IEEE Access (Jan 2021)
A Formally Verified Security Scheme for Inter-gNB-DU Handover in 5G Vehicle-to-Everything
Abstract
Cellular technology has evolved over the decades for mobile network operators to accommodate the ever-growing demands of services for connecting Vehicle-to-Everything (V2X). The 5G infrastructure facilitates V2X communications, where a small-cell base station operating at ultra-high radio frequency with limited coverage becomes pervasive. These small-cell base stations in 5G-V2X must be strategically deployed near the consumers to realize several use cases. More recently, the architectural split solutions in Next Generation Radio Access Network (NG-RAN) are introduced, in which the gNB is divided into the distributed unit (gNB-DU) and control unit (gNB-CU). This functional split intends to improve scalability, performance, and network orchestration optimization. In this case, frequent user equipment (UE) handover between gNB-DUs is inevitable. However, the current 5G standard did not consider securing the path between these two entities. Hence, the NG-RAN could likely experience various security threats if the current handover procedure standard is employed without changes. Consequently, this paper introduces potential threats like resource depletion at NG-RAN caused by the useless execution of resource-demanding procedures to complete the transfer of attachment of UE to target gNB-DU. Another is UE being denied from accessing services caused by unsuccessful uplink and downlink synchronization during random access procedure execution, requiring establishing security and mutual authentication between the entities. Motivated by this, we proposed a security protocol composed of two phases, namely initial and handover. While the former phase assists in mutual authentication and key agreement between UE and serving gNB-DU, the latter secures UE’s mobility in inter-gNB-DU handover. This protocol aims to preserve the existing quality of service and support essential security requirements, including confidentiality, integrity, mutual authentication, secure key exchange, and perfect forward secrecy. The security requirements are formally verified using BAN logic and Scyther, and the proposed protocol demonstrated lower handover latency than EAP-AKA’, AKA, EAP-TLS, and EAP-IKEv2.
Keywords