M.Sc. Gizem Akman defends her doctoral thesis"Privacy and Mobility Aspects in Authentication and Key Agreement Protocols" on Friday the 25th of October 2024 at 13 o'clock in the University of Helsinki Exactum building, Auditorium B123 (Pietari Kalmin katu 5, 1st floor). Her opponent is Professor Keith M. Martin (Royal Holloway, University of London, United Kingdom) and custos Professor Valtteri Niemi (University of Helsinki). The defence will be held in English. It is possible to follow the defence as a live stream at https://video.helsinki.fi/unitube/live-stream.html?room=l10.
The thesis of Gizem Akman is a part of research done in the Department of Computer Science and in the Secure Systems group at the University of Helsinki. Her supervisor has been Professor Valtteri Niemi (University of Helsinki).
Privacy and Mobility Aspects in Authentication and Key Agreement Protocols
Mobile communication technologies are a cornerstone in the rapid advancement of digitalization. Nowadays, Fifth Generation (5G) mobile networks provide seamless communication and unprecedented connectivity. Along with 5G, emerging technologies, such as the Internet of Things and Multi-Access Edge Computing (MEC), induce exponential growth in data generation.
Even though the interconnected world with emerging technologies eases the life of an individual, it also causes unexpected challenges in providing security and privacy of sensitive information. Security measures are crucial for data collection, transfer, processing, and storage. This thesis focuses on application authentication and key agreement protocols. More specifically, this thesis discusses providing privacy-preserving and secure authentication and key agreement protocols for mobile network applications using existing mobile systems or services. The thesis investigates this in various scenarios. The research for this thesis follows the design science research methodology.
First, devices with Multi-SIM and eUICC, holding several subscriptions, are studied in the setting of one subscription being used for primary services and the other for Authentication and Key Management for Applications (AKMA) services. The purpose of this study is to use AKMA services in parallel to and without interrupting the primary services. The solution includes arrangements and adaptations according to the technical requirements and standards.
Second, enhancing user privacy in MEC within 5G networks is investigated in the setting of a basic MEC usage scenario. The investigation started with listing privacy requirements for MEC usage. Then, privacy-preserving access protocols are introduced for stationary and mobile users. One of these protocols utilizes a novel privacy-enhanced version of AKMA for key agreements. Formal verification of AKMA and Privacy-Enhanced AKMA are performed using ProVerif.
Third, secure and privacy-preserving authentication and key agreement protocols for car-sharing applications using autonomous vehicles are studied. The solution introduces two protocols: one for privacy-preserving group forming protocol and the other for privacy-preserving meeting point selection protocol.
Fourth, splitting secret keys across several devices is considered to reduce the key exposure risks and provide additional control over the keys. Splitting keys requires the contribution of both parties who have the key shares. The solution introduces variants of the Station-to-Station protocol with the Key Derivation Function (STS-KDF) that have increased security and privacy due to splitting keys in two places. The formal verification of the variants and STS-KDF is done using the ProVerif tool.
Availability of the dissertation
An electronic version of the doctoral dissertation will be available in the University of Helsinki open repository Helda at http://urn.fi/URN:ISBN:978-952-84-0714-0.
Printed copies will be available on request from Gizem Akman: gizem.akman@helsinki.fi.