SCC5G: A PQC-based Architecture for Highly Secure Critical Communication over Cellular Network in Zero-Trust Environment

TL;DR

This paper introduces SCC5G, a post-quantum cryptography-based architecture designed to enable highly secure, zero-trust critical communications over 5G networks, utilizing hardware roots of trust for authentication.

Contribution

It proposes a novel PQC-based security architecture with embedded hardware roots of trust for zero-trust 5G critical communications, addressing trust issues in existing networks.

Findings

Scalability demonstrated through simulation

Minimal traffic overhead of a few kilobytes

Latency increase of approximately 0.1 seconds

Abstract

5G made a significant jump in cellular network security by offering enhanced subscriber identity protection and a user-network mutual authentication implementation. However, it still does not fully follow the zero-trust (ZT) requirements, as users need to trust the network, 5G network is not necessarily authenticated in each communication instance, and there is no mutual authentication between end users. When critical communications need to use commercial networks, but the environment is ZT, specific security architecture is needed to provide security services that do not rely on any 5G network trusted authority. In this paper, we propose SCC5G Secure Critical-mission Communication over a 5G network in ZT setting. SCC5G is a post-quantum cryptography (PQC) security solution that loads an embedded hardware root of authentication (HRA), such as physically unclonable functions (PUF), into the users' devices, to achieve tamper-resistant and unclonability features for authentication and key agreement. We evaluate the performance of the proposed architecture through an exhaustive simulation of a 5G network in an ns-3 network simulator. Results verify the scalability and efficiency of SCC5G by showing that it poses only a few kilobytes of traffic overhead and adds only an order of $O(0.1)$ second of latency under the normal traffic load.