Bruce Schneier 是信息安全领域的大牛(搞密码学的应该都知道他)。以下是他的一篇博文,谈“5G 网络的安全问题”。
《5G Security @ Schneier》
他开篇就点到了咱们天朝(中国公司会迫于政府压力,在网络设备中内置后门)。然后他又说:即使完全禁止中国公司参与 5G 网络,依然是【不够】滴。
在文章的后续部分,他指出了 5G 网络可能会有如下三大问题:
问题1——5G 标准太复杂
首先,这会导致软件的实现也太复杂,软件代码一旦复杂,潜在的漏洞就更多,也更难发现/修复。
其次,这会导致软件对标准协议的实现不够完全(只是【部分实现】了协议),同样会导致安全问题。
问题2——向后兼容性
熟悉网络攻击的同学,应该听说过【降级攻击】。这类攻击经常出现在“TLS/SSL、Wi-Fi、移动通讯网络”之类的场景中。
由于 5G 网络必须大量兼容 4G 协议,攻击者可以采用某种技巧,诱导设备降级到 4G 协议,然后再利用 4G 协议的弱点。
问题3——5G 标准中,很多“安全选项”不是强制滴
这个要由“标准委员会”来背锅。由于标准中的一些安全选项属于【可选】选项(非强制性),设备制造商通常不去实现它们。
(对设备制造商而言)实现的选项越少,开发就越简单,开发成本也越低。另外,很多设备制造商还面临竞争压力,为了让产品尽快上市,他们倾向于不完成那些【可选】的协议选项。
--------------------------
《5G Security @ Schneier》
他开篇就点到了咱们天朝(中国公司会迫于政府压力,在网络设备中内置后门)。然后他又说:即使完全禁止中国公司参与 5G 网络,依然是【不够】滴。
在文章的后续部分,他指出了 5G 网络可能会有如下三大问题:
问题1——5G 标准太复杂
首先,这会导致软件的实现也太复杂,软件代码一旦复杂,潜在的漏洞就更多,也更难发现/修复。
其次,这会导致软件对标准协议的实现不够完全(只是【部分实现】了协议),同样会导致安全问题。
问题2——向后兼容性
熟悉网络攻击的同学,应该听说过【降级攻击】。这类攻击经常出现在“TLS/SSL、Wi-Fi、移动通讯网络”之类的场景中。
由于 5G 网络必须大量兼容 4G 协议,攻击者可以采用某种技巧,诱导设备降级到 4G 协议,然后再利用 4G 协议的弱点。
问题3——5G 标准中,很多“安全选项”不是强制滴
这个要由“标准委员会”来背锅。由于标准中的一些安全选项属于【可选】选项(非强制性),设备制造商通常不去实现它们。
(对设备制造商而言)实现的选项越少,开发就越简单,开发成本也越低。另外,很多设备制造商还面临竞争压力,为了让产品尽快上市,他们倾向于不完成那些【可选】的协议选项。
--------------------------
5G Security
The security risks inherent in Chinese-made 5G networking equipment are easy to understand. Because the companies that make the equipment are subservient to the Chinese government, they could be forced to include backdoors in the hardware or software to give Beijing remote access. Eavesdropping is also a risk, although efforts to listen in would almost certainly be detectable. More insidious is the possibility that Beijing could use its access to degrade or disrupt communications services in the event of a larger geopolitical conflict. Since the internet, especially the "internet of things," is expected to rely heavily on 5G infrastructure, potential Chinese infiltration is a serious national security threat.
But keeping untrusted companies like Huawei out of Western infrastructure isn't enough to secure 5G. Neither is banning Chinese microchips, software, or programmers. Security vulnerabilities in the standardsthe protocols and software for 5Gensure that vulnerabilities will remain, regardless of who provides the hardware and software. These insecurities are a result of market forces that prioritize costs over security and of governments, including the United States, that want to preserve the option of surveillance in 5G networks. If the United States is serious about tackling the national security threats related to an insecure 5G network, it needs to rethink the extent to which it values corporate profits and government espionage over security.
To be sure, there are significant security improvements in 5G over 4Gin encryption, authentication, integrity protection, privacy, and network availability. But the enhancements aren't enough.
The 5G security problems are threefold. First, the standards are simply too complex to implement securely. This is true for all software, but the 5G protocols offer particular difficulties. Because of how it is designed, the system blurs the wireless portion of the network connecting phones with base stations and the core portion that routes data around the world. Additionally, much of the network is virtualized, meaning that it will rely on software running on dynamically configurable hardware. This design dramatically increases the points vulnerable to attack, as does the expected massive increase in both things connected to the network and the data flying about it.
Second, there's so much backward compatibility built into the 5G network that older vulnerabilities remain. 5G is an evolution of the decade-old 4G network, and most networks will mix generations. Without the ability to do a clean break from 4G to 5G, it will simply be impossible to improve security in some areas. Attackers may be able to force 5G systems to use more vulnerable 4G protocols, for example, and 5G networks will inherit many existing problems.
Third, the 5G standards committees missed many opportunities to improve security. Many of the new security features in 5G are optional, and network operators can choose not to implement them. The same happened with 4G; operators even ignored security features defined as mandatory in the standard because implementing them was expensive. But even worse, for 5G, development, performance, cost, and time to market were all prioritized over security, which was treated as an afterthought.
Already problems are being discovered. In November 2019, researchers published vulnerabilities that allow 5G users to be tracked in real time, be sent fake emergency alerts, or be disconnected from the 5G network altogether. And this wasn't the first reporting to find issues in 5G protocols and implementations.
Chinese, Iranians, North Koreans, and Russians have been breaking into U.S. networks for years without having any control over the hardware, the software, or the companies that produce the devices. (And the U.S. National Security Agency, or NSA, has been breaking into foreign networks for years without having to coerce companies into deliberately adding backdoors.) Nothing in 5G prevents these activities from continuing, even increasing, in the future.
Solutions are few and far between and not very satisfying. It's really too late to secure 5G networks. Susan Gordon, then-U.S. principal deputy director of national intelligence, had it right when she said last March: "You have to presume a dirty network." Indeed, the United States needs to accept 5G's insecurities and build secure systems on top of it. In some cases, doing so isn't hard: Adding encryption to an iPhone or a messaging system like WhatsApp provides security from eavesdropping, and distributed protocols provide security from disruptionregardless of how insecure the network they operate on is. In other cases, it's impossible. If your smartphone is vulnerable to a downloaded exploit, it doesn't matter how secure the networking protocols are. Often, the task will be somewhere in between these two extremes.
5G security is just one of the many areas in which near-term corporate profits prevailed against broader social good. In a capitalist free market economy, the only solution is to regulate companies, and the United States has not shown any serious appetite for that.
What's more, U.S. intelligence agencies like the NSA rely on inadvertent insecurities for their worldwide data collection efforts, and law enforcement agencies like the FBI have even tried to introduce new ones to make their own data collection efforts easier. Again, near-term self-interest has so far triumphed over society's long-term best interests.
In turn, rather than mustering a major effort to fix 5G, what's most likely to happen is that the United States will muddle along with the problems the network has, as it has done for decades. Maybe things will be different with 6G, which is starting to be discussed in technical standards committees. The U.S. House of Representatives just passed a bill directing the State Department to participate in the international standards-setting process so that it is just run by telecommunications operators and more interested countries, but there is no chance of that measure becoming law.
The geopolitics of 5G are complicated, involving a lot more than security. China is subsidizing the purchase of its companies' networking equipment in countries around the world. The technology will quickly become critical national infrastructure, and security problems will become life-threatening. Both criminal attacks and government cyber-operations will become more common and more damaging. Eventually, Washington will have do so something. That something will be difficult and expensivelet's hope it won't also be too late.
No comments:
Post a Comment