| 6.0 | Mapping between key issues and solutions p. 21
|
| 6.1 | Solution #1: Protection for the UE Capability Transfer p. 22
|
| 6.2 | Solution #2: Protection of RRCReject message in RRC_INACTIVE state p. 22
|
| 6.3 | Solution #3: Protection of uplink UECapabilityInformation RRC message p. 23
|
| 6.4 | Solution #4: Enriched measurement reports p. 24
| 6.4.1 | Introduction p. 24
|
| 6.4.2 | Solution details p. 25
| 6.4.2.1 | Enrichment of measurement report p. 25
|
| 6.4.2.2 | Verification of the MIB/SIBs Hashes p. 25
|
|
| 6.4.3 | Evaluation p. 26
|
|
| 6.5 | Solution #5: Mitigation against the authentication relay attack p. 27
|
| 6.6 | Solution #6: Avoiding UE connecting to false base station during HO p. 29
|
| 6.7 | Solution #7: Verification of authenticity of the cell p. 33
| 6.7.1 | Introduction p. 33
|
| 6.7.2 | Solution details p. 34
| 6.7.2.1 | System Information verification using Digital Signatures p. 34
|
| 6.7.2.2 | System Information verification using Identity Based Cryptography p. 35
|
| 6.7.2.3 | Optimization of SI verification using the other SI p. 36
|
| 6.7.2.4 | Capability negotiation p. 36
|
|
| 6.7.3 | Evaluation p. 37
|
| 6.7.4 | Assessment using clause A.3 p. 37
| 6.7.4.1 | UE aspects p. 37
|
| 6.7.4.2 | UE actions upon detection of invalid signature p. 38
|
| 6.7.4.3 | Threats that are mitigated by signed SI messages p. 38
|
| 6.7.4.4 | Threats that are not mitigated by signed SI messages p. 38
|
| 6.7.4.5 | Provisioning of keys p. 38
|
| 6.7.4.6 | RAN aspects p. 39
|
| 6.7.4.7 | VPLMN aspects p. 39
|
| 6.7.4.8 | HPLMN aspects p. 40
|
| 6.7.4.9 | Network sharing aspects p. 40
|
| 6.7.4.10 | Roaming aspects p. 40
|
| 6.7.4.11 | Regulatory aspects p. 40
|
| 6.7.4.12 | Signature schemes p. 40
|
| 6.7.4.13 | Signature length p. 40
|
| 6.7.4.14 | Resistance against Quantum Computing p. 40
|
|
|
| 6.8 | Solution #8: Network detection of nearby false base stations from call statistics and measurements p. 40
| 6.8.1 | Introduction p. 40
|
| 6.8.2 | Solution details p. 41
| 6.8.2.1 | Detection of false base Stations from Active UE Measurement report p. 41
|
| 6.8.2.2 | Detection of false base stations from duplicate Cell IDs in Active UE Measurement report p. 41
|
|
| 6.8.3 | Evaluation p. 41
|
|
| 6.9 | Solution #9: Using symmetric algorithm with assistance of USIM and home network p. 41
| 6.9.1 | Introduction p. 41
|
| 6.9.2 | Solution details p. 42
| 6.9.2.1 | Framework p. 42
|
| 6.9.2.2 | Provisioning p. 44
| 6.9.2.2.1 | Protection Key Agreement (PKA) and Protection Key Transfer (PKT) procedure p. 44
|
| 6.9.2.2.2 | Protection area p. 45
|
| 6.9.2.2.3 | Protection Area Information Provisioning (PAIP) procedure p. 46
|
|
| 6.9.2.3 | Authenticity p. 47
| 6.9.2.3.1 | Security procedure for broadcast messages p. 47
|
| 6.9.2.3.2 | Security procedure for unicast messages p. 48
|
|
|
| 6.9.3 | Evaluation p. 49
|
|
| 6.10 | Solution #10: Protection on the unicast message based on ECDH p. 49
| 6.10.1 | Introduction p. 49
|
| 6.10.2 | Solution details p. 49
|
| 6.10.3 | Assessment using clause A.3 p. 51
|
|
| 6.11 | Solution #11: Certificate based solution against false base station p. 52
| 6.11.1 | Introduction p. 52
|
| 6.11.2 | Solution details p. 52
|
| 6.11.3 | Assessment using clause A.3 p. 54
|
|
| 6.12 | Solution #12: ID based solution against false base station p. 57
|
| 6.13 | Solution #13: Protecting RRCResumeRequest against MiTM p. 61
|
| 6.14 | Solution #14: Shared key based MIB/SIBs protection p. 62
|
| 6.15 | Solution #15: Mitigation against the authentication relay attack with different PLMNs p. 63
|
| 6.16 | Solution #16: Protection of RRC Reject Message p. 66
| 6.16.1 | Introduction p. 66
|
| 6.16.2 | Solution details p. 67
| 6.16.2.1 | Protection of RRC Reject Message in RRC_IDLE state p. 67
|
| 6.16.2.2 | Protection of RRC Reject Message in RRC_INACTIVE state p. 67
|
|
| 6.16.3 | Evaluation p. 67
|
|
| 6.17 | Solution 17: Integrity protection of the whole RRCResumeRequest message p. 68
|
| 6.18 | Solution #18: Avoiding UE connecting to False Base Station during Conditional Handover p. 69
|
| 6.19 | Solution #19: AS security based MIB/SIBs integrity information provided by gNB p. 71
|
| 6.20 | Solution #20: Digital Signing Network Function (DSnF) p. 73
| 6.20.1 | Introduction p. 73
|
| 6.20.2 | Solution details p. 74
| 6.20.2.1 | Digital Signatures of System Information p. 74
|
| 6.20.2.2 | Digital Signing Network Function (DSnF) p. 74
|
| 6.20.2.3 | gNB Behaviours p. 77
|
| 6.20.2.4 | Procedures for digital signature request and response p. 78
|
| 6.20.2.5 | UE Behaviours p. 80
|
| 6.20.2.5a | General p. 80
|
| 6.20.2.6 | Security Analysis p. 84
|
|
| 6.20.3 | Assessment using clause A.3 p. 85
|
| 6.20.4 | Evaluation p. 87
|
|
| 6.21 | Solution #21: Certificate based solution against false base station for Non-Public Networks p. 88
| 6.21.1 | Introduction p. 88
|
| 6.21.2 | Solution details p. 89
|
| 6.21.3 | Assessment using clause A.3 p. 90
| 6.21.3.1 | UE aspects p. 90
|
| 6.21.3.2 | UE actions without the network's certificate p. 90
|
| 6.21.3.3 | Threats that are mitigated by protecting system information messages using Digital Signature as well as encrypting unicast signalling messages p. 91
|
| 6.21.3.4 | Threats that are not mitigated by protecting system information messages using Digital Signature or encrypting unicast signalling messages. p. 91
|
| 6.21.3.5 | Provisioning of certificates into the UE p. 91
|
| 6.21.3.6 | RAN aspects p. 91
|
| 6.21.3.7 | VPLMN aspects p. 91
|
| 6.21.3.8 | HPLMN aspects p. 91
|
| 6.21.3.9 | NSPN aspects p. 91
|
| 6.21.3.10 | Network sharing aspects p. 91
|
| 6.21.3.11 | Roaming aspects p. 91
|
| 6.21.3.12 | Regulatory aspects p. 91
|
| 6.21.3.13 | Encryption schemes p. 91
|
| 6.21.3.14 | Signature / Encryption length p. 92
|
| 6.21.3.15 | Resistance against Quantum Computing p. 92
|
|
|
| 6.22 | Solution #22: Detecting false base stations based on UE positioning measurements p. 92
|
| 6.23 | Solution #23: Cryptographic CRC to avoid MitM relay nodes p. 96
|
| 6.24 | Solution #24: UE&Network-assisted UE avoidance and Network detection of FBS p. 99
|
| 6.25 | Solution #25: Detection of Man-in-the-Middle false base stations p. 102
|
| 6.26 | Solution #26: KI#2 with PKC-based and without tight time synchronization p. 104
|
| 6.27 | Solution #27: Short-lived asymmetric key-based solution for protecting system information p. 108
| 6.27.1 | Introduction p. 108
| 6.27.1.1 | General p. 108
|
| 6.27.1.2 | Hash-based consistency checks p. 109
|
| 6.27.1.3 | Symmetric key based MAC p. 109
|
| 6.27.1.4 | Asymmetric key based digital signatures p. 109
|
|
| 6.27.2 | Solution details p. 110
| 6.27.2.1 | Authenticity of system information p. 110
|
| 6.27.2.2 | Replay mitigation p. 114
|
| 6.27.2.3 | Cell selection and reselection p. 118
|
|
| 6.27.3 | Assessment using clause A.3 p. 119
|
| 6.27.4 | Evaluation p. 121
|
|
