The ISC International Journal of Information Security

Abstract The evolution of fifth-generation cellular networks (5G) brings unprecedented improvements in speed, latency, and scalability, but also introduces significant new security challenges. While earlier studies have primarily focused on performance benchmarking or examined isolated vulnerabilities, there remains a lack of comprehensive, reproducible security evaluations of 5G core networks. This paper presents a scenario-based simulation study of three distinct denial-of-service (DoS) attacks targeting critical components of the 5G control plane. Using open-source tools such as Open5GS and UERANSIM, we demonstrate: (1) large-scale registration flooding that overloads both the next-generation NodeB (gNB) and the Access and Mobility Management Function (AMF); (2) AMF resource exhaustion through massive NGSetupRequest messages; and (3) tampering with a security-related parameter in the User Equipment (UE) registration process to disrupt authentication. The evaluation quantifies the impacts of Central Processing Unit (CPU) and Random Access Memory (RAM) under these attacks, showing that even commodity hardware testbeds can reveal critical vulnerabilities. Moreover, analysis of the logs collected during the attacks confirms the successful execution of each attack scenario. The findings highlight how scenario-based simulations effectively explore various 5G attack surfaces and underscore the necessity for targeted defense mechanisms to enhance the resilience of next-generation mobile networks.

Abstract In smart grids, messages exchanged between service providers and smart meters should be authenticated and confidential to prevent threats due to their insecurity. Hence, it is imperative to design a secure authentication and key exchange scheme to create a session key for secure and authenticated transmission of messages. In this paper, we show that the mutual authentication and key establishment protocol presented by Sureshkumar et al. in 2020, which is based on elliptic curve cryptography (ECC), fails to satisfy forward secrecy, while they claimed that it provides perfect forward secrecy. In addition, it will be demonstrated that it is not secure against stolen database attacks of a service provider, which leads to the smart meter impersonation attack and session key exposure.
Moreover, we prove that it fails to achieve security against known sessionspecific temporary information attacks. Next, an improved authenticated key establishment protocol to address these vulnerabilities has been proposed. Then, we analyze its security with informal and formal methods, such as BurrowAbadi-Needham (BAN) logic and ProVerif. Finally, with the comparison of security features and computation and communication overhead, we show that it outperforms baseline papers.

Abstract Designing authentication techniques suitable for wireless sensor networks (WSNs) with their dedicated consideration is critical due to the nature of public channel. In 2022, Liu et al. presented an authentication protocol which employs dynamic authentication credentials (DACs) and Intel software guard extensions (SGX) to guarantee security in WSNs, and it was shown that it is secure by formal and informal security analysis. In this paper, we show that it is not secure against desynchronization attack and offline guessing attack for long-term random numbers of users. In addition, it suffers from the known session-specific temporary information attack. Then, to address these vulnerabilities an improved authentication scheme using DAC and Intel SGX will be presented. It is shown that not only it is secure against aforementioned attacks with employing formal and informal analysis, but also it has a reasonable communication and computation overhead. It should be highlighted that the communication and computation overheads of our proposal are increased negligibly, but it provides more security features compared to the baseline protocol.

Abstract A certificateless (CL) signcryption scheme is a cryptographic primitive that provides user authentication and message confidentiality at the same time. CL signcryption schemes (as a type of certificateless encryption scheme) have solved problems concerning malicious server presentation, and the server who issues users' partial private keys and certificates cannot obtain users' signing keys. Therefore, the CL signcryption scheme is an excellent choice for protecting users' signing keys and providing user authentication and message confidentiality. Moreover, signcryption schemes have lower computational costs than signature and encryption schemes.
The present study presents a short and efficient CL signcryption scheme based on the hyperelliptic curve (HC). Applying HC as the calculation base for designing the presented CL signcryption scheme reduces key-length from 160 bits to 80. The presented CL signcryption scheme is shorter than other recently-proposed ones with regard to communication overhead with its less than one-third shorter length compared to the shortest of the others. Moreover, it is more efficient than other recently-proposed CL signcryption schemes in the user-side computational cost, including the \textit{key generation} and \textit{user key generation} phases that have been halved in total. Finally, the security of the presented CL signcryption scheme was analyzed in the random oracle (RO) model based on the hardness of the point factorization problem (PFP) on HC.