Expert Analysis of Recent SaaS Attacks That Shocked Global Brands. Watch now

bishopfox-logo-grey
Get Started

Demystifying 5G Security: Understanding the Registration Protocol

In this hands-on workshop, Senior Security Consultant Drew Jones will break down the fundamentals of the 5G registration protocol, explore where security gaps can emerge, and walk through a live simulated lab demonstrating real-world vulnerabilities.

5G is reshaping how the world connects, but with innovation comes complexity. In this hands-on workshop, Senior Security Consultant Drew Jones will break down the fundamentals of the 5G registration protocol, explore where security gaps can emerge, and walk through a live simulated lab demonstrating real-world vulnerabilities. 

Speaker: Drew Jones, Senior Security Consultant 

You’ll learn:

  • How the 5G registration process works from UE to Core
  • Where attackers can exploit unprotected signaling
  • Common misconfigurations that weaken encryption and integrity
  • How to identify and test for vulnerabilities in your own 5G environment 

Who Should Watch:

  • Telecom security professionals looking to strengthen their understanding of 5G vulnerabilities.
  • Network engineers and architects responsible for designing, configuring, or maintaining 5G infrastructure.
  • Red teamers and penetration testers interested in real-world 5G attack simulations and lab techniques.
  • Security researchers exploring signaling protocol weaknesses and emerging 5G threat vectors.
  • IT and cybersecurity leaders who want to assess risk exposure in next-generation mobile networks.

Agenda:

  • 5 min – Introduction
  • 20 min – Overview of the 5G Registration Protocol
  • 25 min – Live Demo & Attack Simulation
  • 10 min – Q&A

Session Summary

This workshop provides an in-depth yet accessible exploration of 5G network architecture and vulnerabilities—specifically focusing on the registration protocol. Drew, a Senior Security Consultant at Bishop Fox, guides participants through both the theoretical foundations and practical demonstrations, including how to safely emulate a 5G environment using open-source tools.

Key Takeaways

  • 5G’s complexity introduces unique security challenges—especially before encryption is established in the registration process.
  • SUPI concealment via SUCI encryption is critical to user privacy.
  • Integrity and encryption algorithms must be strictly enforced; cores should reject insecure registration attempts.
  • Bidding down and replay attacks remain real risks in 5G implementations, even in 2023-era devices.
  • Virtualized 5G testing environments (Open5GS + UERANSIM) make safe, legal research possible.
  • Emergency access intentionally bypasses encryption for safety but can be abused if not controlled.
  • Continuous testing, monitoring, and adherence to 3GPP standards are essential for securing 5G networks.
Drew Jones Author Bio

About the speaker, Drew Jones

Senior Security Consultant

Drew Jones is a Senior Security Consultant at Bishop Fox specializing in application security and both external and internal network penetration testing. He has worked with Fortune 500 companies to uncover critical vulnerabilities and improve resilience against advanced threats. His current research focuses on offensive security in 5G and next-generation telecommunications, exploring how attackers can exploit emerging technologies to better inform defensive strategies.

Drew holds several security certificates, including OSWE, OSCP, CRTO and CRT certifications and actively contributes to the security community through mentorship, technical writing and conference talks.

More by Drew

Extend Your Knowledge

Check out these related resources.

Blog header image with colorful design elements. Text reads: Demystifying 5G Security – The Registration Protocol. Educational article about 5G mobile network security, authentication, privacy, and protocol protection.
Technical

Sep 04, 2025

Demystifying 5G Security: Understanding the Registration Protocol

By Drew Jones

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.