Look before You Leap: Secure Connection Bootstrapping for 5G Networks to Defend against Fake Base-Stations

Ankush Singla, Rouzbeh Behnia, Syed Rafiul Hussain, Attila Yavuz, Elisa Bertino

    Research output: Chapter in Book/Report/Conference proceedingConference contribution

    Abstract

    The lack of authentication protection for bootstrapping messages broadcast by base-stations makes impossible for devices to differentiate between a legitimate and a fake base-station. This vulnerability has been widely acknowledged, but not yet fixed and thus enables law-enforcement agencies, motivated adversaries and nation-states to carry out attacks against targeted users. Although 5G cellular protocols have been enhanced to prevent some of these attacks, the root vulnerability for fake base-stations still exists. In this paper, we propose an efficient broadcast authentication protocol based on a hierarchical identity-based signature scheme, Schnorr-HIBS, which addresses the root cause of the fake base-station problem with minimal computation and communication overhead. We implement and evaluate our proposed protocol using off-the-shelf software-defined radios and open-source libraries. We also provide a comprehensive quantitative and qualitative comparison between our scheme and other candidate solutions for 5G base-station authentication proposed by 3GPP. Our proposed protocol achieves at least a 6x speedup in terms of end-to-end cryptographic delay and a communication cost reduction of 31% over other 3GPP proposals.

    Original languageEnglish (US)
    Title of host publicationASIA CCS 2021 - Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security
    PublisherAssociation for Computing Machinery, Inc
    Pages501-515
    Number of pages15
    ISBN (Electronic)9781450382878
    DOIs
    StatePublished - May 24 2021
    Event16th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2021 - Virtual, Online, Hong Kong
    Duration: Jun 7 2021Jun 11 2021

    Publication series

    NameASIA CCS 2021 - Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security

    Conference

    Conference16th ACM Asia Conference on Computer and Communications Security, ASIA CCS 2021
    Country/TerritoryHong Kong
    CityVirtual, Online
    Period6/7/216/11/21

    All Science Journal Classification (ASJC) codes

    • Computer Networks and Communications
    • Computer Science Applications
    • Information Systems
    • Software

    Fingerprint

    Dive into the research topics of 'Look before You Leap: Secure Connection Bootstrapping for 5G Networks to Defend against Fake Base-Stations'. Together they form a unique fingerprint.

    Cite this