English

Securing 5G Bootstrapping: A Two-Layer IBS Authentication Protocol

Cryptography and Security 2025-02-10 v1 Networking and Internet Architecture

Abstract

The lack of authentication during the initial bootstrapping phase between cellular devices and base stations allows attackers to deploy fake base stations and send malicious messages to the devices. These attacks have been a long-existing problem in cellular networks, enabling adversaries to launch denial-of-service (DoS), information leakage, and location-tracking attacks. While some defense mechanisms are introduced in 5G, (e.g., encrypting user identifiers to mitigate IMSI catchers), the initial communication between devices and base stations remains unauthenticated, leaving a critical security gap. To address this, we propose E2IBS, a novel and efficient two-layer identity-based signature scheme designed for seamless integration with existing cellular protocols. We implement E2IBS on an open-source 5G stack and conduct a comprehensive performance evaluation against alternative solutions. Compared to the state-of-the-art Schnorr-HIBS, E2IBS reduces attack surfaces, enables fine-grained lawful interception, and achieves 2x speed in verification, making it a practical solution for securing 5G base station authentication.

Keywords

Cite

@article{arxiv.2502.04915,
  title  = {Securing 5G Bootstrapping: A Two-Layer IBS Authentication Protocol},
  author = {Yilu Dong and Rouzbeh Behnia and Attila A. Yavuz and Syed Rafiul Hussain},
  journal= {arXiv preprint arXiv:2502.04915},
  year   = {2025}
}

Comments

13 pages, 4 figures, 3 tables. This work has been submitted to the IEEE for possible publication

R2 v1 2026-06-28T21:36:06.096Z