Methods, systems, and computer-readable media for mitigating unauthorized message relay attacks

CN115002776BActive Publication Date: 2026-07-07KEYSIGHT TECHNOLOGIES INC

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
KEYSIGHT TECHNOLOGIES INC
Filing Date
2022-03-01
Publication Date
2026-07-07

AI Technical Summary

Technical Problem

Existing wireless networks have vulnerabilities that allow unauthorized message relay attacks, which could result in confidential messages being encoded and relayed by unauthorized UEs, impacting network security.

Method used

By receiving the Temporary UE Identifier (TUEI) of the first UE, a second value with higher entropy characteristics is generated using a conversion algorithm, and the value is broadcast to multiple UEs to reduce the likelihood of the second UE decoding the encoded message. The entropy characteristics of the TUEI are modified using techniques such as salting and cryptographic hash functions.

Benefits of technology

It effectively mitigates unauthorized message relay attacks, reduces the likelihood of a second UE decoding encoded messages, and improves network security.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN115002776B_ABST
    Figure CN115002776B_ABST
Patent Text Reader

Abstract

The present invention relates to methods, systems, and computer readable media for mitigating unauthorized message relay attacks. According to one method, the method is performed at a network node configured to relay network message information or derivative information to avoid resource contention between user equipments (UEs). The method includes receiving a first temporary UE identifier (TUEI) associated with a first UE for requesting radio resources within a serving cell; allocating the radio resources to the first UE using the first TUEI; generating a second value based on the first TUEI using at least a conversion algorithm, wherein the second value has a higher entropy characteristic than the first TUEI, thereby reducing a likelihood that the second value includes an encoded message that can be decoded by a second UE when relayed by the network node; and broadcasting a message including the second value to a plurality of UEs including the second UE.
Need to check novelty before this filing date? Find Prior Art

Description

[0001] Priority Statement

[0002] This application claims priority to U.S. Provisional Patent Application Serial No. 63 / 155,663, filed March 2, 2021, and U.S. Provisional Patent Application Serial No. 63 / 189,016, filed May 14, 2021, the disclosure of which is incorporated herein by reference in its entirety. Technical Field

[0003] The topics described herein relate to wireless network security. More specifically, this topic relates to methods, systems, and computer-readable media for mitigating unauthorized message relay attacks. Background Technology

[0004] Various wireless networks can utilize radio resource contention resolution procedures or techniques. For example, in 4G or 5G networks, a User Equipment (UE) can initiate a Random Access (RA) procedure with a base station (e.g., an eNodeB or a gNodeB) to determine appropriate radio resources for uplink communication. During their respective parallel RA procedures, competing UEs can select the same resources (e.g., the same RA Radio Network Temporary Identifier (RA-RNTI) and RA Preamble Identifier (RAPID)) and send a first contention message (e.g., an RA preamble message) to the base station indicating the same resources. In response to one of the first messages, the base station can send a second message (RA Response (RAR) message) granting uplink permission. Competing UEs can receive the second message and assume it is directed to them. To determine which UE will ultimately use the radio resources, a contention resolution procedure can be followed, in which each competing UE sends a Radio Resource Control (RRC) connection request containing an arbitrary (e.g., self-selected) Temporary UE Identifier (TUEI) (e.g., a 48-bit UE Contention Resolution Identifier (CRI)), and the base station responds with an RRC connection establishment (e.g., a contention resolution response) containing an arbitrary TUEI, which will use the requested radio resources (one or more other competing UEs should yield and try another RA procedure).

[0005] A vulnerability exists in the resource contention resolution mechanism used with the 5G New Radio (NR) interface, the LTE air interface, and various other air interfaces. This vulnerability could be used to execute unauthorized message relay attacks; for example, a UE could encode secret messages that are broadcast or relayed by a base station to another UE without authorization from the network or network operator. Summary of the Invention

[0006] Methods, systems, and computer-readable media for mitigating unauthorized message relay attacks are disclosed. According to an example method, the method is performed at a network node configured to relay network message information or derived information to avoid resource contention between user equipments (UEs). The method includes: receiving a first temporary UE identifier (TUEI) associated with a first UE for requesting radio resources within a serving cell; allocating the radio resources to the first UE using the first TUEI; generating a second value based on the first TUEI using at least a conversion algorithm, wherein the second value has a higher entropy characteristic than the first TUEI; and broadcasting a message including the second value to a plurality of UEs, including the second UE.

[0007] According to the example system, the system includes a network node configured to relay network message information or derived information to avoid resource contention between UEs, wherein the network node uses the at least one processor to implement this. The network node is configured to: receive a first TUEI associated with a first UE for requesting radio resources within the serving cell; allocate the radio resources to the first UE using the first TUEI; generate a second value based on the first TUEI using at least a conversion algorithm, wherein the second value has a higher entropy characteristic than the first TUEI; and broadcast a message including the second value to a plurality of UEs, including the second UE.

[0008] The subject matter described herein can be implemented using software in combination with hardware and / or firmware. For example, the subject matter described herein can be implemented in software executed by a processor. In one exemplary embodiment, the subject matter described herein can be implemented using a non-transitory computer-readable medium in which computer-executable instructions are stored, which control computer execution steps when executed by a computer's processor. Exemplary computer-readable media suitable for implementing the subject matter described herein include non-transitory devices such as disk storage devices, on-chip memory devices, programmable logic devices, field-programmable gate arrays, and application-specific integrated circuits. Furthermore, computer-readable media for implementing the subject matter described herein can be located on a single device or computer platform or can be distributed across multiple devices or computer platforms.

[0009] As used herein, the term "node" refers to at least one physical computer platform that includes one or more processors, network interfaces, and / or memory.

[0010] As used herein, each of the terms “feature,” “engine,” and “module” refers to hardware used to implement one or more of the described features, which may also include software and / or firmware.

[0011] As used herein, the term "mobile communication network" refers to a system of nodes that enable wireless communication between user terminals. Example mobile communication networks may include fourth-generation (4G) networks (e.g., LTE-advanced networks) or 5G networks.

[0012] As used herein, the terms "mobile network device" and "mobile network apparatus" refer to a mobile network entity that provides radio coverage for mobile phones by providing and converting between the individual radio interfaces of mobile phones within a geographic area and the wired interfaces of other mobile communication network nodes. Therefore, mobile users do not communicate directly with each other, but rather directly with the mobile network apparatus via an air interface.

[0013] As used herein, the term "Common Public Radio Interface" (CPRI) refers to a standard used to describe the wired communication interface between REC (Radio Control Controller) and RE (Radio Equipment) components in a network, such as a radio base station. CPRI can be used to classify network components utilizing various access technologies, including LTE, GSM, and GPRS. CPRI is an industry collaboration aimed at defining the internal interface between the Radio Equipment Controller (REC) and the Radio Equipment (RE) itself. By dividing the network component (i.e., the radio base station) into two parts (i.e., the RE and the REC) (with a digital connection between these two elements), CPRI enables flexible and efficient product differentiation and independent technology evolution for radio base stations. Data carried over a CPRI link is a digital continuous stream, representing a digital sample of the baseband waveform. CPRI does not limit the data rate of a connection, but it can limit the number of antennas that can be carried through a single CPRI connection.

[0014] As used herein, the terms "Next Generation Node B," "gNodeB," and "gNB" refer to 5G mobile network entities with functions similar to those of REC and RE in 4G / LTE networks. The gNB's DU communicates directly with the UE and is responsible for header compression, encryption, reliable packet delivery, admission control, and radio resource management. By eliminating the CU from the data path and incorporating some of its functions into the DU, packet latency can be reduced and network performance can be improved. Evolved CPRI (eCPRI) may involve dividing the gNB into two parts: a CU component and one or more radio base DU components, where multiple DUs may be associated with a single CU connected together using a wired eCPRI link. As used herein, the terms CU and DU will primarily refer to components of the gNB; however, it should be understood that CU and DU may also refer to components of other (e.g., LTE) networking components. One or more DUs and their corresponding CUs may be physically separate but connected via an eCPRI link. For example, the DU may be located near an antenna, while the CU may be located in a more convenient and / or accessible centralized location.

[0015] As used herein, the term "user equipment" or "UE" refers to a mobile communication terminal or mobile phone operated by a user in a mobile communication network. Example UEs may include mobile phones and computers with wireless communication capabilities.

[0016] This invention also includes the following:

[0017] 1. A method for mitigating unauthorized message relay attacks, the method comprising:

[0018] At network nodes configured to relay network messages or derived messages to avoid resource contention between user equipment (UEs):

[0019] Receive a first temporary UE identifier (TUEI) associated with the first UE for requesting radio resources within the serving cell;

[0020] The radio resources are allocated to the first UE using the first TUEI;

[0021] At least a conversion algorithm is used to generate a second value based on the first TUEI, wherein the second value has a higher entropy characteristic than the first TUEI, thereby reducing the likelihood that the second value includes encoded messages that can be decoded by the second UE when relayed by the network node; and

[0022] The message including the second value is broadcast to multiple UEs, including the second UE.

[0023] 2. The method according to item 1, wherein the conversion algorithm uses multiplication with salt when generating the second value;

[0024] The conversion algorithm uses the first TUEI, at least one salt, and at least one cryptographic hash function (CHF) when generating the second value; or

[0025] The conversion algorithm uses a bit-erasure mask that indicates the bits to be erased in the TUEI or CHF output value when generating the second value.

[0026] 3. The method according to item 1, wherein the conversion algorithm is a one-way function because the second UE cannot convert the second value back to the first TUEI; or

[0027] In this case, the second UE cannot obtain the first TUEI from the second value.

[0028] 4. The method according to claim 1, wherein the second value can be used by the second UE to avoid requesting the same radio resources allocated to the first UE; or

[0029] The second value can be used by the first UE to determine that the radio resources have been allocated to it.

[0030] 5. The method according to claim 1, wherein the network node is a radio access node emulation associated with a test system for testing a UE device; or

[0031] The first UE or the second UE is a UE emulation associated with a test system used to test radio access nodes.

[0032] 6. The method according to claim 1, wherein the network node includes a radio access node, a base station, a base transceiver, a nodeB, an eNodeB, a gNodeB, an 802.X access point, and a fifth-generation (5G) non-terrestrial network radio interface node; or

[0033] Wherein, the first TUEI is a Media Access Control (MAC) identifier or a UE Contention Resolution Identifier (CRI).

[0034] 7. The method according to claim 1, wherein the network node is configured to generate and broadcast multiple messages during a radio resource request quiescent period for generating random access obfuscation.

[0035] 8. The method according to item 7, wherein the plurality of messages include a TUEI or a derivative thereof associated with one or more UEs.

[0036] 9. The method according to item 1, wherein the network node is configured to analyze relay-related violations for a second TUEI associated with a third UE, and to block the broadcast of messages associated with the third UE in response to detecting a relay-related violation.

[0037] 10. The method according to item 9, wherein the network node compares known or estimated physical layer information with reported physical layer information in the second TUEI, and detects the relay-related violation by determining the difference between the known or estimated physical layer information and the reported physical layer information.

[0038] 11. A system for mitigating unauthorized message relay attacks, the system comprising:

[0039] At least one processor;

[0040] A network node configured to relay network message information or derived information to avoid resource contention between user equipments (UEs), wherein the network node is implemented using the at least one processor, and wherein the network node is configured to:

[0041] Receive a first temporary UE identifier (TUEI) associated with the first UE for requesting radio resources within the serving cell;

[0042] The radio resources are allocated to the first UE using the first TUEI;

[0043] At least a conversion algorithm is used to generate a second value based on the first TUEI, wherein the second value has a higher entropy characteristic than the first TUEI, thereby reducing the likelihood that the second value includes encoded messages that can be decoded by the second UE when relayed by the network node; and

[0044] The message including the second value is broadcast to multiple UEs, including the second UE.

[0045] 12. The system according to item 11, wherein the conversion algorithm uses multiplication with salt when generating the second value;

[0046] The conversion algorithm uses the first TUEI, at least one salt, and at least one cryptographic hash function (CHF) when generating the second value; or

[0047] The conversion algorithm uses a bit-erasure mask that indicates the bits to be erased in the TUEI or CHF output value when generating the second value.

[0048] 13. The system according to item 11, wherein the conversion algorithm is a one-way function because the second UE cannot convert the second value back to the first TUEI;

[0049] Wherein, the second UE cannot obtain the first TUEI from the second value;

[0050] Wherein, the second value can be used by the second UE to avoid requesting the same radio resources allocated to the first UE; or

[0051] The second value can be used by the first UE to determine that the radio resources have been allocated to it.

[0052] 14. The system according to claim 11, wherein the network node is a radio access node emulation associated with a test system for testing a UE device; or

[0053] The first UE or the second UE is a UE emulation associated with a test system used to test radio access nodes.

[0054] 15. The system according to claim 11, wherein the network nodes include radio access nodes, base stations, base transceivers, nodeBs, eNodeBs, gNodeBs, 802.X access points, and fifth-generation (5G) non-terrestrial network radio interface nodes; or

[0055] Wherein, the first TUEI is a Media Access Control (MAC) identifier or a UE Contention Resolution Identifier (CRI).

[0056] 16. The system of claim 11, wherein the network node is configured to generate and broadcast multiple messages during a radio resource request quiescent period for generating random access obfuscation.

[0057] 17. The system according to item 16, wherein the plurality of messages include a TUEI or a derivative thereof associated with one or more UEs.

[0058] 18. The system according to item 11, wherein the network node is configured to analyze relay-related violations for a second TUEI associated with a third UE, and to block the broadcast of messages associated with the third UE in response to detecting a relay-related violation.

[0059] 19. The system according to item 18, wherein the network node compares known or estimated physical layer information with reported physical layer information in the second TUEI, and detects the relay-related violation by determining the difference between the known or estimated physical layer information and the reported physical layer information.

[0060] 20. A non-transitory computer-readable medium having stored thereon executable instructions embodied therein, the executable instructions, when executed by at least one processor of a computer, causing the computer to perform steps including:

[0061] At network nodes configured to relay network messages or derived messages to avoid resource contention between user equipment (UEs):

[0062] Receive a first temporary UE identifier (TUEI) associated with the first UE for requesting radio resources within the serving cell;

[0063] The radio resources are allocated to the first UE using the first TUEI;

[0064] At least a conversion algorithm is used to generate a second value based on the first TUEI, wherein the second value has a higher entropy characteristic than the first TUEI, thereby reducing the likelihood that the second value includes encoded messages that can be decoded by the second UE when relayed by the network node; and

[0065] The message including the second value is broadcast to multiple UEs, including the second UE. Attached Figure Description

[0066] The various aspects of the subject matter described herein will now be explained with reference to the accompanying drawings, in which:

[0067] Figure 1 This is a block diagram illustrating an example of a fifth-generation (5G) new radio (NR) network;

[0068] Figure 2 This is a diagram illustrating an example random access (RA) procedure associated with user equipment and base stations;

[0069] Figure 3 This is a diagram illustrating an example of an unauthorized message relay attack;

[0070] Figure 4 This is a diagram showing example nodes used to mitigate unauthorized message relay attacks;

[0071] Figure 5 This is a diagram illustrating an example conversion algorithm for transforming a Temporary UE Identifier (TUEI) using salting techniques and cryptographic hash functions;

[0072] Figure 6 This is a diagram illustrating an example transformation algorithm for transforming TUEI using one or more stochastic process (RP) functions;

[0073] Figure 7 This is a diagram illustrating an example conversion algorithm for TUEI that utilizes salting techniques, cryptographic hash functions, and bit-erasing masks;

[0074] Figure 8 It is a graph that shows example data related to various transformation algorithms;

[0075] Figure 9 This is a diagram showing an example test system used for testing UEs;

[0076] Figure 10 This is a diagram illustrating an example test system used for testing radio access nodes or related networks; and

[0077] Figure 11 This is a diagram illustrating an example process for mitigating unauthorized message relay attacks. Detailed Implementation

[0078] The topics described herein relate to methods, systems, and computer-readable media networks for mitigating unauthorized message relay attacks. Various wireless networks can utilize radio resource contention resolution procedures or techniques. For example, during a random access (RA) procedure (such as a UE attachment procedure), it is possible (e.g., a few hundredths of a chance) for two UEs to select the same resources (the same RA-RNTI and RAPID) for the first message of the RA procedure. Due to the nature of the Zadoff-Chu sequence used in the first message, the cell (e.g., the primary sector carrier) can successfully decode one of the RA requests and estimate the timing advance (TA) broadcast in the second message of the RA procedure. The two competing UEs may experience different TAs. For example, let UE1 represent the UE whose first message was successfully received, and let UE2 represent another competing UE. After both UEs adjust their TAs according to the second message, any further transmissions from UE2 will be lost at the cell. To avoid further stalls and interference, resource contention ceases when UE2 yields and initiates another RA procedure.

[0079] In the initial phase of RRC establishment, the choice of an effective contention resolution procedure may be limited due to various factors. These factors may include: the serving cell being unable to distinguish between competing UEs (it may not even be aware of the existence of UE2); the serving cell being unable to send dedicated messages to each UE; and the UE being able to decode any downlink broadcast equally; and the UE being unaware of the existence of another UE and / or related UE contention. Therefore, the 3GPP standard defines a contention resolution procedure in which the UE performs a ping-sampled test to determine if it has the correct TA. For example, in the third message of the RA procedure, each competing UE should select an arbitrary UE Contention Resolution Identifier (CRI) and send it to the relevant cell. If the cell can only decode the UE CRI from UE1, then the cell can replay the UE CRI from UE1 in the fourth message of the RA procedure, which can then be received and decoded by both UEs. In this example, the mismatch between UE2's UE CRI (selected and used in its third message) and the UE CRI broadcast in the fourth message will trigger UE2 to back off (while UE1 will determine that the broadcast UE CRI matches its own CRI and will therefore use radio resources).

[0080] While the UE CRI should be a unique 48-bit value for each UE (like the network interface media access control (MAC) address) to reduce the chance of CRI conflicts between competing UEs (thus allowing contention to continue beyond the fourth message of the RA procedure), the UE CRI value does not share the hardware persistence of the network interface MAC address. For example, the UE CRI could be randomly selected in each RA attempt without further use beyond the fourth message of the RA procedure. Since the UE CRI is broadcast in the fourth message of the RA procedure, if it remained persistent, it could be used to detect a specific UE within the cell coverage area. Therefore, privacy concerns may be a reason for the lack of persistence.

[0081] Because the resource contention resolution process involves a temporary UE identifier (TUEI) (e.g., UE CRI) selected by the UE and broadcast by the base station, it is possible for a UE (or an entity pretending to be a UE) to employ the resource contention resolution process. For example, during the resource contention resolution process of the RA procedure, the UE may encode a secret message into a self-selected TUEI and send it to the base station (e.g., in a Radio Resource Control (RRC) Connection Request message), and when the base station broadcasts the TUEI (e.g., in an RRC Connection Establishment message), another entity (e.g., a receiver UE) may receive the secret message and decode it.

[0082] Example use cases for utilizing or applying conventional resource contention resolution procedures may include: data leakage (e.g., using cellular carrier signals from a nearby tower to transmit sensitive data from a protected facility to an external device); command and control (CnC) events (e.g., anonymous communication with a remote malicious IoT device to trigger certain events); modem backdoors (e.g., modem firmware may be contaminated by a malicious actor to enable the execution of an attack program in idle mode to communicate with other modems as a stealthy data transmission backdoor); and failover broadcasts in disaster recovery (e.g., during a natural disaster, local authorities may use broadcast CRIs to broadcast messages to other UEs within the same geographic area).

[0083] Based on some aspects of the subject matter described herein, techniques, methods, or mechanisms for mitigating data leakage or unauthorized message relay are disclosed. In some embodiments, mitigating data leakage or unauthorized message relay may involve using one or more transformation algorithms and / or techniques (e.g., cryptographic hash functions (CHFs) and / or salting techniques) to alter or modify the TUEI provided by the UE during a resource contention resolution procedure. In such embodiments, altering or modifying the TUEI may involve increasing the entropy characteristics of the modified TUEI (relative to the original or unmodified TUEI) and can be used to prevent, inhibit, or mitigate the successful decoding of encoded messages in the TUEI by the receiving UE when the base station broadcasts the modified TUEI. For example, during a resource contention resolution process, a base station or related entity may receive a UE-selected TUEI and may convert, transform, or modify the UE-selected TUEI into an output value such that when the output value is broadcast (by the base station during the resource contention resolution process), the receiving entity cannot decode or identify one or more encoded messages originally inserted by the UE into the UE-selected TUEI, but the output value can still be used by the UE during the resource contention resolution process to determine whether the output value refers to its respective TUEI. Therefore, according to some aspects of the subject matter described herein, generated values ​​derived from or using TUEIs can be used for resource contention resolution purposes while reducing or mitigating the UE's ability to successfully execute unauthorized relay attacks.

[0084] Based on some aspects of the subject matter described herein, techniques, methods, or mechanisms for utilizing multiplication salting to mitigate data leakage or unauthorized message relay are disclosed. For example, multiplication salting is a novel method in which a salt value or vector informs which characters in an input string should be multiplied (e.g., repeated) and how many times. In some implementations, the multiplication salt vector may include multiple pairs of elements, where each pair of elements in the multiplication salt vector indicates a hexadecimal character and a repetition value. For example, suppose “F4” is a pair of elements in the multiplication salt vector (e.g., where “F” indicates the character to be repeated and “4” indicates the number of “F”s in the output value), and if the input string is “A5634F”, then the action of this pair of elements will produce the output string “A5634FFFF”.

[0085] Advantageously, in some implementations, hash collisions can be reduced or minimized compared to other salting techniques by using multiplicative salting. For example, CHF may not perform well with high-entropy strings of fixed size (e.g., CRI or MAC addresses) because two such strings have a higher chance of producing the same hash (e.g., hash collision), which defeats the uniqueness of CHF. In this example, CHF can perform better with inputs that are similar to human words (e.g., variable length) and have a greater chance of overlapping letters at the same location. Multiplicative salting can improve the inputs used by CHF (especially in the case of short strings) to have these human word characteristics. For example, compare the set of all words in a dictionary to a set of fixed-size strings with random elements from the same set of letters. The significant difference between words in a dictionary and a set of fixed-size strings is that words have variable lengths and a greater chance of overlapping letters at the same location. Multiplicative salting can produce or amplify these characteristics for a set of short strings of fixed size. Consider two random strings of the same length and a salting command indicating which characters should be repeated. After applying repetition, it can be seen that the resulting string may have variable length and exhibit overlap, which is the same property as words in a dictionary. Therefore, the hash generated from the multiplicative salted string is considered to have a reduced chance of collision.

[0086] Reference will now be made in detail to exemplary embodiments of the subject matter described herein, examples of which are illustrated in the accompanying drawings. Where possible, the same reference numerals will be used throughout the drawings to refer to the same or similar parts.

[0087] Figure 1 This is a block diagram illustrating an example 5G New Radio (NR) network 100. The logical architecture of the next-generation nodeB (gNB) 102 is shown below. Figure 1 The configuration is depicted as including a central unit 104 and multiple distributed units 106-110. Each of the multiple distributed units is communicatively connected to the central unit 108 via an eCPRI connection. Figure 1 As shown, the eCPRI link is depicted as including an Fs-C connection and an Fs-U connection. Specifically, the Fs-C connection provides control plane connectivity via the Fs interface, and the Fs-U connection provides user engagement connectivity via the Fs interface.

[0088] Central unit 104 can be defined as a logical node responsible for performing gNB functions, including user data transmission, mobility control, radio access network sharing, location, session management, and any other functions not uniquely assigned to one or more distributed units. Further, central unit 104 can be configured to control the operation of distributed units via a fronthaul (Fs) interface. Examples of central units include baseband units (BBUs), radio equipment controllers (RECs), cloud radio access networks (C-RANs), and virtual radio access networks (V-RANs). In some embodiments, central unit 104 may include any centralized device or location hosting multiple baseband units associated with corresponding distributed units. Specifically, central unit 104 is centrally located at a location not adjacent to distributed units 106-110. Similarly, each distributed unit in distributed units 106-110 can be defined as a logical node including a subset of gNB functions, depending on the function splitting options configured by the network operator. Examples of distributed units include remote radio headends (RRHs), remote radio units (RRUs), radio equipment (REs), and radio units (RUs). Figure 1 As shown, the central unit 104 can also be connected to the core network 112. For example, the core network 112 may include a next-generation (NG) core network comprising multiple network elements that together form the backhaul portion of network 100.

[0089] like Figure 1 The described approach allows for the partitioning or splitting of multiple functions within the gNB's protocol stack between the central unit 104 and the distributed units. In some examples, an internal PHY split (e.g., "Option 7" split) is employed to separate a portion of the PHY layer from the central unit. This option may have multiple implementations, including asymmetric options that allow for the benefits of different sub-options for uplink and downlink. This internal PHY split option requires compression techniques to reduce the transport bandwidth requirements between the distributed unit and the central unit. In the uplink, Fast Fourier Transform (FFT) processing and Cyclic Prefix (CP) removal processing reside in the distributed unit and are used for two sub-variants of this option (e.g., Options 7-1 and 7-2, as described below). Furthermore, for downlink communication, inverse FFT (iFFT) processing and CP addition processing can functionally reside in the distributed unit, while the remainder of the PHY functionality can reside in the CU.

[0090] It should be understood that Figure 1 This is for illustrative purposes, and the above text may be altered, modified, added to, or removed. Figure 1 The individual nodes and / or modules, locations and / or functions described.

[0091] Figure 2 This is a diagram illustrating an example RA procedure associated with UE 200 and base station 199 (e.g., gNB, evolved Node B (eNB), or other radio access node). In some implementations, UE 200 may be a 4G and / or 5G (4G / 5G) mobile phone, and base station 199 may represent a transceiver or other entity for communicating with the mobile phone via a radio interface or air interface.

[0092] like Figure 2 As depicted, in step 201, the UE 200 may send a first message (Msg1) of the RA procedure (e.g., an RA preamble message) to the base station 199. Msg1 may include a specific RA radio network temporary identifier (RA-RNTI) and a specific RA preamble identifier (RAPID).

[0093] In step 202, in response to receiving Msg1, a second message (Msg2) of the RA procedure can be sent from base station 199 to UE 200, for example, an RA response message. Msg2 can be scheduled using the RA-RNTI value of Msg1 and can provide various information such as the Temporary Cell Radio Network Temporary Identifier (TC-RNTI), the timing advance (TA) that UE 200 should use, and the uplink scheduling permission for sending the third message (Msg3) of the RA procedure.

[0094] In step 203, after receiving Msg2, UE 200 generates or selects any 48-bit TUEI, and then generates Msg3 (e.g., RRC connection request) containing the 48-bit TUEI for the RA procedure and sends it to base station 199.

[0095] In step 204, in response to receiving Msg3, a fourth message (Msg4) of the RA procedure can be broadcast from base station 199, for example, to UE 200 and / or other UEs in the area, such as an RRC connection establishment message or a contention resolution response. Msg4 may include the 48-bit TUEI of Msg3.

[0096] In step 205, after receiving Msg4, the UE 200 can send the fifth message (Msg5) of the RA procedure to the base station 199, for example, an RRC establishment completion message. Msg5 can initiate further signaling, such as a Non-Access Layer (NAS) procedure.

[0097] It should be understood that Figure 2 This is for illustrative purposes, and the above text may be altered, modified, or removed. Figure 2 The individual steps or actions described. It should also be understood that additional details beyond those mentioned above can be added. Figure 2Some steps or actions beyond those described.

[0098] Figure 3 This is a diagram illustrating an example of an unauthorized message relay attack. For example... Figure 3 As described above, UE 200 can participate in activities related to the above-mentioned... Figure 2 The described RA procedure is similar to other RA procedures. However, in Figure 3 In this context, UE 200 and UE 300 can exploit the behavior of base station 199 during RA procedures or related resource contention resolution procedures. For example, UE 200 can launch an unauthorized message relay attack by encoding a message in a self-selected TUEI via the Radio Media Access Control Protocol. The TUEI with the encoded message can be sent to base station 199, which can then broadcast the TUEI with the encoded message to UEs in the cell area (including UE 300), and UE 300 can decode the encoded message in the broadcast TUEI.

[0099] refer to Figure 3 Before UE 200 transmits Msg1, UE 200 and UE 300 may have agreed on various information to facilitate communication via broadcast TUEI. For example, UE 300 may know various values ​​(e.g., RA-RNTI and RAPID) that UE 200 will use when transmitting Msg1 to base station 199. UE 200 and 300 may also have agreed-upon techniques or methods (e.g., codebooks or encoding and decoding schemes) for unauthorized communication using broadcast TUEI during resource contention resolution procedures.

[0100] In step 301, the UE 200 may send Msg1 (e.g., RA preamble message) of the RA procedure to the base station 199. Msg1 may include a specific RA-RNTI and a specific RAPID.

[0101] In step 302, before or simultaneously with step 301, UE 300 may sniff or monitor base station transmissions of future RAR messages associated with UE 200 (e.g., physical downlink control channel (PDCCH)) (e.g., using RA-RNTI and RAPID values ​​known to UE 300 and used by UE 200).

[0102] In step 303, in response to receiving Msg1, Msg2 (e.g., an RA response message) associated with UE 200 for the RA procedure can be sent from base station 199. Msg2 can be scheduled using the RA-RNTI value of Msg1 and can provide various information such as TC-RNTI, TA, and uplink scheduling permission for sending Msg3 for the RA procedure.

[0103] In step 304, UE 300 can detect RAR messages associated with UE 200 and can use the learned information (e.g., TC-RNTI value from the RAR message) to sniff or monitor base station transmissions (e.g., PDCCH) of future RRC connection establishment messages (Msg4) associated with UE 200.

[0104] In step 305, after receiving Msg2, UE 200 can send the message (e.g., "<secret msg> The encoded message is coded as TUEI (e.g., UE CRI), and the TUEI with the encoded message (e.g., RRC connection request message) can be sent to base station 199 in Msg3 of the RA procedure.

[0105] In step 306, in response to receiving Msg3, a Msg4 (e.g., an RRC connection establishment message or contention resolution response) including the encoded TUEI message can be broadcast from base station 199 to UE 200 and UE 300, for example.

[0106] In step 307, UE 300 may receive Msg4 including TUEI with the encoded message selected by UE 200. Using an agreed technique (e.g., a decoding scheme or codebook), UE 300 may decode TUEI to obtain the message from UE 200.

[0107] It should be understood that Figure 3 This is for illustrative purposes, and the above text may be altered, modified, added to, or removed. Figure 3 The individual nodes and / or modules, locations and / or functions described.

[0108] Figure 4 This is a diagram illustrating an example node 400 used to mitigate unauthorized message relay attacks. Node 400 can represent (e.g., one or more computing platforms, network device testing facilities, or server clusters) for performing various aspects related to air interface communication, radio resource contention resolution procedures, and / or mitigation of unauthorized message relay attacks. In some embodiments, node 400 may include base station 199, radio access node, or RA function for performing RA procedures or related RRC functions. In such embodiments, base station 199, radio access node, or RA function may include or utilize functions for mitigating unauthorized message relay attacks (e.g., by modifying TUEI before it is broadcast during resource contention resolution procedures).

[0109] In some implementations, node 400 may represent a test system, platform, or apparatus. For example, node 400 may be a standalone tool, test apparatus, or software executing on a processor. In some implementations, node 400 may be a single node or may be distributed across multiple computing platforms or nodes.

[0110] In some implementations, node 400 may be configured to test an access network (e.g., a 4G network or a 5G NR network 100) or a radio access node therein. In some implementations, node 400 may include a UE emulator or related functionality. The UE emulator may include functionality for simulating or mimicking one or more 3GPP (e.g., 5G or LTE-advanced) handsets or other user equipment. For example, node 400 and / or the related UE emulator may be configured to emulate or mimic a competing UE that simultaneously initiates a Resource Contention Resolution (RA) procedure with the radio access node under test (e.g., the device under test (DUT) in this scenario). In this example, at least one of the competing UEs may attempt to employ a resource contention resolution procedure by encoding a message into (e.g., sending it in Msg3 of its RA procedure) its TUEI. Continuing this example, node 400 and / or the related UE emulator may also be configured to emulate or mimic one or more additional UEs attempting to receive and decode the TUEI broadcast by the radio access node during a resource contention resolution procedure. In some implementations, node 400 or related entities may be configured to determine whether the radio access node being tested effectively prevents data leakage or unauthorized message relay (e.g., by determining whether the broadcast TUEI has been sufficiently modified (e.g., from its original form) to prevent the receiving UE from successfully recovering the encoded message).

[0111] In some implementations, node 400 may be configured to test 3GPP UEs (e.g., 4G / 5G handsets) or related entities. In some implementations, node 400 may include functionality for simulating or mimicking one or more network nodes. For example, node 400 may simulate or mimic radio access elements (e.g., base stations, base transceivers, gNBs, eNBs, DUs, CUs, etc.) and may be used to test UEs or handsets to determine whether a UE or handset can effectively communicate with a radio access element performing one or more of the aspects described herein (e.g., mitigating data leakage or unauthorized message relay by modifying the UE-selected TUEI such that when the modified UE-selected TUEI is broadcast during a resource contention resolution procedure, any one or more encoded messages in the original UE-selected TUEI are obscured or difficult to discern).

[0112] In some implementations, the test UE may involve the test UE initiating a Resource Allocation (RA) procedure with Node 400, wherein during the RA procedure, the UE sends a TUEI in an RRC connection request, and Node 400 broadcasts a resource contention resolution response containing a modified version of the TUEI (e.g., Node 400 will use a conversion algorithm to generate the modified TUEI). In such implementations, Node 400 may determine, for example, that the test UE can effectively receive a resource contention resolution response containing the modified TUEI by determining that the UE sends an RRC establishment complete message and that the modified TUEI indicates its TUEI.

[0113] refer to Figure 4 Node 400 may include one or more communication interfaces 402, a radio resource controller 404, an attack mitigation module (AMM) 406, and a data repository 408. The one or more communication interfaces 402 represent one or more entities (e.g., network interface cards (NICs), port modules, air interface hardware, etc.) used to communicate with various entities (e.g., network nodes, UEs, or test devices).

[0114] The radio resource controller 404 can be any one or more suitable entities (e.g., software executing on a processor, a field-programmable gateway array (FPGA) and / or application-specific integrated circuit (ASIC), or a combination of software, FPGA, and / or ASIC) for performing various aspects associated with allocating, managing, or controlling radio resources or related functions. In some implementations, the radio resource controller 404 may be implemented using one or more processors and / or memory, and may include various functions (or derivatives thereof defined by 3GPP standards, such as 3GPP Technical Specification (TS) 38.321, version 16.4.0, number 16). The disclosure of 3GPP TS 38.321 is incorporated herein by reference in its entirety.

[0115] AMM 406 can be any one or more suitable entities (e.g., software, FPGA and / or ASIC, or a combination of software, FPGA and / or ASIC) executing on a processor to perform various aspects associated with mitigating unauthorized message relay attacks or data relay applications. For example, AMM 406 may include or utilize one or more transformation algorithms for receiving a TUEI (e.g., a 48-bit value) and generating an obfuscated or modified version of the TUEI as output. In this example, AMM 406 or the associated transformation algorithm may utilize salting techniques, cryptographic hash functions (CHFs), and / or bit-erasing masking techniques. In some implementations, AMM 406 may generate an obfuscated or modified version of the TUEI along with other data (e.g., salt value, bitmask, etc.) and provide it to Radio Resource Controller 404. In such implementations, Radio Resource Controller 404 may include the obfuscated or modified version of the TUEI along with other data in a broadcast message (e.g., an RRC connection establishment message or a contention resolution message) such that the receiving UE can determine whether the obfuscated or modified version of the TUEI is relevant to itself.

[0116] Node 400 or its entities (e.g., Radio Resource Controller 404 and / or AMM 406) may include functionality for accessing Data Repository 408. Data Repository 408 may be any one or more suitable entities (e.g., storage devices, non-transitory computer-readable media, or storage systems) for maintaining or storing information related to Media Access Control (MAC) procedures (e.g., RA procedures or resource contention resolution procedures), mitigation techniques for mitigating various applications associated with broadcast TUEIs (e.g., UE CRI) or their derivatives, and various conversion algorithms or related aspects. In some embodiments (e.g., where Node 400 is a test facility and / or performs emulation or simulation functions), Data Repository 408 may include emulation logic, test logic, traffic generation, and / or other information available for testing (e.g., test traffic generation rules and / or logic for generating performance metrics) (e.g., statistics). In some embodiments, Data Repository 408 may be located at Node 400, at another node, or distributed across multiple platforms or devices.

[0117] It should be understood that Figure 4 This is for illustrative purposes, and the above text may be altered, modified, added to, or removed. Figure 4 The individual nodes and / or modules, their locations and / or functions are described. It should also be understood that... Figure 4 Some of the modules or functions described herein can be combined into a single module or function. For example, the radio resource controller 404 can be incorporated into aspects or functions of the attack mitigation module 406.

[0118] Figure 5 This is a diagram illustrating an example conversion algorithm 500 for converting TUEI using salting techniques and CHF. Conversion algorithm 500 can convert TUEI (e.g., UE CRI) into an output value that the UE can use for resource contention resolution procedures (e.g., a derivative or modification of the TUEI), but prevents or inhibits the use of the output value to provide the encoded message stored in the TUEI to the receiver (when the output value is broadcast during the resource contention resolution procedure). In some embodiments, conversion algorithm 500 or variations thereof may be used by node 400, base station 199, or radio access element.

[0119] In some implementations, the transformation algorithm 500 may use one or more CHFs (e.g., MD5, SHA-1, SHA-2, SHA-3, RIPEMD-160, etc.) to transform TUEI. For example, each CHF may use a specific hashing algorithm. For instance, a CHF may use one or more deterministic, unique, and computationally irreversible functions that take an input value as input and output an output value (e.g., a fixed-size value). In this example, the CHF may be a one-way function that makes it infeasible or very difficult to obtain the input value from the output value.

[0120] In some implementations, the UE may have knowledge of the transition algorithm 500, allowing the competing UE to check whether the broadcast value in Msg4 during the RA procedure is associated with its own CRI. For example, the receiving UE may need to know certain details about the transition algorithm 500 so that it can determine whether it has won (or lost) the contested resource. In this example, the UE may modify its own TUEI based on the transition algorithm 500 and then compare the result with the broadcast value in Msg4 received during the RA procedure or resource contention resolution procedure. Continuing this example, if the UE's result matches the broadcast value, the UE can determine that the received intent is for the UE.

[0121] In some implementations (e.g., where the conversion algorithm 500 involves generating the output using the CHF), the UE (e.g., UE200 and UE300) and base station 199 (e.g., node 400) may have prior knowledge about the CHF used. For example, CRI x may be sent to base station 199 via Msg3 of the RA procedure, and base station 199 may use conversion algorithm 500 to convert CRI x into an output hash value h, where h is broadcast by base station 199 in Msg4 of the RA procedure. In this example, each UE may locally compute the hash value h' of its own CRI x' and perform a bitwise comparison with the broadcast hash value h. If the given UE hash value h' matches the broadcast hash value h, the UE may proceed to Msg5 of the RA procedure; otherwise, the UE may retry the RA procedure.

[0122] By broadcasting an untransformed TUEI or a CHF-transformed TUEI without salting, it should be understood that an attacker UE (e.g., UE 200 and UE 300) could construct a codebook of size M. For example, each code in the codebook can be decoded, deciphered, or understood by a known entity. For example, suppose... This indicates the encoded message, and each message sent by UE 200. Corresponding to the use of CHF The unique broadcast value in the generated Msg4 (e.g., TUEI or its variants), for example, In this example, we can assume Can be used by UE 300 All encoded messages Pre-computed tables (e.g., rainbow tables) are mapped back to unique values. This pre-computation technique, also known as preimage avoidance, can result in log2M bits per attempt.

[0123] In some implementations, the conversion algorithm 500 may utilize one or more salting techniques. For example, the conversion algorithm 500 may be executed by base station 199, and may involve base station 199 generating a random value ψ for each conversion and then using a salt value and TUEI to generate a value that is then input into the CHF. Various salting techniques can be used to achieve some improvements (relative to unsalted CHF techniques). However, the salt value ψ used must be included in the corresponding Msg4 for contention resolution to function properly; otherwise, the UE may be unable to calculate B(,ψ) based on its CRI and compare it with the received content. Therefore, salting can prevent or hinder an attacker from accessing the codebook. For example, adding salt might require an attacker UE (e.g., UE 300) to use salt for each received Msg4. Salt value of each element in Each encoded message is recalculated. Furthermore, pre-computation techniques become more difficult because an attacker UE (e.g., UE 300) might need to use... Each encoded message is calculated by considering all possible salt values ​​for each element in the array.

[0124] In some implementations, the conversion algorithm 500 may utilize a random multiplication salting technique. For example, suppose the salt value or vector is randomly selected from a small set of hexadecimal characters (16 possibilities) (e.g., by base station 199), and indicates that the selected hexadecimal character should be repeated a random number of times n (between 1 and 16), then for each character instance or the first instance thereof in the salted output value sent as input to the CHF (e.g., MD5, SHA-1, SHA-2, depending on the overhead). In this example, the CHF output may be sent along with the salt value, allowing the receiving UE to recalculate the accurate output (assuming its TUEI is the original value).

[0125] refer to Figure 5 TUEI 502 can be a 48-bit UE CRI represented as a hexadecimal value. The random multiplication salt value 504 can be represented in hexadecimal form and can include element pairs, such as pairs 506, 508, and 510. Each of pairs 506, 508, and 510 can include a hexadecimal character followed by its repetition count in the salted output value 512. While the size of the salted output value 512 depends on the salt value 504, CHF 514 can generate a fixed-size output value 516. The output value 516 and the salt value 504 can be provided in Msg4 of the RA program (e.g., as a cascaded value or otherwise).

[0126] It should be understood that using CHF to generate output values ​​may increase the size of the broadcast value in the Msg4 of the RA procedure. For example, the 3GPP-defined UE CRI is 48 bits, while the output value generated by CHF is typically 128 bits. Although this increase in size can be significant in low-bandwidth LTE carriers (e.g., 3 and 5 MHz bands) where Physical Downlink Shared Channel (PDSCH) resources are limited, it should not be a concern in most 5G deployments.

[0127] In some implementations, when using multiplication with salt, the CRI error probability (P) ce The probability of a hash collision can be the same as that of a salted CHF. It should be understood that calculating the collision probability of a salted CHF can be very computationally intensive. However, in practice, it can be observed that the collision probability is very low in sets of strings with variable lengths and weak substring correlations. Assume Ω... M The elements in the hash table are fixed-size strings and have a very small chance of being correlated when randomly selected. Multiplication and salting can help produce weak correlations to ensure a low probability of hash collisions.

[0128] It should be understood that Figure 5 This is for illustrative purposes, and the above text may be altered, modified, or removed. Figure 5 The various aspects described.

[0129] Figure 6 This is a diagram illustrating an example conversion algorithm 600 for converting a TUEI (e.g., UE CRI) using one or more random process (RP) functions (e.g., bit erase mask). Conversion algorithm 600 can convert a TUEI (e.g., UE CRI) into an output value that can be used by the UE for a resource contention resolution procedure (e.g., a derivative or modification of the TUEI), but prevents or inhibits the use of the output value to provide the encoded message stored in the TUEI to the receiver (when the output value is broadcast during the resource contention resolution procedure). In some embodiments, conversion algorithm 600 or variations thereof may be available from node 400, base station 199, or radio access element.

[0130] In some implementations, the transformation algorithm 600 may involve performing one or more RP functions (e.g., random bit manipulation) on the received random variable X and may be represented as (B(X)). From an attacker's perspective, the RP function can act as a noisy channel used to attenuate the broadcast message (Msg4) and thus reduce or decrease the actual data rate at which the attacker conveys the encoded or unauthorized message. Known discrete channel models can inspire the construction of B(X). As shown, such models can satisfy a strict trade-off where the gain of attenuating the attacker will also increase the probability of CRI errors.

[0131] In some implementations, the conversion algorithm 600 may be represented as B(x) and may utilize a bit or binary erase channel (BEC). For example, the conversion algorithm 600 may involve node 400 or base station 199 randomly selecting K bits from the received CRIs that have been erased, then broadcasting only the remaining bits, and using a bitmask e indicating that the K bits have been erased. K (For example, the same size as X) to broadcast the remaining bits. In this example, the receiving UE can perform a bitwise comparison only on the remaining bits to make a decision about the next step in the RA procedure.

[0132] In some implementations, the transformation algorithm 600 can be represented as B(x,e) K Furthermore, a random erase bitmask vector e with Hamming weights K can be used. K ∈Ω N For example, conversion algorithm 600 can apply a random erase bit mask vector to the received TUEIx to select a size of NK. Subsequence. In this example, the TUEI derivative in the broadcast message can be expressed as... And its length can be 2N-K.

[0133] refer to Figure 6TUEI 602 can be a 48-bit UE CRI represented as eight hexadecimal characters (e.g., x1-x8). The random erase mask 604 can indicate which hexadecimal characters of TUEI 602 were erased in the resulting output value 606. In some implementations, the random erase mask 604 can be determined randomly, such that the number of hexadecimal characters erased and their positioning can change from one conversion to the next. The output value 606 and the random erase mask 604 (e.g., as a concatenation value or otherwise) can be provided in Msg4 of the RA procedure.

[0134] It should be understood that Figure 6 This is for illustrative purposes, and the above text may be altered, modified, or removed. Figure 6 The various aspects described.

[0135] Figure 7 This is a diagram illustrating an example conversion algorithm 700 for converting TUEI (e.g., UE CRI) using salting techniques, CHF, and bit-erasing masks. Conversion algorithm 700 can convert TUEI (e.g., UE CRI) into an output value that the UE can use for resource contention resolution procedures (e.g., a derivative or modification of the TUEI), but prevents or inhibits the use of the output value to provide the encoded message stored in the TUEI to the receiver (when the output value is broadcast during the resource contention resolution procedure). In some embodiments, conversion algorithm 700 or variations thereof may be used by node 400, base station 199, or radio access element.

[0136] In some implementations, the transformation algorithm 700 may involve combining aspects of algorithms 500 and 600. For example, the transformation algorithm 700 may utilize a multiplicative salted CHF with K erasures. In this example, the transformation algorithm 700 can provide the benefits of algorithms 500 and 600 while eliminating feasible strategies for attackers to construct efficient CRI codebooks to circumvent the induced mitigation.

[0137] In some implementations, the conversion algorithm 700 may be a long-term solution and / or may be incorporated into standards (e.g., 3GPP standards) as an optional security CRI mechanism. However, in some scenarios, it may not be necessary to implement the conversion algorithm 700 or related mitigation efforts across the network. For example, the conversion algorithm 700 may be implemented in various scenarios or locations where mitigation is required (e.g., site clusters broadcasting near sensitive targets and facilities).

[0138] In some implementations, the conversion algorithm 700 can also be used to solve similar problems in other applications or contexts (e.g., where a secure hash value needs to be used only once). For example, the conversion algorithm 700 can be used in MAC address (48-bit) anonymizers, for example, for semi-private user tracking purposes.

[0139] refer to Figure 7 TUEI 702 can be a 48-bit UE CRI represented as a hexadecimal value. The random multiplication salt 704 can be an S-bit (e.g., 16 or 24-bit) value represented in hexadecimal form and can include element pairs. Each pair can contain a hexadecimal character followed by its repetition count in the salted output value 706. While the size of the salted output value 706 depends on the salt value 704, CHF 708 can generate a fixed-size CHF output 710. CHF output 710 can be an L-bit (e.g., 128, 256, or 512-bit) value represented in binary form. The random erase mask 712 can indicate which bits of the CHF output 710 are removed or erased in the resulting digest 714, and its size can be K bits, for example, K ≤ L. The digest 714 can depend on the random erase mask 712 and the number of bits erased, but the size of the digest 714 can be less than L bits. Summary 714, random erase mask 712, and salt value 704 can be provided in Msg4 of the RA procedure (e.g., as a concatenation value or otherwise). The size of Summary 714, random erase mask 712, and salt value 704 can be represented as 2L-K+S bits.

[0140] In some implementations, transformation algorithm 700 can generate relatively long outputs compared to other algorithms (e.g., transformation algorithms 500 and / or 600). In some implementations, algorithm 700 or related entities can provide a salting vector ψ and a random erasure mask e for generating a digest (e.g., a modified version of TUEI). K Both of these allow each UE to compute the digest value of its TUEI in the third message of the RA procedure and to perform a bitwise comparison of its digest value with the broadcast digest value, the UE receiving the fourth message of the RA procedure to make its RA decision. For example, consider using MD5 for hashing (L = 128 bits), with a 2-character multiplication salt (S = 16 bits) and K = 64 bits erased from the hash output. This will produce a 208-bit output. Given the strong hashing performance, the chance of hash collisions is very small.

[0141] In some implementations, after transforming the TUEI (e.g., UE CRI) using Algorithm 700, sending unauthorized messages using the broadcasted transformed TUEI becomes an unfeasible attack strategy. For example, an attacker creates a codebook. This is impractical. For an attacker's receiver to decode the data, it first needs the CHF output to come from a codebook that can survive channel erasure, such as MDS or Fountain. Such a codebook would require the attacker to invert the entire CHF to decode it. A set of TUEI values ​​is found such that its CHF output forms a codebook suitable for channel erasure. Even without salting, the inverse domain of the mapped CHF is a non-polynomial computation. Therefore, with random salting, an attacker cannot actually pre-build the codebook because the CHF mapping can change drastically for each attempt without any prior knowledge.

[0142] It should be understood that Figure 7 This is for illustrative purposes, and the above text may be altered, modified, or removed. Figure 7 The various aspects described.

[0143] Figure 8 This is a graph illustrating example data 800 related to various transformation algorithms. Data 800 indicates some high-level characteristics associated with different transformation algorithms (e.g., performance impact, blocking effectiveness, and attacker codebook effects (e.g., the attacker's ability to overcome them)). Specifically, data 800 shows that the first transformation algorithm (Algorithm 500), which includes CHF and multiplication salting techniques, has very low performance impact but low blocking (mitigation) effectiveness, and an attacker can dynamically recompile their codebook to overcome the transformation algorithm. Data 800 also shows that the second transformation algorithm (Algorithm 600), which includes RP bit-erasing masking techniques, has considerable performance impact, significant blocking (mitigation) effectiveness, and the attacker's codebook is static for error correction. Data 800 further shows that the third transformation algorithm (Algorithm 700), which includes CHF, multiplication salting techniques, and RP bit-erasing masking techniques, has very low performance impact, very high blocking (mitigation) effectiveness, and generating an efficient codebook is almost infeasible.

[0144] Figure 9 This diagram illustrates an example test system 900 used for testing UE 200. In some implementations, test system 900 may represent a test system, platform, or apparatus. For example, test system 900 may be a standalone tool, test apparatus, or software executing on one or more processors. In some implementations, test system 900 may be a single node or may be distributed across multiple computing platforms or nodes.

[0145] In some implementations, test system 900 may be configured to test 3GPP UEs or related entities. In some implementations, test system 900 may include a simulated radio resource controller 904 for simulating or mimicking radio access elements (e.g., base stations, gNBs, eNBs, DUs, CUs, etc.) or related functions. For example, simulated radio resource controller 904 may be any one or more suitable entities (e.g., software executing on a processor, field-programmable gateway arrays (FPGAs) and / or application-specific integrated circuits (ASICs), or a combination of software, FPGAs, and / or ASICs) for performing various aspects associated with allocating, managing, or controlling radio resources or related functions.

[0146] In some implementations, the emulated radio resource controller 904 can be used in the test UE 200 to determine whether the UE 200 can effectively communicate with a radio access element performing one or more aspects described herein (e.g., mitigating data leakage or unauthorized message relay by: UE-selected TUEI such that when a modified version is broadcast in the resource contention resolution process, any one or more encoded messages of the original UE-selected TUEI are obscured or difficult to identify).

[0147] In some implementations, testing UE 200 may involve the test UE 200 initiating a Resource Allocation (RA) procedure using test system 900. During the RA procedure, UE 200 sends a TUEI in an RRC connection request, and test system 900 broadcasts a resource contention resolution response containing a modified version of the TUEI (e.g., test system 900 uses a conversion algorithm to generate the modified TUEI). In such implementations, test system 900 may determine that UE 200 can effectively receive a resource contention resolution response containing the modified TUEI, and determine that the modified TUEI indicates its TUEI (e.g., by determining that UE 200 sends an RRC setup completion message).

[0148] It should be understood that Figure 9 This is for illustrative purposes, and the above text may be altered, modified, or removed. Figure 9 The individual steps or actions described. It should also be understood that additional details beyond those mentioned above can be added. Figure 9 Some steps or actions beyond those described.

[0149] Figure 10This is a diagram illustrating an example test system 1000 for testing a radio access node 1004 (e.g., an eNB or gNB) or related networks. In some embodiments, the test system 1000 may represent a test system, platform, or apparatus. For example, the test system 1000 may be a standalone tool, test apparatus, or software executing on a processor. In some embodiments, the test system 1000 may be a single node or may be distributed across multiple computing platforms or nodes.

[0150] In some implementations, test system 1000 may be configured to test an access network (e.g., a 4G network or a 5G NR network 100) or radio access node 1004. In some implementations, test system 1000 may include a UE emulator 1002 or related functionality. For example, UE emulator 1002 may be any one or more suitable entities for emulating or mimicking one or more UEs (e.g., software executing on a processor, FPGA and / or ASIC, or a combination of software, FPGA and / or ASIC).

[0151] In some implementations, the UE emulator 1002 may include functions for simulating or mimicking one or more 3GPP (e.g., 5G or LTE-advanced) handsets or other user equipment. For example, the UE emulator 1002 may be configured to emulate or mimic a competing UE that simultaneously initiates a Resource Contention Resolution (RA) procedure with the radio access node 1004 (e.g., the DUT in this scenario). In this example, at least one of the competing UEs may attempt to employ a resource contention resolution procedure by encoding a message into (e.g., sent in Msg3 of its RA procedure) its TUEI. Continuing this example, the UE emulator 1002 may also be configured to emulate or mimic one or more additional UEs attempting to receive and decode a TUEI broadcast by the radio access node 1004 during a resource contention resolution procedure. In some implementations, the test system 1000 or related entities may be configured to determine whether the radio access node 1004 effectively prevents data leakage or unauthorized message relay (e.g., by determining whether the broadcast TUEI has been sufficiently modified (e.g., from its original form) to prevent the receiving UE from successfully recovering the encoded message).

[0152] It should be understood that Figure 10 This is for illustrative purposes, and the above text may be altered, modified, or removed. Figure 10 The individual steps or actions described. It should also be understood that additional details beyond those mentioned above can be added. Figure 10 Some steps or actions beyond those described.

[0153] Figure 11This is a diagram illustrating an example process 1100 for network testing using CTI. In some embodiments, process 1100 or parts thereof may be performed by or at node 400, test system 900, test system 1000, and / or another node or module. For example, process 1100 or its steps or actions may be performed by or at a network node (e.g., a radio access node or base station) configured to relay network message information or derived information to avoid resource contention between UEs. In some embodiments, process 1100 may include steps 1102, 1104, 1106, and / or 1108.

[0154] Referring to process 1100, in step 1102, a first TUEI associated with a first UE (e.g., associated with base station 199 or node 400) may be received for requesting radio resources within the serving cell.

[0155] In step 1104, radio resources can be allocated to the first UE using the first TUEI.

[0156] In step 1106, a second value can be generated based on the first TUEI using at least a conversion algorithm, wherein the second value has a higher entropy characteristic than the first TUEI. For example, algorithm 700 can be used to convert the first TUEI into a second value, wherein the second value is less likely to contain decodeable or discernible messages compared to the first TUEI. In some embodiments, algorithm 700 can generate a second value that obscures or removes any messages encoded by the receiving UE in the first TUEI (e.g., the input UE CRI). In some embodiments, the second value generated based on the first TUEI can reduce (relative to the TUEI) the likelihood that the second value includes encoded messages that can be decoded by the second UE when relayed by a network node.

[0157] In step 1108, a message including the second value may be broadcast to multiple UEs, including the second UE.

[0158] In some implementations, the conversion algorithm can erase some bits in the first TUEI. In such implementations, an erase mask indicating the location of the bits to be erased (along with an output value based on the first TUEI) can be included in the broadcast message (e.g., Msg4 of the RA program).

[0159] In some implementations, the transformation algorithm may use multiplication and salting when generating the second value.

[0160] In some implementations, the conversion algorithm may use a first TUEI, at least one salt value, and at least one CHF when generating the second value.

[0161] In some implementations, the conversion algorithm can be a one-way function because the second UE cannot convert the second value of the output back to the first TUEI of the input.

[0162] In some implementations, the second UE cannot obtain the first TUEI from the second value.

[0163] In some implementations, the first TUEI can be a MAC identifier or a UE CRI.

[0164] In some implementations, the second UE may use a second value to avoid requesting or using the same radio resources allocated to the first UE.

[0165] In some implementations, the first UE can use a second value to determine that radio resources have been allocated to it.

[0166] In some implementations, the network node performing process 1100 or its steps may be a radio access node emulator associated with a test system used to test a UE device.

[0167] In some implementations, the first UE or the second UE may be a UE emulation associated with a test system used to test radio access nodes.

[0168] In some implementations, the network node performing process 1100 or steps may include a radio access node, a base station, a base transceiver, a nodeB, an eNodeB, a gNodeB, an 802.X access point, or a 5G non-terrestrial network radio interface node.

[0169] In some implementations, a network node may be configured to generate and broadcast multiple messages during a radio resource request quiescent period to generate random access confusion. In such implementations, the multiple messages include TUEIs or derivatives thereof received by the network node from one or more UEs.

[0170] In some implementations, the network node performing process 1100 or steps may be configured to analyze relay-related violations in the second TUEI associated with the third UE and, in response to detecting a relay-related violation, block the broadcast of messages associated with the third UE. In such implementations, the network node compares known or estimated physical layer information with the reported physical layer information in the second TUEI and detects the relay-related violation by determining the difference between the known or estimated physical layer information and the reported physical layer information.

[0171] It should be understood that process 1100 is for illustrative purposes and different and / or additional actions may be used. It should also be understood that the various actions described herein may be performed in different orders or sequences.

[0172] It should be noted that node 400, test system 900, test system 1000, and / or the functions described herein can constitute a dedicated computing device. Furthermore, node 400, test system 900, test system 1000, and / or the functions described herein can improve UE and network node testing in the field of cybersecurity technology and / or related areas.

[0173] It should be understood that various details of the subject matter described herein may be modified without departing from the scope of the subject matter described herein. Furthermore, the foregoing description is for illustrative purposes only and not for limiting purposes, as the subject matter described herein is defined by the claims set forth below.

Claims

1. A method for mitigating unauthorized message relay attacks, the method comprising: At network nodes configured to relay network messages or derived messages to avoid resource contention between user equipment (UEs): Receive a first temporary UE identifier (TUEI) associated with the first UE for requesting radio resources within the serving cell; The radio resources are allocated to the first UE using the first TUEI; At least a conversion algorithm is used to generate a second value based on the first TUEI, wherein the second value has a higher entropy characteristic than the first TUEI, thereby reducing the likelihood that the second value includes an encoded message that can be decoded by the second UE when relayed by the network node; as well as The message including the second value is broadcast to multiple UEs, including the second UE.

2. The method according to claim 1, wherein, The conversion algorithm uses multiplication with salt when generating the second value; The conversion algorithm uses the first TUEI, at least one salt, and at least one cryptographic hash function (CHF) when generating the second value; or The conversion algorithm uses a bit-erasure mask that indicates the bits to be erased in the TUEI or CHF output value when generating the second value.

3. The method according to claim 1, wherein, The conversion algorithm is a one-way function because the second UE cannot convert the second value back to the first TUEI; or In this case, the second UE cannot obtain the first TUEI from the second value.

4. The method according to claim 1, wherein, The second value can be used by the second UE to avoid requesting the same radio resources allocated to the first UE; or The second value can be used by the first UE to determine that the radio resources have been allocated to it.

5. The method according to claim 1, wherein, The network node is a radio access node emulation associated with a test system used to test the UE device; or The first UE or the second UE is a UE emulation associated with a test system used to test radio access nodes.

6. The method according to claim 1, wherein, The network nodes include radio access nodes, base stations, base station transceivers, nodeB, eNodeB, gNodeB, 802.X access points, and fifth-generation (5G) non-terrestrial network radio interface nodes; or Wherein, the first TUEI is a Media Access Control (MAC) identifier or a UE Contention Resolution Identifier (CRI).

7. The method according to claim 1, wherein, The network nodes are configured to generate and broadcast multiple messages during radio resource request quiescent periods to generate random access confusion.

8. The method according to claim 7, wherein, The multiple messages include TUEI or its derivatives associated with one or more UEs.

9. The method according to claim 1, wherein, The network node is configured to analyze relay-related violations for the second TUEI associated with the third UE, and to block the broadcast of messages associated with the third UE in response to detecting a relay-related violation.

10. The method according to claim 9, wherein, The network node compares the known or estimated physical layer information with the reported physical layer information in the second TUEI, and detects the relay-related violation by determining the difference between the known or estimated physical layer information and the reported physical layer information.

11. A system for mitigating unauthorized message relay attacks, the system comprising: At least one processor; A network node configured to relay network message information or derived information to avoid resource contention between user equipments (UEs), wherein the network node is implemented using the at least one processor, and wherein the network node is configured to: Receive a first temporary UE identifier (TUEI) associated with the first UE for requesting radio resources within the serving cell; The radio resources are allocated to the first UE using the first TUEI; At least a conversion algorithm is used to generate a second value based on the first TUEI, wherein the second value has a higher entropy characteristic than the first TUEI, thereby reducing the likelihood that the second value includes encoded messages that can be decoded by the second UE when relayed by the network node; and The message including the second value is broadcast to multiple UEs, including the second UE.

12. The system according to claim 11, wherein, The conversion algorithm uses multiplication with salt when generating the second value; The conversion algorithm uses the first TUEI, at least one salt, and at least one cryptographic hash function (CHF) when generating the second value; or The conversion algorithm uses a bit-erasure mask that indicates the bits to be erased in the TUEI or CHF output value when generating the second value.

13. The system according to claim 11, wherein, The conversion algorithm is a one-way function because the second UE cannot convert the second value back to the first TUEI; Wherein, the second UE cannot obtain the first TUEI from the second value; Wherein, the second value can be used by the second UE to avoid requesting the same radio resources allocated to the first UE; or The second value can be used by the first UE to determine that the radio resources have been allocated to it.

14. The system according to claim 11, wherein, The network node is a radio access node emulation associated with a test system used to test the UE device; or The first UE or the second UE is a UE emulation associated with a test system used to test radio access nodes.

15. The system according to claim 11, wherein, The network nodes include radio access nodes, base stations, base station transceivers, nodeB, eNodeB, gNodeB, 802.X access points, and fifth-generation (5G) non-terrestrial network radio interface nodes; or Wherein, the first TUEI is a Media Access Control (MAC) identifier or a UE Contention Resolution Identifier (CRI).

16. The system according to claim 11, wherein, The network nodes are configured to generate and broadcast multiple messages during radio resource request quiescent periods to generate random access confusion.

17. The system according to claim 16, wherein, The multiple messages include TUEI or its derivatives associated with one or more UEs.

18. The system according to claim 11, wherein, The network node is configured to analyze relay-related violations for the second TUEI associated with the third UE, and to block the broadcast of messages associated with the third UE in response to detecting a relay-related violation.

19. The system according to claim 18, wherein, The network node compares the known or estimated physical layer information with the reported physical layer information in the second TUEI, and detects the relay-related violation by determining the difference between the known or estimated physical layer information and the reported physical layer information.

20. A non-transitory computer-readable medium having stored thereon executable instructions embodied therein, the executable instructions, when executed by at least one processor of a computer, causing the computer to perform steps including: At network nodes configured to relay network messages or derived messages to avoid resource contention between user equipment (UEs): Receive a first temporary UE identifier (TUEI) associated with the first UE for requesting radio resources within the serving cell; The radio resources are allocated to the first UE using the first TUEI; At least a transformation algorithm is used to generate a second value based on the first TUEI, wherein, The second value has a higher entropy characteristic than the first TUEI, thereby reducing the likelihood that the second value includes encoded messages that can be decoded by the second UE when relayed by the network node; as well as The message including the second value is broadcast to multiple UEs, including the second UE.