the symbolic model checking approach. Specifically, we build the first formal model of the 5G EAP-TLS authentication protocol in the applied pi calculus, and perform an automated security analysis of the formal protocol model by using the ProVerif model checker. Our analysis results show that there are some subtle flaws in the current protocol design that may compromise the claimed security objectives. To this end, we also propose and verify a possible fix that is able to mitigate these flaws. To the best of our knowledge, this is the first thorough formal analysis of the 5G EAP-TLS authentication protocol.</description><identifier>ISSN: 2169-3536</identifier><identifier>EISSN: 2169-3536</identifier><identifier>DOI: 10.1109/ACCESS.2020.2969474</identifier><identifier>CODEN: IAECCG</identifier><language>eng</language><publisher>PISCATAWAY: IEEE</publisher><subject>5G mobile communication ; 5G network ; Analytical models ; applied pi calculus ; Authentication ; Authentication protocol ; Computer Science ; Computer Science, Information Systems ; Critical components ; Cryptography ; EAP-TLS ; Engineering ; Engineering, Electrical & Electronic ; formal verification ; Mathematical model ; model checking ; Protocol (computers) ; Protocols ; ProVerif ; Science & Technology ; Security ; Standardization ; Technology ; Telecommunications ; Wireless networks</subject><ispartof>IEEE access, 2020, Vol.8, p.23674-23688</ispartof><rights>Copyright The Institute of Electrical and Electronics Engineers, Inc. (IEEE) 2020</rights><lds50>peer_reviewed</lds50><oa>free_for_read</oa><woscitedreferencessubscribed>true</woscitedreferencessubscribed><woscitedreferencescount>33</woscitedreferencescount><woscitedreferencesoriginalsourcerecordid>wos000525399800006</woscitedreferencesoriginalsourcerecordid><citedby>FETCH-LOGICAL-c408t-aee687f20520b59508f4c148c04b3df722a5365c3534c2a300591ebab3dd87433</citedby><cites>FETCH-LOGICAL-c408t-aee687f20520b59508f4c148c04b3df722a5365c3534c2a300591ebab3dd87433</cites><orcidid>0000-0003-2414-6066 ; 0000-0002-9075-7810 ; 0000-0002-6956-8177 ; 0000-0001-5649-8694</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktohtml>$$Uhttps://ieeexplore.ieee.org/document/8970242$$EHTML$$P50$$Gieee$$Hfree_for_read</linktohtml><link.rule.ids>315,781,785,865,2103,2115,4025,27638,27928,27929,27930,28253,54938</link.rule.ids></links><search><creatorcontrib>Zhang, Jingjing</creatorcontrib><creatorcontrib>Yang, Lin</creatorcontrib><creatorcontrib>Cao, Weipeng</creatorcontrib><creatorcontrib>Wang, Qiang</creatorcontrib><title>Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif</title><title>IEEE access</title><addtitle>Access</addtitle><addtitle>IEEE ACCESS</addtitle><description>As a critical component of the security architecture of 5G network, the authentication protocol plays a role of the first safeguard in ensuring the communication security, such as the confidentiality of user data. EAP-TLS is one of such protocols being defined in the 5G standards to provide key services in the specific IoT circumstances. This protocol is currently under the process of standardization, and it is vital to guarantee that the standardized protocol is free from any design flaws, which may result in severe vulnerabilities and serious consequences when implemented in real systems. However, it is still unclear whether the proposed 5G EAP-TLS authentication protocol provides the claimed security guarantees. To fill this gap, we present in this work a comprehensive formal analysis of the security related properties of the 5G EAP-TLS authentication protocol based on the symbolic model checking approach. Specifically, we build the first formal model of the 5G EAP-TLS authentication protocol in the applied pi calculus, and perform an automated security analysis of the formal protocol model by using the ProVerif model checker. Our analysis results show that there are some subtle flaws in the current protocol design that may compromise the claimed security objectives. To this end, we also propose and verify a possible fix that is able to mitigate these flaws. To the best of our knowledge, this is the first thorough formal analysis of the 5G EAP-TLS authentication protocol.</description><subject>5G mobile communication</subject><subject>5G network</subject><subject>Analytical models</subject><subject>applied pi calculus</subject><subject>Authentication</subject><subject>Authentication protocol</subject><subject>Computer Science</subject><subject>Computer Science, Information Systems</subject><subject>Critical components</subject><subject>Cryptography</subject><subject>EAP-TLS</subject><subject>Engineering</subject><subject>Engineering, Electrical & Electronic</subject><subject>formal verification</subject><subject>Mathematical model</subject><subject>model checking</subject><subject>Protocol (computers)</subject><subject>Protocols</subject><subject>ProVerif</subject><subject>Science & Technology</subject><subject>Security</subject><subject>Standardization</subject><subject>Technology</subject><subject>Telecommunications</subject><subject>Wireless networks</subject><issn>2169-3536</issn><issn>2169-3536</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2020</creationdate><recordtype>article</recordtype><sourceid>ESBDL</sourceid><sourceid>RIE</sourceid><sourceid>AOWDO</sourceid><sourceid>DOA</sourceid><recordid>eNqNkV9L5DAUxcviwor6CXwp-CidTW7-NHks3dEVBhRGn0OauXUz1EaTzorf3owV9dG8JPfmnJvDL0VxSsmCUqJ_N227XK8XQIAsQEvNa_6jOAQqdcUEkwdfzr-Kk5S2JC-VW6I-LP5chPhgh7IZ7fCSfCpDX4rLctncVLerddnspn84Tt7ZyYexvIlhCi4M5V3y4_2-_I_R98fFz94OCU_e96Pi7mJ52_6tVteXV22zqhwnaqosolR1D0QA6YQWRPXcUa4c4R3b9DWAzRmFy0m5A8sIEZpiZ_PlRtWcsaPiap67CXZrHqN_sPHFBOvNWyPEe2NjDjug4R1K5FJY6CwXYtOBtYoCF7UFARLzrLN51mMMTztMk9mGXcwUkskqXjMhqc4qNqtcDClF7D9epcTs6ZuZvtnTN-_0s0vNrmfsQp-cx9HhhzPTFyCY1mr_EbL10xvcNuzGKVvPv2_N6tNZ7RE_VUrXBDiwV78Knk4</recordid><startdate>2020</startdate><enddate>2020</enddate><creator>Zhang, Jingjing</creator><creator>Yang, Lin</creator><creator>Cao, Weipeng</creator><creator>Wang, Qiang</creator><general>IEEE</general><general>The Institute of Electrical and Electronics Engineers, Inc. (IEEE)</general><scope>97E</scope><scope>ESBDL</scope><scope>RIA</scope><scope>RIE</scope><scope>AOWDO</scope><scope>BLEPL</scope><scope>DTL</scope><scope>AAYXX</scope><scope>CITATION</scope><scope>7SC</scope><scope>7SP</scope><scope>7SR</scope><scope>8BQ</scope><scope>8FD</scope><scope>JG9</scope><scope>JQ2</scope><scope>L7M</scope><scope>L~C</scope><scope>L~D</scope><scope>DOA</scope><orcidid>https://orcid.org/0000-0003-2414-6066</orcidid><orcidid>https://orcid.org/0000-0002-9075-7810</orcidid><orcidid>https://orcid.org/0000-0002-6956-8177</orcidid><orcidid>https://orcid.org/0000-0001-5649-8694</orcidid></search><sort><creationdate>2020</creationdate><title>Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif</title><author>Zhang, Jingjing ; Yang, Lin ; Cao, Weipeng ; Wang, Qiang</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c408t-aee687f20520b59508f4c148c04b3df722a5365c3534c2a300591ebab3dd87433</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2020</creationdate><topic>5G mobile communication</topic><topic>5G network</topic><topic>Analytical models</topic><topic>applied pi calculus</topic><topic>Authentication</topic><topic>Authentication protocol</topic><topic>Computer Science</topic><topic>Computer Science, Information Systems</topic><topic>Critical components</topic><topic>Cryptography</topic><topic>EAP-TLS</topic><topic>Engineering</topic><topic>Engineering, Electrical & Electronic</topic><topic>formal verification</topic><topic>Mathematical model</topic><topic>model checking</topic><topic>Protocol (computers)</topic><topic>Protocols</topic><topic>ProVerif</topic><topic>Science & Technology</topic><topic>Security</topic><topic>Standardization</topic><topic>Technology</topic><topic>Telecommunications</topic><topic>Wireless networks</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Zhang, Jingjing</creatorcontrib><creatorcontrib>Yang, Lin</creatorcontrib><creatorcontrib>Cao, Weipeng</creatorcontrib><creatorcontrib>Wang, Qiang</creatorcontrib><collection>IEEE All-Society Periodicals Package (ASPP) 2005-present</collection><collection>IEEE Open Access Journals</collection><collection>IEEE All-Society Periodicals Package (ASPP) 1998-Present</collection><collection>IEEE Electronic Library (IEL)</collection><collection>Web of Science - Science Citation Index Expanded - 2020</collection><collection>Web of Science Core Collection</collection><collection>Science Citation Index Expanded</collection><collection>CrossRef</collection><collection>Computer and Information Systems Abstracts</collection><collection>Electronics & Communications Abstracts</collection><collection>Engineered Materials Abstracts</collection><collection>METADEX</collection><collection>Technology Research Database</collection><collection>Materials Research Database</collection><collection>ProQuest Computer Science Collection</collection><collection>Advanced Technologies Database with Aerospace</collection><collection>Computer and Information Systems Abstracts Academic</collection><collection>Computer and Information Systems Abstracts Professional</collection><collection>DOAJ Directory of Open Access Journals</collection><jtitle>IEEE access</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Zhang, Jingjing</au><au>Yang, Lin</au><au>Cao, Weipeng</au><au>Wang, Qiang</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif</atitle><jtitle>IEEE access</jtitle><stitle>Access</stitle><stitle>IEEE ACCESS</stitle><date>2020</date><risdate>2020</risdate><volume>8</volume><spage>23674</spage><epage>23688</epage><pages>23674-23688</pages><issn>2169-3536</issn><eissn>2169-3536</eissn><coden>IAECCG</coden><abstract>As a critical component of the security architecture of 5G network, the authentication protocol plays a role of the first safeguard in ensuring the communication security, such as the confidentiality of user data. EAP-TLS is one of such protocols being defined in the 5G standards to provide key services in the specific IoT circumstances. This protocol is currently under the process of standardization, and it is vital to guarantee that the standardized protocol is free from any design flaws, which may result in severe vulnerabilities and serious consequences when implemented in real systems. However, it is still unclear whether the proposed 5G EAP-TLS authentication protocol provides the claimed security guarantees. To fill this gap, we present in this work a comprehensive formal analysis of the security related properties of the 5G EAP-TLS authentication protocol based on the symbolic model checking approach. Specifically, we build the first formal model of the 5G EAP-TLS authentication protocol in the applied pi calculus, and perform an automated security analysis of the formal protocol model by using the ProVerif model checker. Our analysis results show that there are some subtle flaws in the current protocol design that may compromise the claimed security objectives. To this end, we also propose and verify a possible fix that is able to mitigate these flaws. To the best of our knowledge, this is the first thorough formal analysis of the 5G EAP-TLS authentication protocol.</abstract><cop>PISCATAWAY</cop><pub>IEEE</pub><doi>10.1109/ACCESS.2020.2969474</doi><tpages>15</tpages><orcidid>https://orcid.org/0000-0003-2414-6066</orcidid><orcidid>https://orcid.org/0000-0002-9075-7810</orcidid><orcidid>https://orcid.org/0000-0002-6956-8177</orcidid><orcidid>https://orcid.org/0000-0001-5649-8694</orcidid><oa>free_for_read</oa></addata></record> |
fulltext | fulltext |
identifier | ISSN: 2169-3536 |
ispartof | IEEE access, 2020, Vol.8, p.23674-23688 |
issn | 2169-3536 2169-3536 |
language | eng |
recordid | cdi_proquest_journals_2454735619 |
source | IEEE Open Access Journals; DOAJ Directory of Open Access Journals; Elektronische Zeitschriftenbibliothek - Frei zugängliche E-Journals; Web of Science - Science Citation Index Expanded - 2020<img src="https://exlibris-pub.s3.amazonaws.com/fromwos-v2.jpg" /> |
subjects | 5G mobile communication 5G network Analytical models applied pi calculus Authentication Authentication protocol Computer Science Computer Science, Information Systems Critical components Cryptography EAP-TLS Engineering Engineering, Electrical & Electronic formal verification Mathematical model model checking Protocol (computers) Protocols ProVerif Science & Technology Security Standardization Technology Telecommunications Wireless networks |
title | Formal Analysis of 5G EAP-TLS Authentication Protocol Using Proverif |
url | https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-12T02%3A35%3A35IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_ieee_&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Formal%20Analysis%20of%205G%20EAP-TLS%20Authentication%20Protocol%20Using%20Proverif&rft.jtitle=IEEE%20access&rft.au=Zhang,%20Jingjing&rft.date=2020&rft.volume=8&rft.spage=23674&rft.epage=23688&rft.pages=23674-23688&rft.issn=2169-3536&rft.eissn=2169-3536&rft.coden=IAECCG&rft_id=info:doi/10.1109/ACCESS.2020.2969474&rft_dat=%3Cproquest_ieee_%3E2454735619%3C/proquest_ieee_%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2454735619&rft_id=info:pmid/&rft_ieee_id=8970242&rft_doaj_id=oai_doaj_org_article_4be6e465a2ba455db2aa812457a2526e&rfr_iscdi=true |