Abstract:With the development of the Internet, we usher in the 5th Generation of mobile communication technology (5G). The 5G Authentication and Key Agreement (5G-AKA) protocol is proposed mainly to achieve two-way authentication between users and service networks. However, recent research suggests that it may be subject to information deciphering and message replay attacks. At the same time, we found that some variants of the current 5G-AKA cannot satisfy the unlinkability. Therefore, in response to the above-mentioned shortcomings, we propose an improvement plan called SM-AKA. SM-AKA is designed two parallel sub-protocols in a novel way. Through clever mode switching, lighter sub-protocols (GUTI submodule) are frequently adopted, and the other sub-protocol (SUPI submodule) is to deal with abnormalities caused by authentication. According to this mechanism, it not only realizes the efficient authentication, but also improves the stability of protocol. The freshness of variables has also been effectively maintained, which can prevent the replay of messages, and strict encryption and decryption methods have further improved the security of the protocol. Finally, we carry out a complete evaluation of SM-AKA. Through formal modeling, attack assumptions and Tamarin derivation, we prove that the scheme can achieve the authentication and privacy goals, and the theoretical analysis part also shows the correctness of the protocol design.