Threats to 5G Group-based Authentication

Rosario Giustolisi, Christian Gehrmann


The fifth generation wireless system (5G) is expected to handle an unpredictable number of heterogeneous connected devices and to guarantee at least the same level of security provided by the contemporary wireless standards, including the Authentication and Key Agreement (AKA) protocol. The current AKA protocol has not been designed to efficiently support a very large number of devices. Hence, a new group-based AKA protocol is expected to be one of the security enhancement introduced in 5G. In this paper, we advance the group-based AKA threat model, reflecting previously neglected security risks. The threat model presented in the paper paves the way for the design of more secure protocols.


  1. 3GPP (2001). Formal Analysis of the 3G Authentication Protocol. TR 33.902, 3GPP.
  2. 3GPP (2008). MME Related Interfaces Based on Diameter Protocol. TS 29.272, 3GPP.
  3. 3GPP (2011). Service requirements for Machine-Type Communications (MTC); Stage 1. TR 22.368, 3GPP.
  4. Broustis, I., Sundaram, G. S., and Viswanathan, H. (2012). Group authentication: A new paradigm for emerging applications. Bell Labs Technical Journal, 17(3):157- 173.
  5. Cao, J., Ma, M., and Li, H. (2015). Gbaam: group-based access authentication for mtc in lte networks. Security and Communication Networks, 8(17):3282-3299.
  6. Choi, D., Choi, H.-K., and Lee, S.-Y. (2014). A group-based security protocol for machine-type communications in lte-advanced. Wireless Networks, 21(2):405-419.
  7. Lai, C., Li, H., Lu, R., and Shen, X. S. (2013). Se-aka: A secure and efficient group authentication and key agreement protocol for lte networks. Computer Networks, 57(17).
  8. Martucci, L. A., Carvalho, T. C. M. B., and Ruggiero, W. V. (2004). A Lightweight Distributed Group Authentication Mechanism. In Furnell, S. M. and Downland, P. S., editors, 4th International Network Conference (INC 2004), pages 393-400.
  9. Nguyen, L. H. and Roscoe, A. W. (2006). Efficient group authentication protocol based on human interaction. In In Proceedings of the Workshop on Foundation of Computer Security and Automated Reasoning Protocol Security Analysis (FCS-ARSPA, pages 9-33.
  10. Page, T. (2009). The application of hash chains and hash structures to cryptography. Tr, Royal Holloway, University of London.
  11. Seitz, L., Gerdes, S., Selander, G., Mani, M., and Kumar, S. (2016). Use Cases for Authentication and Authorization in Constrained Environments. RFC 7744 (Informational).
  12. Svensson, M., Paladi, N., and Giustolisi, R. (2015). 5g: Towards secure ubiquitous connectivity beyond 2020. Tr, Swedish Institute of Computer Science.
  13. Zhang, M. and Fang, Y. (2005). Security analysis and enhancements of 3gpp authentication and key agreement protocol. IEEE Transactions on Wireless Communications, 4(2):734-742.

Paper Citation

in Harvard Style

Giustolisi R. and Gehrmann C. (2016). Threats to 5G Group-based Authentication . In Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016) ISBN 978-989-758-196-0, pages 360-367. DOI: 10.5220/0005996203600367

in Bibtex Style

author={Rosario Giustolisi and Christian Gehrmann},
title={Threats to 5G Group-based Authentication},
booktitle={Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)},

in EndNote Style

JO - Proceedings of the 13th International Joint Conference on e-Business and Telecommunications - Volume 4: SECRYPT, (ICETE 2016)
TI - Threats to 5G Group-based Authentication
SN - 978-989-758-196-0
AU - Giustolisi R.
AU - Gehrmann C.
PY - 2016
SP - 360
EP - 367
DO - 10.5220/0005996203600367