A Provably Secure ECC-based Multi-factor 5G-AKA Authentication Protocol

Due to the constant penetration of various security attacks, it is highly important to secure the underlying communication networks between the IoT, Fog and Cloud in the next generation of mobile communication system (5G). Thus, secure authentication and key agreement protocol, namely 5G-AKA, has been proposed in the literature to safely and stably access the 5G mobile services. However, some recent findings reveal that 5G-AKA and its numerous versions based on symmetric or asymmetric encryption are either vulnerable to different attacks such as perfect forward secrecy violation, malicious Serving Network (SN), de-synchronization attack, privacy theft, stolen device, or are computationally intensive. Apart from that, these protocols use single-factor authentication. Considering the above demerits of these protocols and the necessity to provide enhanced security, we propose an Elliptic Curve-Cryptography (ECC)-based multi-factor 5G-AKA authentication protocol. It provides additional security and achieves cost-effectiveness in terms of computational, communication, storage costs and energy consumption. The formal security analysis using Real-Or-Random (ROR) logic has been done to confirm its security. Moreover, we evaluate the performance of the proposed protocol in terms of computational, communication, storage costs and energy consumption. The evaluation results show that the proposed protocol requires less cost than its counterparts, reducing computational cost by up to 57%, communication cost by up to 59%, storage cost by up to 52%, and energy consumption by up to 51%.