Network security concerns remain an issue with the upcoming 5G and 6G wireless network standards.
That’s because security measures being aren’t being adopted in new 5G standards, and there’s a newly discovered potential for Man-in-the-Middle attacks in terahertz-based 6G networks, multiple research studies have discovered.
One of those studies — a formal analysis of 5G authentication conducted by scientists from ETH Zurich, the University of Lorraine/INRIA, and the University of Dundee — found that criminals will be able intercept 5G communications and steal data because “critical security gaps are present,” the group says in their press release. That’s in part because “security goals are underspecified” and there’s a “lack of precision” in the 3GPP standards, they say.
In a second, unrelated report published this month by researchers at Brown University, Rice University, and University at Buffalo, scientists have discovered serious vulnerabilities in 5G’s successor: terahertz data communications networks.
Terahertz is the extremely high-frequency wavelength located between microwave and infra-red that will probably make up the currently only-on-paper 6G networks, which will launch in perhaps 10 years from now. Submillimeter, up to terahertz spectrum, is well above the frequencies that are being used for about-to-be-released 5G. That’s in millimeter spectrum. 6G should provide even more reliability and latency reduction than 5G — if it works.
The miniscule frequencies of terahertz have led many to believe they are too tiny to intercept — that a Man-in-the-Middle receiver placed in the narrow, directional terahertz beam to eavesdop would block the entire transmission and be detected immediately. Research now shows, however, that assumption is wrong.
“We show that undetected eavesdropping in the terahertz realm is easier than most people had assumed,” says Daniel Mittleman, a professor at Brown University’s School of Engineering, in a press release. By putting objects, such as a flat piece of metal, at the edge of the beam, he says they’ve been able to scatter parts of the beam and thus intercept some of the data.
It “leaves a sliver of signal for an attacker to work with without casting a detectable shadow on the receiver,” the researchers say. More terahertz development work clearly must be done.
5G not as secure as hoped
But before we get to 6G, we have 5G to consider.
“Autonomous vehicles, Internet of Things devices, and industrial control systems” are about to benefit from 5G networks, says Dr. Saša Radomirovic, senior lecturer of computing in the School of Science and Engineering at the University of Dundee. 5G “has been promised to be faster and more secure than previous networks, but we’ve found that it isn’t as secure as hoped.”
Radomirovic says his academic group’s automated security protocol verification tool, called Tamarin, shows critical security goals aren’t in 3GPP’s 5G AKA key exchange protocol.
“We find that some critical security goals are not met, except under additional assumptions missing from the standard,” the group claims, in an abstract of their report initially published in June and updated this month.
The standard does not provide for “mutual authentication requirements and agreement properties on the established key,” despite the fact that 5G uses an Authenticated Key Exchange protocol, the report (PDF) explains. Attackers could thus establish secure channels using previously issued 5G security keys, the researchers say. They’re now working with 3GPP to fix the issues.