How can our 5G network be secure?
The headlines have been ablaze with news of 5G and its promise of super connectivity, high-speed downloads and the ability to handle volumes of data on a scale like we’ve never seen before. It’s also been incredibly controversial. Need we mention the countless vandalism attacks on 5G network towers at the hands of conspiracy theorists? And the wild claims that 5G is the source of the COVID-19 virus?
The more recent news around 5G is a far more plausible cause for concern and one that we can actually find a solution to. That is: security.
But first, let’s dissect what 5G actually is.
Put simply, 5G network technology is the fifth generation of broadband cellular or wireless networks, proven to be faster, suffer less interference and support more connected devices than we have ever been able to before. Whilst it works in the same way as its predecessors, 5G carries way more information at a much faster rate. A handful of major UK cities like London, Manchester and Edinburgh are already using the 5G networks, though the goal is to expand its reach nationwide over the next few years.
Sounds great, so what’s the problem?
The expansion of 5G networks means the Telecom industry is changing as we know it.
5G is being delivered through a solution driven approach connecting critical services with very high availability requirements especially in automotive, smart city, healthcare and public safety. End to end security is key to running such applications.
5G is also being rolled out using open architecture - Open Radio Access Networks (Open RAN) that’s seen many operators across the world join in its movement. With Open RAN, cellular wireless networks would benefit from disaggregation of hardware, software and open interoperable interfaces which could potentially help in terms of network lowering Total Costs of Ownership (TCO) and fostering a multi-vendor ecosystem of equipment suppliers. Essentially, single-vendor RAN solutions would be replaced with stable, scalable and 5G-ready architectures that enable operators to put together their best-of-breed networks.
We are witnessing the start of an era where legacy technologies are being challenged by companies providing the disaggregation of software and hardware. Even the incumbent vendors are adding open products to their portfolios in order to maximise the commercial opportunities in areas like campus networks. The telecoms industry is at a junction where IT powered by software-defined networking (SDN) and network function virtualisation (NFV) have finally entered the last frontier- the RAN. The security problem here is that as more and more devices get attached to a software-based architecture, which 5G Open RAN has to offer, the bigger the attack surface gets with the connection of millions of these devices. Bigger attack surface = more opportunities for cybercriminals.
But, if 5G works in the same way as 4G, then why the increased security threat?
The difference between legacy 2G, 3G and 4G networks is that they were modelled on hierarchical trust. 5G doesn’t have that. In the case of 5G, the network between the USIM or eSIM on the subscriber end and the Unified Data Management (UDM) in the core, is entrusted with services running on private and public cloud. Although 3GPP has introduced some security enhancements on standards (think Rel. 15 & 16) to address some of these security challenges, compliance to the standards have historically proven to be insufficient. Vendors are more focused on delivering (and cashing in on) 5G’s incredible features than enhancing its security. Which is a huge oversight.
Open RAN architecture includes new interfaces and RAN functions that require the network’s integrity and data to be protected. With Open interfaces connecting to a multi-vendor ecosystem in Open RAN, the service providers face a new challenge on how to build efficient overall security management that takes into account the vulnerabilities of individual vendor implementation. Without doing so, network users' privacy and security will be compromised.
Can 5G communications be truly end-to-end secure?
The short answer is: yes! But it’s going to take a new approach to get there.
For over four decades, Public Key Infrastructure (PKI) has been the security technology of choice for the Telecoms industry. And for that time, it worked. But PKI has also long since been a focus for attackers, and with the imminent rollout of 5G, it will continue to be. PKI has a significant management cost and bears the burden of manual key distribution for defence and CNI applications.
It’s only a matter of time before quantum computers break PKI, and it’s likely to be in the next decade. Services that run over today’s 5G Open RAN software-based networks and infrastructure are going to be vulnerable. They need protection and an easier mechanism to manage their security in place now before it’s too late.
The new solution? Arqit’s QuantumCloud™, of course.
At Arqit, we provide lightweight and highly secure encryption products which can be managed automatically over the cloud avoiding any human interaction. Our QuantumCloud™ is a Symmetric Key product that enables symmetric keys to be created at end points through information sharing over TCP-IP without using PKI on a global scale. An entire network can simultaneously create an identical key at every end point, and dynamically change the key or the group members constantly. This means we can effectively keep 5G communications secure against the threats we face today and the future, thanks to quantum encryption.
To find out how we can help you stay secure against the threats of today and tomorrow, get in touch! Arqit will be traded on NASDAQ soon following a proposed SPAC deal with Centricus Acquisition Corporation (NASDAQ:CENH) so if you believe we have solved a big important problem for your industry you can also follow us closely.
By Ayan Ghosh, Vice President – Product Engineering