Semester

Fall

Date of Graduation

2025

Document Type

Thesis

Degree Type

MS

College

Statler College of Engineering and Mineral Resources

Department

Lane Department of Computer Science and Electrical Engineering

Committee Chair

Matthew Valenti

Committee Member

Thomas Devine

Committee Member

David Krovich

Abstract

The fifth generation (5G) of mobile networks introduced groundbreaking improvements in connectivity, latency, and reliability. As 5G continues to expand across commercial and de- fense sectors, ensuring the privacy and integrity of its authentication mechanisms remains paramount. The foundation of 5G security lies in the Authentication and Key Agreement (AKA) protocol, which enhances user identity protection and establishes mutual authenti- cation between the user equipment (UE) and the network. Despite these advances, several weaknesses persist, including replay-based desynchronization, linkability, and correlation at- tacks under realistic adversary models. This thesis provides a unified analysis of these vulnerabilities and introduces a lightweight mitigation designed to strengthen the AKA protocol. Its core contribution is a reciprocal chal- lenge, in which the UE generates a cryptographic nonce and embeds it into the authentication exchange to provide explicit, verifiable freshness. While industrial prior art has explored UE- initiated challenges, these solutions retain the 5G sequence-number (SQN) mechanism and do not address the privacy leakage produced by mac-failure and synch-failure signal- ing. In contrast, the enhancement proposed in this thesis replaces SQN-based freshness entirely, removes AUTS-driven behavioral linkability, and collapses failure causes into a uni- form rejection. The result is stronger mutual authentication and improved protection against replay and tracking attacks, achieved with minimal computational and signaling overhead and without altering existing trust boundaries. Building upon these findings, the thesis transitions to sixth-generation (6G) security considerations, which are expected to demand heightened robustness due to exponentially greater device density, ultra-reliable low-latency communication (URLLC), and widespread non-terrestrial network (NTN) deployments. Potential backward compatibility between 6G and legacy 5G procedures is examined to identify vulnerabilities in access, handover, and integrity protection that may carry forward if unaddressed. This work concludes by outlining a set of security recommendations and design principles for 6G authentication and mobility management. The overarching goal is to establish a more resilient, privacy-preserving framework that bridges the security gaps identified in 5G and anticipates emerging threats in next-generation networks. Together, these insights provide a roadmap for securing 5G and beyond.

Download

Share

COinS