609:
33:
619:
183:) and serving system. The successful execution of AKA results in the establishment of a security association (i.e., set of security data) between the MS and serving system that enables a set of security services to be provided.
408:
227:. To ensure interoperability with current devices and partner networks, support for AKA in CDMA networks and handsets will likely be in addition to CAVE-based authentication.
50:
414:
565:
475:
464:
249:
426:
371:
648:
257:
97:
69:
553:
432:
76:
504:
321:
261:
116:
83:
643:
577:
559:
583:
420:
488:
213:
65:
54:
285:
364:
149:
622:
470:
172:
90:
612:
449:
357:
224:
157:
43:
345:
Illustrated Master thesis of
Authentication and Key Agreement (AKA) procedures and security aspects in UMTS
153:
510:
300:
290:
253:
168:
AKA – Authentication and Key
Agreement a.k.a. 3G Authentication, Enhanced Subscriber Authorization (ESA).
295:
176:
180:
521:
499:
396:
322:"Now you, too, can snoop on mobe users from 3G to 5G with a Raspberry Pi and €1,100 of gizmos"
145:
137:
344:
402:
547:
531:
380:
637:
230:
Air interface support for AKA is included in all releases following CDMA2000 Rev C.
326:
594:
526:
32:
248:
AKA a mechanism which performs authentication and session key distribution in
17:
516:
494:
220:
171:
The basis for the 3G authentication mechanism, defined as a successor to
481:
252:(UMTS) networks. AKA is a challenge–response based mechanism that uses
589:
571:
542:
240:
For information on AKA in roaming, see CDG Reference
Document #138.
272:
An attack against all variants of AKA has been reported, including
537:
237:
X.S0006), which has been integrated into TIA-41 (3GPP2 X.S0004).
234:
194:
349:
264:(Universal Integrated Circuit Card). AKA is defined in RFC 3310.
459:
438:
186:
Major advantages of AKA over CAVE-based authentication include:
353:
26:
273:
141:
448:
387:
233:
TIA-41 MAP support for AKA was defined in TIA-945 (
57:. Unsourced material may be challenged and removed.
223:networks, although it is expected to be used for
415:Java Authentication and Authorization Service
365:
8:
566:Protected Extensible Authentication Protocol
206:Support for signaling information encryption
203:Support for signaling message data integrity
476:Challenge-Handshake Authentication Protocol
212:Protection from rogue MS when dealing with
372:
358:
350:
250:Universal Mobile Telecommunications System
117:Learn how and when to remove this message
427:Simple Authentication and Security Layer
312:
258:IP Multimedia Services Identity Module
320:Chirgwin, Richard (5 December 2018).
260:(ISIM), which is an application on a
190:Larger authentication keys (128-bit )
7:
618:
554:Password-authenticated key agreement
55:adding citations to reliable sources
433:Security Support Provider Interface
572:Remote Access Dial In User Service
505:Extensible Authentication Protocol
66:"Authentication and Key Agreement"
25:
256:. AKA is typically run in a UMTS
200:Support for mutual authentication
617:
608:
607:
578:Resource Access Control Facility
560:Password Authentication Protocol
465:Authentication and Key Agreement
421:Pluggable Authentication Modules
209:Support for user data encryption
130:Authentication and Key Agreement
31:
584:Secure Remote Password protocol
144:networks. AKA is also used for
42:needs additional citations for
489:Central Authentication Service
219:AKA is not yet implemented in
175:, AKA provides procedures for
1:
649:Code division multiple access
409:Generic Security Services API
286:Evil twin (wireless networks)
439:XCert Universal Database API
150:digest access authentication
665:
156:based mechanism that uses
603:
471:CAVE-based authentication
173:CAVE-based authentication
148:generation mechanism for
193:Stronger hash function (
644:Cryptographic protocols
179:of the Mobile Station (
511:Host Identity Protocol
301:Stingray phone tracker
291:Cellphone surveillance
254:symmetric cryptography
158:symmetric cryptography
296:Mobile phone tracking
177:mutual authentication
51:improve this article
397:BSD Authentication
154:challenge–response
631:
630:
146:one-time password
138:security protocol
127:
126:
119:
101:
16:(Redirected from
656:
621:
620:
611:
610:
374:
367:
360:
351:
332:
331:
317:
122:
115:
111:
108:
102:
100:
59:
35:
27:
21:
664:
663:
659:
658:
657:
655:
654:
653:
634:
633:
632:
627:
599:
451:
444:
403:eAuthentication
389:
383:
378:
341:
336:
335:
319:
318:
314:
309:
282:
270:
246:
166:
123:
112:
106:
103:
60:
58:
48:
36:
23:
22:
15:
12:
11:
5:
662:
660:
652:
651:
646:
636:
635:
629:
628:
626:
625:
615:
604:
601:
600:
598:
597:
592:
587:
581:
575:
569:
563:
557:
551:
548:OpenID Connect
545:
540:
535:
532:NT LAN Manager
529:
524:
519:
514:
508:
502:
497:
492:
486:
485:
484:
473:
468:
462:
456:
454:
450:Authentication
446:
445:
443:
442:
436:
430:
424:
418:
412:
406:
400:
393:
391:
388:Authentication
385:
384:
381:Authentication
379:
377:
376:
369:
362:
354:
348:
347:
340:
339:External links
337:
334:
333:
311:
310:
308:
305:
304:
303:
298:
293:
288:
281:
278:
269:
266:
245:
242:
217:
216:
210:
207:
204:
201:
198:
191:
165:
162:
125:
124:
39:
37:
30:
24:
18:AKA (security)
14:
13:
10:
9:
6:
4:
3:
2:
661:
650:
647:
645:
642:
641:
639:
624:
616:
614:
606:
605:
602:
596:
593:
591:
588:
585:
582:
579:
576:
573:
570:
567:
564:
561:
558:
555:
552:
549:
546:
544:
541:
539:
536:
533:
530:
528:
525:
523:
520:
518:
515:
512:
509:
506:
503:
501:
498:
496:
493:
490:
487:
483:
480:
479:
477:
474:
472:
469:
466:
463:
461:
458:
457:
455:
453:
447:
440:
437:
434:
431:
428:
425:
422:
419:
416:
413:
410:
407:
404:
401:
398:
395:
394:
392:
386:
382:
375:
370:
368:
363:
361:
356:
355:
352:
346:
343:
342:
338:
329:
328:
323:
316:
313:
306:
302:
299:
297:
294:
292:
289:
287:
284:
283:
279:
277:
275:
267:
265:
263:
259:
255:
251:
243:
241:
238:
236:
231:
228:
226:
222:
215:
211:
208:
205:
202:
199:
196:
192:
189:
188:
187:
184:
182:
178:
174:
169:
163:
161:
159:
155:
151:
147:
143:
139:
135:
131:
121:
118:
110:
107:December 2018
99:
96:
92:
89:
85:
82:
78:
75:
71:
68: –
67:
63:
62:Find sources:
56:
52:
46:
45:
40:This article
38:
34:
29:
28:
19:
327:The Register
325:
315:
271:
247:
239:
232:
229:
218:
185:
170:
167:
133:
129:
128:
113:
104:
94:
87:
80:
73:
61:
49:Please help
44:verification
41:
527:LAN Manager
244:AKA in UMTS
164:AKA in CDMA
152:. AKA is a
638:Categories
399:(BSD Auth)
307:References
77:newspapers
556:protocols
517:IndieAuth
452:protocols
613:Category
574:(RADIUS)
522:Kerberos
500:Diameter
495:CRAM-MD5
411:(GSSAPI)
280:See also
268:Security
221:CDMA2000
140:used in
623:Commons
595:Woo–Lam
482:MS-CHAP
478:(CHAP)
405:(eAuth)
136:) is a
91:scholar
590:TACACS
580:(RACF)
568:(PEAP)
550:(OIDC)
543:OpenID
534:(NTLM)
441:(XUDA)
435:(SSPI)
429:(SASL)
417:(JAAS)
93:
86:
79:
72:
64:
586:(SRP)
562:(PAP)
538:OAuth
513:(HIP)
507:(EAP)
491:(CAS)
467:(AKA)
423:(PAM)
235:3GPP2
214:R-UIM
195:SHA-1
98:JSTOR
84:books
460:ACF2
390:APIs
262:UICC
70:news
225:IMS
134:AKA
53:by
640::
324:.
276:.
274:5G
181:MS
160:.
142:3G
373:e
366:t
359:v
330:.
197:)
132:(
120:)
114:(
109:)
105:(
95:·
88:·
81:·
74:·
47:.
20:)
Text is available under the Creative Commons Attribution-ShareAlike License. Additional terms may apply.