A Lightweight Post-Quantum Authentication Framework for 5G Base Station Bootstrapping

📅 2026-06-29
📈 Citations: 0
Influential: 0
📄 PDF
🤖 AI Summary
This work addresses the vulnerability of 5G System Information Block (SIB) broadcasts to spoofing, man-in-the-middle attacks, and false alerts due to the absence of an authentication mechanism, a challenge exacerbated by the difficulty of achieving both lightweight design and post-quantum security in existing solutions. To overcome this, the paper proposes EMULSION, a novel framework that uniquely integrates inherent 5G features—such as fixed SIB transmission windows, millisecond-level time synchronization, and eSIM/USIM-based key management—with the efficiency of symmetric cryptography. EMULSION enables single-packet, certificate-free, and publicly verifiable authentication for all SIBs (SIB1–SIB21) through an HMAC chain anchored by a one-time MAYO post-quantum signature. Real-world 5G over-the-air evaluations demonstrate that EMULSION reduces latency by 33× and 12×, and communication overhead by 31× and 5.4×, compared to ML-DSA and FN-DSA, respectively.
📝 Abstract
The absence of authenticated bootstrapping between User Equipments (UEs) and Base Stations (BSs) in 5G leaves System Information Block (SIB) broadcasts unprotected, enabling fake BS attacks, man-in-the-middle interception, and spoofed emergency alerts. Prior efforts such as Public Key Infrastructure (PKI)-based certificate chains, token-based schemes, and identity-based signatures either impose overhead exceeding 5G's strict packet-size constraints or lack post-quantum (PQ) security. Direct NIST-PQC integration is infeasible: ML-DSA requires 34 fragmented SIB1 packets and up to 5,282,ms end-to-end delay, and FN-DSA still requires 13 fragments and up to 1,920,ms. We propose $\emulsion$, a symmetric chained publicly verifiable authentication framework for 5G/6G BS broadcast authentication. EMULSION is the first framework to exploit native 5G architectural features: fixed SIB transmission windows, millisecond-level time synchronization, and eSIM/USIM credential management to achieve genuine PQ security at symmetric-key efficiency. It uses a TESLA-style HMAC chain anchored by a compact PQ signature (MAYO) applied once per epoch, fitting authentication within a single packet with no fragmentation and eliminating certificate transmission entirely. Unlike all prior schemes, EMULSION protects the full SIB family (SIB1-SIB21). Evaluated on a real over-the-air 5G testbed, EMULSION achieves 33x lower end-to-end delay and 31x less communication overhead than ML-DSA, and 12x lower delay and 5.4x less overhead than FN-DSA. We formally prove the security of EMULSION and open-source its implementation for public testing and adaptation.
Problem

Research questions and friction points this paper is trying to address.

5G bootstrapping
post-quantum authentication
System Information Block
fake base station attacks
PQ security
Innovation

Methods, ideas, or system contributions that make the work stand out.

post-quantum authentication
5G bootstrapping
lightweight cryptography
SIB broadcast security
symmetric-key efficiency
🔎 Similar Papers
No similar papers found.