-
AKA stands for the Authentication and Key Agreement security protocol. It is a mechanism which performs authentication and session key distribution in Universal Mobile Telecommunications System (UMTS) networks. AKA is a challenge-response based mechanism that uses symmetric cryptography. AKA is typically run in a UMTS IM Services Identity Module (ISIM), which resides on a smart card like device that also provides tamper resistant storage of shared secrets.
Exponential key exchange
The first publicly knownbpublic-key agreement protocol that meets the above criteria was the Diffie-Hellman exponential key exchange, in which two people jointly exponentiate a generator with random numbers, in such a way that an eavesdropper has no way of guessing what the key is.However, exponential key exchange in and of itself does not specify any prior agreement or subsequent authentication between the participants. It has thus been described as an anonymous key agreement protocol.
Authentication
Anonymous key exchange, like Diffie-Hellman, does not provide authentication of the parties, and is thus vulnerable to Man-in-the-middle attacks.A wide variety of cryptographic authentication schemes and protocols have been developed to provide authenticated key agreement to prevent man-in-the-middle and related attacks. These methods generally mathematically bind the agreed key to other agreed-upon data.
|