Abstract

One of the primary authentication mechanisms defined for the 5G system is the 5G-Authentication and Key Agreement (5G-AKA) protocol. It is set to be used in the next generation of mobile communications but has several serious flaws such as privacy issues, vulnerability to traceability attacks, and has de-synchronization problem. To deal with these issues, An Braeken presented a lightweight authentication mechanism that provides security features not present in 5G-AKA, but the scheme fails to provide perfect forward secrecy. Later Munilla et al. introduced an improved version of the Braeken authentication scheme that claims to provide perfect forward secrecy but is computationally expensive and prone to DoS attacks if the size of the server database is large. Taking this in view, we propose a cost-effective scheme that provides all the security features, including perfect forward secrecy. We do the informal (non-mathematical) and formal analysis (using the ROR, GNY, and Scyther tool) of the security properties of the proposed protocol and show that the proposed protocol provides all the security features. Furthermore, we measure the performance of the proposed protocol in terms of energy consumption and computational, communication and storage costs. The evaluation results show that the proposed protocol takes significantly less cost than most of its competitors. In addition to this, we also compute the performance of the proposed protocol under unknown attacks in terms of computational, communication, and energy consumption costs. The outcome of analysis shows that the proposed protocol takes very less overhead under unknown attacks compared to its competitors.