NOKIANEWS - News of the Nokia

Nokia details 5G security concerns

28. 04. 2023 Friday / By: Robert Denes / Industrial / Exact time: BST / Print this page

N okia finds post-quantum computer attacks and network fragmentation to be an increasingly popular security topic among telecommunications providers who want to protect the deployment of 5G networks.

Rodrigo Brito, head of cybersecurity for Nokia's cloud and network services business, told SDx Central in an interview ahead of the RSA conference that these questions are key for operators to address the new potential security challenges associated with 5G technology. “The number one issue is when they deploy a 5G network, how do they protect their 5G network because it's something new. This is a new technology. This is a new paradigm with a completely different type of authentication between network functions. A lot is changing. How can I secure this network? This is a key topic,” Brito said.

Post-quantum takes this challenge a step further by allowing attackers to more easily break current encryption standards. Brito said Nokia is being asked what it is doing now to prepare for this situation and how it can help service providers protect their network resources.

“We advise having a cryptographic inventory or understanding where they have their digital certificates and what are the ciphers that are used on those digital certificates and knowing if the ciphers are secure or not, Brito explained. "They have the ability to know where their digital certificates are, and the ability to automatically replace certificates that don't have quantum-safe encryption."

Brito noted that the industry is still working to figure out which certificates are quantum secure, but the issue remains a challenge due to "store now, decrypt later" cyberattacks. These are attacks in which a hacker siphons certificates today and stores them for later when post-quantum calculations may allow the certificates to be cracked.

“If there are encryptions that are considered secure today, they fear that there are players and hacker groups that store data, knowing that they cannot decrypt this data now, because the qubits of quantum computers are not enough yet, but maybe in 10. they will be able to decipher that data years from now, and that creates a lot of uncertainty,” Brito said.

This is especially difficult for telecom operators who have to wade through potentially millions of certificates tied to their geographically diverse network operations and customer equipment.

"If they use encryption on all base stations, if they use encryption for IoT devices or set-top boxes on their network, it's not easy to go through millions of digital certificates. without automation, it is difficult to track them and replace them when necessary,” added Brito.

Verizon has experimented with deploying a quantum key distribution (QKD) network and testing quantum-secure virtual private networks (VPNs) while internally preparing its networks for post-quantum key threats. He also explored data protection methods using post-quantum cryptography (PQC).

Via Link




Canning Town, Barking Road
London E13 8EQ
United Kingdom