Published on July 22nd, 2019 📆 | 3270 Views ⚑0
Comparing 5G to Wi-Fi 6 from a security perspective
systems have proven to be secure for thousands of demanding customers across
virtually all industries. With the recent hype around 5G and service providers
promoting 5G as an alternative to Wi-Fi in the enterprise, it pays to
understand how 5G security stacks up against Wi-Fi security.
Cellular security has improved with each generation. The security of first-generation analog cellular systems, based on the AMPS (Advanced Mobile Phone System) standard, was essentially non-existent. These calls were unencrypted and could be intercepted with basic scanners. The security of currently deployed LTE networks is far better. LTE uses strengthened encryption and an authentication algorithm (“AKA”) that shares a key between the client and the receiving base station.
But while LTE security is solid, it isn’t perfect. According to researchers at Purdue and the University of Iowa, LTE is vulnerable to some types of cyberattacks, including data interception and device tracking. The Associated Press last year reported the US Department of Homeland Security (DHS) has acknowledged the existence in Washington, DC of cell site simulators, called “Stingrays,” that could track cellular devices, intercept calls, and potentially even plant malware. 5G security improves upon LTE security incrementally, with identical encryption, slightly hardened authentication, and better key management. But overall, 5G security is largely comparable to LTE security.
Just as cellular
security has improved, Wi-Fi security has evolved with each generation. Early
Wi-Fi networks, beginning in the late 90’s, used weak encryption and authentication,
called “WEP”. The subsequent WPA and WPA2 standards feature improved
encryption. Authentication with WPA2 can be either enterprise-grade 802.1X, or
weaker PSK (pre-shared key), which hackers could potentially break by running
through possible passwords until they can confirm the WPA2 handshake using a
guessed password. This is called a Dictionary Attack. For this
reason, most enterprises implement WPA2 with 802.1X, which is not prone to
dictionary attacks. While some people claim Wi-Fi is insecure, pointing to
poorly implemented networks that deactivate all password protection (e.g., a
local coffee shop), this is not representative of enterprise practices. Still,
the Wi-Fi industry developed WPA2 fifteen years ago, at a time when the
wireless, computing, and security landscapes were substantially different.
Recently, the Wi-Fi
Alliance (WFA) standards body responded with WPA3 – a significant update to
Wi-Fi security. WPA3 implementations fall into one of three categories: (1) OWE
(“Enhanced Open”), which encrypts traffic to prevent snooping attacks on open
networks that do not have password protection, (2) WPA3-Personal, which uses a
shared-secret and a cryptographically stronger key exchange that is resistant
to dictionary attacks, and (3) WPA3-Enterprise, which significantly strengthens
enterprise-grade 802.1X and optionally includes the same Suite B/CSNA crypto
algorithms used for Top-Secret or higher classified government networks. Unlike
5G, which is not backward-compatible and requires completely new handsets and
radio networks, enterprises can upgrade the software in many currently deployed
Wi-Fi networks to include WPA3 (unless they are implementing Suite B/CNSA). The
industry expects major handset OS vendors, such as Apple and Google, to roll
out WPA3 and Enhanced Open by the end of 2019. WPA3 certification will be
mandatory for all new Wi-Fi 6 equipment starting later this year.
Until this point, I’ve
highlighted the evolution and current state of authentication, encryption, and
key management for cellular and Wi-Fi standards. These are important security
design elements. But it’s also important to consider an enterprise’s ability to
tailor its networks to suit its needs by applying specific security and
compliance tools and policies. The average security buyer at a large enterprise
uses more than fifty different security and compliance tools, and no two
organizations have exactly the same needs. Our customers have been successfully
deploying their chosen security and policy tools to enterprise Wi-Fi networks
for decades. The architecture of these networks is flexible and allows
customers to break out, analyze, and apply policy to traffic. Wi-Fi 6 and WPA3
completely retain this flexibility.
5G is a different
story. If an enterprise wants to replace Wi-Fi with 5G, there are a few
different approaches. Each has implications for security customization.
- The first
approach is to extend macro 5G service into the enterprise using DAS
(Distributed Antenna Systems) or small cells. With this approach, it is
difficult to break out traffic and implement specific security solutions.
In other words, you get what you get.
- If your company
is large enough, and your service provider is willing to sell and manage
an individualized Network Slice, you could buy a slice
specific to your company. Network slicing enables carriers to create
customized virtual network overlays under one nationwide, physical
network. With slicing, they can tune each of these virtual networks to
serve business cases that require specific network characteristics. Your
service provider may sell a low-latency network slice, or an IoT-oriented
network slice. You could then have the service provider apply specific
security solutions to that slice and possibly even manage it for you, as a
part of their network. But all traffic passing over such a slice would be
invisible to security appliances that are wired directly into an
- Your enterprise
could choose to deploy a private 5G network on your premises, using either
spectrum licensed from a service provider, or possibly other spectrum that
is unlicensed (e.g., CBRS spectrum). You can apply security to a private
5G network in a similar way you can apply it to an enterprise Wi-Fi
network, but this requires investing in completely separate, parallel
network infrastructure. Consequently, this approach will likely be limited
to very specific enterprise use cases.
Security is not a monolithic consideration. It
includes elements like authentication, encryption, and key management. For
well-designed and deployed networks, these elements for Wi-Fi 6 are equal to,
or better than, 5G. An equally important consideration is the ability of an
enterprise to apply the specific security and policy tools to their network in
a flexible way, tailored to its needs. Wi-Fi enterprise networks are highly
flexible, as they always have been. But depending on the deployment approach
for a 5G network, it may or may not be able to accommodate the level of
security and compliance customization required by enterprise customers.