We’re excited to share insights from ENSURE-6G’s 3rd event, “Advanced Wireless Network Security and Privacy,” featuring a compelling talk by Professor An Braeken from Vrije Universiteit Brussel on “The basic mechanisms of security in 5G/6G.” This presentation offered a comprehensive look at the evolution of mobile network security and the critical challenges and mechanisms shaping 5G and the upcoming 6G era.
A Journey Through Mobile Network Security
Professor Braeken began by tracing the historical evolution of security in mobile networks:
- 1G: Started with virtually no security measures, an analog system.
- 2G (GSM): Introduced digital communication and basic security priorities like anonymity and authentication. However, it faced challenges such as unilateral authentication, weak encryption, and trackable pseudonyms.
- 3G: Saw the introduction of the formal Authentication and Key Agreement (AKA) protocol, though issues with weak encryption and SIM card cloning persisted.
- 4G (LTE): Further refined the AKA protocol and introduced interoperability with non-3GPP technologies. Despite these advancements, vulnerabilities to denial-of-service attacks and some AKA protocol weaknesses remained.
The Landscape of 5G Security
The talk highlighted that 5G brings drastic improvements in data rate, bandwidth, and latency through innovations like new spectrum usage, advanced antenna technologies, and a flexible, distributed architecture [18:37]. A significant shift in 5G is its software-defined core architecture, leveraging virtualization (NFV), service migration, orchestration, and network automation (network slicing, MEC) [22:40].
However, this softwareization introduces new security complexities:
- Persistent Pre-5G Issues: Existing threats like mobile malware, physical layer attacks, roaming frauds, and attacks via non-3GPP networks continue to be relevant [27:33].
- 5G AKA Protocol Vulnerabilities: The protocol lacks perfect forward secrecy and is susceptible to quantum computing attacks due to its reliance on elliptic curve cryptography for identity protection [31:18].
- Software-Defined Networking (SDN) Threats: The centralized controller presents a single point of failure, and interfaces are vulnerable [33:59].
- Network Function Virtualization (NFV) Threats: Attacks can target the management and orchestration (MANO) entity, virtual network functions, and hypervisors [35:55].
- Multi-Access Edge Computing (MEC) Threats: Vulnerabilities span user equipment, communication channels, edge network components, and the core network [38:50].
- Network Slicing Threats: Risks include side-channel attacks across slices, impersonation, denial of service, and information theft [41:33].
To counter these threats, Professor Braeken emphasized the need for strong authentication and authorization, secure communication, isolation, regular updates, and comprehensive security monitoring [42:45].
The Road Ahead: Security in 6G
Looking forward, 6G is anticipated to heavily rely on Artificial Intelligence (AI) and Machine Learning (ML) for enhanced security management and automation [52:45]. Post-quantum cryptography will be crucial to address vulnerabilities in current cryptographic standards [53:09]. Emerging technologies such as distributed ledger technology (blockchain) and trusted execution environments (TEEs) are also expected to play significant roles [54:47].
The key takeaway from the presentation is that while 5G’s softwareization offers immense advantages, it also expands the attack surface. Securing every component is paramount, as the overall security is only as strong as its weakest link.
You can watch the full recorded talk here: The basic mechanisms of security in 5G/6G
