Professional Documents
Culture Documents
Contents
Abbreviations ................................................................................................................................................ 2
Security Architecture and Procedures .......................................................................................................... 4
Security Assurance Specifications ................................................................................................................. 4
Studies and Reports ...................................................................................................................................... 4
Others Specifications .................................................................................................................................... 5
Primary Authentication ................................................................................................................................. 5
Secondary Authentication ............................................................................................................................ 6
Protection of Network Interfaces ................................................................................................................. 6
Network Element Security Assurance Scheme ............................................................................................. 8
References .................................................................................................................................................. 11
Biography .................................................................................................................................................... 11
Appendix – Cryptography ........................................................................................................................... 12
Page |2
Abbreviations
5G AV 5G Authentication Vector
AAnF AKMA Anchor Function
AES Advanced Encryption Standard
AKA Authentication and Key Agreement
AKMA Authentication Key Management for Applications
ARPF Authentication credential Repository and Processing Function
AUSF Authentication Server Function
AUTN AUthentication TokeN
EAP Extensible Authentication Protocol
EMSK Extended Master Session Key
GUTI Globally Unique Temporary UE Identity
HRES Hash RESponse
HXRES Hash eXpected RESponse
IKE Internet Key Exchange
IPUPS Inter-PLMN UP Security
KSI Key Set Identifier
LI Lawful Intercept
MSK Master Session Key
NAI Network Access Identifier
NIA Integrity Algorithm for 5G
NSSAI Network Slice Selection Assistance Information
NSSAA Network Slice Specific Authentication and Authorization
PEI Permanent Equipment Identifier
RES RESponse
SEAF SEcurity Anchor Function
SG Security Gateway
SEPP Security Edge Protection Proxy
SIDF Subscription Identifier De-concealing Function
SUCI Subscription Concealed Identifier
SUPI Subscription Permanent Identifier
TLS Transport Layer Security
UDM Unified Data Management
UDR Unified Data Repository
XRES eXpected RESponse
Page |3
This article focuses on the most important security specifications for 5G networks, i.e. 3GPP Technical
Specification 33-Series [1].
The main active working group addressing 5G security and privacy issues is 3GPP System Architecture 3
(3GPP SA3). The group is responsible for identifying the security and privacy requirements and defining
the security architectures and associated protocols to address these requirements. 3GPP SA3 also ensures
that cryptographic algorithms which need to be part of the 5G security specifications are available.
3GPP Release 15 defines the 5G security infrastructure and further enhances 4G security. It also supports
security assurance and test methods for 5G core network functions and base station (gNB).
3GPP Release 16 fortifies the security architecture for wireless-wireline convergence; and supports
security for vertical functions and authentication and key management of vertical applications, such as
network sliding, industrial IoT, cellular IoT, multi-access edge computing (MEC), terrestrial and aerial
manned and unmanned vehicles. It also supports security assurance requirements and test cases for data
analytics, interworking and service communication proxy functions.
3GPP Release 17 will further evolve the user plane integrity; authentication functions; security controls
for rouge base stations, slice enhancement, private networks, drones, and broadcast channels. Also, it will
support security assurance requirements and test cases for additional network equipment and related
functions.
The following sections outline the most important technical specifications and provide some insights into
the new security control mechanisms for confidentially and integrity protection [2]-[4], and schemes for
network element security assurance [5] in 5G.
Figure 1. 3GPP Technical Specifications and Reports for Release 15 (R15), Release (16) and Release (17).
Page |4
TS 33.512 5G Security Assurance Specification (SCAS); Access and Mobility management Function (AMF)
TS 33.514 5G Security Assurance Specification (SCAS) for the Unified Data Management (UDM) network product class
TS 33.515 5G Security Assurance Specification (SCAS) for the Session Management Function (SMF) network product class
TS 33.516 5G Security Assurance Specification (SCAS) for the Authentication Server Function (AUSF) network product class
TS 33.517 5G Security Assurance Specification (SCAS) for the Security Edge Protection Proxy (SEPP) network product class
TS 33.518 5G Security Assurance Specification (SCAS) for the Network Repository Function (NRF) network product class
TS 33.519 5G Security Assurance Specification (SCAS) for the Network Exposure Function (NEF) network product class
TS 33.521 5G Security Assurance Specification (SCAS); Network Data Analytics Function (NWDAF)
TR 33.819 Study on security enhancements of 5G System (5GS) for vertical and Local Area Network (LAN) services
TR 33.824 Study on security aspects of Integrated Access and Backhaul (IAB) for Next Radio (NR)
TR 33.825 Study on the security of Ultra-Reliable Low-Latency Communication (URLLC) for the 5G System (5GS)
TR 33.836 Study on security aspects of 3GPP support for advanced Vehicle-to-Everything (V2X) services
TR 33.839 Study on security aspects of enhancement of support for edge computing in 5G Core (5GC)
TR 33.851 Study on security for enhanced support of Industrial Internet of Things (IIoT)
TR 33.852 Study on traffic characteristics and performance requirements for AI/ML model transfer in 5G Systems (5GS)
TR 33.861 Study on evolution of Cellular Internet of Things (CIoT) security for the 5G System
Others Specifications
TS 33.535 Authentication and Key Management for Applications (AKMA) based on 3GPP credentials in the 5G System (5GS)
TS 33.536 Security aspects of 3GPP support for advanced Vehicle-to-Everything (V2X) services
Primary Authentication
The Extensible Authentication Protocol (EAP) – 5G Authentication and Key Agreement (5G AKA) procedure
makes it possible the mutual authentication between the UE and the network, based on a secret (shared)
master key (K) in the USIM and Authentication Credential Repository and Processing Function (ARPF).
On the side of the 5G core network (5GC), the key element that effectively performs authentication with
the UE is Authentication Server Function (AUSF). It uses services of Unified Data Management (UDM) and
ARPF, which are responsible for hosting the functions related to data management and for selecting
authentication methods and computing data and keying material that AUSF needs. At the same time, the
Subscriber Identifier De-concealing Function (SIDF) comes into play to derive the SUPI from SUCI. All this
is happening in the home network core.
On the side of the serving network, the key function is Security Anchor Function (SEAF), that stores the
anchor key (KSEAF) provided by the AUSF of the home network. Keys for more than one security context
can then be derived from the KSEAF without the need of a new authentication run, regardless of the access
network technology used by the UE. (In 5G, the home network is in charge of authentication instead of
the visiting/roaming network.)
Page |6
Another authentication framework is the Authentication and Key management for Applications (AKMA),
where subscriber credentials can be used for authentication and key management at the application layer,
for 3rd party applications. This may be particularly relevant for IoT applications.
Secondary Authentication
The EAP supports both primary (typically implemented during initial registration for example when a
device is turned on for the first time) and secondary (executed for authorisation during the set-up of user
plane connections, for example, to surf the web or to establish a call) authentication.
The secondary authentication allows the operator to delegate the authorisation to a third party. It is
meant for authentication between UE and external data networks (EDN), residing outside the operator’s
domain. (A similar service was also possible in 4G, but it is now integrated in 5G architecture.) This
mechanism allows an independent authentication and authorization, e.g. using network slicing, before
the UE may connect to that external network using EAP to request secondary authentication by the
external network.
Since the traffic transmitted through F1 and E1 interfaces may carry sensitive data, the 3GPP TS 33.501
requires mandatory confidentiality, integrity and replay protection for the F1 signalling plane (F1-C) and
for the E1 interface (E1-C and E1-U), while leaving it optional for the F1 user plane interface (F1-U). For
both F1 and E1 interfaces the support of “IPSec ESP protocol (IETF RFC 4303) and IKEv2 certificate-based
Page |7
authentication (TS 33.310)” is mandatory. The F1-U may be protected differently, including turning
integrity and/or encryption off or on for F1-U.
IPSec IPSec
RESTful APIs
HTTP/2
DTLS
[ENISA] IPSec (Optional) IPSec
Figure 3. Protection of network interfaces and communication between network functions in 5G [2].
Interfaces N2 and N3 (also shown in Figure 3) are interfaces that connect 5G-RAN with Access and Mobility
Function (AMF) and with the UPF (User Plane Function), respectively. In both cases, the support of the
“IPsec ESP and IKEv2 certificate-based authentication” are required. In addition, 3GPP TS 33.501 demands
the support of DTLS (RFC 6083), clarifying also that the use of DTLS for transport layer security does not
rule out usage of other network layer protection, emphasizing the advantage of IPSec in terms of providing
topology hiding. (A Security Gateway (SEG) may be used to terminate the IPSec tunnel between the gNB
side and that on the 5GC side.)
The 5GC Service Based Architecture (SBA) is based on network entity functionalities which are refactored
into services exposed and offered to other network entities. These network functions expose their
functionality through Service Based Interfaces (SBI) through an SBI message bus that implements RESTful
APIs over HTTP/2. Essentially, all NFs can communicate with each other using either a request/response
or subscribe/notify interactions between NF service consumers and producers.
From the security point of view, NFs must support client and server certificates and TLS, which is envisaged
to be used for transport protection, whilst NDS/IP can still be used for network layer protection.
The Network Repository Function (NRF) can be seen as the authorization server that issues access tokens
to other NFs that want to communicate to each other.
The mutual authentication between these functions is mandatory, and for NF-NRF communication it is
done during discovery, registration and access token request. (The actual authentication mechanism
would depend on the protection mechanism used. If that was the TLS, then the authentication provided
by TLS would be used.)
Figure 4. GSMA NESAS and 3GPP SCAS methodologies and milestones [5].
The NESAS defines security requirements based on 3GPP technical specifications and an assessment
framework for secure product development and product lifecycle processes; and security evaluation
scheme for network equipment, using the 3GPP defined security specifications and test cases, i.e., 3GPP
security assurance specifications (SCAS).
NESAS Development and Lifecycle Assessment Methodology - defines audit and assessment
process for vendor development and product lifecycle process under the GSMA Network
Equipment Security Assurance Scheme (NESAS).
NESAS Development and Lifecycle Security Requirements - defines security requirements for
vendor development and product lifecycle process under the GSMA Network Equipment Security
Assurance Scheme (NESAS).
The NESAS is focused on the vendor aspects of the supply chain, and thus provides a security assurance
framework to improve security levels across the all mobile industry, because it has been developed
following established practices and schemes that provide trustworthy security assurance.
The NESAS is widely supported by security authorities (such as ENISA in EU, ANSSI in France and BSI in
Germany) and industry organizations, globally.
The NESAS 1.0 release was finalized in October 2019. Ericsson, Nokia and Huawei openly support NESAS
as a unified cyber security certification framework for mobile network equipment, and more than ten
operators have requested NESAS compliance, before deploying 5G equipment in their countries.
On 24 August 2020, the GSMA announced that the world’s leading mobile network equipment vendors,
Ericsson, Huawei, Nokia and ZTE, had successfully completed an assessment of their product development
and life cycle management processes using the GSMA’s NESAS. In particular, Huawei has passed the
auditing process for LTE eNodeB and 5G gNodeB product lines, and 5G Core product line. In January 2021,
the Huawei 5G gNodeB and LTE eNodeB passed the 3GPP’s security assurance specifications testing.
Page |9
The 10 tier-1 carriers are included All the four major vendors Eight assessment institutions are The EU Member States (MS)
in the 5G bidding document, five participate in the assessment authorized, including two audit unanimously agree that:
of which are from Europe institutions and six laboratories NESAS was widely recognized by
ECCG representatives as the basis
Audit institutions:
for the basic level solution for EU
5G security certification
Laboratories*:
(soon)
*) Security test laboratories – that are deemed by an International Laboratory Accreditation Cooperation (ILAC) member accreditation body to have been ISO 17025 accredited and meet the NESAS requirements –
will be considered to have achieved NESAS accreditation satisfied
• https://www.gsma.com/security/nesas-security-auditors/
• https://www.gsma.com/security/nesas-security-test-laboratories/
The NESAS 1.0 framework was approved in October 2019 and comprises a number of technical
specifications that meet the basic requirements of the EU Cyber Security Act. The NESAS specifications
will be further improved by the end of this year to meet higher security assurance levels in compliance
with the EU Cyber Security Act. This will take into account the best industry standards and security
practices.
Trustworthy products and resilient networks cannot be achieved without the full participation of all the
elements in the trust chain for a network. We need a layered defense, where controls of various types
and kinds overlap each other in coverage, and that’s how a defense-in-depth 5G security strategy should
be implemented.
An example of defense-in-depth approach for 5G security deployment requires the support of:
All 3GPP SCAS requirements, and fundamental security control enhancements, such as: user
plane (UP) integrity protection, UP security policy, roaming security, user privacy preservation
(encryption of international mobile subscriber identity), unified authentication and enhanced
encryption algorithms.
Equipment security, for example: 3-plane isolation, data security, host intrusion detection and
Trusted Execution Environment (TEE).
Sub-solutions to Radio Access Network (RAN) security (e.g. rouge base station detection, secure
transmission), MEC security (MEC platform hardening, MEC security operations, e2e encrypted
local network), Core Network security (multi-layer isolation and hardening, disaster and elastic
recovery), Network Slicing security (slice isolation, encryption and protection, differentiated slice
security) and Massive Connectivity security (signaling domain anti-DDoS and date domain anti-
DDoS).
Security management, which includes an Element Management System (EMS) layer, for
situational awareness, anomaly detection, trusted integrity measurements, certificate
management, log auditing, and Network Element (NE) vulnerability management; and an end-to-
end Security Operation Centre (SOC), for security situational awareness, AI-based threat analysis
and detection, security orchestration and Network Element (NE) vulnerability management.
P a g e | 10
5G security requires collaboration in terms of standards, devices, and deployment. All parties in the
industry chain need to take their own security responsibilities. In order to mitigate the related cyber
security risks:
Suppliers must prioritized cyber security sufficiently (e.g. respect laws, regulations, standards,
certify their products, and ensure quality in their supply chains).
Telecoms operators are responsible for assessing risks and taking appropriate measures to ensure
compliance, security and resilience of their networks.
Service providers and customers are responsible for the implementation, deployment, support
and activation of all appropriate security mechanisms of service applications and information
(data).
Regulators are responsible for guaranteeing that Telco providers take appropriate measures to
safeguard the general security and resilience of their networks and services.
Governments have the responsibility of taking the necessary measures to ensure the protection
of the national security interests and the enforcement of conformance programs and
independent product testing and certification.
Standardization development organizations must ensure that there are proper specifications and
standards for security assurance and best practices in place, such as the GSMA NESAS.
The mobile industry needs a globally trusted and mutually recognized security assurance scheme. All
stakeholders are invited to adopt and contribute to the GSMA NESAS, which is a security assurance
scheme with shared and tailored specifications. Industry players, governments, security agencies and
regulators are recommended to adopt the GSMA NESAS for testing and evaluating telecoms equipment.
The NESAS is a customized, authoritative, unified, efficient and constantly evolving security assurance
scheme for the mobile industry, and could be a part of certification and accreditation processes against a
predetermined set of security standards and policies for security authorization in any country.
P a g e | 11
References
[1] 3GPP TS 33.501, “Security architecture and procedures for 5G System,” February 2021. Retrieved
from:
https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=3169
[2] ENISA, “Security in 5G Specifications - Controls in 3GPP Security Specifications (5G SA),” February
2021. Retrieved from:
https://www.enisa.europa.eu/news/enisa-news/cybersecurity-for-5g-enisa-releases-report-on-security-controls-in-3gpp
[3] ENISA, “5G Supplement - To the Guideline on Security Measures under the EECC,” December 2020.
Retrieved from:
https://www.enisa.europa.eu/publications/5g-supplement-security-measures-under-eecc
[4] Reiner Stuhlfauth, “5G Security Aspects,” Rohde & Swartz webinar, May 2020. Retrieved from:
https://www.rohde-schwarz.com/us/knowledge-center/videos/5g-security-aspects-video-detailpage_251220-638752.html
[5] D. Soldani, “5G Security,” Cyber Defense eMagazine, February 2021. Retrieved from:
https://cyberdefensemagazine.tradepub.com/free/w_cyba111/prgm.cgi
Biography
David Soldani received a Master of Science (M.Sc.) degree in Engineering with full marks and magna cum
laude approbatur from the University of Florence, Italy, in 1994; and a Doctor of Science (D.Sc.) degree
in Technology with distinction from Helsinki University of Technology, Finland, in 2006. In 2014, 2016
and 2018 he was appointed Visiting Professor, Industry Professor, and Adjunct Professor at University of
Surrey, UK, University of Technology Sydney (UTS), Australia, and University of New South Wales
(UNSW), respectively. D. Soldani is currently at Huawei Technologies and, since 2018, he has been serving
as Chief Technology (CTO) and Cyber Security Officer (CSO) within the ASIA Pacific Region, and, since
2020, as Chairman of the IMDA 5G task force, in Singapore. Prior to that he was Head of 5G Technology,
e2e, Global, at Nokia; and Head of Central Research Institute (CRI) and VP Strategic Research and
Innovation in Europe, at Huawei European Research Centre (ERC). David can be reached online at
https://www.linkedin.com/in/dr-david-soldani/
P a g e | 12
Appendix – Cryptography
This section summarizes all the cryptography key concepts so that anyone can understand the application
of cryptography, and all the beneficiary effects those technologies have in achieving a secure
communication between peer entities, in terms of confidentiality (encryption) and integrity (hashing),
authenticity (proof of origin), non-repudiation, and access control, e.g. across a wireless channel (with
public access). (N.B. Availability is not guaranteed.)
A generates this
symmetric key Key transmission CT
only for this E (Key) D
communication
A Channel B
Digital
H Digest E Signature
(Sender)
D H
Integrity
Integrity
Digest Digest
Digital
Digest D Signature
(Receipt)
E
= Symmetric Key = A Public Key = A Private (Secret) Key = B Public Key = B Private (Secret) Key
Figure 6. Example of encryption using asymmetric key and integrity (hashing) across a wireless channel (with public access).
P a g e | 13
X.509 Certificate
Public Public
(Subject) (Subject)
RA
Subject
Issuer
Web site
CA Private Public
(Issuer) (Subject)
Ctrl
Request of formal check that
Public the certificate is still valid
(Issuer)
User Controller Certificate
Request
Server
User Seller
(Client)
AES (Rijndael) = Advanced Encryption Standard (Specification for encryption of electronic data by NIST)
Figure 8. Secure Sockets Layer (SSL) and its successor, Transport Layer Security (TLS), between networked computers.