Multi-Platform Performance Evaluation of the TUAK Mobile Authentication Algorithm

Keith Mayes; Steve Babbage; Alexander Maximov

Multi-Platform Performance Evaluation of the TUAK Mobile Authentication Algorithm

Keith Mayes, Steve Babbage, Alexander Maximov

Research output: Contribution to journal › Article › peer-review

Abstract

Support for secure mobile authentication in long-term Machine-to-Machine (M2M) deployments, in which the network operator may change, requires the use of common authentication algorithms. The existing 3G MILENAGE algorithm is suitable for this, however there is need for a back-up/alternative in case vulnerabilities are discovered. TUAK is a new mutual authentication and key generation algorithm proposed by the Security Algorithm Group of Experts (SAGE) of the European Telecommunications Standards Institute (ETSI) and published by the Third Generation Partnership Project (3GPP). TUAK is based on the Keccak sponge function, which has very different design principles to MILENAGE. However, the practicality of implementing TUAK on currently deployed and/or future Subscriber Identity Module (SIM) cards was not well known. This paper extends on work first published in ICONS16/EMBEDDED2016; describing the implementation and performance of TUAK on three smart card platforms and a server.

Original language	English
Pages (from-to)	158-168
Number of pages	11
Journal	International Journal on Advances in Security
Volume	9
Issue number	3&4
Publication status	Published - 31 Dec 2016

Keywords

3GPP
GSM
Keccak
SAGE
TUAK

Access to Document

Cite this

@article{97526786addf4c6f8c102252503997af,

title = "Multi-Platform Performance Evaluation of the TUAK Mobile Authentication Algorithm",

abstract = "Support for secure mobile authentication in long-term Machine-to-Machine (M2M) deployments, in which the network operator may change, requires the use of common authentication algorithms. The existing 3G MILENAGE algorithm is suitable for this, however there is need for a back-up/alternative in case vulnerabilities are discovered. TUAK is a new mutual authentication and key generation algorithm proposed by the Security Algorithm Group of Experts (SAGE) of the European Telecommunications Standards Institute (ETSI) and published by the Third Generation Partnership Project (3GPP). TUAK is based on the Keccak sponge function, which has very different design principles to MILENAGE. However, the practicality of implementing TUAK on currently deployed and/or future Subscriber Identity Module (SIM) cards was not well known. This paper extends on work first published in ICONS16/EMBEDDED2016; describing the implementation and performance of TUAK on three smart card platforms and a server.",

keywords = "3GPP, GSM, Keccak, SAGE, TUAK",

author = "Keith Mayes and Steve Babbage and Alexander Maximov",

year = "2016",

month = dec,

day = "31",

language = "English",

volume = "9",

pages = "158--168",

journal = "International Journal on Advances in Security",

issn = "1942-2636",

number = "3&4",

}

TY - JOUR

T1 - Multi-Platform Performance Evaluation of the TUAK Mobile Authentication Algorithm

AU - Mayes, Keith

AU - Babbage, Steve

AU - Maximov, Alexander

PY - 2016/12/31

Y1 - 2016/12/31

N2 - Support for secure mobile authentication in long-term Machine-to-Machine (M2M) deployments, in which the network operator may change, requires the use of common authentication algorithms. The existing 3G MILENAGE algorithm is suitable for this, however there is need for a back-up/alternative in case vulnerabilities are discovered. TUAK is a new mutual authentication and key generation algorithm proposed by the Security Algorithm Group of Experts (SAGE) of the European Telecommunications Standards Institute (ETSI) and published by the Third Generation Partnership Project (3GPP). TUAK is based on the Keccak sponge function, which has very different design principles to MILENAGE. However, the practicality of implementing TUAK on currently deployed and/or future Subscriber Identity Module (SIM) cards was not well known. This paper extends on work first published in ICONS16/EMBEDDED2016; describing the implementation and performance of TUAK on three smart card platforms and a server.

AB - Support for secure mobile authentication in long-term Machine-to-Machine (M2M) deployments, in which the network operator may change, requires the use of common authentication algorithms. The existing 3G MILENAGE algorithm is suitable for this, however there is need for a back-up/alternative in case vulnerabilities are discovered. TUAK is a new mutual authentication and key generation algorithm proposed by the Security Algorithm Group of Experts (SAGE) of the European Telecommunications Standards Institute (ETSI) and published by the Third Generation Partnership Project (3GPP). TUAK is based on the Keccak sponge function, which has very different design principles to MILENAGE. However, the practicality of implementing TUAK on currently deployed and/or future Subscriber Identity Module (SIM) cards was not well known. This paper extends on work first published in ICONS16/EMBEDDED2016; describing the implementation and performance of TUAK on three smart card platforms and a server.

KW - 3GPP

KW - GSM

KW - Keccak

KW - SAGE

KW - TUAK

M3 - Article

SN - 1942-2636

VL - 9

SP - 158

EP - 168

JO - International Journal on Advances in Security

JF - International Journal on Advances in Security

IS - 3&4

ER -