5G standard still has security gaps

Many mobile phone users around the world are anxiously awaiting the implementation of 5G. A good two-thirds of the world's population, or around five billion people, use smartphones or other mobile devices every day. They use their SIM cards to connect to the mobile network and make calls, send text messages, share pictures, or make payments and purchases. It's not always the best connection. For mobile operators, this is a billion-dollar business. But not only for them:

Time and again, criminals manage to illegally access the communication between the device and the network and intercept conversations or steal data.

Better security?

The fifth and latest mobile phone generation promises users significantly more security than before. In order to be able to guarantee security, central factors must be taken into account: The device and the network used must be able to authenticate themselves and the confidentiality of the data exchange as well as the privacy of the user in terms of identity and location must be able to be guaranteed.

Since the introduction of the 3G standard, this has been done worldwide via a protocol called Authentication and Key Agreement (AKA). The organisation responsible for the specifications of this protocol is the 3rd Generation Partnership Project (3GPP), which is also responsible for the specifications of the latest 5G AKA standard.

5G mobile standard does not close all gaps

A team of ETH researchers from the group of David Basin, Professor of Information Security, has now taken a closer look at these specifications. Using the security protocol verification tool Tamarin, they have systematically examined the 5G AKA protocol, taking into account the specified security objectives. Tamarin has been developed and improved over the last eight years in this research group and is one of the most effective tools for security protocol analysis.

To do this, the tool automatically identifies the minimum security assumptions necessary to achieve the security goals set by 3GPP. "It has been shown that the standard is not sufficient to achieve all critical security goals of the 5G AKA protocol," says Senior Scientist and co-author Ralf Sasse. "For example, if the current standards are poorly implemented, it is possible that users could be charged for third-party mobile usage."

Troubleshooting possible before 5G launch

As Basin's team notes, the new protocol will significantly improve data protection compared to 3G and 4G technologies. In addition, with the new standards, the 3GPP has succeeded in closing a gap that could previously be exploited with so-called IMSI catchers. These devices can be used to read the International Mobile Subscriber Identity (IMSI) of a mobile phone card and determine the location of a mobile device. To do this, the device pretends to be a radio station to the mobile phone.

"This gap is closed with 5G-AKA. However, we found that the protocol allows other types of so-called traceability attacks," says senior scientist and co-author Lucca Hirschi, describing the results of the study. In these attacks, the mobile device no longer sends the user's complete identity to the tracking device, but still indicates his presence in the immediate vicinity.

"We expect that more elaborate tracking devices may also become dangerous for 5G users in the future," Hirschi adds. If the new mobile technology is introduced with these specifications, it could result in extensive cyberattacks. The Basin team is therefore in contact with 3GPP to jointly implement improvements to the 5G AKA protocol.

References: David Basin, Jannik Dreier, Lucca Hirschi, Saša Radomirović, Ralf Sasse, and Vincent Stettler. "Formal Analysis of 5G Authentication." ACM Conference on Computer and Communications Security (CCS), Toronto Canada, 2018. arXiv preprint arXiv:1806.10360 (2018)