5G shares many similarities with 4G, but significant differences make improvements to enhance user experience, network efficiency, user privacy, and security. Let's look at six ways that 5G security improves 4G-LTE security.
1. User Identity Privacy – or How the IMSI Became the SUCI
If you are in public, like a busy mall, and need your child's attention, you don't have much choice but to loudly call out their name, revealing it publicly unless you have agreed on an alias beforehand! Like the example, a wireless network faces the same privacy concern when trying to page a device for a call setup or when identifying itself to the network for service setup. The solution to this problem is also to use an alias like the example suggests. In 4G and 5G, the network assigns a temporary identity called the Globally Unique Temporary ID (GUTI), part of which is used for paging.
However, the question remains about how the device identified itself before the alias was assigned to it by the network! Also, there are other times when the device cannot use the temporary ID, like when it changes the paging area (where the old temporary ID is unknown) or when the network has purged the GUTI because the device shuts off for an extended period. In all these cases, the device must identify itself with its true Subscriber Permanent Identity (SUPI), which in 4G is the IMSI (International Mobile Station Identity). It's important to note that during the initial signaling phase, the device cannot encrypt the SUPI/IMSI because the network needs information about the real identity of the subscriber to start the communication encryption. It's a classic chicken and egg problem!
The notorious 'IMSI-catchers,' a device that "sniffs" the IMSIs sent over the air revealing a subscriber's true identity and location, is often exploited as a security weakness in 4G. In its most sophisticated form, the IMSI catcher is a rogue base-station with fake network functionality that fools nearby devices into believing they are attempting to get on a real network. So, you can imagine what can happen next. The device and its owner are now at the attacker's mercy, and they can intercept and read all traffic as clear text.
5G solves the subscriber privacy problem during the device's initial contact with the network or when the temporary identity is not useable. In 5G, the device never sends its true identity (SUPI/IMSI) over the air. Instead, a 5G device sends a partially concealed version of the true identity over the air, called the Subscriber Concealed Identity (SUCI), which is de-concealed by the 5G core network. The concealment of the SUPI in 5G relies on public key cryptography. The UE generates a SUCI from its permanent identity using the home network's provisioned public key. Upon receiving the SUCI, the Subscriber Identity De-concealment Function (SDIF) applies the home network's private key to extract the SUPI, generating a key for the network. Since the SIDF resides in the home network, note the visited network doesn't reveal the SUPI, preserving the user's identity even during roaming scenarios!
2. User Plane Integrity Check - or Doubling Security for User Data
Tampering data by an unauthorized actor is considered a severe security breach; even though the data may remain ciphered, the altered information can open the door for other attacks. The primary security mechanism for combating this "man-in-the-middle" attack is an Integrity Check, where each message is tagged with a Message Authentication Code verifying the origin and authenticity of the message to make it tamperproof. In 4G, signaling uses an Integrity Check for messages occurring over the air and between a device and core network, known together as the Control Plane (CP). In 5G, an additional Integrity Check on the User Plane (UP) happens between the device and the Radio Access Network (RAN).
At first, this may seem redundant as many applications, such as your mobile banking app, have robust security mechanisms like IPsec and dual-factor authentication. However, the problem is that these measures do not guarantee the messages between the device and the app on the UP aren't intercepted and modified over the air.
The Integrity Algorithm on the User Plane ensures unaltered messages between the device, the radio network, and the original sender. This extra level of protection on the User Plane is also critical for applications the operator uses, like an IP Multimedia System (IMS), which supports telephony services. Interestingly, the signaling your phone does for establishing a voice call goes on the network's UP, similar to the HTTP commands your browser sends to a server to fetch and display a webpage. Unfortunately, Integrity Check on the User Plane impacts throughput and latency. Also, the standards do not mandate using a UP Integrity Check in all situations, unlike the CP, which always protects integrity. A device and network negotiate the details of the Integrity Check on the UP. The 3GPP does mandate the support of Integrity Algorithms on 5G devices and networks, but not its use.
3. Home Network Authentication During Roaming – or Home Network Subscriber Authentication
When roaming on a Visited Public Land Mobile Network (VPLMN), a device must authenticate the VPLMN and vice versa. A secret Key, let us call it 'K,' derives all other keys and parameters hierarchically. Mutual authentication and integrity and ciphering between the User Equipment (UE) and the network use these secondary keys and parameters. 'K' resides in and never leaves two places, the home network subscriber database, which is the Unified Data Management (UDM) function in 5G, and the Subscriber Identity Module (SIM) card; only derivatives of 'K' leave. The task of authenticating the device in 4G and 5G is in the core network elements MME and AMF, respectively.
However, in legacy 4G operations, when a device is roaming, only the visited network's MME carries out the UE authentication with the keys delivered by the home network because of a good trust relationship between the two networks. In contrast, 5G adopts a Zero-Trust Principle that assumes the trusted roaming partner network is penetrable by rogue actors! Even in a roaming scenario, a 5G network carries out subscriber authentication instead of delegating it to the visited network!
The diagram above shows a Japanese subscriber roaming in Finland. In a 4G roaming scenario, the Finland-visited network uses the device's unencrypted IMSI to determine the visitor's country and home network. The same process is completed securely in 5G using the partially concealed ID, SUCI, which identifies the home network. In step 2, the visited network contacts the home network to retrieve the keys and parameters for mutual authentication. In step 3, the device must prove its identity to the network for authentication by the visited network. At the same time, the device authenticates the visited network based on credentials received in step 3. Step 4 shows a crucial difference between the 4G and 5G networks. 5G takes security one step further in the authentication procedure when the home network receives the UE response from the visited network to authenticate independently of the visited network's authentication. So in roaming scenarios, a 5G home network is involved in the authentication process.
4. Non-SIM-based Credentials – or How 5G Security Goes Beyond the SIM Card
4G and 5G define more than one authentication algorithm. The Authentication and Key Agreement (AKA) algorithm is the standard method for mutual authentication, so 4G-AKA and 5G-AKA with roots originate from authentication algorithms used in 2G GSM! AKA is about two things:
1. An authentication procedure - a cryptographic method to ascertain the identity of the UE (device + SIM card) and the network
2. A key agreement – generating shared symmetric keys between the device and the network for encryption and integrity check
AKA comes in other variations based on the Extensible Authentication Protocol algorithm called EAP-AKA in 4G and 5G. The advantage of EAP is its well-proven authentication framework in many types of wired and wireless networks beyond the telco world. With more robust security than plain AKA, using it as a vendor-specific security mechanism makes it more flexible. EAP-based authentication and key agreement in 4G is only used for non-3GPP access, like when an LTE device connects to the 4G network via a Wi-Fi access point involving a 3GPP-AAA server for authentication. EAP-AKA in 5G is available for 3GPP and non-3GPP access. It can be used for initial access to the 5G network (primary authentication) and device authentication for its user-plane resources to access services outside the operator's domain (secondary authentication).
The differences between 4G and 5G EAP-based authentication are minor. The main novelty concerning EAP authentication in 5G vs. 4G LTE is the ability to use the EAP-Transport Layer Security (EAP-TLS) variant. An important difference is that the SIM card is not essential in the authentication process! The EAP-TLS authentication mechanism does not rely on the secret shared key provisioned security on the SIM but on digital certificates.
EAP-TLS is handy in the case of IoT devices and private networks. Common IoT device constraints are typically low-cost units with processing power, size, energy consumption, memory, and cost limitations. Soon, IoT devices will outnumber all types of handhelds, such as smartphones, and will be deployed in many situations, from sensor networks for managing city traffic to factory automation. Traditional, removable SIM cards are not ideal for IoT devices. Imagine changing the operator-specific SIM cards in thousands of devices! But concerns remain while equipping some of these devices with embedded or integrated SIM modules on their circuit boards with the ability to do over-the-air remote provisioning of the SIM modules. Furthermore, deploying critical and highly sensitive network infrastructures, like IoT device-controlled traffic in smart cities, or medical healthcare applications, requires high security. In these cases, it is essential to go beyond the SIM-based AKA methods described earlier and use EPS-TLS-based protection. A Non-SIM-based authentication method in 5G is an essential addition to 5G security enhancements for IoT devices with elevated requirements on security.
5. Enhanced Network Decision-making on Security – or The Role of Core in 5G Authentication
In 4G networks, the User Plane (UP) security, or ciphering, is activated by the eNodeB in the Radio Access Network (RAN). Because there is no alternative to activating User Plane security, the standards define a 'null' algorithm that implies no ciphering is applied on the User Plane if selected by the serving eNodeB. The null algorithm is another way to indicate that no ciphering occurs on the user data. Interestingly, the null algorithm is defined in 5G too. Remember that 4G doesn't have the option of the Integrity Check on the User Plane, so the 4G RAN doesn't make decisions about applying the Integrity Check on the UP. However, the Control Plane (CP), on which radio control and non-access stratum signaling (NAS: between device and core) happens, is ciphered and integrity protected in 4G and 5G.
In 5G, the network has enhanced decision-making capabilities not used in 4G for UP security. During the data connection between a device and a Data Network (DN), the PDU Session is established. The PDU Session is a link connecting the device from the gNodeB to a User Plane function for transmitting and receiving User Plane data. During the PDU Establishment process, the network decides whether User Plane security needs to apply and, if so, if it requires encryption, integrity, or both. As discussed, this added security feature enhances user communication beyond any application layer security measures that might be in use.
When and where does decision-making about the authentication method occur in 5G? When the UE starts a registration or service request procedure, the device sends an initial NAS message which carries signaling messages to the core network, specifically the Access and Mobility Management Function (AMF). The AMF then triggers the Authentication procedure for 5G but does not decide directly on the authentication method. Next, the AMF sends an authentication request to the Authentication Server Function (AUSF), which forwards the authentication request to the Unified Data Management (UDM). The UDM then decides on the authentication method depending on the subscriber profile.
6. Protection of the Initial Core Signaling Message – or How the NAS Security Improves in 5G
In 4G and 5G, a device might enjoy periods of idle operation, where no dedicated communication between the device and a radio base station occurs. The idle device saves large amounts of battery power. Typically, a serving cell will cause a device to enter idle mode between 5 and 10 seconds of complete inactivity. Once the device wakes up for an incoming call or data, it connects with the cell and sends a Non-Access Stratum (NAS) message to the core network to resume the connection. In 4G, the initial NAS message includes the device's temporary identity (GUTI) but may have more sensitive information. The sensitive information could be a pointer to the key sets in use, where the keys were derived during the initial authentication procedure, the name of the data network the device wants to contact (could be an enterprise network name), and the slice information that the device needs (could also be of a private nature, i.e., a government agency). The unencrypted information is transmitted in a 4G environment from an initial NAS message.
5G solves this problem by partially encrypting sensitive information in the initial NAS message closing another gap in the security holes inherent in 4G.
Summary
To summarize, we looked at six significant enhancements to 5G security in comparison to 4G:
1. 5G uses a concealed version of the Subscriber Permanent ID
2. 5G has optional Integrity Protection on the User Plane
3. 5G core makes decisions about the User Plane Security method used
4. 5G allows non-SIM-based authentication mechanisms
5. 5G allows the home network to authenticate a roaming subscriber
6. 5G allows improved protection of the initial NAS message