A J-PAKE based Solution for Secure Authentication in a 4G Network Cristina-Elena Vintilă Military Technical Academy Bucharest, ROMANIA cristina.vintila@gmail.com Victor-Valeriu Patriciu Computer Science Department Military Technical Academy Bucharest, Bd. George Cosbuc, no. 81- 83,ROMANIA vip@mta.ro Ion Bica Computer Science Department Military Technical Academy Bucharest, Bd. George Cosbuc, no. 81- 83, ROMANIA ibica@mta.ro Abstract: 4G architecture is the latest 3GPP development when it comes to mobile networks design and optimization. Designed initially for data, but having a flexible architecture, 4G is capable of integrating IMS, this way bringing in voice and services. 3GPP wanted to facilitate the migration from 3G and non-3GPP solutions to the 4G design, therefore the core network components of 4G are capable of interacting with 3G core network devices, provided these ones have a interoperability feature. This way, even 3G or non-3GPP devices are capable of using the 4G services. Nevertheless, one of the biggest issues when interoperating these solutions and devices are the security aspects. This paper reviews some of the most common access methods and proposes a solution for having a more secure 4G authentication process, with regards to both 4G/3G mobiles authentication, but also with regards to non-3GPP mobile device authentication. Key words: SAE, EPC, AKA, EAP-AKA, HSS, J-PAKE, PKI, key management, IMS 1 Introduction The 4G architecture consists of two main components: the radio access network and the Evolved Packet Core. The radio network is represented by the eNodeB, the antenna and the air medium of transportation. The mobile devices connect to this antenna, which, in turn, has responsibilities in the mobile device authentication to the core network. The core network has several devices that deal with the signaling, traffic routing and prioritization and as well user authentication and charging. The most common core network devices are described in the following sections. This paper summarizes the most common authentication mechanisms for the access network and introduces the J- PAKE solution to secure access authentication. 2 Research background One of the devices is called MME (Mobility Management Entity); this is the core network equipment responsible for UE management, for the mobility management when the UE is moving around the radio network and for choosing which equipment is going to deal with the data traffic for a particular UE. When the UE connects to an eNB via the LTE radio interface, the antenna first forwards all the traffic to the MME via the S1-MME logical IP interface, as this entity is connected to the HSS. The role of the MME is in this case to facilitate the verification of the UE’s authentication and authorization credentials, based on the UE’s identity and credentials stored by the HSS. Unlike its predecessor, the SGSN (Serving GPRS Support Node), the MME is a control-plane dedicated entity, it does not participate in any user-plane traffic flows. Another device is called SGW (Serving Gateway). This core network entity is responsible for routing the uplink and downlink traffic for the UE, as well as for the QoS enforcement of this user- plane traffic. It is both a control-plane and user-plane entity, similar to the SGSN and GGSN (Gateway GPRS Support Node) from the 3G architecture. When thinking about the mobility cases, as well as for the connection of a single UE to multiple networks, the SGW is a single point of contact for that UE to the 4G network. The PGW (Packet Data Network Gateway) is entity is responsible for connecting the 4G network to the Internet and/or other networks the UE may connect to: the operator intranet/extranet or a services network, like IMS (IP Multimedia Subsystem). This makes this entity the point of contact for the UE to that network, the PGW having the role of assigning an IP address to the UE; this IP address may be assigned from a local pool, this can act or facilitate the UE connectivity to a DHCP server and it can also facilitate the obtaining of an address via the destination network, a procedure called IP-CAN. This entity is also doing the QoS policies enforcement, as it is indicated by the PCRF settings. As mentioned earlier in the SGW brief description, a single UE may be connected to more than just one network. When this situation appears, there can be more than one PGW serving that UE; nevertheless there is only one pair of MME and SGW at a moment in time, serving a particular UE. The PGW is also the mobility anchor of the UE (User Equipment), when this user moves around the network. The PCRF (Policy Charging and Rules Function) is a database. This entity is connected to the PGW and has a very important role in the IP-CAN procedures, as well as in the QoS policy definition. This entity behaves distinctively when it is located in the Home Network, versus when it is located in the Visited Network. Therefore, we can refer to the PCRF as being either H-PCRF (Home Network PCRF) or V-PCRF (Visited Network PCRF). Essentially, the PCRF is a database just as the HSS, only that is contains information related to the QoS and charging policies for a specific UE. Its interfaces to the other network elements are also Diameter. The H-PCRF is connected to the PGW via Recent Researches in Communications, Automation, Signal Processing, Nanotechnology, Astronomy and Nuclear Physics ISBN: 978-960-474-276-9 42