EDR-AKA: An Enhanced Authentication Protocol to Protect 5G Against Active Sniffing Attacks.

The advent of fifth-generation mobile communication systems has enabled a significant portion of the world's population to be connected, which makes preserving user privacy and ensuring secure communications crucial. 5G Authentication and Key Agreement (5G-AKA) protocol is introduced to defend the 5G system from unauthorized access. However, 5G-AKA is still vulnerable to various active user privacy sniffing attacks. Through a comprehensive analysis of several known attacks, we identify the root causes of the issue. To resist active sniffing attacks, we propose an improved authentication scheme named Encrypted Dynamic RAND challenge-based AKA (EDR-AKA). The main idea of EDR-AKA is to protect communication security and privacy by encrypting dynamic RAND challenges exchanged in 5G-AKA with the key established by ECIES. EDR-AKA is fully compatible with the current 3GPP specification and requires only minimal modifications to the existing 5G-AKA. The performance of EDR-AKA is evaluated through formal analysis and extensive simulations. The experimental results show that the proposed solution effectively achieves the security objectives, incurring only a minimal time cost ranging from 0.16% to 0.18% within the 5G-AKA authentication process. This validates its practical advantages and feasibility.