Thales collaborates with Hewlett Packard Enterprise (HPE) to provide enhanced privacy and secure authentication for global 5G users, further extending its partner ecosystem. The Thales Luna 7 Hardware Security Module (HSM), a world-class HSM, will power a foundation of trust around HPE’s Subscriber Data Management (SDM) solutions, ensuring subscriber data, transactions, and users that are in service by HPE’s 4G and 5G SDM are secure without compromising agility, usability or scalability.
The challenge of 5G security and privacy
The multi-vendor landscape, complex infrastructure and distributed nature of 5G networks has historically made subscriber authentication and privacy a challenge. In 5G networks, HSMs act as trust anchors that protect the cryptographic infrastructure used to establish identities across the network.
Subscriber authentication and privacy are among the most critical data in telecommunication networks. With the arrival of 5G and the evolution to cloud architectures, managing subscriber data and services efficiently is essential to ensuring an operator’s business profitability. HPE addresses these challenges through stateless Network Functions (NF) on a common service-based architecture.
One of the critical components of a trusted 5G network is the integrity of the virtualized infrastructure and the confidentiality of the data flowing inside it. The protection and authenticity of subscriber authentication and privacy present various challenges, including the infrastructure complexity, the distributed nature of the 5G networks, the sheer number of connected IoT devices, the use of multi-vendor networks, and the evolution from 3G and 4G networks.
HPE draws on the Thales Luna 7 HSM to address the security and privacy challenges to provide high-quality and available security and performance.
The benefits of Luna 7 to 5G operations
In 5G networks, HSMs act as trust anchors that protect the cryptographic infrastructure used to establish identities across the network. Thales has introduced the Luna 7 HSM for 5G operations which support the 5G algorithms with a following TPS (Transaction Per Second)
- From 4200 TPS up to 6000 TPS with one A/S790 HSM.
- linear performance scaling up to 8 HSM, from 33,600 TPS up to 48,000 TPS.
- 4200 TPS up to 6200 TPS with one A/S790 HSM.
- linear performance scaling up to 8 HSM, from 33,600 TPS up to 49,600 TPS.
- 7100 TPS (p-256) with one A/S790 HSM.
- linear performance scaling up to 8 HSM, 56,000 TPS with eight A/S790 HSM configured in HA.
- 1650 TPS (curve-25519) with one A/S790 HSM.
- linear performance scaling up to 8 HSM, 13,200 TPS with eight A/S790 HSM configured in HA.
Thales Luna 7 HSM is FIPS-140-2 Level 3 compliant and benefits 5G operations in multiple ways, including:
- Meeting the high throughput and efficiency requirements to satisfy 5G transactions.
- Easily scaling to satisfy service level agreements (SLA).
- Experiencing reduced total cost of ownership (TCO) since high TPS (Transactions Per Second). Customers can use fewer HSMs means fewer HSMs to set up, update, configure and manage.
- Offering low latency with fast response times.
- Meeting performance while maintaining high assurance security posture.
- Build in with quantum-resistant algorithms.
The breadth and width of the benefits are what prompted 5G vendors, like HPE, to include Luna 7 HSM in their security and privacy solutions.
Richard Band, Head of Mobile Core and 5G at HPE “To create a trusted 5G network, it is critical first to ensure it is secure and private,”. The Thales Luna 7 HSM is essential to making security and privacy a reality. As the industry looks forward to ubiquitous 5G implementation worldwide, we see this technology's usage at core networks as a path towards a virtualized infrastructure users can trust.”
How Thales and HPE enhance 5G security and privacy
HPE and Thales are taking an essential step in 5G innovation and safety, reducing the attack surface of 5G networks, a key industry goal.
Luna 7 HSM is the root of trust that offers a secure space for crypto operations and encryption key management on 5G networks supported by HPE’s solutions. Together, the Luna 7 HSM and HPE’s SDM offer a wide array of benefits for organizations operating to meet 3rd Generation Partnership Project (3GPP) security and privacy requirements, such as the ability to quickly react to threats, including implementing quantum-resistant algorithms.
With 5G technology expected to be at the forefront of innovation for the years to come, it is essential to enhance the future of 5G subscriber privacy and authentication.
To learn more about Thales Luna 7 HSM, visit https://cpl.thalesgroup.com/encryption/hardware-security-modules/general-purpose-hsms.
Learn more about how Thales is working collaboratively with its partner ecosystem to enable the value of 5G in trusted architecture.