Paper 2025/2276

E2E-AKMA: An End-to-End Secure and Privacy-Enhancing AKMA Protocol Against the Anchor Function Compromise

Yueming Li, Institute of Software, Chinese Academy of Sciences, Beijing, China, University of Chinese Academy of Sciences
Long Chen, Institute of Software, Chinese Academy of Sciences, Beijing, China
Qianwen Gao, Institute of Software, Chinese Academy of Sciences, Beijing, China, University of Chinese Academy of Sciences
Zhenfeng Zhang, Institute of Software, Chinese Academy of Sciences, Beijing, China
Abstract

The Authentication and Key Management for Applications (AKMA) system represents a recently developed protocol established by 3GPP, which is anticipated to become a pivotal component of the 5G standards. AKMA enables application service providers to delegate user authentication processes to mobile network operators, thereby eliminating the need for these providers to store and manage authentication-related data themselves. This delegation enhances the efficiency of authentication procedures but simultaneously introduces certain security and privacy challenges that warrant thorough analysis and mitigation. The 5G AKMA service is facilitated by the AKMA Anchor Function (AAnF), which may operate outside the boundaries of the 5G core network. A compromise of the AAnF could potentially allow malicious actors to exploit vulnerabilities, enabling them to monitor user login activities or gain unauthorized access to sensitive communication content. Furthermore, the exposure of the Subscription Permanent Identifier (SUPI) to external Application Functions poses substantial privacy risks, as the SUPI could be utilized to correlate a user's real-world identity with their online activities, thereby undermining user privacy. To mitigate these vulnerabilities, we propose a novel protocol named E2E-AKMA, which facilitates the establishment of a session key between the User Equipment (UE) and the Application Function (AF) with end-to-end security, even in scenarios where the AAnF has been compromised. Furthermore, the protocol ensures that no entity, aside from the 5G core network, can link account activities to the user's actual identity. This architecture preserves the advantages of the existing AKMA scheme, such as eliminating the need for complex dynamic secret data management and avoiding reliance on specialized hardware (apart from standard SIM cards). Experimental evaluations reveal that the E2E-AKMA framework incurs an overhead of approximately 9.4\% in comparison to the original 5G AKMA scheme, which indicates its potential efficiency and practicality for deployment.

Metadata
Available format(s)
PDF
Category
Applications
Publication info
Preprint.
Contact author(s)
yueming2021 @ iscas ac cn
chenlong @ iscas ac cn
qianwen2021 @ iscas ac cn
zhenfeng @ iscas ac cn
History
2025-12-19: approved
2025-12-18: received
See all versions
Short URL
https://ia.cr/2025/2276
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2025/2276,
      author = {Yueming Li and Long Chen and Qianwen Gao and Zhenfeng Zhang},
      title = {{E2E}-{AKMA}: An End-to-End Secure and Privacy-Enhancing {AKMA} Protocol Against the Anchor Function Compromise},
      howpublished = {Cryptology {ePrint} Archive, Paper 2025/2276},
      year = {2025},
      url = {https://eprint.iacr.org/2025/2276}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.