Ericsson today announced their Authentication Security Module solution to broaden security for user privacy, based on a physical dedicated module for central management of authentication procedures in 5G Core networks. The solution is powered by Thales 5G Luna Hardware Security Module (HSM).
How Thales addresses the challenges of 5G authentication
One of the key components of a trusted 5G network is the integrity of the virtualized infrastructure and the confidentiality of the data flowing inside it. The protection and authenticity of subscriber authentication and privacy presents various challenges, including the infrastructure complexity, the distributed nature of the 5G networks, the sheer number of connected IoT devices, the use of multi-vendor networks, and the evolution from 3G and 4G networks.
To help Communication Services Providers (CSP) address the challenges, Thales has introduced the 5G Luna Hardware Security Module (HSM). 5G Luna HSM offers up to 1,660 transactions per second (tps) for Profile A Decrypt 25519 with a single HSM, and a PKI hardware based root of trust, allowing for fast and secure scaling from the data center to the edge.
All crypto operations and storing, generating, and managing of encryption keys are performed within the secure confines of the 5G Luna HSM FIPS 140-2 level 3 and Common Criteria EAL 4+ ensuring the protection of subscriber identities including the Subscription Concealed Identifier (SUPI), user equipment, radio area networks (RANs), and their core network infrastructure.
5G RAN and core networks rely heavily on authentication, authorization, and encryption. In 5G networks, HSMs act as trust anchors that protect the cryptographic infrastructure used to establish identities across the network, meaning that all devices, data, transactions and users are protected without compromising agility, usability or scalability.
With a performance that is up to three times the performance offered by competitive solutions, CSP’s benefit from Thales 5G Luna HSMs in various ways to include:
- Meeting the high throughput and efficiency requirements to satisfy demanding requirements for 5G.
- Easily scaling to satisfy service level agreements.
- Experiencing reduced total cost of ownership (TCO), since one HSM offering 1,660 tps for Profile A Decrypt 25519 can do the job of 3+ competitive HSMs. Less HSMs means less HSMs to set up, update, configure and manage.
- Offering low latency with fast response times.
- Meeting performance while maintaining high assurance security posture.
How Thales and Ericsson partner to ensure 5G subscription authentication
With stronger 5G penetration and the growth of industry digitalization, national regulators in the European Union, are defining an implementing stricter security requirements on solutions for safeguarding encryption keys assets for subscription authentication.
Ericsson Authentication Security Module is a single solution that offers multi-access support (3G/4G/5G) and is pre-integrated to Ericsson’s dual-mode 5G Core for reliable deployment efficiency and flexibility. The solution is 3GPP compliant, augments the network security against cyber-attacks and provides a more secure eco-system for use cases and business innovation in 5G.
To provide the highest level of performance and security for cryptographic keys and algorithms, Ericsson’s solution is powered by Thales 5G Luna Hardware Security Module (HSM) root of trust. The superb performance of FIPS-140-2 Level 3 compliant 5G Luna HSM meets security, high throughput, and scalability requirements for 5G.
Authentication and Subscriber Privacy
Esra Kocatürk-Norell, Head of Solution Line UDM & Policy at Ericsson says: “With an increasing relevance of 5G networks in countries’ communication infra-structure, national regulatory frameworks to protect user security and privacy are becoming stricter in some countries. By integrating an HSM-based (hardware security module) security to our leading 5G Core subscriber data management solutions, service providers will be able to meet the stricter requirements.”
Benefits of the joint solution
The Ericsson Authentication Security Module and Thales 5G Luna HSM offer a wide array of benefits for those organizations operating in a strict privacy requirements jurisdiction. These benefits include:
Quickly react to threats by implementing crypto agile, alternative means of encryption
Future proof your organization by implementing quantum safe algorithms
Added Security to your organization’s users and data today and into the future
Contact us to discuss how Thales is working collaboratively with its partner ecosystem to enable the value of 5G in trusted architecture. You can also download the Thales 5G Luna HSM Data Sheet to discover how to secure your critical 5G networks and easily scale.