Look Before You Leap: Secure Connection Bootstrapping for 5G Networks to Defend Against Fake Base-Stations

The lack of authentication protection for bootstrapping messages broadcast by base-stations makes impossible for devices to differentiate between a legitimate and a fake base-station. This vulnerability has been widely acknowledged, but not yet fixed and thus enables law-enforcement agencies, motivated adversaries and nation-states to carry out attacks against targeted users. Although 5G cellular protocols have been enhanced to prevent some of these attacks, the root vulnerability for fake base-stations still exists. In this paper, we propose an efficient broadcast authentication protocol based on a hierarchical identity-based signature scheme, Schnorr-HIBS, which addresses the root cause of the fake base-station problem with minimal computation and communication overhead. We implement and evaluate our proposed protocol using off-the-shelf software-defined radios and open-source libraries. We also provide a comprehensive quantitative and qualitative comparison between our scheme and other candidate solutions for 5G base-station authentication proposed by 3GPP. Our proposed protocol achieves at least a 6x speedup in terms of end-to-end cryptographic delay and a communication cost reduction of 31% over other 3GPP proposals.

© Singla None. This is the author's version of the work. It is posted here for your personal use. Not for redistribution. The definitive Version of Record was published in '', https://dx.doi.org/10.1145/10.1145/3433210.3453082.

Files

Metadata

Work Title Look Before You Leap: Secure Connection Bootstrapping for 5G Networks to Defend Against Fake Base-Stations
Access
Open Access
Creators
  1. Ankush Singla
  2. Rouzbeh Behnia
  3. Syed Rafiul Hussain
  4. Attila Yavuz
  5. Elisa Bertino
License In Copyright (Rights Reserved)
Work Type Article
Publisher
  1. ACM
Publication Date May 24, 2021
Publisher Identifier (DOI)
  1. 10.1145/3433210.3453082
Source
  1. Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security
Deposited February 23, 2022

Versions

Analytics

Collections

This resource is currently not in any collection.

Work History

Version 1
published

  • Created
  • Added AsiaCCS_2021_5G_Broadcast_Authentication-1.pdf
  • Added Creator Ankush Singla
  • Added Creator Rouzbeh Behnia
  • Added Creator Syed Rafiul Hussain
  • Added Creator Attila Yavuz
  • Added Creator Elisa Bertino
  • Published
  • Updated
  • Updated
  • Updated