A USIM compatible 5G AKA protocol with perfect forward secrecy

In this paper, we present constructions for 3GPP Authentication and Key Agreement (AKA) that provides Perfect Forward Secrecy for the session key. Further, the constructs prevents an attacker, with access to the long-term pre-shared key, from simply eavesdropping the challenge RAND in the AKA run, and use the RAND and long-term pre-shared key to derive the session key. We focus on making it possible to re-use large portions of the current structure of 3GPP interfaces and functions, with the rationale that this will make the constructions more likely to be adopted by the industry. In particular, the constructions maintain the interface between the Universal Subscriber Identification Module (USIM) and the mobile terminal intact. As a consequence, there is no need to roll out new credentials to existing subscribers.