TESLA-for-5G: Broadcast Authentication for 5G Networks Using TESLA

📅 2026-06-24
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the vulnerability of 5G user equipment to rogue base station attacks during cell selection, where unauthenticated system information is received and existing digital signature schemes impose prohibitive computational overhead on resource-constrained devices. To overcome this challenge, the authors propose TF5, the first protocol adapting the TESLA mechanism to the 5G system information broadcast context. TF5 integrates a GG09-style Schnorr identity-based signature with symmetric MACs, establishing initial trust via lightweight identity-based signatures during initial access and enabling efficient broadcast authentication in steady state through delayed key disclosure. The design eliminates certificate distribution costs and avoids per-message signature verification. Formal security analysis using Tamarin confirms its robustness, and trace-driven experiments on the OpenAirInterface 5G platform demonstrate that TF5 significantly outperforms existing approaches in computational, communication, and storage overhead.
📝 Abstract
5G base stations broadcast unauthenticated system information (SI) that every user equipment (UE) reads during cell selection. This enables attackers to broadcast forged SI from a fake base station (FBS), deceiving UEs into camping on it. Prior approaches require UEs to authenticate System Information Block 1 (SIB1) using digital signatures. This necessitates computation-heavy verification for every SIB1 reception, imposing a significant burden on resource-constrained UEs. We propose TESLA-for-5G (TF5), a broadcast authentication protocol for 5G SIB1 that combines TESLA with GG09 Schnorr-like identity-based signatures (IBS). In the steady state, TF5 enables UEs to authenticate each SIB1 message using a symmetric MAC and delayed key disclosure, eliminating the need for per-message digital signatures. Initial trust is bootstrapped during cell entry using a lightweight GG09 IBS over the TESLA parameters, avoiding certificate distribution overhead. We formally verify TF5 in Tamarin under a Dolev-Yao adversary and demonstrate its favorable computation, communication, and storage costs through both an implementation on the OpenAirInterface 5G stack and trace-driven analysis.
Problem

Research questions and friction points this paper is trying to address.

broadcast authentication
5G networks
system information
fake base station
user equipment
Innovation

Methods, ideas, or system contributions that make the work stand out.

TESLA
identity-based signature
broadcast authentication
5G security
lightweight cryptography
🔎 Similar Papers
No similar papers found.