Overview on the Security in 5G Phase 2


  • Noamen Ben Henda Ericsson, Torshamnsgatan 23, 164 40 Stockholm, Sweden




3GPP, 5G, security, privacy


During the early development stages of the 5G specifications by 3GPP, it was quickly identified that it is not possible to address all the use cases of the 5G System within the normal Release timeframe. Therefore, it was decided to split the work in two phases. The 5G Phase 1 work focused on the foundation of the new system while 5G Phase 2 focused more on the needed enhancements to address the use cases. The work on the security in 5G Phase 1 was ample enough to deliver all the needed mechanisms not only to secure the communication between the different entities but also to protect the privacy of the user. Therefore, it is expected that the work on 5G Phase 2 will unlikely have impact on the security mechanisms. Nevertheless, some of the new features in 5G Phase 2 give rise to subtle security challenges which may require enhancements to the existing mechanisms. In this article, we consider some of the 5G Phase 2 features and shed light on such security aspects.


Download data is not yet available.

Author Biography

Noamen Ben Henda, Ericsson, Torshamnsgatan 23, 164 40 Stockholm, Sweden

Noamen Ben Henda is currently the chairman of SA3, the security working group of 3GPP. He was elected for the position in May 2019.Within Ericsson, Noamen Ben Henda holds the title of Master Researcher Security in the global Ericsson Research organization. His responsibilities include driving 3GPP security standardization and related research. After a Bachelor degree in fundamental sciences, Noamen obtained a Master of Science degree in Information Technology in 2002 and a Ph.D. in theoretical computer science in 2008 from Uppsala University in Sweden. When he joined Ericsson in 2013, Noamen’s main interest was in software security. More specifically, he has been driving research activities related to the formal verification of security protocols. Noamen joined the Ericsson SA3 team in 2015 and has since been contributing to several studies and work items. Notably, Noamen has been heavily involved in the development of the 5G security standards. In 2018, Noamen assumed the role of Ericsson’s technical coordinator for SA3 and head of the delegation. Before joining Ericsson, Noamen worked as an application engineer for safety-critical systems.



3GPP TS 22.261: “Service requirements for next generation new services and markets”.

D. Rupprecht, K. Kohls, T. Holz, C. Pöpper: “Breaking LTE on Layer

Two” ‘Designing power-efficient WDM ring networks’, 2019 IEEE

Symposium on Security and Privacy (SP), San Francisco, 2019.


B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson, H. Levkowetz: [RFC3748]

“Extensible Authentication Protocol (EAP)”, IETF, June 2004.

3GPP TS 33.501: “Security architecture and procedures for 5G System”.

A. R. Prasad, S. Arumugam, B. Sheeba, A. Zugenmaier: “3GPP 5G

Security”, Journal of ICT, Vol. 6 1&2, 137–158. River Publishers, May

3GPP TR 33.835: “Study on authentication and key management for

applications based on 3GPP credential in 5G”.

3GPP TS 33.535: “Authentication and key management for applications

based on 3GPP credentials in the 5G System (5GS)”.

3GPP TS 33.220: “Generic Authentication Architecture (GAA);

Generic Bootstrapping Architecture (GBA)”.

A. Niemi, J. Arkko, V. Torvinen: [RFC3310] “Hypertext Transfer Protocol

(HTTP) Digest Authentication Using Authentication and Key

Agreement (AKA)”, IETF, September 2002.

J. Arkko, V. Lehtovirta, P. Eronen: [RFC5448] “Improved Extensible

Authentication Protocol Method for 3rd Generation Authentication and

Key Agreement (EAP-AKA’)”, IETF, May 2009.

3GPP TR 33.824: “Study on security aspects of Integrated Access and

Backhaul (IAB) for Next Radio (NR)”.

3GPP TR 33.836: “Study on security aspects of 3GPP support for

advanced V2X services”.

3GPP TR 33.819: “Study on security enhancements of 5GS for vertical

and Local Area Network (LAN) services”.

3GPP TR 33.825: “Study on the security of Ultra-Reliable Low-Latency

Communication (URLLC) for the 5G System (5GS)”.

3GPP TR 33.848: “Study on security impacts of virtualisation”.

3GPP TR 33.818: “Security Assurance Methodology (SECAM) and

Security Assurance Specification (SCAS) for 3GPP virtualized network


3GPP TR 33.809: “Study on 5G security enhancements against false

base stations”.

3GPP TR 33.846: “Study on authentication enhancements in the 5G System (5GS)”

3GPP TR 33.853: “key issues and potential solutions for Integrity

protection of the User Plane”.






Special Issue on 3GPP 5G Security