What could be likely future developments in LTE security
and beyond. This article covers studies
and research activities that may have an impact on the security of LTE and
potential successor systems in the longer run. On average a new kind of
cellular system and associated radio interface have been created approximately
once every ten years. Based on this pattern it would be tempting to predict
that another major redesign would happen around the year 2020. If we assume
that 3GPP creates a new release of specifications every 18 months, then that
would imply that Release 16 might, once again, contain specifications for a
completely new system.
The 3GPP security features are usually
specified in such a manner that they are future-proof at least to some extent,
so there is a good chance they could be applied somewhat more widely than just
to those particular features they are originally intended for. On the other
hand, new features in mobile systems are typically intended to enable some new
use cases. Then it tends to be so that, together with new use cases, new ways
to misuse the system appear as well. Therefore, it is a safe bet to predict
that each new release will also involve extensions to security specifications.
Key lengths of cryptographic algorithms are
an area where speculative predictions and educated guesses are common. EPS has
been prepared for introducing 256-bit keys in all security mechanisms.
According to some estimates, the generic cryptographic strength provided by
128-bit keys will be adequate until around the year 2030. If we assume that LTE
is going to be in use as long as GSM (i.e. definitely more than 20 years), this
extension capability will be needed at some point but probably not very soon.
Cryptographic algorithms themselves
constitute another area where advances may be needed. Algorithms sometimes get
broken and it is relatively easy to introduce new algorithms into the EPS
system. Hence, it is likely that, during the lifetime of LTE, new algorithms
will be introduced even before the longer keys are needed.
One
constant source of speculation around cryptography is the potential effect of
quantum computing. For secret key cryptography the effect of quantum computing
would not be as drastic as for some of the most popular public-key algorithms.
It has been estimated that 256-bit keys would provide protection also against
attacks by quantum computing into the ‘foreseeable future’.
Privacy has been a rising trend for several
years, emphasized by huge amounts of data that is cumulatively collected in the
Internet. Lots of this data is about ordinary people; a big part is even
contributed by the people themselves via social networks and user-generated
content. Mobile systems necessarily need to have lots of data about their
users; the systems cannot operate unless whereabouts of the terminals are
known. A certain amount of user-related data is also logged because of lawful
interception. Mobile systems constitute a good platform for location-based
services and other context-aware services. For these reasons, it is probable
that some mechanisms to enhance protection of user data and other personally
identifiable information would be introduced into mobile systems and these may
have an effect also on LTE and EPS.
One area of privacy that vulnerable to active
attacks is identity confidentiality. The current protection mechanism by
temporary identities is vulnerable to active attacks. Protection against these
would probably require introduction of public key technology into the access
security. The cost of such mechanisms has so far prohibited their introduction
but it is conceivable that during the lifetime of LTE the situation may change,
partly due to new privacy requirements and partly due to increased processing
power that makes it faster to carry out complex public-key operations.
Another factor on location and identity
privacy is the fact that modern terminals support many different radio
technologies, most of which are not defined by 3GPP. This implies that
protection mechanisms that are applied to only a subset of these technologies
have only a limited effect on identity privacy; users may still be tracked
based on those technologies hat do not have a good protection. Issues like this
emphasize the need for further work on interworking with non-3GPP networks.
Another line of study is cognitive radio. The
leading idea in it is to optimize the use of radio frequencies and technologies
dynamically and locally. The terminal senses its radio surroundings and uses
the radio technology that is most suitable for both the environment and the
current communication task. From a security point of view this raises some new
challenges. Although all possible radio technologies have their own protection
mechanisms, combining them in this dynamic manner is not a trivial task.
Convergence of Internet technologies and
mobile communication technologies drives to a direction where a full-blown
redesign of the cellular system is not anymore needed, at least not
independently of the Internet. The future Internet would certainly contain
mobility built in as a core property. One consequence could be that differences
between the roles of mobile network operators and Internet service providers
become more blurred. There are also potential efficiency gains around Cloud
Computing; many tasks on the network side could be carried out wherever it is
optimal to do so. Therefore, the functional split inside the network would
become much more dynamic than is the case today. This kind of evolution
provides also challenges to security, since more and more legacy security
features have to be supported in a single system simultaneously. We have also a
more heterogeneous set of terminals in the system, provisioned with many
different kinds of credentials.
Some of the large-scale security issues with
the Internet, such as distributedDoS attacks, botnets and spam, stem from the
fact that sending data is easy and cheap while it is more costly to process the
data on the receiving end. One possible architectural solution to the problem
of unwanted traffic that plagues the Internet is to align more to the
‘publish-and-subscribe’ paradigm instead of the ‘send-and-receive’ paradigm. It
is probably not an overstatement to claim that security and privacy issues will
have a major impact on the shape of the future Internet.
We will certainly have an extremely
heterogeneous terminal base when the vision of practically everything being
connected to everything via the Internet comes about [ITU 2005]. This kind of
system obviously provides lots of possibilities for attacks also. New security
and privacy mechanisms will certainly be needed on the way. Still another
avenue stems from the fact that many communication needs are local and there is
no need to be connected to the other side of the world. The wide-area coverage
and connectivity to the Internet could be complemented by various ad-hoc types
of network, such as for car-to-car communication or for communication needs at
mass events. There are lots of security challenges in such settings; one
possibility to solve them is to use the security features provided by wide-area
mobile systems and extend them to the ad-hoc networks, but this may not be
feasible in many cases owing to the lack of a centralized infrastructure.
Above is a list of several different avenues
that the evolution of EPS networks could take. What is common to all these
directions is that the concepts of security, trust and privacy have major roles
to play. To be able to continue the success stories of mobile networks and
communications, continuous evolution of the security concepts is a necessary
requirement. Properties like flexibility, agility and usability provide key
ingredients on the way towards this goal.
