Overcoming the barriers of decryption and data visibility.

The rollout of next generation network connectivity is always a source of excitement for businesses and users alike, introducing us to heighted capabilities and conveniences. 3G technology brought us new levels of connectivity when on the move, then 4G arrived to greatly improve our connection speeds. Now we have 5G, and 6G is already being discussed.

5G is set to provide even more opportunities for users through enhanced mobile broadband offerings, the reality of massive Machine Type Communications (mMTC) and ultra-reliable low latency communications.

This offers a breadth of new possibilities from industrial automation to self-driving vehicles and connecting a network of IoT devices with ease.

However, for businesses user to recap the true benefits of 5G, operators and those delivering the service have some fundamental challenges to overcome. 5G rollouts are already behind
where they need to be, due to delays caused by the pandemic, skills shortages, and a lack of resources, such as silicon chips, causing extended delivery times – not to mention the phasing out of Huawei.

These delays are now being exacerbated by the fact that control plane data in the 5G core requires higher levels of encryption due to new security risks brought about by the growth in use cases for 5G. Legislation requires that data be encrypted on the control plane using the latest version of transport layer security _ TLS1.3. However, this is harder to decrypt, meaning operators have to either sacrifice visibility or commit to testing using unencrypted data – with many holding back on introducing this strong new encryption standard.

On top of this, capacity remains largely untested, as the expansion and adaptation of new devices that could use 5G hasn’t existed before. This means there is no model to follow, leaving operators in the dark when it comes to knowing how robust and reliable their network really is. Instead of offering customers untold opportunities to scale through 5G and beyond, they could leave them with ineffective solutions and highly vulnerable to cyberattack.

The Impact Of 5G Delays

5G is set to revolutionise the way we connect. Not only is it faster, with speeds projected
to be upwards of 100 times quicker than that of 4G, but it also offers low latency and high bandwidths, allowing applications and communications running on 5G networks to share data in near real-time – holding huge potential for the Internet of Things (IoT) and automation, and acting as a driving force for the Fourth Industrial Revolution.

Yet, with such prominent implications, delays to the implementation of 5G hold severe consequences. In a report from the Centre for Policy Studies (CPS) it was found that a potential £34.1bn of additional economic output could be created if the government delivers its 5G target of covering the majority of the population by 2027. But the key to achieving this is speed, with networks built faster leading to higher regional gains, and there are concerns around whether the UK will be able to meet these deadlines.

If these targets aren’t met, not only do we face the potential of missing out on this huge economic boost, but we also risk dampening the UK’s position as a world leader in connectivity. A large part of those concerns came from delays caused by the COVID-19 pandemic, which of course had huge ramifications for numerous industries across the board and was responsible for a great deal of disruption.

On top of this, while trying to make their recovery, network operators are now being faced with new challenges posed by legislation around the security of data exchanged across the network. With various mission- critical use cases, security for 5G needs to be tighter, leading to a global mandate for the 5G core to use the newest and highest level of control plane encryption and privacy, TLS 1.3.

What TLS 1.3 means for network operators TLS 1.3 and PFS (perfect forward secrecy) is a major improvement on its predecessor, TLS 1.2, offering increased performance and security. It brings about faster handshakes between client and server, improved latency times, and removes several security vulnerabilities found in the previous version. The issue for network operators, however, is that TLS 1.3 also poses several new decryption challenges.

Due to its high-speed, low-latency infrastructure, inline passive devices can no longer be used to efficiently decrypt network traffic visibility at the control plane. Additionally, with the higher levels of encryption and PFS, passive inspection monitoring is no longer a viable option for TLS 1.3. This has meant that network operators are left with limited options, to either down-rev the TLS 1.3 standard protocol to allow for network visibility but expose the network to security risks, or to implement TLS 1.3 encryption but sacrifice the ability to inspect and monitor traffic. Alternatively, they can implement complex measures into the service mesh, but this brings its own complications and security issues.

To be able to keep up with demand and achieve the targets set by the UK government, network operators need a more robust solution that will enable acceptance of modern TLS 1.3 encryption, yet still grants the carrier visibility over their network for security, inspection, and monitoring purposes.

Breaking Down the Decryption Barrier: Introducing SKI

In order to bypass the additional challenges to 5G rollout brought on by the TLS 1.3 standard protocol, network operators need a pure-play decryption solution that will show complete details of traffic without security risks. In its 2019 workshop on enterprise visibility, the Center for Cybersecurity Policy and Law set a baseline criteria for the acceptability of solutions for visibility challenges. In keeping with these criteria, any proposed solution to the challenges associated with TLS 1.3 must be scalable, relatively easy to implement/deploy, usable in real time and post-packet capture, effective for both security and troubleshooting purposes, and widely available and supported in mainstream commercial products and services.

Such a solution exists in Session Key Intercept (SKI). It builds on the previous concept of Keylogging, the basic idea of getting and using keys to decrypt sessions and makes it a viable solution for scaled and secure mission-critical use. SKI works by extracting the individual TLS session encryption keys developed during the handshake and using these to bulk decrypt the communication – discarding them after use. Once these keys become accessible, then bulk, fast, and low CPU power decryption is achievable.

The solution plugs into existing tools already in use and works in any environment where TLS encryption is used, providing a plug-and-play style solution to network operators which allows them to bypass the complexities of trying to decrypt traffic using a native service mesh technology.

By implementing SKI, network operators can break down the barriers of TLS 1.3 decryption and keep full visibility over their networks, which will allow them to accelerate the roll out of 5G without sacrificing security or the ability to inspect and monitor traffic.

An image of , Data, Overcoming the barriers of decryption and data visibility.

Rob Pocock

Technical Director, Red Helix.

AI alignment: teaching tech human language

Daniel Langkilde • 05th February 2024

However, Embodied AI refers to robots, virtual assistants or other intelligent systems that can interact with and learn from a physical environment. In order to do this, they’re built with sensors that can gather data from their surroundings, with this they also have AI systems that help them analyse data they collect, and ultimately learn...

CARMA announces acquisition of mmi Analytics

Jason Weekes • 01st February 2024

CARMA announces acquisition of mmi Analytics, expanding expertise in Beauty, Fashion, and Lifestyle sectors The combined organisation is set to redefine the landscape of media intelligence, providing unparalleled expertise and comprehensive insights for PR professional and marketers in the exciting world of beauty, fashion and lifestyle.

Managing Private Content Exposure Risk in 2024

Tim Freestone • 31st January 2024

Managing the privacy and compliance of sensitive content communications is getting more and more difficult for businesses. Cybercriminals continue to evolve their approaches, making it harder than ever to identify, stop, and mitigate the damages of malicious attacks. But, what are the key issues for IT admins to look out for in 2024?

Revolutionizing Ground Warfare Environment with Software-Enabled Armored Vehicles

Wind River • 31st January 2024

Armoured vehicles which are purpose-built for mission-critical operations are reliant on control systems that provide deterministic behaviour to meet hard real-time requirements, deliver extreme reliability, and meet rigorous security requirements against evolving threats. Wind River® has the partners and the expertise, a proven real-time operating system (RTOS), software lifecycle management techniques, and an extensive track...

The need to prove environmental accountability

Matt Tormollen • 31st January 2024

We are currently in the midst of one of the most consequential energy transitions since records began. The increasing availability of clean electrons has motivated businesses in the UK and beyond to think green. And for good reason. Being environmentally conscious attracts customers, appeases regulators, retains staff, and can even gain handouts from government. The...

Fuelling Innovation in Aftermarket

Jim Monaghan • 31st January 2024

One section of the motor trade is benefitting from the cost-of-living crisis: with consumers keeping their cars for longer, independent repairers are in huge demand. But they are also under pressure. Older cars need more repairs. They require more replacement parts, tyres and fluids. With car owners looking for value and a fast turn-around, independents...

The return of the five-day office week

Virgin Media • 25th January 2024

Virgin Media O2 Business has today published its inaugural Annual Movers Index, revealing four in ten companies are back to the office full time, despite widespread travel delays and disruptions With 2023 cementing the cost-of-living crisis, second hand shopping and public transport use surged as Brits sought to save money Using aggregated and anonymised UK...