Secure Mutual Authentication and Key-Agreement ...

RESEARCH ARTICLE

Adv. Sci. Lett. x, xxx–xxx, 2013

Copyright © 2013 American Scientific Publishers All rights reserved Printed in the United States of America

Advanced Science Letters Vol. x, xxx–xxx, 2011

Secure Mutual Authentication and Key-Agreement Protocol for IP Multimedia Server-Client Deebak Bakkiam David1, Muthaiah Rajappa1, Thenmozhi Karupuswamy2 and Swaminathan Pitchai Iyer1 1 School of Computing, SASTRA University, Thanjavur, TN 613401 - INDIA 2 School of Electrical and Electronics, SASTRA University Thanjavur, TN 613401 - INDIA

Since Social/Media Client has rapidly grown for Long Term Evolution (LTE) network, several Authentication and Key Agreement (AKA) Protocols have proposed for securing its communication. Wu et al. and Yoon et al. have concerned on for Server-Client environment. Though those mechanisms were failed to provide mutual authentication and secure key sharing for server-client. Thus this research paper focuses on Secure Mutual Authentication and Key Agreement (SM-AKA) to enhance the communication efficiency of server-client. Moreover, this paper pays its close attention for securing the LTE networks. While cross-examination, we find that the efficiency and performance analysis of SM-AKA protocol are better than the authentication mechanisms like Wu et al and Yoon et al. Keywords: Long Term Evolution, Authentication and Key Agreement, Wu et al.

1. INTRODUCTION To authenticate and authorize the IP Multimedia Subsystem (IMS) client, numerous authentication based security protocols are proposed. Moreover the strategies of authentication and key agreement (AKA) have been fairly growing for Long Term Evolution (LTE) networks. This section focuses on AKA mechanism, group based communication, elliptic curve significance, pairing based mechanism, research objective and contribution. 1.2 Mechanism of Authenticated and Key-Agreement (AKA) Protocol To overcome the authentication weakness in Global System for Mobile Communication (GSM) [1], a Universal Mobile Telecommunications System – Authentication and Key-Agreement (UMTS-AKA) protocol has proposed at the network level [2] for authenticating the IMS client that is grounded on the authentication procedure of UMTS. * Email Address: [email protected] 1

Adv. Sci. Lett. Vol. , No. , 2013

Using the security key, the UMTS-AKA protocol negotiates and achieves the mutual authentication between the clients. The UMTS-AKA may defeat the vulnerabilities found in the GSM systems to ensure the communication environmental security. Though, the attacks, namely re-direction and man-in-the-middle are still being vulnerable against the UMTS-AKA protocol. Third Generation Partnership Project (3GPP) has lately proposed the Evolved Packet System (EPS) that is grounded in the procedural structure of UMTS-AKA protocol. EPS-AKA protocols is widely accepted for the important factor of backward compatibility. This advantage may not only obstruct the connection progress but also design limitation. On the one hand, EPS-AKA protocol has some deficiencies of UMTS-AKA protocol and it may thus not resist the re-direction attack that is shown in [3,4], the attack like man-in-the-middle that is shown in [5,6] and Denial of Service (DoS) attack that is shown in [6,7]. On the other hand, the associated security issues like privacypreservation lacking and forward/backward key secrecy are not properly neglected with the EPS-AKA protocol. The multimedia communication networks like 4G / 5G

Adv. Sci. Lett. x, xxx–xxx, 2013 have so far examined the Authentication and Confidentiality. Thus, it is very clear that the former issues have still not been well-addressed for future generation networks. The International Mobile Subscriber Identity (IMSI) paging and linkability attacks [8] have exposed as the new novel privacy threats for 3G / 4G / 5G Internet telephony / networks. Most of the existing techniques have focused on for the requirements of authentication and confidentiality. It is thus shown that none of the existing techniques in the mobile communication networks have addressed the critical issue of privacy [9-11]. The EPSAKA applies the symmetric key sharing to perform the AKA mechanism. 1.3 Group-Based Communication Nowadays group based communication is prevailed to use the same network properties like Machine Type Communication (MTC) [12]-[14]. To share the same network properties, the communication devices / clients should be same and also its availability should be in the same network region [15]-[18]. So that the network access can run consecutively over a short time duration. Assume, there are numerous of communication clients in a group to access the same network successively. Owing to this success, the authentication methods would suffer from the network latency. Thus, 3G / Long Term Evolution networks have not had any authentication mechanism for group based communication. Though Ngo et al. [19] proposed the individual cum group authentication model for wireless communication networks. It uses a technique of dynamic key cryptography to provide better authentication for individual / group user / services. Aboudagga et al [20] proposed the methods of the associated authentication protocol over heterogeneous networks. This method is specifically designed and it thus has a universality lacking. Lately, Fun et al. [21] have proposed the handover authentication mechanism for WiMax networks and thus it is not suitable for LTE networks. Cao et al. [22] proposed authentication and key agreement for group based communication. Since it uses the strategy of asymmetric cryptography, the computation becomes costlier. Thus it may not be suitable for the LTE networks which have a resource constrained for mobile devices. 1.4 Significance of Elliptic-Curve Cryptography Using key K, the subkeys are computed and generated. Thus, disclosing the value of K reveals out the authentication procedure of EPS-AKA. So the former statement does not guarantee to provide Key Forward and Backward Secrecy (KFS / KBS). Generally, the traditional cryptosystem is employed to authenticate the remote clients [23-24]. The traditional cryptosystem does have to experience the computation of modular exponentiation. Thus a technique of Elliptic Curve

RESEARCH ARTICLE Cryptography (ECC) is proposed to solve the computational problem. The advantages of ECC are smaller key sizes and key-computation. Moreover it uses the method of Public-Key Infrastructure (PKI) to keep up the user’s public key certificates. If the user surges in more numbers then it requires larger storage space for storing the public-keys and certificates of the users. In addition, it has to additionally compute to verify the certificates of other protocols. For the aforecited problem, Shamir [25] proposed the identitybased public-key system that simplifies the management of certificate. But then, it has to generate the user’s private key using Key-Generation Center (KGC). The system of Shamir’s is grounded on the problem of integer factorization and thus not applicable for practical implementation [26]. Boneh et al. [27] proposed identitybased encryption model and this technique help to evolve pairing-based remote-client authentication widely. 1.5 Pairing-Based Key Authentication Mechanism Das et al. [28] proposed the pairing based key clientauthentication using smart card. This technique however suffers from the forgery attack. Fang et al [29] and Giri et al. [30] proposed an improved version of forgery attack. Though, the versions cannot be able to withstand against the forgery attack. Tseng et al. [31] and Goriparthi et al. [32] proposed the pairing based client-authentication mechanism for wireless client using smart card. However the technique of pairing based client authentication has not been able to provide mutual authenticated and keyagreement reliably for the multimedia client-server communication. For the security improvement, Wu et al. [33] and Yoon et al. [34] proposed the novel mechanism of authentication and key agreement to improve the performance of client-server. Even though this mechanism does not reduce the computation of one way hash function for client-server environment. 1.6 Paper Objective In this paper, we propose the secure mutual authentication and key agreement for the multimedia server-client environment. We present the secure mutual authenticated key-agreement in the multimedia server-client. Meanwhile, the proposed mechanism scales down the computational efficiency in comparison with existing schemes namely Wu et al. and Yoon et al. Besides, the proposed mechanism cuts off the key pairing operation which is contradicted to the general pairing function. The mutual authenticated key of the proposed mechanism relies on the private key’s of communicating parties and thus counteract against spoofing, re-direction,man-inthe-middle and Session Initiation Protocol (SIP) flooding attacks. This paper inter-operates the mechanism of clientserver using a bilinear - pairing system for multimedia 2

RESEARCH ARTICLE client-server communication. Importantly, this paper pays its close attention towards Secure Mutual Authentication and Key Agreement (SM-AKA) mechanism for LTE networks. Besides this paper does the efficiency and performance analysis to show off that the proposed protocol has a reasonable betterment than the authentication mechanism of Wu et al and Yoon et al. For experimental analysis, the On-Demand Authentication (O-DA) mechanisms like SM-AKA Wu et al and Yoon et al have been implemented on the multimedia server-client [35] [36] in analyzing metrics like call setup time, RTP session utilization and end-toend delay of multiple voice call session as like the research article [38]. The detailed concepts of the proposed architecture of the multimedia server-client are discussed in Section 2.

Adv. Sci. Lett. x, xxx–xxx, 2013 Section 4 discusses the related works. Section 5 detailedly describes the proposed protocol mechanism of SM-AKA. Section 6 describes the results and discussion about the IP Multimedia Server – Client. Section 7 draws up the conclusion of a research paper. 2. PROPOSED ARCHITECTURE MULTIMEDIA SERVER-CLIENT

OF

IP

Figure 1 shows the architecture of IP Multimedia Server-Client and its communication flow structure is based on the 3GPP standard. The architecture is categorized into three domains namely multimedia access network domain, multimedia server domain and multimedia home network domain. 2.1 Multimedia Access Network Domain

1.7 Research Contribution The research contributions of the proposed mechanism are as follows, (1) The proposed protocol of SM-AKA meets all the security requirements that are defined in the EPSAKA protocol. (2) Besides, the SM-AKA can be able to withstand against the existing attacks like redirection, man-inthe-middle and denial-of-service. (3) Importantly, the proposed protocol takes up the technical idea of asymmetric key cryptosystem to improve the sharing key-presearvation in the LTE networks. (4) To guarantee the KFS / KBS, the proposed protocol combines with ElGamal Diffie-Hellman (E-DH) cryptosystem. (5) To verify the secured authentication and security strength, a traffic analyzing tool of Proverif [37] and Ntop [39] is used. (6) The mutual key sharing mechanism is designed efficiently so that the computation-cumtransmission overhead on multimedia client can be scaled down considerably. (7) Besides, the proposed mechanism can also cut down the home network computation and storage space. (8) The architectural design of the SM - AKA protocol is grounded on the LTE network to enhance the mutual authenticity between the multimedia clientserver. (9) AKA Schemes like Wu et al., Yoon et al and SMAKA are cross-evaluated to find the time of execution of multimedia client-server (10) Eventually, to enhance client-server authentication performance, the proposed SM-AKA protocol reduces the one hash function for client-server. The forth-coming sections are devised as follows. Section 2 discourses the proposed architecture of multimedia server-client. Section 3 describes the following technical contents such as bilinear-pairing system and security properties of the AKA protocol. 3


MC, wEMC and iHMC are the main components of Multimedia Access Network Domain. MC is the multimedia applications that should be based on the 3GPP standard. wEMC and iHMC are the two different access network domains of 3GPP. 2.2 Multimedia Server Domains CSCF processes the Session Initiation Protocol (SIP) packets in the multimedia network domain for MC terminals. It has three server components. Component 1 is known as ‘Proxy Call Session Control Function (PCSCF). It acts as the ‘contact point’ for the MC terminals. Component 2 is known as ‘Serving Call Session Control Function’. It acts as the ‘node center’ of the signaling plane. Component 3 is known as ‘Interrogating Call Session Control Function’. It acts as the ‘function locator’ of an administrative domain.

Fig.1. Proposed Architecture of IP Multimedia ServerClient 2.3 Home and Web Network Domain

Adv. Sci. Lett. x, xxx–xxx, 2013 HSS and Web Server are the two different multimedia user data network domain. HSS has a master multimedia database that authenticates and authorizes the multimedia clients. Network domains provide an interface platform of convergence for Web Servers that presents the unique and generic service independent functional entity for IP Multimedia Domains. 3. BILINEAR PAIRING SYSTEM

The Bilinear pairing system is a constructive crypto-system of Next Generation Networks (NGN) and it includes the following crypto-systems such as Key-Agreement (KA), Identity-Based (ID) and KeySignature (KS) for the highly efficient cryptographic solution. This section states briefly about the bilinear pairing concept, related mathematical assumptions and important security properties. 3.1 Preliminaries Assume 𝐺1 𝑎𝑛𝑑 𝐺2 as two cyclic multiplicative groups, p as larger prime number and g as generator of 𝐺1 . The bilinear map of ê: 𝐺1 × 𝐺1 → 𝐺2 becomes admissible if the following properties are satisfied: ) ê ( ) for 1. For Bilinearity : ê ( 𝐺1 and 𝑎 2. For Non-Degeneracy : 1 2 1 such that ê ( 1 2) 1 3. For Computability : Existing of an efficient algorithm to compute ê ( 1 2) 2 for any 1 1 2

Since ê ( ê(

) ê(

c

ê(

) ê(

)

ê(

c

ê( ê(

)

)

ê(

) ê( + c

) ê(

c

ê(

c+ c

+

+ c

) is obvious, it implies that c) c). +c)

ê( +c

ê(

ê( ê( ê( ). ê (

)

ê( ). ê (

)(

+ )c

c)

)

( +c)

c)

)

( +c)

c)

The groups, maps and other parameters are

described fully in [39]. The group G must be chosen carefully to satisfy the following conditions. 1. In terms of efficiency, the group operation in G must be relatively easy. 2. In terms of security, the computation of discrete logarithm problem in G must be infeasible. 3.2 Key Agreement (KA) Related Security Properties In the past research, the desirable security goals

RESEARCH ARTICLE and its related attributes have been identified for KA protocols. Before describing the security properties of KA protocol, we like to state the significance of Authentication and Key Agreement (AKA) protocol, that is, Implicit Key Authentication should be provided to secure the entities session keys. As an instance, Alice and Bob are the two communication entities. They have session keys that are expected to be shared between the entities to thwart the anomalous users. On the other hand, the communication entities do not allow the anomalous users to determine the session key. It is thus known as AKA protocol. Additional security properties of AKA are defined in [40]. Assume, Alice and Bob are the communication entities. Known-Key Security – The protocol adheres with known-Key Security, if an adversary is failing to determine the others previous or future session keys from the knowledge of previous session keys. Forward Secrecy - (Perfect) – The protocol adheres with Perfect (Forward Secrecy), if a passive adversary is failing to determine the long term private key of one or more communication entities from the knowledge of compromised previous session keys. Forward Secrecy – (Partial) – The protocol adheres with Partial (Forward Secrecy), if some of the long term session key is compromised but not all. Perfect-Forward Secrecy – The protocol adheres with Perfect-Forward Secrecy, if the long term session keys of all the communication entities are compromised. Key Compromise-Impersonation Resilience – When a long term session key of Alice/Bob is compromised with an adversary, then an adversary may impersonate as Alice/Bob. However, the protocol has a feature of resistant that will not allow the adversary to impersonate as authenticated entities [1] Unknown Key-Share-Resilience – AKA Protocol resists the unknown key-share attack where the honest entities like Alice and Bob share the session keys between them. Alice believes that she shares the session key with Bob, by mistaken, the session key is shared with an anomalous entity Eve. No Key Control – Participants or Adversaries can’t pre-select or predict the session keys. Moreover it should not be forced at all by the participants / adversaries. 4. RELATED WORK 4

RESEARCH ARTICLE In 1981, L. Lamport [41] proposed the first password based authentication scheme for user authorization. Subsequently, many authentication [42-46] schemes were proposed to resolve the security lacking in [41]. But then, the authentication schemes fail to achieve the mutual authentication for the server-client environment. To resolve the issue of mutual authenticity, N.M. Al-Saidi et al. and S.G. Yoo et al. [47,48] have recently proposed the improved version of authentication mechanism for single server environment and thus can’t provide reliable authentication mechanism for the 3GPP / 3GPP2 networks. Diffie and Hellman [49] proposed the first un-authenticated key agreement protocol and it was grounded on the technical concept of asymmetric-cryptographic system. For 3GPP/3GPP2 networks, authenticated key agreement has become a security key factor and it should have mutual authenticity, larger authentication key, data integrity and the hash function for the secure network. Many authenticated and key agreement protocols have been proposed for the secure network. Nevertheless, very few protocols are dedicated for the portable communication system (PCS) namely Global System for Mobile Communication (GSM), Maintain the Architecture of Global System for Mobile Communication (MGSM) and Public-Key protocol system [50-53]. Mobile Application (MA) Usually implements the authenticated key agreement [5457] through the traditional public-keycryptographic system. Though, the MA are suffered from mutual authentication, expensive computation cost, interoperability and power capacity. As a result, the MA generally rules out the modular exponentiation to reduce the computational cost. Several Authentication and Key Agreement protocols have been proposed for 3G / 4G / 5G / LTE networks. Harn et al [58] proposed the conceptual technique of ER-AKA protocol that uses the strategies of hash function and message authentication to enhance the authentication procedure of UMTS-AKA protocol. Though this protocol experiences the space and communication overhead for hash-chain storage and transmission. Zhang et al. [59] shown off the security weakness of AKA protocol. First weakness is that it can withstand against the false-base station attack. Second weakness is that it allows the adversary to use the authentication vector for network impersonation. Third weakness is that it incurs the 5


Adv. Sci. Lett. x, xxx–xxx, 2013 resynchronization. AP-AKA protocol [59] proposed to overcome the weakness of false-base attack, network impersonation and resynchronization. Lee et al. [60] proposed the extension of AP-AKA protocol that overcomes the aforesaid weakness more efficiently. Three major drawbacks have been found for AP-AKA protocol, that are bandwidthconsumption, space overhead and AV computation overhead. C.M. Huang et al [61] proposed to pruneoff the AV transmission that helps to improve the consumption of bandwidth. Though this protocol can not withstand against the attacks like re-direction and man in the middle. Al-Saraireh et al [62] designed the mechanism based on symmetric based authentication protocol. Though it eliminates the computation cost of AV, it also fails to withstand against the former attacks. Ou et al. [63] proposed the Cocktail-AKA protocol that uses the variables like Medicated Authentication Vector (MAV) and Private Authentication Vector (PAV) to reproduce the AV efficiently. Though it is vulnerable against the Denial of Service (DoS) attack. Y.L. Huang et al. [64] proposed a secured AKA protocol and it is failed to withstand against the former attacks. Moreover it does not guarantee the robustness, owing to lack of group-authentication mechanism. Chen et al. [65] proposed Group-Authenticated and Key-Agreement (G-AKA) protocol to facilitate the roaming between Home Network (HN) and Serving Network (SN). However it also fails to provide enough security to withstand against the former attacks.This paper presents a secure mutual authentication and key agreement (SM-AKA) mechanism and the objective of this mechanism is to secure the multimedia serverclient efficiently. This mechanism can be able to withstand against the following vulnerabilities like man-in-the-middle, redirection and sip flooding attacks. Moreover this mechanism uses bilinear pairing system to investigate multimedia serverclient. The protocols like SM-AKA, EPS-AKA and AP-AKA are investigated in multimedia server-client to analyze the metrics such as call setup time, network utilization, bandwidth utilization, RTP session utilization, call success rate, end-to-end delay of single voice call session, end-to-end delay of multiple voice call session and flooding attack detection rate. 5. PROPOSED MECHANISM OF SM-AKA

In this section, a protocol of Secure Mutual Authentication and Key Agreement (SM-AKA) is

RESEARCH ARTICLE

Adv. Sci. Lett. x, xxx–xxx, 2013 proposed to secure the real time multimedia serverclient. The multimedia server-client use a signaling protocol of SIP to negotiate the common secret key. Moreover the multimedia server-client use the negotiated secret key to encrypt / decrypt the voice transmission data. The proposed protocol has a significant feature of privacy-protection for end-toend multimedia clients. It does frequent key changes via SIP signaling protocol without call session delays. The proposed protocol uses the ElGamal cryptosystem to protect privacy of multimedia session over the Internet. 5.1 Flow Methodology of SM-AKA While the VoIP call setup is being progressed in

multimedia server-client, the multimedia serverclient should be able to negotiate the common secret key internally using SM-AKA mechanism with less interaction of SIP signaling protocol. The flow procedures are as follows 1. Alice (IMS Client) chooses a random integer XA that must be smaller than the prime number q and it is to be defined as her private key. After that, A Alice defines a public key YA mod q. The ‘mod’ is a modulus operator in ElGamal cryptosystem. q is a prime number and is a primitive root of q that are agreed to be shared with peer client Bob. 2. Bob (IMS Client) chooses a random integer XB that must be smaller than the prime number q and it is to be defined as his private key. After that, B Alice defines a public key YB mod q. The ‘mod’ is a modulus operator in ElGamal cryptosystem. q is a prime number and is a primitive root of q that are agreed to be shared with peer client Alice. 3. Public Keys are YA and YB that exchange between the IMS Clients (Alice and Bob) over the public network 4. The key computation of Alice is K (C) A mod q (1) The key computation of Bob is K (C) B mod q (2) k ( ) Where C mod q, k is an random integer such that 1 ≤ k ≤ q – 1 K is a session key 5. Upon receiving , the multimedia server (CSCF) selects the random integer and computes ( ) (3) 1 ( (4) 2 4

(5) X (6) 2 After computation, the multimedia server (CSCF) transmits 1 and 2 to the multimedia client 1 and client 2. 6. Upon receiving 1 2 , the multimedia Client1 and Client2 evaluates whether is equivalent to 1 2 ( 1 X ) and H=H 4( 2 X ). If it holds true then Client1 and Client2 do the computation of ( , 1X ) ( ), 4( 2X ) and ( ). 4 4 After computation, the multimedia Client1 and Client2 transmit Verf1 and Verf2 to the multimedia server (CSCF). 7. Upon receiving Verf1 and Verf2 , the multimedia server (CSCF) do the computation of Verf1) and Verf2) to 1( 2( check whether the sharing session key is or not. ( 4(

Fig.2. Proposed Mechanism of SM-AKA Protocol 5.2 Multimedia Security – An Analysis This section demonstrates the SM-AKA protocol and the formal verification is done to evaluate whether it meets out the security 6

RESEARCH ARTICLE requirements or not. The architectures of Wu et al., Yoon et al. and SM-AKA protocol are adopted as alike as to meet the standard security threshold. The standard security requirements are as follows, 5.2.1 Mutual Authentication for Multimedia Client In the SM-AKA protocol, the multimedia client is identified by its URIMC (Uniform Resource Identifier). It uses AUTHDATA1 to get AUTHHSS containing authenticated data DATA1 from HSS in the HN and then it does the mutual authentication with the HN. Using MCDATAi, the value of KDATAi is generated and pre-shared with the HN to authenticate the multimedia clients. Moreover the multimedia clients are mutually authenticated with the SN using the perfect hash function (H). On the other hand, MCDATAi is authenticated by the SN and it is used to check whether the return key values of multimedia clients are same or not. 5.2.2 Confidentiality for Multimedia Client The AKA mechanism has the following built-in mechanisms such as cipher-algorithm agreement, cipher key-agreement and signaling dataconfidentiality. The proposed mechanism of SMAKA protocol inherits the features of EPS-AKA protocol and thus proves that it can meet out all the demands of EPS-AKA protocol. The parameter of AUTHDATA1 is used for cipher-algorithm agreement. The parameter of RAND is used for cipher keyagreement. A technique of ElGamal is used to authenticate the data and signaling confidentiality. Later, the Multimedia Client (MC) and Serving Network (SN) use shared session key on each sessional time to ensure confidentiality and mutual authenticity. 5.2.3 Data Integrity for Multimedia Client The AKA mechanism has the following built-in integrity mechanisms such as algorithm-agreement, key-agreement and signaling data authentication. The parameter of AUTHDATA1 and RAND are used to verify the data integrity. In addition, a technique of subsequent key method is used on each sessional time to verify and protect the user data. 5.3 Efficiency of AKA Scheme – A Comparison This section summarizes the efficiencies of Wu 7


Adv. Sci. Lett. x, xxx–xxx, 2013 et al., Yoon et al. and SM-AKA protocols. The summarization table includes the following operations, Table.1. Comparison the Efficiencies of AKA Schemes AKA

Wu et al.

Yoon et al.

SM-AKA

Schemes

Scheme

Scheme

Scheme

Cost of

4TSM

4TSM

2TSM

Computation

+1TAP+

+1TAP+

+2TE+

3TOH

2TOH

3TOH

0.565 s

0.567 s

0.333 s

2TE + 2TSM

2TE +2TSM

Time of Execution (Multimedia Client) Cost of

Computation +1TAP+3TOH +1TAP+2TOH

2TE+3TOH

Time of Execution (Multimedia

9.965 s

9.867 s

3.672 s

Secured

Not Known

Secured

Client) KnownAttacks

TBM is the time execution of bilinear map function TSM is the time execution of scalar multiplication TAP is the time execution of additional operation TMTPH is the time execution of map to point hash function TMI is the time execution of modulus inversion TOH is the time execution of one way hash function TE is the time execution of modular exponentiation From the observation of Table 1, we can utter that the proposed mechanism of SM-AKA protocol is more efficient than the existing mechanisms like Wu et al. and Yoon et al. The computation cost of proposed mechanism is better than the existing schemes and thus reduces the time of execution of multimedia client-server. 6. RESULTS AND DISCUSSION

This section analyzes the AKA schemes such as Wu et al, Yoon et al and SM-AKA using IP Multimedia Core Network-OpenIMSCore (Server) [35] and IP Multimedia-UCTIMS (Client) [36]. Three IP Multimedia Server and Client environments are designed and developed with AKA schemes on the Linux platform to evaluate the metrics like call-

Adv. Sci. Lett. x, xxx–xxx, 2013 setup time, RTP session utilization and end to end delay of multiple voice-call session. First environment is called as Multimedia Server-Client 1 and it examines the Wu et al. scheme. Second environment is called as Multimedia Server-Client 2 and it examines the Yoon et al. scheme. Third environment is called as Multimedia Server-Client 3 and it examines the SM-AKA scheme. Voice call service is chosen as the mode of communication for multimedia client. The environments such as Server-Client 1, Server-Client 2 and Server-Client 3 are deployed in the heterogeneous network to investigate the aforementioned metrics. The domains IP’s are set to interrogate the call session of multimedia clientserver. As like the research article [37], the multimedia client – server are configured successfully in the Linux platform. The details of multimedia clientserver configuration are as follows, First Linux environment (Integrated of Wu et al. Scheme) Step1: Setup IP Address and Domain Name like 192.168.12.2 and sastratcs.test for IP Multimedia Server [35] Step2: Open UCTIMS [36] and then Fill user details of Alice in the IMS setup option Step3: Run Server-Client 1 to examine the mentioned metrics Second Linux environment (Integrated of Yoon et al. Scheme) Step1: Setup IP Address and Domain Name like 192.168.12.3 and sastratcs1.test for IP Multimedia Server [35] Step2: Open UCTIMS [36] and then Fill user details of Bob in the IMS setup option Step3: Run Server-Client 2 to examine the mentioned metrics Third Linux environment (Integrated of SMAKA Scheme) Step1: Setup IP Address and Domain Name like 192.168.12.4 and sastratcs2.test for IP Multimedia Server [35] Step2: Open UCTIMS [36] and then Fill user details of Caesar in the IMS setup option Step3: Run Server-Client 3 to examine the mentioned metrics The three IMS Client-Server environments are run parallel to analyze the call setup time, RTP session utilization and end to end delay of multiple voice-call session. To examine the metrics, IMS server is set to be run for half-an-hour; Voice of IMS client is set to be run for half-an-hour; the packet

RESEARCH ARTICLE discarding ratio is set to be as 0.02%; the packet transfer latency is set to be as 𝑒 −0.05 𝑠 ; the call response time is set to be as 2 ms. Importantly, IPSec and TLS are enabled to secure the services of multimedia.

Fig.3. Call Setup Time of IMS Server-Client Fig.3 illustrates the Call-Setup Time of the Multimedia Server-Client. IMS Server-Client environments are installed in the Linux platform to inspect the active voice call session for every five minutes. The Server-Client 3 With SM-AKA shows the most deserving results than the Server-Client 1 With Wu et al. and Server-Client 2 With Yoon et al. Most of the time, Server-Client 3 With SM-AKA establishes the voice call at around 0.09 sec and 0.11sec whereas the Server-Client 1 With Wu et al. establishes the voice call at around 0.4 sec; the Server-Client 2 With Yoon et al. establishes the voice call at around 0.35 sec. Fig.4 illustrates RTP Utilization Rate of IMS Server-Client. Even though the sessions are involved of different clients, the traversal of packet sizes are being stabilized well in Server-Client 3 With SMAKA to achieve better packet utilization rate than Server-Client 1 With Wu et al. and Server-Client 2 With Yoon et al. Most importantly, the stable utilization brings more active call session into the multimedia server-client.

Fig.4. RTP Utilization Rate of IMS Server8

RESEARCH ARTICLE Client Fig.5 illustrates End-To-End Multiple Voice Call Delay of IMS Server-Client. The server-client who’s IMS Core is enabled with SM-AKA, can counteract with session block to eliminate the session delay. Above all, the built-in strategy of SMAKA enhances the delivery ratio of voice packet to achieve a better throughput rate than Server-Client 1 With Wu et al. and Server-Client 2 With Yoon et al.

Adv. Sci. Lett. x, xxx–xxx, 2013 2. The secure mutual authentication mechanism has a facility of pre-share key checker that is helpful to get rid of unauthorized access 3. The SM-AKA protocol can withstand against the attacks like replay, parallel guessing, redirection, forgery, denial of service and SIP. 4. The multimedia server automatically terminates the client session if the session of client idles for more than the schedule time. ACKNOWLEDGEMENT The corresponding author of the paper would like to thank TATA Consultancy Services for Research Guidance and Financial Support. Also he would like to thank Shanmugha Arts Science Technology Research Academy (SASTRA) for being providing a good platform of research to work and explore in the field of Multimedia Communication Networking.

REFERENCES 1.

Fig.5. End-To-End Multiple Voice Call Delay of IMS Server-Client 7. CONCLUSION This research paper proposes the technique of Secure Mutual Authentication and Key Agreement (SM-AKA) to enhance the communication efficiency of the multimedia server-client. The schemes like Wu et al, Yoon et al and SM-AKA are successfully integrated with multimedia server-client environment to examine the metrics like call setup time, RTP utilization rate and end to end multiple voice-call delay. The integral part of the SM - AKA helps to retrench the delay period and thus has good packet delivery ratio and call-setup time. Above all, the proposed mechanism is cross-examined with the schemes like Wu at al and Yoon et al and found as good as for the LTE network. We draw the conclusion that the proposed mechanism of the SM - AKA protocol is a nontraditional mutual authenticated key agreement mechanism and add-on of interoperability for 3GPP/non-3GPP multimedia server-client communication. Besides , it has the following special attributes for the multimedia server-client communication, 1. The multimedia client can not freely share the secret key without the knowledge of the multimedia server.

9


J.A. Audestad, Network aspects of the GSM system, EUROCON 88 (1988) 2. 3GPP TS 21.133 V4.1.0, 3G Security; Security Threats and Requirements, 2001 3. M. Zhang, Provably-secure enhancement on 3GPP authentication and key agreement protocol, Verizon Commun., Cryptology ePrint Archive Rep. 2003/092, 2003 4. M.X. Zhang, Y.G. Fang, Security analysis and enhancements of 3GPP authentication and key agreement protocol, IEEE Transactions on Wireless Communications 4 (2) (2005) 734–742 5. U. Meyer, S. Wetzel, A man-in-the-middle attack on UMTS, in: Proc. 3rd ACM WiSe, New York, 2004, pp. 90–97 6. S. Wu, Y. Zhu, Q. Pu, Security analysis of a cocktail protocol with the authentication and key agreement on the UMTS, IEEE Communications Letters 14 (4) (2010) 366–368 7. Y.L. Huang, C.Y. Shen, S.W. Shieh, S-AKA: a provable and secure authentication key agreement protocol for UMTS networks, IEEE Transactions on Vehicular Technology 60 (9) (2011) 4509–4519 8. M. Arapinis, L. Mancini, E. Ritter, M. Ryan, N. Golde, K. Redon, R. Borgaonkar, New privacy issues in mobile telephony: fix and verification, in: Proceedings of the 2012 ACM Conference on Computer and Communications Security (CCS ’12), ACM, New York, NY, USA, 2012, pp. 205–216 9. .H.J. Zhu, X.D. Lin, M.H. Shi, P.H. Ho, X.M. Shen, PPAB: a privacypreserving authentication and billing architecture for metropolitan area sharing networks, IEEE Transactions on Vehicular Technology58 (5) (2009) 2529–2543 10. X.H. Liang, X. Li, R.X. Lu, X.D. Lin, X.M. Shen, Enabling pervasive healthcare with privacy preservation in smart community, in: 2012 IEEE International Conference on Communications (ICC), 10–15 June 2012, pp. 3451–3455. 11. X.H. Liang, R.X. Lu, L. Chen, X.D. Lin, X.M. Shen, PEC: a privacy preserving emergency call scheme for mobile healthcare social networks, Journal of Communications and Networks 13 (2) (2011) 102–112

Adv. Sci. Lett. x, xxx–xxx, 2013 12. 3GPP TR 23.888 V11.0.0, System Improvements for MachineType Communications, September 2012. 13. R.X. Lu, X. Li, X.H. Liang, X.M. Shen, X.D. Lin, GRS: the green, reliability, and security of emerging machine to machine communications, IEEE Communications Magazine 49 (4) (2011) 28–35 14. C.Z. Lai, H. Li, Y. Y Zhang, J. Cao, Security issues on machine to machine communications, KSII Transaction on Internet and Information Systems 6 (2) (2012) 498–514 15. A. Wasef, X.M. Shen, PPGCV: privacy preserving group communications protocol for vehicular ad hoc networks, in: IEEE International Conference on Communications, 2008. ICC ’08, 19–23 May 2008, pp. 1458–1463. 16. D. Niyato, L. Xiao, P. Wang, Machine-to-machine communications for home energy management system in smart grid, IEEE Communications Magazine 49 (4) (2011) 53–59 17. Y. Zhang, R. Yu, M. Nekovee, Y. Liu, S.l. Xie, S. Gjessing, Cognitive machine-to-machine communications: visions and potentials for the smart grid, IEEE Network 26 (3) (2012) 6–13 18. K. Lee, J.S. Shin, Y.W. Cho, K.S. Ko, D.K. Sung, H.S. Shin, A groupbased communication scheme based on the location information of MTC devices in cellular networks, in: Communications (ICC), 2012 IEEE International Conference on, 10–15 June 2012. pp.4899–4903. 19. H.H. Ngo, X.P. Wu, P.D. Le, B. Srinivasan, An individual and group authentication model for wireless network services, JCIT: Journal of Convergence Information Technology 5 (1) (2010) 82– 94 20. N. Aboudagga, J.J. Quisquater, M. Eltoweissy, Group authentication protocol for mobile networks, in: WIMOB ’07 Proceedings of the Third IEEE International Conference on Wireless and Mobile Computing, Networking and Communications IEEE Computer Society Washington, DC, USA, 2007. 21. A. Fu, S. Lan, B. Huang, Z. Zhu, Y. Zhang, A novel group-based handover authentication scheme with privacy preservation for mobile WiMAX networks, IEEE Communications Letters 16 (11) (2012) 1744–1747 22. J. Cao, M. Ma, H. Li, A group-based authentication and key agreement for MTC in LTE networks, in: Proc. of IEEE Globecom, 2012. 23. T. ElGamal, A public key cryptosystem and a signature protocol based on discrete logarithms, IEEE Trans. Inf. 31 (1985) 469– 472. 24. R.L. Rivest, A. Shamir, L. Adleman, A method for obtaining digital signatures and public key cryptosystems, Commun. ACM 21 (2) (1978) 120–126. 25. A. Shamir, Identity-based cryptosystems and signature protocols, in:Proceedings of the Advances in Cryptology – Crypto’84, SantaBarbara, USA, 1984, pp. 47–53. 26. Debiao He, “An Efficient Remote User Authentication and Key Agreement Protocol for Mobile Client Server Environment from Pairing,”Adhoc Network (ELSEVIER), vol.10, 2012, pp.10091016 27. D. Boneh, M. Franklin, Identity-based encryption from the Weil pairing, SIAM J. Comput. 32 (3) (2003) 586–615. 28. M.L. Das, A. Saxena, V.P. Gulati, D.B. Phatak, A novel remote client authentication protocol using bilinear pairings, Comput. Security 25 (3) (2006) 184–189. 29. G. Fang, G. Huang, Improvement of recently proposed remote client authentication protocols. http://eprint.iacr.org/2006/200

RESEARCH ARTICLE 30. D. Giri, P.D. Srivastava, An improved remote client authentication protocol with smart cards using bilinear pairings. http://eprint.iacr.org/2006/274 31. Y.M. Tseng, T.Y. Wu, J.D. Wu, A pairing-based client authentication protocol for wireless clients with smart cards, Informatica 19 (2) (2008) 285–302. 32. T. Goriparthi, M.L. Das, A. Saxena, An improved bilinear pairing based remote client authentication protocol, Comput. Stand. Interface 31 (1) (2009) 181–185. 33. T.-Y. Wu, Y.-M. Tseng, An efficient client authentication and key agreement protocol for mobile client–server environment, Comput. Networks 54 (2010) 1520–1530. 34. E.-J. Yoon, K.-Y. Yoo, A new efficient ID-based user authentication and key exchange protocol for mobile client–server environment, in: 2010 IEEE International Conference on Information Technology and Systems (ICWITS). doi:10.1109/ICWITS.2010.5611903. 35. OpenIMSCore (2009). Website Link: http://www.openimscore.org/ 36. UCTIMS (2012). Website Link: http://uctimsclient.berlios.de/ 37. B. Blanchet, Proverif: Cryptographic Protocol Verifier in the Formal Model. . 38. Muthaiah R, Deebak B D, Thenmozhi K, Swaminathan P. Interoperation Key Schema for Social Media Tools in IP Multimedia Subsystem, Journal of Communications. 8(11) (2013) 730-737. 39. Ntop (Traffic Analyzer), Version 2012. http://www.ntop.org/getstarted/download 40. Bao F, Deng R, Zhu H. Variations of Diffie–Hellman Problem. In: 5th international conference of information and communications security—ICICS 2003. Lecture notes in computer science, vol. 2836, 2003. p. 301– 12. 41. L Lamport. Password authentication with insecure communication, Communications of the ACM. 24(11) (1981) 770–772. 42. A K Awasthi, S Lal. A remote user authentication scheme using smart cards with forward secrecy, IEEE Transactions on Consumer Electronics. 49(4) (2003) 1246–1248. 43. A K Awasthi, S Lal. An enhanced remote user authentication scheme using smart cards, IEEE Transactions on Consumer Electronics. 50(2) (2004) 583–586. 44. N Koblitz. Elliptic curve cryptosystems, Mathematics of Computation. 48(177) (1987) 203–209. 45. T Kwon, Y H Park and H J Lee. Security analysis and improvement of the efficient password-based authentication protocol, IEEE Communications Letters. 9(1) (2005) 93–95. 46. R L Rivest, A Shamir, L Adleman. A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM. 21(2) (1978) 120–126. 47. N M Al-Saidi, M R M Said,W A M Othman. Password authentication based on fractal coding scheme, Journal of Applied Mathematics. (2012). 48. S G Yoo,K Y Park,J Kim. A security performance balanced user authentication scheme for wireless sensor networks, International Journal of Distributed Sensor Networks. (2012). 49. W Diffie, M E Hellman. New directions in cryptography, IEEE Transactions on Information Theory. 22(6) (1976) 644– 654. 50. N McCullagh, P S L M Barreto. A new two-party identity based authenticated key agreement, in Topics in Cryptology CT-RSA 2005, Springer, Berlin, Germany. 3376 (2005) 262– 274. 51. M Aydos, B Sunar, C Koc. An elliptic curve cryptography based authentication and key agreement protocol for wireless communication, in Proceedings of the 2nd International 10

RESEARCH ARTICLE

52.

53.

54.

55.

56.

57.

58.

59.

60.

61.

62.

63.

64.

65.

11

Workshop on Discrete Algorithms and Methods for Mobile Computing and Communications Symposium on Information Theory. (1998). M J Beller, L-F Chang, Y Yacobi. Privacy and authentication on a portable communications system, IEEE Journal on Selected Areas in Communications. 11(6) (1993) 821–829. C-C Lo, Y-J Chen. Secure communication mechanisms for GSM networks, IEEE Transactions on Consumer Electronics. 45(4) (1999) 1074–1080. A Klimm, B Glas, M Wachs, S Vogel, K D Muller-Glaser, J Becker. A security scheme for dependable key insertion in mobile embedded devices, International Journal of Reconfigurable Computing. (2011). W Ren, J Song, M Lei, Y Ren. BVS: a lightweight forward and backward secure scheme for PMU communications in smart grid, International Journal of Digital Multimedia Broadcasting. (2011). Y Kong, B Phillips. Revisiting sum of residues modular multiplication, Journal of Electrical and Computer Engineering. (2010). X Lu, W Wang, J Ma. Authentication and integrity in the smart grid: an empirical study in substation automation systems, International Journal of Distributed Sensor Networks. (2012). L. Harn, W.J. Hsin, On the security of wireless network access with enhancements, in: Proceedings of the 2003 ACM Workshop on Wireless Security, San Diego, CA, USA, pp. 88– 95. M.X. Zhang, Y.G. Fang, Security analysis and enhancements of 3GPP authentication and key agreement protocol, IEEE Transactions on Wireless Communications 4 (2) (2005) 734– 742. C.C. Lee, C.L. Chen, H.H. Ou, L.A. Chen, Extension of an efficient 3GPP authentication and key agreement protocol, Wireless Personal Communications (2011) 1–12 C.M. Huang, J.W. Li, Authentication and key agreement protocol for UMTS with low bandwidth consumption, in: Proceedings of 19th IEEE international conference on advanced information networking and applications (AINA), 2005, pp. 392–397. J. Al-Saraireh, S. Yousef, A new authentication protocol for UMTS mobile networks, EURASIP Journal of Wireless Communications and Networking 2006 (2) (2006) H.H. Ou, M.S. Hwang, J.K. Jan, A cocktail protocol with the authentication and key agreement on the UMTS, Journal of Systems and Software 83 (2) (2010) 316–325 Y.L. Huang, C.Y. Shen, S.W. Shieh, S-AKA: a provable and secure authentication key agreement protocol for UMTS networks, IEEE Transactions on Vehicular Technology 60 (9) (2011) 4509–4519 Y.W. Chen, J.T. Wang, K.H. Chi, C.C. Tseng, Group-based authentication and key agreement, Wireless Personal Communications (2010) .


Adv. Sci. Lett. x, xxx–xxx, 2013