The 5G Security Test Bed’s Technical Advisory Committee designed and conducted five tests to verify recommendations from the FCC’s Communications Security, Reliability, and Interoperability Council VII (CSRIC VII) around the use of mutual transport layer security (mTLS) on the Service-Based Interface (SBI) between the 5G network functions (NFs).
Access the full technical report, highlights summary, and one-pager.
All five tests were successful, confirming that mTLS can be used for the encryption of data and the mutual authentication of 5G network functions that exchange data across the SBI, enabling Zero Trust in a 5G environment. The tests validated that:
- Additional encryption within the 5G network strengthens security.
- Mutual Transport Layer Security protects 5G networks by:
- Encrypting and protecting critical data at both ends of the network.
- Rejecting expired credentials.
- Rejecting invalid credentials.
- Cross-authenticating credentials from different vendors.
Because mTLS can be used at numerous points within a 5G network to constantly authenticate the validity of users and functions attempting to connect, it can serve as a foundational component of the Zero Trust approach to network security. Zero Trust has been recognized by the wireless industry, and recently by the federal government, as a multifaceted and flexible defense against network attacks.
This is great news for consumers—mTLS is already being deployed, and implementation will continue to grow as the U.S. wireless industry upgrades its 5G networks from NSA to SA nationwide.
The Technical Report includes the full technical details of the tests, their execution, and results. The Highlights Summary is a shorter paper highlighting the key points of the main paper and is meant for non-technical audiences who are interested in some level of detail. The One-Pager provides a very high-level summary of the test cases and their applications.