Improving and distributing key management on mobile networks

Thumbnail Image
Journal Title
Journal ISSN
Volume Title
Aalto-yliopiston teknillinen korkeakoulu | Doctoral thesis (article-based)
Checking the digitized thesis and permission for publishing
Instructions for the author
Degree programme
Verkkokirja (622 KB, 58 s.)
TKK dissertations, 244
We address the problem of mobile network key management and authentication that negatively affects the handoff performance, adds overhead to the system in terms of key exchange signaling, authentication, and key distribution. We aim to improve the efficiency of the key management subsystem and to reduce investment pressure on core network elements. We address all these problems successfully. Our novel SKC key management mechanism is the best key management mechanism among the ones we found in reducing signaling load from the KD and making the mobility system independent of the AP-KD link delay. It is a significant contribution to the mobile network key management with fast handoffs when separate keys for APs are required and has many useful applications. Our novel receiver and sender ID binding protocol with symmetric keys is new and shows analogy with Identity Based Cryptography. It is a generalization of the identity binding that SKC is using. Furthermore, our distributed AAA architecture with SKC, certificates, and hardware-based security is a disruptive proposal and show how the mobile network KD can be distributed to the edge nodes. Our quantitative analysis and comparison of SKC and LTE key management is new and not seen before. Our research affected the LTE Security standardization and contributes to the research and development of home base stations, community and municipal Wi-Fi access points.
Supervising professor
Ylä-Jääski, Antti, Prof.
Thesis advisor
Asokan, N., Dr.
key management, mobile network security, authentication, fast handovers, key distribution
Other note
  • [Publication 1]: Wenhui Hu and Dan Forsberg. 2006. Fast solutions for AP-to-AP handoffs. In: Proceedings of the 11th Nordic Workshop on Secure IT-Systems (NordSec 2006). Linköping, Sweden. 19-20 October 2006. 13 pages.
  • [Publication 2]: Dan Forsberg. 2007. Protected session keys context for distributed session key management. Wireless Personal Communications, volume 43, number 2, pages 665-676. doi:10.1007/s11277-007-9271-6.
  • [Publication 3]: Dan Forsberg, Huang Leping, Kashima Tsuyoshi, and Seppo Alanärä. 2007. Enhancing security and privacy in 3GPP E-UTRAN radio interface. In: Proceedings of the 18th IEEE International Symposium on Personal, Indoor and Mobile Radio Communications (PIMRC 2007). Athens, Greece. 3-7 September 2007. 5 pages. ISBN 1-4244-1144-0.
  • [Publication 4]: Dan Forsberg. 2010. LTE key management analysis with session keys context. Computer Communications, volume 33, number 16, pages 1907-1915. doi:10.1016/j.comcom.2010.07.002.
  • [Publication 5]: Dan Forsberg. 2007. Use cases of implicit authentication and key establishment with sender and receiver ID binding. In: Proceedings of the 8th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2007). Helsinki, Finland. 18-21 June 2007. 8 pages. ISBN 1-4244-0992-6.
  • [Publication 6]: Dan Forsberg. 2007. Secure distributed AAA with domain and user reputation. In: The Third IEEE International Workshop on Trust, Security, and Privacy for Ubiquitous Computing (TSPUC 2007). Helsinki, Finland. 18-21 June 2007. Proceedings of the 8th IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM 2007). Helsinki, Finland. 18-21 June 2007. 6 pages. ISBN 1-4244-0992-6.