Preprint Article Version 1 This version is not peer-reviewed

An Applied Analysis of Securing 5G/6G Core Networks with Post-Quantum Key Encapsulation Methods

Paul Scalise
ORCID logo ,
Robert Garcia
ORCID logo ,
Matthew Boeding
ORCID logo ,
Michael Hempel
* ORCID logo ,
Hamid Sharif
Version 1 : Received: 18 October 2024 / Approved: 21 October 2024 / Online: 24 October 2024 (07:38:04 CEST)

How to cite: Scalise, P.; Garcia, R.; Boeding, M.; Hempel, M.; Sharif, H. An Applied Analysis of Securing 5G/6G Core Networks with Post-Quantum Key Encapsulation Methods. Preprints 2024, 2024101802. https://doi.org/10.20944/preprints202410.1802.v1 Scalise, P.; Garcia, R.; Boeding, M.; Hempel, M.; Sharif, H. An Applied Analysis of Securing 5G/6G Core Networks with Post-Quantum Key Encapsulation Methods. Preprints 2024, 2024101802. https://doi.org/10.20944/preprints202410.1802.v1

Abstract

5th Generation (5G) cellular networks have been adopted around the world since the rollout began around 2019. It brought with it many innovations and new services, such as Enhanced Mobile Broadband (eMBB), Ultra Reliable and Low Latency Communications (URLLC), and Massive Internet of Things (mIoT). 5G also introduced a more scalable approach to network operations using fully software-based Virtualized Network Functions (VNF) in Core Networks (CN) rather than the prior hardware-based approach. However, while this shift towards a fully software-based system design provides numerous significant benefits, such as increased interoperability, scalability, and cost-effectiveness, it also brought with it an increased cybersecurity risk. Security is crucial to maintaining trust between vendors, operators, and consumers. Cyberattacks are rapidly increasing in number and sophistication, and we are seeing a shift towards zero-trust approaches. This means that even communications between VNFs inside a 5G core have to be scrutinized and hardened against attacks, especially with the advent of quantum computers. The National Institute of Standards and Technology (NIST), over the past 10 years, has led efforts to standardize Post Quantum Cryptography (PQC) to protect against quantum attacks. This paper covers a custom implementation of the open-source free5GC CN, to expand its HTTPS capabilities for VNFs by introducing PQC Key Encapsulation Methods (KEM) for TLS v1.3. This paper provides the details of this integration with a focus on the latency of different PQC KEMs in initial handshakes between VNFs, on packet size, and the implications on a 5G environment. This work also conducts a security comparison between the PQC-equipped free5GC and other open-source 5G CNs. The presented results indicate a negligible increase in UE connection setup duration and a small increase in connection setup data requirements, strongly indicating that PQC KEM’s benefits far outweigh any downsides when integrated into 5G and 6G core services.

Keywords

post quantum cryptography; key encapsulation methods; CRYSTALS-kyber; 5G; 6G; core network; open source

Subject

Engineering, Telecommunications

Copyright: This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Download PDF

Comments (0)

We encourage comments and feedback from a broad range of readers. See criteria for comments and our Diversity statement.

Leave a public comment
Send a private comment to the author(s)
* All users must log in before leaving a comment
Views 0
Downloads 0
Comments 0
Get PDF Cite Share 0
Bookmark BibSonomy Mendeley Reddit Delicious
×
Alerts
Notify me about updates to this article or when a peer-reviewed version is published.
We use cookies on our website to ensure you get the best experience.
Read more about our cookies here.