skip to main content


Title: Look Before You Leap: Secure Connection Bootstrapping for 5G Networks to Defend Against Fake Base-Stations
The lack of authentication protection for bootstrapping messages broadcast by base-stations makes impossible for devices to differentiate between a legitimate and a fake base-station. This vulnerability has been widely acknowledged, but not yet fixed and thus enables law-enforcement agencies, motivated adversaries, and nation-states to carry out attacks against targeted users. Although 5G cellular protocols have been enhanced to prevent some of these attacks, the root vulnerability for fake base-stations still exists. In this paper, we propose an efficient broadcast authentication protocol based on a hierarchical identity-based signature scheme, Schnorr-HIBS, which addresses the root cause of the fake base-station problem with minimal computation and communication overhead. We implement and evaluate our proposed protocol using off-the-shelf software-defined radios and open-source libraries. We also provide a comprehensive quantitative and qualitative comparison between our scheme and other candidate solutions for 5G base-station authentication proposed by 3GPP. Our proposed protocol achieves at least a 6x speedup in terms of end-to-end cryptographic delay and a communication cost reduction of 31% over other 3GPP proposals.  more » « less
Award ID(s):
1917627
NSF-PAR ID:
10312085
Author(s) / Creator(s):
; ; ; ;
Date Published:
Journal Name:
Proceedings of the 2021 ACM Asia Conference on Computer and Communications Security
Format(s):
Medium: X
Sponsoring Org:
National Science Foundation
More Like this
  1. null (Ed.)
    As 5G systems are starting to be deployed and becoming part of many daily life applications, there is an increasing interest on the security of the overall system as 5G network architecture is significantly different than LTE systems. For instance, through application specific virtual network slices, one can trigger additional security measures depending on the sensitivity of the running application. Drones utilizing 5G could be a perfect example as they pose several safety threats if they are compromised. To this end, we propose a stronger authentication mechanism inspired from the idea of second-factor authentication in IT systems. Specifically, once the primary 5G authentication is executed, a specific slice can be tasked to trigger a second-factor authentication utilizing different factors from the primary one. This trigger mechanism utilizes the re-authentication procedure as specified in the 3GPP 5G standards for easy integration. Our second-factor authentication uses a special challenge-response protocol, which relies on unique drone digital ID as well as a seed and nonce generated from the slice to enable freshness. We implemented the proposed protocol in ns-3 that supports mmWave-based communication in 5G. We demonstrate that the proposed protocol is lightweight and can scale while enabling stronger security for the drones. 
    more » « less
  2. Social media nowadays has a direct impact on people's daily lives as many edge devices are available at our disposal and controlled by our fingertips. With such advancement in communication technology comes a rapid increase of disinformation in many kinds and shapes; faked images are one of the primary examples of misinformation media that can affect many users. Such activity can severely impact public behavior, attitude, and belief or sway the viewers' perception in any malicious or benign direction. Mitigating such disinformation over the Internet is becoming an issue with increasing interest from many aspects of our society, and effective authentication for detecting manipulated images has become extremely important. Perceptual hashing (pHash) is one of the effective techniques for detecting image manipulations. This paper develops a new and a robust pHash authentication approach to detect fake imagery on social media networks, choosing Facebook and Twitter as case studies. Our proposed pHash utilizes a self-supervised learning framework and contrastive loss. In addition, we develop a fake image sample generator in the pre-processing stage to cover the three most known image attacks (copy-move, splicing, and removal). The proposed authentication technique outperforms state-of-the-art pHash methods based on the SMPI dataset and other similar datasets that target one or more image attacks types. 
    more » « less
  3. Home area networks (HANs) are the most vulnerable part of smart grids since they are not directly controlled by utilities. Device authentication is one of most important mechanisms to protect the security of smart grid-enabled HANs (SG-HANs). In this paper, we propose a situation-aware scheme for efficient device authentication in SG-HANs. The proposed scheme utilizes the security risk information assessed by the smart home system with a situational awareness feature. A suitable authentication protocol with adequate security protection and computational and communication complexity is then selected based on the assessed security risk level. A protocol design of the proposed scheme considering two security risk levels is presented in the paper. The security of the design is verified by using both formal verification and informal security analysis. Our performance analysis demonstrates that the proposed scheme is efficient in terms of computational and communication costs. 
    more » « less
  4. A reliable command and control (C2) data link is required for unmanned aircraft systems (UAS) operations in order to monitor the status and support the control of UAS. A practical realization of the C2 communication and mission data links for commercial UAS operations is via LTE/5G networks. While the trajectory of each UAS directly determines the flight distance and mission cost in terms of energy dissipation, it also has a strong correlation to the quality of the communication link provided by a serving base station, where quality is defined as the achieved signal-to-interference-plus-noise ratio (SINR) required to maintain the control link of the UAS. Due to signal interference and the use of RF spectrum resources, the trajectory of a UAS not only determines the communication link quality it will encounter, but also influences the link quality of other UAS in its vicinity. Therefore, effective UAS traffic management must plan the trajectory for a group of UAS taking into account the impact to the interference levels of other base stations and UAS communication links. In this paper, an SINR Aware Predictive Planning (SAPP) framework is presented for trajectory planning of UAS leveraging 4G/5G communication networks in a simulated environment. The goal is to minimize flight distance while ensuring a minimum required link quality for C2 communications between UAS and base stations. The predictive control approach is proposed to address the challenges of the time varying SINR caused by the interference from other UAS’s communication. Experimental results show that the SAPP framework provides more than 3dB improvements on average for UAS communication parameters compared to traditional trajectory planning algorithms while still achieving shortest path trajectories and collision avoidance. 
    more » « less
  5. null (Ed.)
    We present a secure two-factor authentication (TFA) scheme based on the user’s possession of a password and a crypto-capable device. Security is “end-to-end” in the sense that the attacker can attack all parts of the system, including all communication links and any subset of parties (servers, devices, client terminals), can learn users’ passwords, and perform active and passive attacks, online and offline. In all cases the scheme provides the highest attainable security bounds given the set of compromised components. Our solution builds a TFA scheme using any Device-enhanced Password-authenticated Key Exchange (PAKE), defined by Jarecki et al., and any Short Authenticated String (SAS) Message Authentication, defined by Vaudenay. We show an efficient instantiation of this modular construction, which utilizes any password-based client-server authentication method, with or without reliance on public-key infrastructure. The security of the proposed scheme is proven in a formal model that we formulate as an extension of the traditional PAKE model. We also report on a prototype implementation of our schemes, including TLS-based and PKI-free variants, as well as several instantiations of the SAS mechanism, all demonstrating the practicality of our approach. Finally, we present a usability study evaluating the viability of our protocol contrasted with the traditional PIN-based TFA approach in terms of efficiency, potential for errors, user experience, and security perception of the underlying manual process. 1 
    more » « less