On Evaluating Delegated Digital Signing of Broadcasting Messages in 5G

In 5G networks, base stations, namely gNBs (5G NodeB, as per 3GPP nomenclature) periodically broadcast the system information messages including network identifiers to facilitate User Equipment (UE) to connect to the network. As in prior generations, the system information messages in 5G are transmitted in clear text without any security protection. Therefore, an adversary could spoof a legitimate gNB to become a man-on-the-side (MOTS) or man-in-the-middle (MITM) attacker. This vulnerability is being studied by 3GPP and a number of solutions have been proposed in the Technical Report (TR 33.809), including a promising solution namely Digital Signing Network Function (DSnF). In this paper, we provided an evaluation of DSnF, including the practicality of its assumption, feasibility of its certificate transmission within the system information message, and quantitative analysis of its performance. Our evaluation results show that DSnF is practical in general. Initial results from this paper have been provided to 3GPP and incorporated into TR 33.809.