5G Networks: Feasibility of Post-Quantum Authentication Against Insecure Bootstrapping Is Demonstrated

The increasing prevalence of 5G networks introduces vulnerabilities during the initial connection phase, leaving users susceptible to attacks from fraudulent base stations. Saleh Darzi, Mirza Masfiqur Rahman, and colleagues, including Imtiaz Karim, Rouzbeh Behnia, Attila A Yavuz, and Elisa Bertino, address this critical security gap by investigating the feasibility of incorporating post-quantum cryptography into 5G authentication protocols. Their research represents the first comprehensive network-level performance analysis of both established digital signatures and emerging post-quantum standards, revealing significant challenges with direct implementation due to protocol limitations and substantial signature sizes. To overcome these hurdles, the team proposes BORG, a novel authentication solution employing a hierarchical identity-based threshold signature scheme, offering a practical transitional pathway towards securing 5G networks against future quantum-based threats and establishing a distributed, resilient trust model.

This study involved a collaborative effort from researchers at several institutions. Saleh Darzi, a Ph. D. This work addresses a critical vulnerability in the initial bootstrapping phase of 5G networks. The study meticulously evaluated both direct PQC adoption and conventional methods, including threshold and identity-based schemes, to determine their feasibility within the constraints of 5G infrastructure. Experiments simulated realistic 5G network conditions and measured the performance impact of various authentication protocols, specifically focusing on the overhead introduced by certificate chains and signature sizes.

Scientists directly integrated NIST-PQC algorithms into 5G authentication protocols and measured their performance against established benchmarks. They specifically examined the impact on initial frame synchronization messages, such as System Information Block 1 (SIB1), which are limited to 372 bytes and transmitted periodically with delays up to 160 milliseconds. Recognizing the limitations of direct PQC adoption, the team engineered BORG, a transitional authentication solution based on a Hierarchical Identity-Based Threshold Signature scheme with a Fail-Stop property. BORG’s design incorporates post-mortem post-quantum forgery detection and distributed trust via threshold and compact signatures, specifically tailored to meet the stringent requirements of 5G networks.

Scientists implemented BORG and conducted detailed performance analysis, measuring signature generation and verification times, communication overhead, and computational resource utilization. This analysis revealed that BORG effectively mitigates the challenges associated with direct PQC integration, offering a viable pathway toward future quantum-resilient 5G authentication while maintaining acceptable performance levels. The study demonstrates the infeasibility of directly integrating NIST-PQC standards into 5G base station authentication due to protocol constraints and signature size limitations, positioning BORG as an effective transitional solution.

BORG Secures 5G Base Station Authentication

This work presents a comprehensive analysis of base station authentication within 5G networks, revealing critical vulnerabilities and delivering a novel solution for future security. Researchers identified a significant weakness in the initial bootstrapping phase of the 5G protocol, leaving it susceptible to attacks from compromised or rogue base stations. Direct implementation of NIST Post-Quantum Cryptography (PQC) standards, while promising for long-term security, proves impractical due to substantial communication overhead and resulting delays. Specifically, utilizing the ML-DSA PQC signature introduces a significant overhead, causing substantial end-to-end delays incompatible with the real-time demands of 5G communication.

To address these limitations, the team developed BORG, a transitional authentication framework based on a Hierarchical Identity-Based Threshold Signature scheme. BORG incorporates a “Fail-Stop” property, enabling post-mortem forgery detection and providing distributed trust through threshold signatures. This design allows for identification of malicious base stations even after a successful attack, a crucial advancement in network security. Extensive testing within a real 5G environment, using srsRAN, demonstrates BORG’s practical deployability and efficiency. Results show BORG achieves speeds up to three orders of magnitude faster and reduces communication overhead by a factor of 85 compared to direct implementation of NIST’s ML-DSA.

Compared to conventional Identity-Based Signature schemes, BORG maintains comparable runtime while simultaneously providing distributed authentication and post-mortem PQ forgery detection. The team has released the complete source code of BORG to facilitate reproducibility and further research, establishing a practical and efficient pathway towards quantum-resistant 5G authentication. This work delivers a significant breakthrough in securing 5G infrastructure against emerging quantum threats.

BORG, A 5G Base Station Authentication System

This research addresses a critical vulnerability in 5G networks, specifically the lack of robust authentication for base stations during initial connection establishment. The team demonstrates that current authentication methods, including those relying on standard digital signatures and emerging post-quantum cryptography (PQC) standards, present significant practical challenges for 5G implementation. Direct adoption of PQC is hindered by constraints within the 5G protocol and the large size of resulting signatures, while conventional methods suffer from inefficiencies due to certificate overhead. To overcome these limitations, the researchers developed BORG, a novel authentication solution based on a hierarchical identity-based threshold signature scheme.

BORG offers a transitional pathway towards quantum-resistant 5G security by providing compact signatures, distributed trust, and a fail-stop property that enables post-mortem forgery detection. Performance analysis confirms BORG’s feasibility within the stringent requirements of 5G networks, positioning it as an effective interim solution while full PQC integration matures. The authors acknowledge that BORG does not provide complete quantum security and does not address all potential threats, such as privacy concerns or physical-layer attacks. Future work will focus on extending the protection offered by BORG to mitigate overshadow attacks and broaden its security coverage within the 5G ecosystem. This research highlights the urgent need for rethinking security integration in mobile networks and provides a practical step towards achieving quantum-secure 5G authentication.