Security gaps in the 5G standard

A good two-thirds of the world's population, or around five billion people, use smartphones or other mobile devices every day. They connect to the mobile network via their SIM card and make calls, send text messages, exchange pictures, or make payments and purchases. For mobile operators, this is a billion-dollar business. But not only for them: Time and again, criminals manage to illegally access the communication between the device and the network and intercept conversations or steal data.

The fifth and latest generation of mobile communications promises users significantly more security than before. In order to be able to guarantee security, key factors must be taken into account: The device and the network used must be able to authenticate themselves, and it must be possible to guarantee the confidentiality of data exchange and the user's privacy in terms of identity and location.

Since the introduction of the 3G standard, this has been done worldwide via a protocol called Authentication and Key Agreement (AKA). The organization responsible for the specifications of this protocol is the 3rd Generation Partnership Project (3GPP), which is also responsible for the specifications of the latest 5G AKA standard.

5G mobile communications standard does not close all gaps

A team of ETH researchers from the group of David Basin, Professor of Information Security, has now taken a closer look at these specifications. Using the security protocol verification tool Tamarin, they have systematically examined the 5G AKA protocol in light of the specified security objectives. Tamarin has been developed and improved over the last eight years in this research group and is one of the most effective tools for analyzing security protocols. To do this, the tool automatically identifies the minimum security assumptions necessary to achieve the security goals set by 3GPP. "It has been shown that the standard is not sufficient to achieve all critical security goals of the 5G AKA protocol," says Senior Scientist and co-author Ralf Sasse. "For example, if the current standards are poorly implemented, it is possible that users could be charged for third-party cellular usage."

Troubleshooting possible before 5G launch

As Basin's team notes, the new protocol will significantly improve data protection compared with 3G and 4G technologies. In addition, the 3GPP has succeeded with the new standards in closing a gap that could previously be exploited with so-called IMSI catchers. These devices can be used to read the International Mobile Subscriber Identity (IMSI) of a mobile communications card and determine the location of a mobile device. To do this, the device poses as a radio station to the cell phone. "This gap will be closed with 5G-AKA. However, we found that the protocol allows other types of so-called traceability attacks," said Senior Scientist and co-author Lucca Hirschi, describing the results of the research. In these attacks, the mobile device no longer sends the user's complete identity to the tracking device, but it still indicates his presence in the immediate vicinity. "We anticipate that more sophisticated tracking devices may also become dangerous to 5G users in the future," Hirschi adds. If the new mobile technology is introduced with these specifications, it could result in extensive cyberattacks. Basin's team is therefore in contact with 3GPP to jointly implement improvements to the 5G AKA protocol.

Literature review: David Basin, Jannik Dreier, Lucca Hirschi, Saša Radomirović, Ralf Sasse, and Vincent Stettler. "Formal Analysis of 5G Authentication." ACM Conference on Computer and Communications Security (CCS), Toronto Canada, 2018. arXiv preprint arXiv:1806.10360 (2018)