**Comparative Study on 4G/LTE Cryptographic Algorithms**

**Supervised By**

Dr.Imad Fakhri

Al Shaikhli

Dr.Imad Fakhri

Al Shaikhli

Abstract

Outline

Long Term Evolution (LTE) is denoted also as 4G (Fourth Generation) of mobile communication, developed by 3GPP (Third Generation Partnership project) which is an evolution of the 3rd generation of mobile communication to provide better reliability, higher efficiency, more data capacity and lower cost than previous generation.

The LTE launched on December, 2009 by TeliaSonera in Oslo and Stockholm.

The main aim of cryptography in LTE network is to ensure data confidentiality and integrity. The LTE inherited all cryptographic algorithms that work with its predecessor such as SNOW 3G and AES. Furthermore, LTE has one extra cryptographic algorithm denoted as ZUC to cope with the next generation of mobile communication and guarantee its security from different threats.

Therefore, our attention is study all cryptographic algorithms related to LTE network and then do comparative study among them based on different factors.

So, our target is reveal the pros and cons of the LTE cryptographic algorithms from different perspectives in order to increase confidentiality and integrity of transmitted data over the air interface in LTE network.

The reason of using different factors is to measure the performance of an algorithm from several perspectives such as area and throughput from hardware perspective, time and memory complexity from security perspective and others.

Introduction & Background

What is LTE?

Recently, LTE-A(LTE advance) appeared as an evolution of LTE system developed by 3GPP to meet the expectations of the next generation of mobile communication by supporting higher data usage, lowest latencies and better spectral efficiency.

According to (Ronit Nossenson, 2010), LTE is considered as an essential pace for the next generation of mobile communication .

During 2013, 244 operators were commercially launched LTE services in 92 countries.

LTE is considered to be the latest standard technology used in a mobile network whose the number of subscriber passed 85 percent of all subscriber worldwide.

The first initiation of LTE in 2004 by 3GPP (Third Generation Partnership Project), but the commercial services of LTE launched in 2010

LTE is a long term evolution standard of Universal Mobile telecommunications system (UMTS) cellular technology.

Both LTE & LTE-A systems support flat IP connectivity which are worked with heterogeneous wireless access network.

It is estimated that by 2016, it is going to reach one billion users. (Andy Patrizio, 2013)And the growth will continue to reach 925 million broadband subscribers worldwide by the end of 2018.

The LTE system architecture is identified as a flat network that contains fewer elements of nodes than 3G/UMTS and works with heterogeneous wireless access network which represented in Figure (1).

Figure (1): LTE Network Architecture.( Ronit Nossenson, 2010)

Studying has been conducted since 2010 to support LTE network with a high level of security through studying the encryption and decryption algorithms that work with this new technology and do enhancement on them.

Table(1): A brief description of the previous work of LTE Security.

Literature review

Continue-Table(1): A brief description of the previous work of LTE Security.

Problem Statement

2. There is insufficient study till now on the LTE cryptographic algorithms where it is essential to find the strengths and weaknesses of each algorithm.

As mentioned by (Anastasios N. Bikos, 2013), LTE is exposed to different kinds of risk in term of security and reliability. Proceeding from this view, more efforts should be done to increase security level of LTE network. Subsequently, this section will address existing security problems of LTE technology to be solved in this study which presented below:

1. Due to the nature of LTE network of working with heterogeneous and IP-based open networks that makes LTE exposes to different kinds of attacks from different networks.

According to Yongsuk Park (2007), “it is almost impossible to make a 100% secure system because new threats and vulnerabilities will continue to take place”.

3. Insufficient information on providing LTE network security means that more literature survey should be done to support LTE security.

Hypothesis

H1:

revealing the weaknesses of an algorithm may declare the problems that need to be solved for increasing security.

H2:

Finding the success factors of each LTE cryptographic algorithm may enhance the security.

RESEARCH QUESTIONS

There are several questions should be answered in this research:

4. How can we enhance the security of the existing LTE cryptographic algorithms?

3. Which algorithm provides higher security than the other?

2. What are the strengths and weaknesses of each LTE cryptographic algorithm?

1. How to measure the performance of LTE cryptographic algorithms?

Objectives

1. To discover the main factors of each LTE cryptographic algorithm .

2. To find the strengths and weaknesses of each LTE cryptographic algorithm.

3. To evaluate which algorithm provide higher security than the other.

4. To come up with new ideas that help in enhancing the existing LTE cryptographic algorithms to a higher security level.

SIGNIFICANCE OF THE STUDY

This study will provide empirical and comprehensive information about LTE cryptographic algorithms for 4G mobile communication security and it will be the base stone for the researchers who want to do further investigations in this area.

Furthermore, this study could provide helpful indications for the developers of the LTE cryptographic algorithms.

RESEARCH METHODOLOGY

Theoretical Background

LTE network has three sets of cryptographic algorithms:

First set is EEA1/EIA1 which is based on SNOW 3G algorithm.

Second set is EEA2/EIA2 which is based on AES algorithm.

Third set is EEA3/EIA3 which is based on ZUC algorithm.

Comparative Study on the LTE Core Algorithms Based on Different Factors.

There are different factors have been taken to measure the security of the LTE cryptographic algorithms :

1. Evaluating LTE's core algorithms based on

area

and

throughput

in hardware platform.

2.

Memory

and

Time

complexity from security perspective.

3.

Complexity Attacks

on LTE’s Core Algorithms.

4. Applying

NIST Test

on The LTE’s Core Algorithms.

The implementation of the LTE's core algorithms is done in Xilinx’s Virtex-5 FPGA (Field Programmable Gate Array) as evaluation devices which are more suitable for 4G era to ensure security of wireless communication.

Throughput & Area

Table(2): Comparison on the performance of LTE cryptographic core algorithms on FPGA hardware platform.

Area & Time Complexity

Table(3): The space and time complexity of the core LTE algorithms.( Ghizlane Orhanou, 2012)

Table(4): Space and Time complexity of the three sets of LTE security algorithms.

Complexity Attacks On LTE’s Core Algorithms

we made a literature survey of different types of common attacks of each LTE‘s core algorithm to show the resistance of each algorithm against specific attack .

Table(5): Survey on LTE's Attacks Algorithms.

NIST Test On The LTE’s Core Algorithms

If the algorithm fails or did not pass the statistical test meaning that the algorithm did not fulfill the security requirements.

ىيخةىثسس فثسف هىؤمعيث

لااال

NIST test includes 15 tests to check the randomness of the keystream of an algorithm.

SNOW 3G failed to pass eight tests from NIST test .

ZUC failed to pass last two tests.

AES achieved all the randomness test from round 3 and a bove.

FINDING AND RESULTS

From studying the LTE cryptographic algorithms and after doing the comparison among them, we reached to some facts that can play a significant role to do a positive change in security field of LTE network such as

• Each algorithm has strengths and weaknesses points based on different perspectives.

• Stream cipher used to speed up communication and avoid delay.

• Block cipher like AES exposes to cryptanalysis attacks than ZUC and SNOW 3G .

• AES algorithm is more efficient in software than hardware while SNOW 3G and ZUC are more efficient in hardware than software.

Conclusion & Futurework

This work provides a good insight to LTE network security which explains all cryptographic algorithms that work with this technology and do comparison among them based on different perspectives. For futurework , we suggest some ideas for increasing the security level of the LTE cryptographic algorithms such as

• Increase the keystream length in order to perform the entire NIST tests .

• Increase the number of registers in the feedback polynomial.

• Combine the benefits of block cipher and stream cipher to produce a new mixing algorithm.

• Generate sub keys for each plaintext is making attacks impossible.

Abstract

Introduction & Background

Literature Review

Problem Statement.

Hypothesis.

Research Questions.

Objectives

Significance of the Study.

Research Methodology.

Theoretical Background.

Comparative Study On LTE core algorithms based on different factors.

Finding & Results.

Conclusion & Futurework.

**Thank You**

**Done by**

Alyaa Ghanim

G1112572

Alyaa Ghanim

G1112572

References

Aes, N. I. S. T. (2001). Advanced encryption standard. Federal Information Processing Standard, FIPS-197, 12.

Americas, G. (2013). LTE: Long Term Evolution. from http://www.4gamericas.org/index.cfm?fuseaction=page§ionid=249

Armknecht, F. (2010). On the Security of the ZUC Algorithm –Current State and Open Questions, workshop .

AUDIA_S_ABD AL_R_ASEDY, A. A. J. A. S. (2000). An advantages and disadvantages of Block and Stream Cipher.

Biryukov, A., Priemuth-Schmid, D., & Zhang, B. (2012). Differential Resynchronization Attacks on Reduced Round SNOW 3G⊕. In e-Business and

Telecommunications (pp. 147-157). Springer Berlin Heidelberg.

Biryukov, A., Priemuth-Schmid, D., & Zhang, B. (2010, July). Analysis of SNOW 3G⌖ resynchronization mechanism. In Security and Cryptography (SECRYPT), Proceedings of the 2010 International Conference on (pp. 1-7). IEEE.

Biryukov, A., Priemuth-Schmid, D., & Zhang, B. (2010, January). Multiset collision attacks on reduced-round SNOW 3G and SNOW 3G⊕. In Applied Cryptography and Network Security (pp. 139-153). Springer Berlin Heidelberg.

Bikos, A. N., & Sklavos, N. (2013). LTE/SAE security issues on 4G wireless networks. Security & Privacy, IEEE, 11(2), 55-62.

Böhm, M. P. (2008). STATISTICAL EVALUATION OF STREAM CIPHER SNOW 3G.

Beming, P., Frid, L., Hall, G., Malm, P., Noren, T., Olsson, M., & Rune, G. (2007). LTE-SAE architecture and performance. Ericsson Review, 3, 98-104.

Cao, J., Ma, M., Li, H., & Zhang, Y. (2013). A survey on security aspects for LTE and LTE-A networks.

Conrad, E. (1997). Advanced encryption standard. White Paper.

Derbez, P., Fouque, P. A., & Leresteux, D. (2011). Meet-in-the-middle and impossible differential fault analysis on AES. In Cryptographic Hardware and Embedded Systems–CHES 2011 (pp. 274-291). Springer Berlin Heidelberg.

ETSI/SAGE. (2009). Specification of the 3GPP Confidentiality and

Integrity Algorithms UEA2 & UIA2.Document 1: UEA2 and UIA2 Specification. v. 2.1.

ETSI/SAGE. (2006). Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2.Document 5: Design and Evaluation Report.v.1.1.

ETSI/SAGE (2006). Specification of the 3GPP Confidentiality and Integrity Algorithms UEA2 & UIA2.Document 2: SNOW 3G Specification. v. 1.1.

ETSI/SAGE. (2011). Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 1: 128-EEA3 and 128-EIA3 Specification.v.1.7

ETSI/SAGE (2011). Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 2: ZUC Specification. Version: 1.6.

ETSI/SAGE ( 2011). Specification of the 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 4: Design and Evaluation Report. Version: 2.0.

3GPP. (2009). 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; 3GPP System Architecture Evolution (SAE): Security architecture. V 9.1.0. (Release 9)

Gilbert, H., & Minier, M. (2000). A collisions attack on the 7-rounds Rijndael.

GSA. (2013). GSA confirms 244 LTE networks are commercially launched, LTE1800 now mainstream. from http://www.gsacom.com/news/gsa_393.php

Juan Soto , L. B. (2000). Randomness Testing of the Advanced Encryption Standard Finalist Candidates NISTIR.

Kitsos, P., Sklavos, N., Provelengios, G., & Skodras, A. N. (2013). FPGA-based performance analysis of stream ciphers ZUC, Snow3g, Grain V1, Mickey V2, Trivium and E0. Microprocessors and Microsystems, 37(2), 235-245.

Lin, D., Shu-kai, L., Zhong-ya, Z., & Jie, G. (2010, December). Guess and determine attack on zuc based on solving nonlinear equations. In First International Workshop on ZUC Algorithm.

Lu, J., Dunkelman, O., Keller, N., & Kim, J. (2008). New impossible differential attacks on AES. In Progress in Cryptology-INDOCRYPT 2008 (pp. 279-293). Springer Berlin Heidelberg.

Nossenson, R. (2009, November). Long-term evolution network architecture. InMicrowaves, Communications, Antennas and Electronics Systems, 2009. COMCAS 2009. IEEE International Conference on (pp. 1-4). IEEE.

Orhanou, G., & El-Hajji, S. (2013). The New LTE Cryptographic Algorithms EEA3 and EIA3. Applied Mathematics & Information Sciences, 7(6).

Orhanou, G., El Hajji, S., Lakbabi, A., & Bentaleb, Y. (2012, May). Analytical evaluation of the stream cipher ZUC. In Multimedia Computing and Systems (ICMCS), 2012 International Conference on (pp. 927-930). IEEE.

Orhanou, G., El Hajji, S., & Bentaleb, Y. (2010). SNOW 3G stream cipher operation and complexity study. Contemporary Engineering Sciences-Hikari Ltd, 3(3), 97-111.

Orhanou, G., El Hajji, S., Bentaleb, Y., & Laassiri, J. Overview of LTE security mechanisms and cryptographic algorithms.

Orhanou, G., El Hajji, S., Bentaleb, Y., & Laassiri, J. (2010). EPS Confidentiality and Integrity mechanisms Algorithmic Approach. International Journal of Computer Science Issues (IJCSI), 7(4).

Patrizio, A. (2013). LTE Subscribers to Hit 200 Million Mark in 2013. from http://www.brighthand.com/default.asp?newsID=19753&news=LTE

Park, Y., & Park, T. (2007, November). A survey of security threats on 4g networks. In Globecom Workshops, 2007 IEEE (pp. 1-6). IEEE.

Pelzl, C. P. J. (2010). Understanding Cryptography: Springer.

Philippe Bulens, F. c.-X. S., Jean-Jacques Quisquater, & , P. P., Ga¨el Rouvroy. (2008). Implementation of the AES-128 on Virtex-5 FPGAs.

R. I. Kiyanchuk, R. V. O. (2012). Linear transformation properties of ZUC cipher. Kiyanchuk R. I., Oliynykov R.

Seddigh, N., Nandy, B., Makkar, R., & Beaumont, J. F. (2010, August). Security advances and challenges in 4G wireless networks. In Privacy Security and Trust (PST), 2010 Eighth Annual International Conference on (pp. 62-71). IEEE.

Topic, P. (2014). Global broadband subscriber numbers. from http://point-topic.com/free-analysis/five-year-broadband-subscriber-forecasts-to-end-2018/

Tutorialspoint. (2013). "LTE Network Architecture." from http://www.tutorialspoint.com/lte/lte_network_architecture.htm

Tunstall, M. (2011). Practical complexity differential cryptanalysis and fault analysis of AES. Journal of Cryptographic Engineering, 1(3), 219-230.

Tunstall, M. (2011). Low Complexity Differential Cryptanalysis and Fault Analysis of AES. from https://www.cosic.esat.kuleuven.be/ecrypt/courses/albena11/slides/michael_tunstall_dfaofaes.pdf

Wang, L., Jing, J., Liu, Z., Zhang, L., & Pan, W. (2011). Evaluating optimized implementations of stream cipher ZUC algorithm on FPGA. In Information and Communications Security (pp. 202-215). Springer Berlin Heidelberg.

Wikipedia. (2014). LTE (telecommunication). from http://en.wikipedia.org/wiki/LTE_(telecommunication)

William Stallings (2011). Cryptography and Network Security, 5/E. Pearson Education .

Wu, H., Huang, T., Nguyen, P. H., Wang, H., & Ling, S. (2012). Differential attacks against stream cipher zuc. In Advances in Cryptology–ASIACRYPT 2012 (pp. 262-277). Springer Berlin Heidelberg.

Zhang, L., Xia, L., Liu, Z., Jing, J., & Ma, Y. (2012, June). Evaluating the Optimized Implementations of SNOW3G and ZUC on FPGA. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on (pp. 436-442). IEEE.

Alyaa Ghanim and Imad Fakhri Al Shaikhli , "Comparative study on 4G/LTE cryptographic algorithms based on different factors". International Journal of Computer Science and Telecommunications (IJCST) Volume 5, Issue 7 (2014).

Munassar, Fatima, Alyaa Ghanim, and Abdul Rahman Ahmad Dahlan. "Change Management and its Contribution to the Success of IT Project Implementation." International Journal of Information and Communication Technology Research 3, no. 4 (2013).

Alyaa Ghanim, Fatima Munassar, and Abdul Rahman Ahmad Dahlan. "Project and Change Management Success Factors from Malaysian Government Departments and Agencies Perspective." IOSR Journal of Business and Management 11.2 (2013): 36-45.

Publications