Current cellular networking remains vulnerable to malicious fake base stations due to the lack of base station authentication mechanism or even a key to enable authentication. We design and build a base station certificate (certifying the base station's public key and location) and a multi-factor authentication (making use of the certificate and the information transmitted in the online radio control communications) to secure the authenticity and message integrity of the base station control communications. We advance beyond the state-of-the-art research by introducing greater authentication factors (and analyzing their individual security properties and benefits), and by using blockchain to deliver the base station digital certificate offline (enabling greater key length or security strength and computational or networking efficiency). We design the certificate construction, delivery, and the multi-factor authentication use on the user equipment. The user verification involves multiple factors verified through the ledger database, the location sensing (GPS in our implementation), and the cryptographic signature verification of the cellular control communication (SIB1 broadcasting). We analyze our scheme's security, performance, and the fit to the existing standardized networking protocols. Our work involves the implementation of building on X.509 certificate (adapted), smart contract-based blockchain, 5G-standardized RRC control communications, and software-defined radios. Our analyses show that our scheme effectively defends against more security threats and can enable stronger security, i.e., ECDSA with greater key lengths. Furthermore, our scheme enables computing and energy to be more than three times efficient than the previous research on the mobile user equipment.

翻译：当前蜂窝网络因缺乏基站认证机制甚至用于认证的密钥，仍易受恶意伪基站攻击。本文设计并构建了基站证书（验证基站公钥与位置）及多因素认证机制（利用证书与在线无线控制通信中传输的信息），以保障基站控制通信的真实性与消息完整性。本研究通过引入更多认证因素（并分析其各自的安全特性与优势），以及利用区块链离线分发基站数字证书（支持更长密钥/更高安全强度及更优计算/网络效率），实现了对现有前沿研究的突破。我们设计了证书构建、分发及在用户设备上实施多因素认证的方案。用户验证过程涉及通过账本数据库、位置感知（本实现采用GPS）及蜂窝控制通信（SIB1广播）的密码学签名验证等多重因素。我们分析了该方案的安全性、性能及其与现有标准化网络协议的适配性。本工作基于改进的X.509证书、智能合约区块链、5G标准化RRC控制通信及软件定义无线电实现了系统原型。分析表明，本方案能有效防御更多安全威胁，并可支持更强安全性（如采用更长密钥的ECDSA）。此外，本方案使移动用户设备的计算与能效较先前研究提升三倍以上。