Paper 2022/1149

Secure Anycast Channels with Applications to 4G and 5G Handovers

Karl Norrman, KTH Royal Institute of Technology, Ericsson Research

In 3GPP mobile networks, application data is transferred between the phone and an access point over a wireless link. The mobile network wireless link is special since one channel endpoint is handed over from one access point to another as the phone physically moves. Key evolution during handover has been analyzed in various works, but these do not combine the analysis with analysis of the wireless-link application-data encryption protocol that uses the keys. To enable formal analysis of the 4G/5G wireless link, we develop a game-based security framework for such channels and define flexible key insulation security notions for application data transfer, including forward and backward security in the given adversary model. Our notions are modular and combine a bidirectional application data transfer channel with a generic framework for multiparty channel-evolution protocols. These two components interact, and the security of the channel-evolution protocol may rely on the security of the data transfer channel for some or all its messages. We also develop the first formal model of 4G/5G wireless link security including both handover key evolution and application data transfer, in the complexity theoretic setting. We prove the model secure w.r.t. our security notions. As a byproduct, we identify recommendations for improving the security of future mobile network standards to achieve key insulation. Specifically, we show that the current standards do not achieve forward secure encryption, even though this appears to be an explicit goal. We show how this can be rectified.

Note: v2: adds analysis of S1/N2 handover and editorials

Available format(s)
Cryptographic protocols
Publication info
Anycast Handover 3GPP 5G Cryptographic Channel
Contact author(s)
karl norrman @ ericsson com
2022-09-21: revised
2022-09-04: received
See all versions
Short URL
Creative Commons Attribution


      author = {Karl Norrman},
      title = {Secure Anycast Channels with Applications to 4G and 5G Handovers},
      howpublished = {Cryptology ePrint Archive, Paper 2022/1149},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.