On the Efficacy of New Privacy Attacks against 5G AKA

The AKA protocol is the primary mechanism in mobile telephony for establishment of a secure channel between mobile subscribers and their service providers. In addition to the requisite security guarantees, provisioning subscription privacy is an essential requirement for AKA. A recent paper by Borgaonkar et al. has uncovered a new vulnerability in one of the associated mechanisms of the AKA protocol. Based upon this vulnerability, Borgaonkar et al. have presented two privacy attacks; namely, activity monitoring attack and location confidentiality attack. In this paper, we analyze these attacks for their effectiveness, practicability and potency against 5G. Our analysis reveal that the activity monitoring attack is not as effective against 5G as it is against the previous generations (3G/4G). The analysis also bring to light the fact that the location confidentiality attack is a direct extension of an existing privacy vulnerability that affects all generations (including 5G) of mobile telephony in a much severe manner. In this paper we also establish that any countermeasure introduced to fix this existing vulnerability will also render these two new attacks ineffective.