Huawei has launched a new volley at the Australian government over the decision to ban local telcos from using the Chinese vendor’s equipment in their 5G roll outs.
The company has pointed to the conclusions of an Ovum report, which it commissioned from the analyst firm, that the core and radio-access network (RAN) components of a 5G network can remain separated, with telco's able to choose from different vendors for each portion.
Huawei’s carrier business has faced an uphill struggle in a number of Western nations, with the US pushing for its allies to prohibit the vendor from participating in the construction of 5G networks.
In August 2018, the Australian government revealed it had banned Huawei and its compatriots ZTE from participating in 5G. The government said it made its decision on national security grounds, stating that the “involvement of vendors who are likely to be subject to extrajudicial directions from a foreign government that conflict with Australian law, may risk failure by the carrier to adequately protect a 5G network from unauthorised access or interference.”
Prior to the ban Huawei had indicated it was interested only in tendering for the RAN portion of 5G networks, not telcos’ 5G core networks. However, the Australian government said that 5G was blurring the distinction between core and edge that existed in previous generations of mobile technology.
“Where previous mobile networks featured clear functional divisions between the core and the edge, 5G is designed so that sensitive functions currently performed in the physically and logically separated core will gradually move closer to the edge of the network,” the government said.
“In that way, the distinction between the core and the edge will disappear over time.
“This shift introduces new challenges for carriers trying to maintain their customers’ security, as sensitive functions move outside of the highly protected core environment.”
In a speech two months after the government revealed the ban, Australian Signals Directorate head Mike Burgess said the decision to ban the participation certain vendors in 5G was “not taken lightly”.
In 5G networks the “distinction between core and edge collapses,” he argued.
“That means that a potential threat anywhere in the network will be a threat to the whole network,” Burgess said. “In consultation with operators and vendors, we worked hard this year to see if there were ways to protect our 5G networks if high-risk vendor equipment was present anywhere in these networks.
The Ovum report — The Facts on 5G — argues that 5G security “is an evolution of the 4G security with enhancements to address known 4G vulnerabilities”.
“It introduces no radical changes to a security architecture based on a clear core/RAN separation,” the report states. “Central to this architecture is the interface between the core network which controls 5G network communications (including access, mobility, session management, authentication and data encryption) and the RAN which conveys signals between the user terminal and the core network.”
Functions such as user authentication and data encryption remain managed by the core, while the RAN acts as a “pipe” between the core and a mobile device. A security gateway encrypts traffic between the RAN and the core.
Earlier this month the UK Parliament’s Science and Technology Committee issued a report that concluded there was “no evidence” that entirely banning Huawei from 5G would “constitute a proportionate response” to security threats.
It said that the UK government should ban the vendor’s equipment from being used in the core of UK telco networks. The committee’s chair said it had heard “unanimously and clearly” that a distinction between ‘core’ and ‘non-core’ would continue to exist in the 5G era.
The technical director of the UK’s National Cyber Security Centre, Dr Ian Levy, has previously told the BBC that “from a purely technical point of view, geography matters in 5G.”
“UK and Australia have very different geographies — so our laydowns will be very different to Australia’s laydowns. So, we may have exactly the same technical understanding, but come to very different conclusions.”
“Concerns have been raised that the architectural separation between core and RAN might be weakened in the future,” the Ovum report states. “This would mean that the clarity and stability of the interface between core and RAN would be lost.”
However, there “are strong reasons to believe this will not happen,” including core/RAN separation being “fundamental to the architecture of 5G standards” and both vendors and operators “suffering” if the separation was relaxed. A third reason is that using diversified suppliers for components of a 5G rollout can help networks be more resilient to attack, the report states.
“The core/RAN distinction is maintained in 5G. The basic security architecture of mobile communications, including core/RAN separation, does not change in 5G,” the author of the Ovum report, David Kennedy, said in a statement supplied by Huawei.
“One powerful reason why core/RAN separation has been maintained in 5G standards is to allow operators to integrate RAN from one vendor with core from another vendor.”
“This report underlines once again the importance of ensuring constant dialogue between operators, vendors and governments around these 5G security issues,” said Huawei’s chief security officer, Andy Purdy.
“We are now seeing operators around the world deploying 5G with different vendors for the Core and RAN networks – this actually helps deliver a more secure network.
“Huawei is working with operators and regulators around the world – including our ongoing extensive work with the European Union – to deliver 5G in a safe and secure manner and is ready to talk with the Australian government at any time.”