5G Release 17: Overview of RAN security features - Ericsson

Because the vigor entree web (RAN) is the introduction constituent to the telecom network, its information is particularly important. 3GPP – wherever 5G is standardized – gives owed value to RAN information successful each release, and deservedly so.

In our earlier blog post, we gave an overview of RAN information successful 3GPP Release 16. Fast guardant to contiguous wherever 3GPP Release 17 enactment is present complete.

Below, we volition archetypal springiness a high-level overview of the latest and greatest, followed by a method deep-dive. Let’s begin.

Overview of the caller features

There are 4 topics successful Release 17 that are mostly related to RAN security. Some of these topics were inherited oregon enhanced from 4G security, e.g., information of 5G Proximity Services. Also precise absorbing is the reverse - that 4G backported a information diagnostic from 5G, the idiosyncratic level integrity protection.

Figure 1: Key RAN information standardization topics successful Release 17

1. User level integrity protection. User level refers to the benignant of messages that transportation information postulation similar Internet browsing and video streaming. Integrity extortion is simply a information diagnostic that allows a basal presumption and a mobile telephone to find that the received messages were not tampered with by an attacker. User level integrity extortion was already introduced to 5G arsenic portion of Release 15, for alleged Option 2, oregon Stand-alone). The caller summation successful Release 17 is the backporting of this diagnostic to the deployment options with 4G halfway implicit LTE and NR radios (so-called Options 1 and 3). If the basal stations enactment this feature, CSPs tin determine whether to activate it.
2. Security of 5G Proximity based services. Generally, the postulation from/to mobile phones are routed via the network. On the different hand, Proximity based services is simply a diagnostic that enables mobile phones to straight pass with each different erstwhile successful adjacent vicinity. You tin see it arsenic a signifier of device-to-device communication. In addition, it besides allows a mobile telephone to enactment arsenic a relay betwixt the web and different mobile telephone which is retired of coverage. In Release 17, this diagnostic was standardized for 5G New Radio (NR). Simultaneously, the indispensable information mechanisms were besides standardized, including securing the mechanics by which a mobile telephone discovers different mobile phone, and protecting the existent connection betwixt the mobile phones aft the discovery.
3. Security for Industrial IoT. The 5G strategy is suitable not lone for mobile broadband, but besides for caller usage cases including Industry 4.0. For the latter, deterministic connection – the close packet astatine close clip – is particularly important and since Release 16, the 5G strategy supports the enabling exertion called clip delicate networking (TSN). In Release 17, the 5G System expands this enactment for clip synchronization and clip delicate communications (TSC) for applications, on with the corresponding information mechanisms including unafraid interfaces, authentication and authorization.   
4. Security against mendacious basal stations. One of the main onslaught vectors successful a vigor entree web is simply a mendacious basal station, which are vigor devices impersonating genuine basal stations and precise often engaging successful immoderate wrongdoing. Several topics were studied successful Release 17 to mitigate privateness and information problems caused by these mendacious basal stations. The topics included, among others, extortion of broadcast and unicast messages. While nary projected solutions from the survey were concluded, a caller extortion mechanics for mobile phone’s capabilities was straight expedited into standards extracurricular of the study.

Let's get a small much technical

Now, instrumentality a heavy enactment and clasp tight. We are diving into the method details.

1. User level integrity extortion (UPIP) with 4G core

UPIP was already introduced successful Release 15 for 5G NR with 5G core (so-called Option 2), with a flexibility of reduced information rate. Later successful Release 16, the reduced information complaint was removed and the enactment for afloat information complaint UPIP was mandated.

So, what was near to bash successful Release 17?

Well, it was 1 of those uncommon cases wherever enhancements successful 5G were backported to 4G. Among different conclusions from the UPIP survey (3GPP TR 33.853), we volition lone sermon the aspects pertaining to the instauration of UPIP with 4G halfway implicit LTE vigor (so-called Option 1), and implicit NR vigor successful dual connectivity with LTE vigor (so-called EN-DC oregon Option 3).

Figure 2: UPIP successful Option 1, 2, and 3

It is the web that yet decides whether UPIP is activated. To marque this decision, the web takes 2 points into consideration: (a) the UE’s capableness and (b) the network’s policy. Let’s further sermon these 2 points.

1.1 UE's UPIP capability

The web needs to cognize the UE’s capabilities successful bid to find if the UE supports activation of UPIP. For this, the UE includes a caller denotation called EPS-UPIP supported successful Attach Request and Tracking Area Update messages to the Mobility Management Entity (MME), arsenic shown successful Figure 3. The MME past provides the denotation to the LTE eNB.

Figure 3: Indication of UE’s UPIP capability

Under the hood, the caller denotation is signaled arsenic the archetypal spot of the 4th octet (octet 4, spot 1) successful the accusation constituent called UE web capability. This octet 4, spot 1 was primitively called EPS integrity algorithm #7 (EIA7) and was intended to bespeak UE’s enactment for a caller integrity algorithm successful future. 3GPP’s determination to repurpose the EIA7 spot to bespeak EPS-UPIP is motivated by the information that this spot is transparently forwarded betwixt web nodes without requiring immoderate upgrade of the progressive web nodes and interfaces.

1.2 Network’s UPIP policy

The penchant oregon request of the web pertaining to the activation of UPIP is contained successful the UPIP policy. The argumentation tin instrumentality 1 of the pursuing values:

• Required. It is mandatory for the RAN (eNB successful Option 1 and gNB successful Option 3) to activate UPIP. If the RAN cannot activate UPIP, it indispensable not found DRBs.
• Preferred. It is recommended (but optional) for the RAN to activate UPIP. If the RAN cannot activate UPIP, it is inactive allowed to found DRBs.
• Not needed. It is forbidden for the RAN to activate UPIP.

This UPIP argumentation traverses successful the web arsenic shown successful Figure 4. It tin beryllium configured successful a relation that supports 4G-5G interworking called SMF+PGW-C (Session Management Function + PDN Gateway Control level function). The SMF+PGW-C tin besides retrieve the UPIP argumentation from the combined HSS+UDM (Home Subscriber Server/Unified Data Management), successful which lawsuit the argumentation from HSS+UDM takes precedence implicit locally configured argumentation astatine the SMF+PGW-C.

Figure 4: User level integrity argumentation traversal with 4G core

Further, the SMF+PGW-C sends the argumentation to an upgraded MME via an upgraded Serving Gateway (SGW). The argumentation is past communicated to the LTE eNB astatine the constitution of a Packet Data Network (PDN) connection, the argumentation being applicable to each Data Radio Bearers (DRBs) established for that PDN connection. The LTE eNB tin besides beryllium pre-configured with a section UPIP argumentation that the LTE eNB uses if it does not person immoderate UPIP argumentation from the MME.

Note that the section UPIP argumentation astatine the LTE eNB was specified truthful that the web operators tin take to utilize the UPIP diagnostic successful the areas wherever lone the RAN has been upgraded, but not the 4G halfway network.

In lawsuit of Option 3, if the UE supports activating the UPIP, the LTE eNB (which acts the main node) provides the UPIP argumentation to the NR gNB (which acts arsenic the secondary node). If the UE lacks the UPIP support, the LTE eNB skips providing the argumentation to the NR gNB successful which lawsuit the NR gNB does not activate UPIP with the UE.

2. Security of 5G Proximity based Services (ProSe)

Security and privateness aspects of ProSe successful 5G were specified successful Release-17 successful 3GPP TS 33.503, which is mostly adopted from information of ProSe successful earlier generations. In the below, we sermon immoderate main points.

Figure 5: Some components and interfaces for information of 5G ProSe

As shown successful Figure 5, UE A, B, and C are 5G ProSe-enabled UEs that enactment 5G ProSe requirements and associated procedures. The nonstop sidelink vigor interface betwixt UEs is named PC5. UE A and B link to 5G Core (5GC) via gNB utilizing the 3GPP aerial interface called Uu. UE C which is retired of the web sum takes the relation of a distant UE and tin inactive get transportation via different UE successful its vicinity (say UE B) which takes the relation of a relay UE.

The argumentation power relation (PCF) supports unified argumentation model to govern connection behaviour and successful the discourse of ProSe, it provisions the UEs (e.g., UE A, B and C successful Figure 5 above) with indispensable policies and parameters to usage 5G ProSe services. 5G nonstop find sanction absorption relation (DDNMF) handles web actions required for nonstop find (see below) and interacts with UEs via the interface called PC3a. 5G ProSe cardinal absorption relation (PKMF) interacts with UEs utilizing the PC8 interface and handles web actions required for the cardinal absorption and the information worldly for enabling remote/relay UE find and communication. The PC8 and PC3a trust connected the 5GC idiosyncratic level for transport, i.e., implicit IP.

On a high-level, determination are 3 main information features successful 5G ProSe, each of which is discussed successful further item below:

• direct find security,
• direct connection security, and
• relay connection security.

2.1 Direct find security

5G ProSe nonstop find is simply a process utilized by a 5G ProSe-enabled UE for discovering different 5G ProSe-enabled UEs successful its vicinity based connected nonstop vigor transmissions implicit the PC5 interface. It could beryllium of benignant unfastened oregon restricted, information aspects, including:

• Open discovery: The ProSe codes successful the find messages implicit PC5 are integrity protected. However, they are not encrypted since unfastened find is not restricted for definite UEs. Validation of the integrity extortion is performed by 5G

• Restricted discovery: This benignant of find lone takes spot with explicit support from a 5G ProSe-enabled UE being discovered. To sphere the UE's privacy, the find messages enactment confidentiality extortion truthful that ProSe codes are not seen successful the wide by unauthorized parties. Further, integrity checking whitethorn beryllium performed either by the 5G DDNMF oregon the receiving UE. The find of relay UE is besides based connected restricted find with immoderate variations.

2.2 Direct connection security

5G ProSe nonstop connection occurs betwixt 2 oregon much 5G ProSe-enabled UEs that are successful nonstop connection scope utilizing PC5.

The PC5 connection supports confidentiality protection, integrity extortion and anti-replay protection.

The PCF oregon the 5GDNNMF whitethorn proviso PC5 information policies to the UEs. If a UE receives PC5 information policies from 5G DDNMF, the UE volition usage them alternatively of those provisioned by PCF oregon pre-configured successful UE.

Security keys for nonstop connection are derived based connected semipermanent keys, akin to the information of eV2X (advanced Vehicle-to-Everything) arsenic specified successful 3GPP TS 33.536.

2.3 Relay connection security

5G ProSe relay connection enables indirect connection betwixt the 5G web and distant UEs (that are retired of sum of the network) via a relay UE. The relay UE is officially called UE-to-network relay.

The distant and the relay UE pass utilizing the PC5 interface and, arsenic for nonstop communication, confidentiality protection, integrity extortion and anti-replay extortion are supported. The 5G PKMF whitethorn proviso PC5 information policies to distant and relay UEs.

For establishing information keys, the distant UE archetypal provides its encrypted semipermanent identifier (called the subscription concealed identifier, SUCI) oregon a PRUK ID (if 1 is available) to the relay UE. Thereafter, 2 solutions are specified (partially illustrated successful Figure 6):

• User level solution. In this solution, the 5G PKMF of the distant UE is liable for providing a UE circumstantial information cardinal called Prose distant idiosyncratic cardinal (PRUK) and the cardinal identifier called PRUK ID to the distant UE. If the distant UE indicates PRUK ID, the relay UE (via its 5G PKMF) gets a caller caller cardinal named K_NRP which is generated from the PRUK (identified by the PRUK ID) from the 5G PKMF of the distant UE. Alternatively, if the distant UE bespeak SUCI, the information mechanics called generic bootstrapping architecture (GBA) Push is triggered (for this blogpost, we won’t spell into the details of this).
• Control level solution. In this solution, if the distant UE provides PRUK ID, its authentication server relation / Prose anchor relation is liable for providing a caller caller cardinal named K_NRP which is generated from the PRUK (identified by the PRUK ID) (for simplicity, we won’t spell into item connected this topic). In lawsuit the distant UE provides SUCI, an EAP-AKA’ based communal authentication is triggered betwixt the distant UE and its location network. The PRUK is past generated, and a information cardinal derived from the PRUK is provided to the relay UE. Note that this communal authentication (which is called “5G ProSe distant UE circumstantial authentication”) is decoupled from, and does not affect, the superior authentication model successful 5G.

Figure 6: User level and power level solution for information cardinal constitution successful lawsuit of relay (for simplicity, lone PRUK ID for idiosyncratic level and SUCI for power level are illustrated).

3. Security for Industrial IoT

Industrial IoT is simply a larger topic. The scope of our existent treatment is the information aspects of TSC studied successful 3GPP TR 33.851. The TSC diagnostic was archetypal introduced successful 5G successful Release 16, with further enhancements successful Release 17.

The 5G strategy tin enactment TSC by integrating transparently arsenic a logical span successful an IEEE 802.1 TSN web arsenic shown successful Figure 7.

Figure 7: 5G strategy supporting clip delicate communication

Being a logical span means that the 5G strategy circumstantial procedures (including RAN and CN) are transparent to the TSN system. This transparency is achieved acknowledgment to the TSN translator (TT) functionality that consists of device-side TT (DS-TT) and network-side TT (NW-TT).

Time synchronization messages sent betwixt the DS-TT/UE and the NW-TT/UPF are protected (re-)using the unafraid interfaces Uu betwixt the UE and the RAN, and N3 betwixt the RAN and the idiosyncratic level relation (UPF). Note that successful this case, it is mandatory for the idiosyncratic level postulation connected the Uu vigor interface to beryllium some encrypted and integrity protected. In Release 16, lone the downlink clip synchronization was addressed, with the expansive maestro (GM) timepiece ever being connected the NW-TT/UPF side. In Release 17, the uplink clip synchronization was besides addressed.

Another facet addressed successful Release 17 is the unafraid enactment betwixt the 5G strategy and TSN exertion relation (AF). The TSN AF is simply a web relation that knows deterministic exertion requirements and requests TSC services from the 5G strategy via web vulnerability relation (NEF). Security of the interface betwixt NEF and TSN AF (re-)uses TLS-based communal authentication and OAuth-based authorization.

4. Further information enhancements against mendacious basal stations

In 1 of our erstwhile blogs, we checked if the conflict against mendacious basal stations was over. We reviewed that 5G signifier 1 (Release 15) already came with assorted inherited information features (like communal authentication betwixt UEs and the network, and integrity protected signaling) and galore caller privateness and information features (like concealment of imperishable identifier (SUPI/SUCI) and integrity extortion of idiosyncratic level traffic). We further discussed that 3GPP, similar a bully warrior, did not enactment its defender down and continued to analyse what could inactive beryllium enhanced implicit Release 15. For 5G signifier 2 (Release 16), 3GPP had initiated a caller survey (3GPP TR 33.809) to proactively analyse the taxable of mendacious basal stations adjacent further.

In the below, we volition summarize the state-of-affairs successful the survey by the extremity of Release 17.

Figure 8: State-of-affairs successful 3GPP TR 33.809 by the extremity of Release 17

Let’s begin.

a) Broadcast protection. This is the hottest and astir heavy debated taxable successful the study. It concerns the downlink broadcast messages, called strategy accusation (SI). By design, SI messages are meant for each UEs (including those which person conscionable powered connected for the archetypal clip ever) and truthful deficiency immoderate information discourse for protection. This means that an attacker tin make its ain SI messages oregon tamper with the genuine ones. There are galore proposals connected however to hole the problem. Most of them are astir utilizing asymmetric crypto and disagree from each different chiefly connected the aspects of cardinal management. Few are utilizing symmetric crypto and trust connected shared cardinal betwixt UE and the network. The investigation is inactive ongoing (e.g., the cost-benefit and robustness of the projected solutions) and nary decision has been made.

b) Unauthenticated-unicast protection. Unicast messages are uplink oregon downlink messages concerning 1 peculiar UE. The unicast messages that are transferred aft information activation are so protected. But determination are immoderate unicast messages that hap earlier information activation (called unauthenticated-unicast) which deficiency security, and truthful tin beryllium work oregon tampered with by an attacker. One of the proposals to this occupation uses asymmetric crypto and is generic to each vigor assets power (RRC) messages. Other proposals absorption connected extortion of RRC Resume Request connection and RRC UE capableness transportation procedure.

We privation to enactment that the survey concludes determination is nary further enactment affecting standards for the extortion of RRC UE capableness transportation procedure. There is, however, a caller extortion mechanics which was expedited – extracurricular of the survey – straight into 3GPP TS 33.501 (clause 6.5.3) and TS 33.401 (clause 7.4.5). As shown successful Figure 9, the gist of the solution follows. If the RAN fetches the UE capabilities earlier information activation, it neither stores them locally for aboriginal use, nor sends them to different web entities; and fetches them again aft information is activated. If an attacker had tampered with the UE capabilities over-the-air earlier information activation, the effect is not perpetual, acknowledgment to the caller mechanism.

Figure 9: Mitigating the perpetual effect of perchance tampered UE capabilities

c) False basal presumption detection enhancement. This taxable is astir enabling/enhancing the detection of mendacious basal stations. Some proposals usage positioning measurement reports, immoderate enrich mean measurement reports, and others absorption connected handover procedures. The proposals are inactive nether survey with nary decision to date.

d) Man-in-the-middle mitigation. This taxable concerns generic menace of mendacious basal stations sitting successful betwixt UE and the web and performing attacks. Some proposals usage planetary navigation outer strategy (GNSS) accusation of UE and basal stations; others suggest utilizing indications of abnormal lawsuit sequences; and inactive others usage cryptographic cyclic redundancy checksum (CRC). No decision has been made.

e) Miscellaneous. For the involvement of completeness, the survey besides mentions topics similar self-organizing web (SON) poisoning and vigor jamming. No further enactment is taken successful this study, chiefly due to the fact that these topics autumn successful the scope of different moving groups liable for vigor and web management.

Thus, the survey has not finished and is continuing successful Release 18. There are aboriginal indications of further progress, and we could springiness you a teaser, but let’s support the astonishment until the enactment is done.

Final words

We discussed the 4 cardinal RAN information topics from 3GPP Release 17:

• User Plane Integrity Protection with 4G core,
• Security of 5G Proximity based Services (ProSe),
• Security for Industrial IoT, and
• Security enhancements against mendacious basal stations.

Because of the pandemic, this was yet different merchandise wherever the 3GPP meetings were held electronically. While we constitute this blogpost, the Release 18 enactment has started and hybrid meetings are being planned.

So, what volition Release 18 adhd to RAN security? Well, we volition support you posted successful owed time.

We convey our fantastic colleagues who worked connected the taxable of RAN security.

Further reading

A summary of 3GPP Release 16, 5G signifier 2: Security and RAN

3GPP Release 15: An extremity to the conflict against mendacious basal stations?

5G information - enabling a trustworthy 5G system

An overview of the 3GPP 5G information standard