The evolution of Network Security
The introduction of 5G will also close the gaps in security which have been present in previous technologies over the coming years. These innovations include improved cryptography, enhanced secure roaming and comprehensive measures to secure signaling between different mobile networks. In the future, the mobile identity of mobile devices will only be transmitted in an encrypted way in order to eliminate attacks for example by IMSI catchers.
The difference between 5G and its predecessor technologies is that 5G and its successors are more likely to be presented as a modular system in which services and structures with the most diverse characteristics can be implemented simultaneously. It will be possible to acquire geographically limited 5G licenses, for example industries can implement separate virtual networks within public infrastructures. Within the "network slicing" framework, virtual networks or services can also be designed and built with regard to short latency periods or high security. Security level requirements can also be adapted. This is an opportunity to build a much more reliable, resilient, and secure network.
• Data traffic within the 5G infrastructure is protected by state-of-the-art encryption. The devices and the network authenticate each other using integrity-protected signaling. This ensures that if a single component is compromised, the other components remain protected.
• The transmission of the long-term identity of the subscribers (IMSI) is encrypted from 5G onwards. With 2G/3G/LTE, this data is currently transmitted without encryption.
• Authentication Confirmation is a new mechanism that provides more security when roaming. The subscriber's terminal device sends cryptographic proof of the identity of the mobile network operator to whose network the terminal device has dialed back to. Current mobile networks do not support this function.
• Lower latency in mobility, since security-relevant functions are processed in the central unit of the base station.
• Secure identity management systems identify location based authentication of subscribers; by this mechanism only the real subscribers have access to network services. It is based on strong cryptographic primitives and security features already present in the 4G system.
In the future, 5G will support advanced cryptographic algorithms with 256 bits. This is to ensure that such algorithms used in 5G networks are sufficiently resistant to attacks from quantum computers.
Although these mechanisms exist, it is currently not possible to predict whether all security features will be used and correctly implemented.
Currently, it is not clear how fast mobile operators are migrating their infrastructure to 5G. The migration process is neither prescribed by law nor in the 5G specifications. As a result, each mobile operator will be able to setup its network in a different way. The speed of migration will also depend on which new 5G “business scenarios” will emerge and will be adopted in the years to come. At the same time, many of the 5G benefits, such as faster transmission rates, can certainly be operated with a current LTE network. In that case, however, the new security mechanisms will not come into play.