More Web Proxy on the site http://driver.im/

research-article

Secure Open Fronthaul Interface for 5G Networks

Authors:

Andrew SergeevAuthors Info & Claims

ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security

Article No.: 107, Pages 1 - 6

https://doi.org/10.1145/3465481.3470080

Published: 17 August 2021 Publication History

Abstract

The open fronthaul interface is a standard protocol for a link between the radio units and the distributed unit in RAN, enabling different vendors interoperable. We study the security requirements of the open fronthaul interface for 5G networks. The O-RAN management plane (M-plane) mandates an end-to-end security using SSHv2, whereas the O-RAN control and user plane (CU-plane) do not support any security measure yet. We investigate MACsec for the CU-plane security, which is recommended as one of security options in the eCPRI specification. Furthermore, we implemented quantum-safe crypto solutions using a hybrid mode key exchange and signature schemes, which can be applied for the post-quantum SSH and MACsec protocols.

References

[1]

G. Alagic, J. Alperin-Sheriff, D. Apon, D. Cooper, Q. Dang, Y. Liu, C. Miller, D. Moody, R. Peralta, R. Perlner, A. Robinson, and D. Smith-Tone. 2020. Status Report on the Second Round of the NIST Post-Quantum Cryptography Standardization Process. (July 2020).

[2]

Altiostar. 2021. Security in Open RAN, white paper. https://www.altiostar.com/white-paper-security-in-open-ran/.

[3]

J. Cho and A. Sergeev. 2021. Post-quantum MACsec in Ethernet Networks. J. Cyber Secur. Mobil. 10, 1 (2021), 161–176.

[4]

J. Cho, A. Sergeev, and J. Zou. 2019. Securing Ethernet-Based Optical Fronthaul for 5G Network(ARES ’19). 6 pages.

[5]

D. Cooper, D. Apon, Q. Dang, M. Davidson, M. Dworkin, and C. Miller. 2019. Recommendation for Stateful Hash-Based Signature Schemes. Draft NIST Special Publication 800-208. NIST.SP.800-208-draft.pdf.

[6]

CPRI. 2018. Common Public Radio Interface eCPRI Interface Specification. V1.2.

[7]

L. Grover. 1996. A fast quantum mechanical algorithm for database search. In Proceedings of the Twenty-Eighth Annual Symposium on the Theory of Computin. 212–219.

Digital Library

[8]

T. Hansen, M. Campagna, and E. Crockett. 2018. PRE-DRAFT: Hybrid Key Exchange Integration in the Secure Shell Transport Layer. https://github.com/open-quantum-safe/openssh/blob/OQS-master/ietf_pre_draft_sike_bike_hybrid_kex.txt.

[9]

A. Huelsing, D. Butin, S. Gazdag, J. Rijneveld, and A. Mohaisen. 2018. XMSS: Extended Hash-Based Signatures. Internet-Draftdraft-irtf-cfrg-xmss-hash-based-signatures-12. Internet Engineering Task Force. https://datatracker.org/doc/html/draft-irtf-cfrg-xmss-hash-based-signatures-12 Work in Progress.

[10]

IEEE. 2010. Local and metropolitan area networks–Port-Based Network Access Control. IEEE Std 802.1X-2010 (Revision of IE EE Std 802.1X-2004) (Feb 2010), 1–205.

[11]

IEEE. 2018. IEEE Standard for Local and Metropolitan Area Network–Bridges and Bridged Networks. IEEE Std 802.1Q-2018 (Revision of IEEE Std 802.1Q-2014) (July 2018), 1–1993.

[12]

IETF. 2006. RFC 4253, The Secure Shell (SSH) Transport Layer Protocol. https://datatracker.ietf.org/doc/html/rfc4253.

[13]

IETF. 2009. RFC 5656, Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer. https://datatracker.ietf.org/doc/html/rfc5656.

[14]

IETF. 2011. RFC 6242, Using the NETCONF Protocol over Secure Shell (SSH). https://datatracker.ietf.org/doc/html/rfc6242.

[15]

Y. Liu and W. Li. 2015. VXLAN Security Option. https://tools.ietf.org/html/draft-liu-nvo3-vxlan-security-option-01.

[16]

D. McGrew, M. Curcio, and S. Fluhrer. 2019. Leighton-Micali Hash-Based Signatures. RFC 8554. https://rfc-editor.org/rfc/rfc8554.txt

[17]

ngmn. 2020. NGMN Liaison Statement on Security consideration of Low Layer Split in O-RAN.

[18]

O-RAN. 2020. O-RAN.WG1.O-RAN-Architecture-Description-v03.00: O-RAN Fronthaul Working Group O-RAN Architecture Description, Release 03.00.

[19]

O-RAN. 2020. O-RAN.WG4.CUS.0-v05.00: O-RAN Fronthaul Working Group Control, User and Synchronization Plane Specification, Release 05.00.

[20]

O-RAN. 2020. O-RAN.WG4.MP.0-v05.00: O-RAN Fronthaul Working Group Management Plane Specification, Release 05.00.

[21]

Open Quantum Safe project team. Accessed in May 2021. OQS-OpenSSH. https://github.com/open-quantum-safe/openssh.

[22]

P. W. Shor. 1994. Algorithms for quantum computation: discrete logarithms and factoring. 35th annual IEEE symposium on the foundations of computer science.

Cited By

Azariah WBimo FLin CCheng RNikaein NJana R(2024)A Survey on Open Radio Access Networks: Challenges, Research Directions, and Open Source ApproachesSensors10.3390/s2403103824:3(1038)Online publication date: 5-Feb-2024
https://doi.org/10.3390/s24031038
Groen JD'Oro SDemir UBonati LVilla DPolese MMelodia TChowdhury K(2024)Securing O-RAN Open InterfacesIEEE Transactions on Mobile Computing10.1109/TMC.2024.339343023:12(11265-11277)Online publication date: Dec-2024
https://doi.org/10.1109/TMC.2024.3393430
Feliana FHung TChen BCheng R(2024)Evaluation of Control/User-Plane Denial-of-Service (DoS) Attack on O-RAN Fronthaul InterfaceIEEE INFOCOM 2024 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)10.1109/INFOCOMWKSHPS61880.2024.10620824(01-06)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOMWKSHPS61880.2024.10620824
Show More Cited By

Index Terms

Secure Open Fronthaul Interface for 5G Networks
1. Networks
2. Security and privacy
  1. Network security
    1. Security protocols

Index terms have been assigned to the content through auto-classification.

Recommendations

Securing Ethernet-based Optical Fronthaul for 5G Network
ARES '19: Proceedings of the 14th International Conference on Availability, Reliability and Security

In 5G networks, an optical fronthaul transports massive user data from remote radio heads (RRH) to the core network (CO) with high throughput and low latency. eCPRI is a new standard interface for the Ethernet-based optical fronthaul network to enhance ...
Delegation of signing rights for emerging 5G networks

5G mobile networks are promising to offer mobile users unrivaled experiences with infinite networking capability at any period and from anywhere. However, it appears unnecessary and impractical for the customers and servers to be connected permanently ...
Strongly secure certificateless short signatures

Highlights We introduce a new efficient and secure short certificateless signature scheme. It is strongly unforgeable. The security is based on the CDH assumption. The proposed scheme is provably secure against a relatively stronger adversary. Short ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

ARES '21: Proceedings of the 16th International Conference on Availability, Reliability and Security

August 2021

1447 pages

ISBN:9781450390514

DOI:10.1145/3465481

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 17 August 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tag

O-RAN Fronthaul MACsec post-quantum cryptography 5G

Qualifiers

Research-article
Research
Refereed limited

Funding Sources

Conference

ARES 2021

ARES 2021: The 16th International Conference on Availability, Reliability and Security

August 17 - 20, 2021

Vienna, Austria

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
468
Total Downloads

Downloads (Last 12 months)111
Downloads (Last 6 weeks)15

Reflects downloads up to 03 Jan 2025

Other Metrics

View Author Metrics

Citations

Cited By

Azariah WBimo FLin CCheng RNikaein NJana R(2024)A Survey on Open Radio Access Networks: Challenges, Research Directions, and Open Source ApproachesSensors10.3390/s2403103824:3(1038)Online publication date: 5-Feb-2024
https://doi.org/10.3390/s24031038
Groen JD'Oro SDemir UBonati LVilla DPolese MMelodia TChowdhury K(2024)Securing O-RAN Open InterfacesIEEE Transactions on Mobile Computing10.1109/TMC.2024.339343023:12(11265-11277)Online publication date: Dec-2024
https://doi.org/10.1109/TMC.2024.3393430
Feliana FHung TChen BCheng R(2024)Evaluation of Control/User-Plane Denial-of-Service (DoS) Attack on O-RAN Fronthaul InterfaceIEEE INFOCOM 2024 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)10.1109/INFOCOMWKSHPS61880.2024.10620824(01-06)Online publication date: 20-May-2024
https://doi.org/10.1109/INFOCOMWKSHPS61880.2024.10620824
Atalay TMaitra SStojadinovic DStavrou AWang H(2023)Securing 5G OpenRAN with a Scalable Authorization Framework for xAppsIEEE INFOCOM 2023 - IEEE Conference on Computer Communications10.1109/INFOCOM53939.2023.10228961(1-10)Online publication date: 17-May-2023
https://doi.org/10.1109/INFOCOM53939.2023.10228961
Dik DBerger M(2023)Open-RAN Fronthaul Transport Security Architecture and ImplementationIEEE Access10.1109/ACCESS.2023.327448711(46185-46203)Online publication date: 2023
https://doi.org/10.1109/ACCESS.2023.3274487
Zaman KMowla M(2021)A Millimeter Wave Fronthauling Solution for Open RAN Paradigm in 5G and Beyond Networks2021 IEEE International Conference on Telecommunications and Photonics (ICTP)10.1109/ICTP53732.2021.9744147(1-5)Online publication date: 22-Dec-2021
https://doi.org/10.1109/ICTP53732.2021.9744147

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Media

Figures

Other

Tables

View Table of Contents