Search papers, labs, and topics across Lattice.
This paper introduces TESLA-for-5G (TF5), a novel broadcast authentication protocol designed to secure System Information Block 1 (SIB1) in 5G networks against forged broadcasts from fake base stations. By leveraging a combination of TESLA and GG09 Schnorr-like identity-based signatures, TF5 allows user equipment (UE) to authenticate SIB1 messages with a symmetric MAC and delayed key disclosure, significantly reducing the computational burden on resource-constrained devices. The protocol is formally verified and shown to have advantageous computation, communication, and storage costs compared to traditional methods requiring digital signatures for each message.
TF5 slashes the computational load on 5G devices by enabling efficient SIB1 authentication without the overhead of per-message digital signatures.
5G base stations broadcast unauthenticated system information (SI) that every user equipment (UE) reads during cell selection. This enables attackers to broadcast forged SI from a fake base station (FBS), deceiving UEs into camping on it. Prior approaches require UEs to authenticate System Information Block 1 (SIB1) using digital signatures. This necessitates computation-heavy verification for every SIB1 reception, imposing a significant burden on resource-constrained UEs. We propose TESLA-for-5G (TF5), a broadcast authentication protocol for 5G SIB1 that combines TESLA with GG09 Schnorr-like identity-based signatures (IBS). In the steady state, TF5 enables UEs to authenticate each SIB1 message using a symmetric MAC and delayed key disclosure, eliminating the need for per-message digital signatures. Initial trust is bootstrapped during cell entry using a lightweight GG09 IBS over the TESLA parameters, avoiding certificate distribution overhead. We formally verify TF5 in Tamarin under a Dolev-Yao adversary and demonstrate its favorable computation, communication, and storage costs through both an implementation on the OpenAirInterface 5G stack and trace-driven analysis.