Multi-Platform Performance Evaluation of the TUAK Mobile Authentication Algorithm

Keith Mayes, Steve Babbage, Alexander Maximov

Research output: Contribution to journalArticlepeer-review


Support for secure mobile authentication in long-term Machine-to-Machine (M2M) deployments, in which the network operator may change, requires the use of common authentication algorithms. The existing 3G MILENAGE algorithm is suitable for this, however there is need for a back-up/alternative in case vulnerabilities are discovered. TUAK is a new mutual authentication and key generation algorithm proposed by the Security Algorithm Group of Experts (SAGE) of the European Telecommunications Standards Institute (ETSI) and published by the Third Generation Partnership Project (3GPP). TUAK is based on the Keccak sponge function, which has very different design principles to MILENAGE. However, the practicality of implementing TUAK on currently deployed and/or future Subscriber Identity Module (SIM) cards was not well known. This paper extends on work first published in ICONS16/EMBEDDED2016; describing the implementation and performance of TUAK on three smart card platforms and a server.
Original languageEnglish
Pages (from-to)158-168
Number of pages11
JournalInternational Journal on Advances in Security
Issue number3&4
Publication statusPublished - 31 Dec 2016


  • 3GPP
  • GSM
  • Keccak
  • SAGE
  • TUAK

Cite this