Journal of Computer Science and Technology ›› 2019, Vol. 34 ›› Issue (5): 1079-1095.doi: 10.1007/s11390-019-1961-5

Special Issue: Computer Networks and Distributed Computing

• Computer Networks and Distributed Computing • Previous Articles     Next Articles

Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks

Chi Zhang1, Jun-Rong Liu1,2, Da-Wu Gu1,*, Distinguished Member, CCF, Member, ACM, Wei-Jia Wang3, Xiang-Jun Lu1, Zheng Guo1,2, Hai-Ning Lu1,4   

  1. 1 School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai 200240, China;
    2 ZhiXun Crypto Testing and Evaluation Technology Co., Ltd., Shanghai 200240, China;
    3 Crypto Group, Electrical Engineering Department, Institute of Information and Communication Technologies Catholic University of Louvain, Louvain-la-Neuve B-1348, Belgium;
    4 Shanghai Viewsource Information Science and Technology Co., Ltd, Shanghai 200240, China
  • Received:2018-10-25 Revised:2019-07-28 Online:2019-08-31 Published:2019-08-31
  • Contact: Da-Wu Gu E-mail:dwgu@sjtu.edu.cn
  • About author:Chi Zhang received his B.S. degree in computer science and technology from Southeast University, Nanjing, in 2014. He is currently a Ph.D. candidate at School of Electronic Information and Electrical Engineering, Shanghai Jiao Tong University, Shanghai. His research interests include hardware security, signal processing, and machine learning for side-channel analysis.
  • Supported by:
    This work was supported by State Grid Science and Technology Project of China under Grant No. 546816190003.

Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.

Key words: authentication protocol; cellular authentication and voice encryption (CAVE); code-division multiple access (CDMA); secure hash algorithm 1 (SHA-1); side-channel analysis;

[1] Shankar P M. Introduction to Wireless Systems. Wiley, 2002.
[2] Sauter M. From GSM to LTE:An Introduction to Mobile Networks and Mobile Broadband (1st edition). Wiley, 2011.
[3] Bertoni G, Daemen J, Peeters M, van Assche G. Keccak. In Proc. the 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, May 2013, pp.313-314.
[4] Steele R, Lee C C, Gould P. GSM, cdmaOne and 3G Systems (1st edition). Wiley, 2001.
[5] Mangard S, Oswald E, Popp T. Power Analysis Attacks:Revealing the Secrets of Smart Cards. Springer, 2007.
[6] Rao J R, Rohatgi P, Scherzer H, Tinguely S. Partitioning attacks:Or how to rapidly clone some GSM cards. In Proc. the 2002 IEEE Symposium on Security and Privacy, May 2002, pp.31-41.
[7] Zhou Y, Yu Y, Standaert F X, Quisquater J J. On the need of physical security for small embedded devices:A case study with COMP128-1 implementations in SIM cards. In Proc. the 17th International Conference on Financial Cryptography and Data Security, April 2013, pp.230-238.
[8] Liu J, Yu Y, Standaert F X, Guo Z, Gu D, Sun W, Ge Y, Xie X. Small tweaks do not help:Differential power analysis of MILENAGE implementations in 3G/4G USIM cards. In Proc. the 20th European Symposium on Research in Computer Security, September 2015, pp.468-480.
[9] Maghrebi H, Bringer J. Side-channel analysis of the TUAK algorithm used for authentication and key agreement in 3G/4G networks. In Proc. the 15th International Conference on Smart Card Research and Advanced Applications, November 2016, pp.39-56.
[10] Brier E, Clavier C, Olivier F. Correlation power analysis with a leakage model. In Proc. the 6th International Workshop on Cryptographic Hardware and Embedded Systems, August 2004, pp.16-29.
[11] Kocher P, Jaffe J, Jun B. Differential power analysis. In Proc. the 19th Annual International Cryptology Conference, August 1999, pp.388-397.
[1] Kai-Le Su, Qing-Liang Chen, Abdul Sattar, Wei-Ya Yue, Guan-Feng Lv, and Xi-Zhong Zheng. Verification of Authentication Protocols for Epistemic Goals via SAT Compilation [J]. , 2006, 21(6): 932-943 .
[2] Rui Xue and Deng-Guo Feng. New Semantic Model for Authentication Protocols in ASMs [J]. , 2004, 19(4): 0-0.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] Liu Mingye; Hong Enyu;. Some Covering Problems and Their Solutions in Automatic Logic Synthesis Systems[J]. , 1986, 1(2): 83 -92 .
[2] Chen Shihua;. On the Structure of (Weak) Inverses of an (Weakly) Invertible Finite Automaton[J]. , 1986, 1(3): 92 -100 .
[3] Gao Qingshi; Zhang Xiang; Yang Shufan; Chen Shuqing;. Vector Computer 757[J]. , 1986, 1(3): 1 -14 .
[4] Chen Zhaoxiong; Gao Qingshi;. A Substitution Based Model for the Implementation of PROLOG——The Design and Implementation of LPROLOG[J]. , 1986, 1(4): 17 -26 .
[5] Huang Heyan;. A Parallel Implementation Model of HPARLOG[J]. , 1986, 1(4): 27 -38 .
[6] Min Yinghua; Han Zhide;. A Built-in Test Pattern Generator[J]. , 1986, 1(4): 62 -74 .
[7] Gong Zhenhe;. On Conceptual Model Specification and Verification[J]. , 1987, 2(1): 35 -50 .
[8] Tang Tonggao; Zhao Zhaokeng;. Stack Method in Program Semantics[J]. , 1987, 2(1): 51 -63 .
[9] Min Yinghua;. Easy Test Generation PLAs[J]. , 1987, 2(1): 72 -80 .
[10] Zhu Hong;. Some Mathematical Properties of the Functional Programming Language FP[J]. , 1987, 2(3): 202 -216 .

ISSN 1000-9000(Print)

         1860-4749(Online)
CN 11-2296/TP

Home
Editorial Board
Author Guidelines
Subscription
Journal of Computer Science and Technology
Institute of Computing Technology, Chinese Academy of Sciences
P.O. Box 2704, Beijing 100190 P.R. China
Tel.:86-10-62610746
E-mail: jcst@ict.ac.cn
 
  Copyright ©2015 JCST, All Rights Reserved