6G Topics Security & Quantum-Era
6G Topic 09 — Security & Quantum-Era

Security for a quantum decade

6G will be deployed into the 2030s — the decade where large-scale quantum computers move from "if" to "when". A network that will carry traffic for fifteen years has to assume tomorrow's attacker, not today's. This page separates what 5G already locks down, what the quantum era genuinely forces, and what is still research.

IMT-2030 — security & resilience
Status. ITU-R lists security and resilience as a (qualitative) 6G capability. Post-quantum migration and AI-era threat models are active research directions; concrete 6G security specification is future Release 21+ work in 3GPP SA3. No 6G security spec exists yet.

Foundation: 5G security is already strong

Start from what is solid. 5G introduced real improvements over earlier generations: mutual authentication (the network proves itself to the device, not just the reverse), and concealment of the permanent subscriber identity — the SUPI is encrypted into a SUCI before it ever crosses the air, defeating the classic "IMSI catcher". 6G inherits this architecture; the job is to extend it, not rebuild it.

foundationMutual authentication & identifier concealment are established

5G's security architecture (mutual auth, encrypted subscriber identity, integrity protection of signalling) is the baseline 6G starts from. These mechanisms are well specified and carry forward conceptually.

3gpp.org 2026-06-15
5G security architecture — features 6G inherits (TS 33.501 foundation) 3GPP TS 33.501 (5G Security Architecture) — all entries are foundation
Feature Mechanism 5G spec reference 6G evolution direction
Subscriber identity concealment SUPI encrypted to SUCI using ECIES with home-network public key before transmission over the air TS 33.501 §6.12 candidate PQC-hardened key
Mutual authentication 5G-AKA or EAP-AKA′ — both UE and network prove identity; eliminates passive IMSI-catcher attack TS 33.501 §6.1 candidate PQC key exchange
NAS signalling integrity NAS messages integrity-protected from registration; mandatory from connection setup TS 33.501 §5.3.1 foundation carried forward
RRC signalling integrity RRC integrity protection activated at RRC connection establishment TS 33.501 §5.3.4 foundation carried forward
User-plane confidentiality Encryption of UP traffic; operator-optional in 5G (AES-128/256, SNOW 3G, ZUC) TS 33.501 §5.3.5 candidate mandatory direction for 6G
Security algorithm negotiation UE sends security capabilities; gNB/AMF select algorithm; bidding-down protected TS 33.501 §6.7 candidate add PQC algorithm classes

Why the quantum era changes the maths

Today's key exchange relies on problems (factoring, discrete logs) that a large quantum computer could break with Shor's algorithm. The threat is not only future: an attacker can harvest now, decrypt later — record encrypted traffic today and decrypt it once a quantum computer exists. For a network whose data must stay secret for a decade-plus, that makes post-quantum cryptography (PQC) a design-time concern, not a later patch.

candidatePost-quantum cryptography migration is a 6G research direction

Moving key exchange and signatures to quantum-resistant algorithms (the kind standardised by NIST's PQC programme) is widely expected to shape 6G security, but the specific 6G mechanisms are not defined — this is direction-setting research, not a 3GPP specification yet.

itu.int — IMT-2030 2023-11
NIST post-quantum cryptography standards (Aug 2024) — candidates relevant to 6G NIST FIPS 203–206 (Aug 2024) — standardised algorithms; 6G adoption is a candidate direction
Algorithm NIST standard Family Purpose Replaces 6G relevance
CRYSTALS-Kyber (ML-KEM) FIPS 203 Lattice (Module-LWE) Key Encapsulation Mechanism ECDH / RSA key exchange Secures key agreement in mutual authentication (replaces ECDH in AKA)
CRYSTALS-Dilithium (ML-DSA) FIPS 204 Lattice (Module-LWE) Digital signature ECDSA / RSA signatures Certificate and message signing in NF authentication
FALCON (FN-DSA) FIPS 206 Lattice (NTRU) Compact digital signature ECDSA (compact use cases) Low-bandwidth signature for constrained devices / IoT UEs
SPHINCS+ (SLH-DSA) FIPS 205 Hash-based (stateless) Conservative backup signature RSA (high-assurance contexts) Fallback where lattice assumptions are not trusted; larger signature size
requirementSecurity & resilience is a named (qualitative) IMT-2030 capability

ITU-R M.2160 lists security and resilience among the 15 IMT-2030 capabilities — but as a qualitative one, with no numeric target. So it is a genuine requirement-level expectation that 6G be secure and resilient, without a specific number attached.

itu.int — IMT-2030 2023-11

The AI-era threat model

6G's embrace of AI is double-edged. The same ML that optimises the network becomes an attack surface: poisoned training data, adversarial inputs that fool a model, and the privacy of the data models are trained on. An AI-native network has to defend its models, not just its traffic. This is new territory the security community is actively mapping.

candidateSecuring AI/ML in the network is an open problem

Model integrity, adversarial robustness and training-data privacy for an AI-native air interface and core are recognised challenges without settled 6G answers. Flag the risk; do not imply it is solved.

itu.int — IMT-2030 2023-11
Tracker — what 3GPP / ITU-R is doing here full tracker ↗
6G security / quantum-era candidate
Security, resilience & quantum-era considerations
ITU-R M.2160 lists security and resilience as a (qualitative) capability. Post-quantum cryptography migration and AI-era threat models are active research themes; concrete 6G security specification is future Rel-21+ work.
itu.int 2023-11
Direction-setting; no 6G security specs yetno % published

Where this connects

Security spans the whole stack: it protects the AI functions, lives mostly in the core, and underwrites the trust that the requirements assume.

Foundations 6G security extends 5G's. The identity and connection setup it protects are exactly what the Foundations course walks through, message by message. 5G RRC setup →
← Previous6G Core & Architecture