A TESLA-based mutual authentication protocol for GSM networks

Abstract

The widespread use of wireless cellular networks has made security an ever increasing concern. GSM is the most popular wireless cellular standard, but security is an issue. The most critical weakness in the GSM protocol is the use of one-way entity authentication, i.e., only the mobile station is authenticated by the network. This creates many security problems including vulnerability against man-in-the-middle attacks. Several solutions have been proposed to establish mutual entity authentication. However, none provide a aw-free bilateral authentication protocol. In this paper, we show that a recently proposed solution is vulnerable to a "type attack". Then, we propose a novel mutual entity authentication using the TESLA protocol. The proposed solution not only provides secure bilateral authentication, but also decreases the call setup time and the required connection bandwidth. An important feature of the proposed protocol is that it is compatible with the GSM standard.