Hardware security modules for reliable mobile subscriber authentication and key agreement in 2G, 3G, 4G, and 5G mobile networks.
Mobile devices like smartphones, tablets and other handheld devices have become an essential part of our lives over the last two decades.
There are two main processes for the security of mobile networks:
- 1. Authentication is a security process to cryptographically confirm that the mobile phone and the network are the entities they claim to be.
- 2. Key Agreement is another security process that allows the mobile phone and the network to establish one or more shared security keys for the protection of traffic sessions.
Both processes are combined as a protocol – Authentication and Key Agreement (AKA) – to ensure the security of the mobile network from all sides.
The algorithms for subscriber authentication and key agreement have evolved over time, since mobile network technology has developed from 2G, over 3G and 4G to the latest 5G. In each network, providers need to ensure secure communication and the protection of the subscribers’ identity. There are different versions of the protocol defined for networks from 2G to 5G. All are a form of “challenge-response” protocols that are based on symmetric cryptography with a root, pre-shared symmetric key.
In addition, all AKAs are based on ‘symmetric cryptography’ with a root, pre-shared symmetric key (K) shared between the network and the SIM card. From this root K, security keys for the protection of traffic sessions are derived and used between the mobile phone and the network.
Utimaco offers specialized Hardware security modules that support the corresponding cryptographic processes for subscriber authentication and key agreement in mobile networks.