Analysis and Design of Security for Next Generation 4G Cellular Networks Gin´ es Escudero-Andreu, Raphael C.-W. Phan and David J. Parish School of Electronic, Electrical and Systems Engineering, Loughborough University, LE11 3TU Loughborough, U.K. g.escudero-andreu@lboro.ac.uk, r.phan@lboro.ac.uk or d.j.parish@lboro.ac.uk Abstract—The 4 th Generation of mobile communications (4G) has been designed to fulfil strict security requirements. However, design shortcomings may open the door to threats, casting doubt on the reliability of the system. Recent publications found critical vulnerabilities, such as breach of user identity privacy, user location tracking or inability to guarantee privacy and integrity of communications, proposing amendments without considering fully backward compatibility and inflicting further menaces. This paper intends to give an in-depth insight into this issue, analysing the latest release of Long Term Evolution (LTE- Advanced) specifications in order to identify strengths and deficiencies. An evaluation of the alternative solutions is made, proposing future research on this matter with diverse approaches to design an enhanced solution more efficient, respectful with backward systems and similar traffic load. Index Terms—4G, EPS, LTE-Advance, LTE Security. I. I NTRODUCTION Mobile communications have been developed during the last decade, reaching unexpected figures of active users and making a reality services which nobody would ever imagine before. Social networks, real-time navigation systems along video-streaming services such You-tube or live music comprise a huge list of on-line services whose use requires high data throughput rates. In contrast with old tendency, now the information flows in both sides, demanding vast amounts of data traffic not only into the downlink, but also into the uplink to share multimedia content on Internet. Currently, most of the mobile services are based on Global System for Mobile Communications (GSM) or Universal Mobile Telecommunications System (UMTS) access networks with High-Speed Downlink Packet Access (HSDPA), technologies linked with 3/3.5G which use is reaching the edge of their capabilities. Users claim for an unique mobile solution to provide broadband services without being affected by mobility factors, conditioned to urban coverage areas or lower peak rates than landlines Internet connections. On the other hand, other services such as mobile banking, on-line payment systems and social networking deal with private information which protection is mandatory. Security becomes a priority issue for mobile operators. In the early stages, release 8 was named Long Term Evolution (LTE) and proposed as 4G candidate by the 3 rd Generation Partnership Project (3GPP). Thereafter being selected as one of the two candidates for the International Mobile Telecommunications competition (IMT) by the International Telecommunication Union (ITU), it was improved to reach higher peak rates increasing user density per cell, calling it as LTE-Advance after release 10. At this moment, 4G deployments are planned all over the world and billions of potential users await to gain access to high-speed and seamless communications. LTE technology, with its latest release of LTE Advanced, is the best candidate to be elected as 4G standard. Core and radio-access network are based on flat all-ip networking, making interoperability extremely easy and fast, but increasing the requirements of higher security capabilities. Being supported by most of the mobile operators providers and manufacturers, a victory is envisaged into the ITU competition to choose it as standard for IMT-Advanced. This paper analyses the security aspects of LTE-Advanced technology, reviewing all the alternative solutions proposed by the research community and guiding future research. Section II depicts a brief description of the Evolved Packet System, protocols and policy used to provide safe communications. Section III completes the analysis pointing out the identified threats and weaknesses, linking them with alternative solutions on the Section IV. Finally, Section V and VI conclude with a summary and personal opinion, introducing future research on this matter. II. EVOLVED PACKET SYSTEM (EPS) EPS is an evolution of UMTS system in order to satisfy a huge demand of high-speed data rates and provide support for a constantly increased number of cellular users. In contrast with previous generations, LTE has been designed considering all the services as IP data traffic, voice calls included, facilitating integration of user data traffic into operator core network but fostering new well-known attacks for IP networks. 3GPP has developed a robust system, adapted to provide services with high requirements of data bandwidth and able to cope the growth of mobile-phone users. Their effort is also focused on security issues to consider the previous UMTS ISBN: 978-1-902560-26-7 © 2012 PGNet