Posts
Mobile network security has come a long way in the decades since cryptography was first introduced into the GSM standard by John Preuβ Mattsson, Senior Specialist, security, Pinar Comak, Experienced Researcher, Security and Ferhat Karakoç, Senior Researcher Security.
 |
| Photo: Ericsson |
We take an in-depth look back over the algorithms and protocols that brought us this far – and see how well prepared we are for the quantum challenges of the future.
Cryptographic algorithms and security protocols are among the main building blocks for constructing secure communication solutions in the cyber world. They correspond to the locks that secure a house in the physical world. In both, it is very difficult to access the assets inside without a valid key. The algorithms and protocols are based on hard mathematical and computationally infeasible problems, whereas the lock mechanisms are based on the difficulty of solving the physical construction.
Mobile networks are critical infrastructure and heavily use advances in cryptographic algorithms and protocols to ensure the security of the information in the communication and privacy protection for the individuals. In this blog post, we take a detailed look at the cryptographic algorithms and protocols used in mobile communications and share some insights into the recent progress. We give an overview taking into consideration the development from 2G to 5G and beyond. In addition, we present detailed information on the progress toward defining the profiles to be used in the security protocols for the mobile communication systems. Last but not least, we give the current status and future plans for post-quantum cryptographic algorithms and protocols...
Challenges in updating profilesUpdating profiles for cryptographic algorithms and security protocols is a process that takes many years because of backward compatibility, as nodes from one release often have to talk to devices from much older releases. Before any weak algorithms or protocol versions are forbidden, the support of strong alternatives needs to have been mandatory for several releases.
Source: Ericsson
