Privacy-preserving authentication for military 5G networks
- URL: http://arxiv.org/abs/2509.01470v1
- Date: Mon, 01 Sep 2025 13:38:11 GMT
- Title: Privacy-preserving authentication for military 5G networks
- Authors: I. D. Lutz, A. M. Hill, M. C. Valenti,
- Abstract summary: 5G networks gain traction in defense applications, ensuring the privacy and integrity of the Authentication and Key Agreement protocol is critical.<n>This paper provides a unified analysis of the standardized 5G AKA flow, identifying several vulnerabilities and highlighting how each exploits protocol behavior to compromise user privacy.<n>We present five lightweight mitigation strategies.<n>Among the solutions studied, those introducing a UE-generated nonce emerge as the most promising, effectively neutralizing the identified tracking and correlation attacks with negligible additional overhead.
- Score: 0.0
- License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
- Abstract: As 5G networks gain traction in defense applications, ensuring the privacy and integrity of the Authentication and Key Agreement (AKA) protocol is critical. While 5G AKA improves upon previous generations by concealing subscriber identities, it remains vulnerable to replay-based synchronization and linkability threats under realistic adversary models. This paper provides a unified analysis of the standardized 5G AKA flow, identifying several vulnerabilities and highlighting how each exploits protocol behavior to compromise user privacy. To address these risks, we present five lightweight mitigation strategies. We demonstrate through prototype implementation and testing that these enhancements strengthen resilience against linkability attacks with minimal computational and signaling overhead. Among the solutions studied, those introducing a UE-generated nonce emerge as the most promising, effectively neutralizing the identified tracking and correlation attacks with negligible additional overhead. Integrating this extension as an optional feature to the standard 5G AKA protocol offers a backward-compatible, low-overhead path toward a more privacy-preserving authentication framework for both commercial and military 5G deployments.
Related papers
- Bit-Flipping Attack Exploration and Countermeasure in 5G Network [3.0524801814543]
We investigate the vulnerability of 5G systems to bit-flipping attacks, which is an integrity attack where an adversary intercepts 5G network traffic and modifies specific fields of an encrypted message without decryption, thus mutating the message while remaining valid to the receiver.<n>We propose a keystream-based shuffling defense mechanism to mitigate the effect of such attacks by raising the difficulty of manipulating specific encrypted fields, while introducing no additional communication overhead compared to the NAS Integrity Algorithm (NIA) in 5G.
arXiv Detail & Related papers (2025-11-06T23:51:28Z) - Active Attack Resilience in 5G: A New Take on Authentication and Key Agreement [13.49434164633215]
5G-AKA protocol is central to authentication in current 5G deployments.<n>5G-AKA has known limitations in both security and performance.<n>This paper proposes an enhanced authentication protocol that builds on 5G-AKA's design while addressing its shortcomings.
arXiv Detail & Related papers (2025-07-23T13:18:44Z) - Standing Firm in 5G: A Single-Round, Dropout-Resilient Secure Aggregation for Federated Learning [19.014890294716043]
Federated learning (FL) is well-suited to 5G networks, where many mobile devices generate sensitive edge data.<n>Secure aggregation protocols enhance privacy in FL by ensuring that individual user updates reveal no information about the underlying client data.<n>We propose a lightweight, single-round secure aggregation protocol designed for 5G environments.
arXiv Detail & Related papers (2025-05-11T23:37:07Z) - 5G-AKA-HPQC: Hybrid Post-Quantum Cryptography Protocol for Quantum-Resilient 5G Primary Authentication with Forward Secrecy [2.154734752825087]
5G authentication is vulnerable to linkability attacks and quantum computing threats.<n>We propose 5G AKA HPQC, a protocol maintaining compatibility with existing standards while enhancing security.<n>This research provides key insights into quantum-safe authentication, contributing to future standardization of secure mobile authentication protocols.
arXiv Detail & Related papers (2025-02-05T03:05:45Z) - ACRIC: Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
Recent security incidents in safety-critical industries exposed how the lack of proper message authentication enables attackers to inject malicious commands or alter system behavior.<n>These shortcomings have prompted new regulations that emphasize the pressing need to strengthen cybersecurity.<n>We introduce ACRIC, a message authentication solution to secure legacy industrial communications.
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - UniHand: Privacy-preserving Universal Handover for Small-Cell Networks in 5G-enabled Mobile Communication with KCI Resilience [7.816521719452984]
Introducing Small Cell Networks (SCN) has significantly improved wireless link quality, spectrum efficiency and network capacity.
This work proposes a secure privacy-preserving universal HO scheme ($UniHand$) for SCNs in 5G mobile communication.
arXiv Detail & Related papers (2024-03-12T16:56:31Z) - A Zero Trust Framework for Realization and Defense Against Generative AI
Attacks in Power Grid [62.91192307098067]
This paper proposes a novel zero trust framework for a power grid supply chain (PGSC)
It facilitates early detection of potential GenAI-driven attack vectors, assessment of tail risk-based stability measures, and mitigation of such threats.
Experimental results show that the proposed zero trust framework achieves an accuracy of 95.7% on attack vector generation, a risk measure of 9.61% for a 95% stable PGSC, and a 99% confidence in defense against GenAI-driven attack.
arXiv Detail & Related papers (2024-03-11T02:47:21Z) - Penetration Testing of 5G Core Network Web Technologies [53.89039878885825]
We present the first security assessment of the 5G core from a web security perspective.
We use the STRIDE threat modeling approach to define a complete list of possible threat vectors and associated attacks.
Our analysis shows that all these cores are vulnerable to at least two of our identified attack vectors.
arXiv Detail & Related papers (2024-03-04T09:27:11Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - AdaptGuard: Defending Against Universal Attacks for Model Adaptation [129.2012687550069]
We study the vulnerability to universal attacks transferred from the source domain during model adaptation algorithms.
We propose a model preprocessing framework, named AdaptGuard, to improve the security of model adaptation algorithms.
arXiv Detail & Related papers (2023-03-19T07:53:31Z) - Is Vertical Logistic Regression Privacy-Preserving? A Comprehensive
Privacy Analysis and Beyond [57.10914865054868]
We consider vertical logistic regression (VLR) trained with mini-batch descent gradient.
We provide a comprehensive and rigorous privacy analysis of VLR in a class of open-source Federated Learning frameworks.
arXiv Detail & Related papers (2022-07-19T05:47:30Z) - A Self-supervised Approach for Adversarial Robustness [105.88250594033053]
Adversarial examples can cause catastrophic mistakes in Deep Neural Network (DNNs) based vision systems.
This paper proposes a self-supervised adversarial training mechanism in the input space.
It provides significant robustness against the textbfunseen adversarial attacks.
arXiv Detail & Related papers (2020-06-08T20:42:39Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.