Name
Abstract | ||
|---|---|---|
Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA. |
Year | DOI | Venue |
|---|---|---|
2019 | 10.1007/s11390-019-1961-5 | Journal of Computer Science and Technology |
Keywords | Field | DocType |
authentication protocol, cellular authentication and voice encryption (CAVE), code-division multiple access CDMA), secure hash algorithm 1 (SHA-1), side-channel analysis | Authentication,Computer science,Cryptography,Computer network,Encryption,Authentication protocol,Side channel attack,Cellular network,Time division multiple access,Subscriber identity module,Distributed computing | Journal |
Volume | Issue | ISSN |
34 | 5 | 1000-9000 |
Citations | PageRank | References |
0 | 0.34 | 0 |
Authors | ||
7 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Chi Zhang | 1 | 3 | 0.74 |
| Junrong Liu | 2 | 16 | 5.90 |
| Dawu Gu | 3 | 644 | 103.50 |
| Weijia Wang | 4 | 1 | 0.73 |
| Xiangjun Lu | 5 | 1 | 1.75 |
| Zheng Guo | 6 | 25 | 8.29 |
| Hai-Ning Lu | 7 | 0 | 0.34 |