Security Changes in 5G

In 5G networks, SIM cards become optional for some applications, and roaming becomes more traceable and secure for network operators. In addition, the old signaling protocols disappear.
With 5G, there are important changes to the protocols underlying the mobile networks. There are also security changes, mostly on the provider side. The preparations for the new standard have been going on for many years, but gradually 5G is entering the implementation phase .

Substructure
First, the entire substructure is changed. Instead of classic signaling protocols like the notoriously insecure SS7 , 5G uses APIs that regulate traffic between mobile operators. According to Ericsson , the development of applications for the network will be much easier, because classic libraries, developer tools and other tools can be used.
Now, the Diameter protocol is used at LTE SS7, that’s why deployment and LTE roaming took a comparatively long time, because a completely new signaling infrastructure had to be built for this. However, at 5G everything is changed again. Diameter compared to the previous protocol Radius in the security area, especially the encrypted communication using IPsec or TLS.
Most of all major network operators in Europe use firewalls. The new APIs at 5G will further enhance the development and implementation of network technology and bring closer to the usual software development.

No ‘one-size-fits-all’ anymore
In 5G networks, end devices only transmit their IMSI address (International Mobile Subscriber Identity) to the network in encrypted form. This means that IMSI catchers can no longer determine the end-to-end identity of a connection owner. Only the network operator can then assign the encrypted IMSI numbers again to a subscriber.
With 5G the operators from the home country should be able to retrieve certain information about the customer himself – for example, to check whether he is really in the specified country and which network is used.
Huawei emphasizes in a 5G whitepaper that the upcoming network will be “service-oriented”. Different applications would require a different level of security – mobile medical applications, for example, would need a strong network and very robust security at the same time, whereas many IoT applications would need “lightweight” security solutions because there would be less computing capacity available.
The 5G module will enable more flexible security solutions, so the previous one-size-fits-all approach will no longer play a central role in the networks of the future. Until pure 5G networks exist and no fallback to GSM or LTE exists anymore, but will probably go many years into the country.

SIM card is no longer mandatory
5G also brings changes in authentication. Basically, it will be possible in the future to produce mobile-wireless devices without a SIM card (like the latest mobile hotspot Huawei E5788). When it comes to IoT, small terminals and other applications, there has long been a desire to do something different. For example, in the industrial context, a solution would be conceivable that does not rely on an interchangeable SIM, an eSim (embedded sim) or an iSim (intergrated sim) as advocated by the chip manufacturer ARM. 5G will probably go there double track: On the one hand, there is the normal Sim card, on the other hand, for example, Volkswagen could use something else on their own premises, such as a USB flash drive with certificate, which then used for authentication the details are described in the EAP protocol.

Alternatively, for example, used by the respective company tokens or a self-powered public-key infrastructure (PKI) could be used. For private customers, however, SIM cards will continue to be indispensable. Already today there are special mobile radio networks for industrial applications such as narrow band IoT. These are still based on the 5G predecessor LTE and require SIM cards.

There are also changes for the network operators when roaming. But customers will probably not notice it. There is a challenge-response authentication with a private key. So far, however, this challenge response only runs between the respective roaming network and the end device of the user or the SIM card.
In the future, network operators may send their own requests to the mobile device abroad to verify certain information. The own network operator still does not have 100% control over the billed data, but can check certain information.

Leave a Reply

Your email address will not be published. Required fields are marked *