5G and other stories:evolving security in an evolving world
Steve Babbage20 June 2019
C1 Public
Evolution #1
2
C1 Public3 20 June 2019
First generation analog phones
C1 Public
GSM: cryptography in mass market telecoms
20 June 20194
• Cryptographic authentication of the subscriber• Encryption of calls / texts on the radio linkBut …
A5/1, A5/2 (initially)64-bit key
One-way authentication
Homenetwork
Visitednetwork
Weak “example” algorithmCOMP-128
C1 Public
Evolution of security
5
1G 2G 3G
Tune in and listen64-bit cipher key Increased to 128 bits
Initial encryption algorithms (stronger ones now widely deployed)
Full strength public algorithms
Record and cloneOne-way authentication Mutual authentication,
tamper-proof signallingAuthentication and key agreement algorithms
Much better example algorithm
C1 Public6 20 June 2019
What’s left for attackers?
X
C1 Public7 20 June 2019
5G versus tracking
IMSI catcher (Stingray)
IMSI sniffer
C1 Public8 20 June 2019
The changing endpoint
C1 Public9 20 June 2019
User plane integrity protection
Control plane (signalling)
User plane (content)
Encrypt
EncryptIntegrity protect
C1 Public10 20 June 2019
User plane integrity protection
Control plane (signalling)
User plane (content)
Encrypt
EncryptIntegrity protect
Control plane (signalling)
User plane (content)
Rupprecht et al, https://alter-attack.net/
Integrity protect
C1 Public11 20 June 2019
Quantum
C1 Public12 20 June 2019
Latency
Mobile network Internet
Mobile network “Cloud” applications hosted on mobile operator sites
- more exposed sites?
Network info or capabilities exposed to applications
5G radio latency
C1 Public13 20 June 2019
The SIM
• A miniature “hardware security module”
• Well made SIMs, with strong algorithms, remain highly resistant to attack
C1 Public14 20 June 2019
Massive IoT
Image from ETSI slides by Dr Klaus Vedder, G&D
C1 Public15 20 June 2019
Interconnect
A
C
D
B
E
A
C
D
B
E
Visited network core Home network core
SEPP SEPP
Service Based Architecture rather than point to point
interfaces
C1 Public16 20 June 2019
Virtualisation
Image credit: Vijay Sharma (Techplayon)
C1 Public
5G security hits the headlines
Questions?
18 20 June 2019