Security for 4G and 5G Cellular Networks: A Survey of Existing Authentication and Privacy-preserving Schemes (1708.04027v1)

Abstract: This paper presents a comprehensive survey of existing authentication and privacy-preserving schemes for 4G and 5G cellular networks. We start by providing an overview of existing surveys that deal with 4G and 5G communications, applications, standardization, and security. Then, we give a classification of threat models in 4G and 5G cellular networks in four categories, including, attacks against privacy, attacks against integrity, attacks against availability, and attacks against authentication. We also provide a classification of countermeasures into three types of categories, including, cryptography methods, humans factors, and intrusion detection methods. The countermeasures and informal and formal security analysis techniques used by the authentication and privacy preserving schemes are summarized in form of tables. Based on the categorization of the authentication and privacy models, we classify these schemes in seven types, including, handover authentication with privacy, mutual authentication with privacy, RFID authentication with privacy, deniable authentication with privacy, authentication with mutual anonymity, authentication and key agreement with privacy, and three-factor authentication with privacy. In addition, we provide a taxonomy and comparison of authentication and privacy-preserving schemes for 4G and 5G cellular networks in form of tables. Based on the current survey, several recommendations for further research are discussed at the end of this paper.

• The paper conducts a comprehensive survey of authentication and privacy-preserving schemes in 4G/5G networks, classifying threat models to inform effective countermeasures.
• It systematically reviews cryptographic methods and intrusion detection systems, highlighting techniques like public-key infrastructures and AI-based anomaly detection.
• It identifies open research directions for advanced security, emphasizing fog-based architectures, SDN/NFV frameworks, and integration with emerging UAV technologies.

A Survey of Authentication and Privacy-Preserving Schemes for 4G and 5G Cellular Networks

The reviewed paper offers a comprehensive survey of authentication and privacy-preserving schemes within the context of 4G and 5G cellular networks. The authors present a critical evaluation of existing methodologies, classify various threat models, and systematically catalog countermeasures deployed in securing these technological frameworks.

Classification of Threat Models

The survey effectively categorizes threat models faced by the 4G and 5G environments into four primary groups: attacks against privacy, integrity, availability, and authentication. This classification allows for a nuanced understanding of vulnerabilities specific to mobile and wireless communication networks. Attacks against privacy include the likes of Man-In-The-Middle (MITM) and replay attacks, which are significant concerns in maintaining user anonymity and data confidentiality.

Countermeasures and Security Techniques

A well-defined framework of mitigation strategies is explored, which spans cryptographic methods, human factor-based strategies, and intrusion detection systems (IDS). Among cryptographic measures, public-key infrastructures, secure hash functions, and message authentication codes are frequently employed. Human factor strategies integrate protocols such as biometrics and smart cards with traditional password systems to reinforce authentication layers.

The literature on intrusion detection is particularly noteworthy, highlighting adaptive systems capable of identifying patterns indicative of unauthorized use, which could have implications in future AI-driven unaided detection systems. These mitigations are essential for maintaining the integrity and availability of services within IP-based cellular frameworks.

Security Analysis Techniques

The paper reviews several informal and formal security analysis techniques employed for verifying the robustness of cryptographic protocols. Techniques such as the AVISPA tool and ProVerif are highlighted for their applicability in formal verification contexts, offering a structured approach to assessing security assurances in network communication protocols.

Authentication and Privacy Models

In its assessment of authentication practices, the paper classifies these into seven distinct categories, ranging from handover authentication with privacy to multifactor authentication protocols. This segmentation offers an organized view of how these models are operationalized in varied network contexts.

Implications for Future Research

Considering the rapid evolution towards 5G and beyond, the paper advocates for enhancements in privacy and security frameworks that align with the unique challenges of these networks. This entails a consideration for Open Research Directions such as fog paradigm-based radio access networks, SDN/NFV-based architecture, and newly emerged contexts like UAV systems within 5G environments.

Conclusion and Reflection

The paper not only details the strengths of existing security measures but also emphasizes the need for ongoing innovation and adaptive strategies to address emerging vulnerabilities within cellular networks. The implications for future branding in 5G technologies are profound, requiring ongoing dialogue between academic inquiry and practical deployments in commercial environments. Future developments in these networks should focus on safeguarding not only against current threats but also proactively anticipating innovative threat models that could emerge with increased connectivity and network densification.