Security and Privacy for 6G: A Survey on Prospective Technologies and Challenges

Introduction           Sixth-generation (6G) mobile networks will have to cope with diverse threats on a space-air-ground integrated network environment, novel technologies, and an accessible user information explosion. However, for now, security and privacy issues for 6G remain largely in concept. Inspired by security evolution in prior generations, this work provides a systematic review of existing research efforts on security and privacy for 6G networks. The article reviews the issues of 6G enabling technologies and state-of-the-art defense methods. By conducting the problems in each technology, our goal is to provide a holistic view of the evolution of core security and privacy issues, along with the remaining challenges for further enhancements. To this end, the study aims to answer the fundamental question: What are the major potential changes of 6G security infrastructure from the prior generations? What are new challenges and prospective approaches for privacy preservation in 6G to satisfy the requirements in laws, such as General Data Protection Regulation (GDPR)? The main contributions of this article are multi-fold. First, the work provides a systematic overview of the evolution of security architecture and vulnerabilities in legacy networks. By investigating the shortcomings of the standards and technical insights of protocol flaws in such networks, required enhancements to 6G security and privacy are highlighted. Second, our survey provides a holistic view of security and privacy issues and how the existing solutions must be changed to satisfy the new demands in 6G. Since 6G will continue on the techno-economic trajectory of 5G, a systematic review on transition and possible changes of 6G security and privacy can shed light on the best plan for the operators/developers to upgrade the security infrastructure/defense systems at the right time. Finally, our discussions about lessons learned from the shortcomings of existing security architecture and remaining technical challenges may help researchers/developers quickly identify relevant issues and starting points for further works. The key security aspects are summarized in Figure 1.   Figure 1. A taxonomy of key points of our survey on security & privacy for 6G   Key findings from the research:      1. Major differences between 5G and 6G:  5G introduced substantial advancements like improved subscriber identity protection through SUCI (Subscription Concealed Identifier), and basic AI-assisted threat detection, it still carries many vulnerabilities, including weaknesses in mutual authentication, susceptibility to fake base stations, and the reuse of legacy protocols that expose outdated threats. In contrast, 6G security is envisioned to go far beyond patching existing flaws. It will operate in a space-air-ground-sea integrated network environment with radically diverse applications such as brain-computer interfaces, holographic telepresence, and autonomous systems. However, new technologies mean novel vulnerabilities. Unlike 5G, 6G will incorporate quantum-safe cryptography, AI-empowered real-time adaptive security, and physical layer security in beamforming and directional communications that leverages wireless channel characteristics. Also, unlike 5G’s centralized identity model, 6G may move toward decentralized, passwordless authentication through biometrics and system-on-chip identities. Blockchain and distributed ledgers are also considered for ensuring data integrity and mutual trust across domains. Furthermore, 6G networks are expected to fully support real-time zero-touch threat responses and zero-trust architectures, emphasizing dynamic, policy-based access control. This leap from static protection models to intelligent, self-defending infrastructures marks a transformative shift from 5G’s reactive posture to 6G’s proactive and predictive security paradigm. A summary of typical 6G vs 5G applications and security requirements is illustrated in Figure 2. 6G security will upgrade 5G security with new capability in terms of intelligence, automation, and energy efficiency. Figure 2. 6G security vs 5G security.         2. Space-Air-Ground-Sea Integrated Networks will be the next frontier of security defense, probably national security: As the rising popularity of satellite-based broadband networks and drones in civil applications, Space-Air-Ground-Sea Integrated Networks (SAGIN) will be the reachable target of mobile networks in the coming years. By combining terrestrial, aerial, maritime, and satellite systems, 6G SAGIN will achieve expansive coverage and support critical applications like emergency rescue and autonomous navigation. However, this integration introduces heightened risks, including jamming, eavesdropping, and masquerading attacks on high-altitude platforms. Given the strategic relevance of SAGIN infrastructure for national defense, public safety, and global communications, securing it becomes essential. Further research on efficient and secure SAGIN models for national targets will be critical.      3. AI-based functions in 6G will be the new target of the tit-for-tat battle between attackers and security defenders: AI-based functions in 6G are expected to revolutionize network operations through automation, real-time decision-making, and adaptive security responses. However, this reliance on AI introduces a new battleground where attackers and defenders will continually outmaneuver each other. Adversaries may exploit vulnerabilities in AI models, such as data poisoning or adversarial inputs, to mislead or disable security mechanisms. Meanwhile, defenders must develop more robust, transparent, and resilient AI systems to detect and neutralize evolving threats. This cat-and-mouse dynamic will define the future of 6G security, demanding continuous innovation to stay ahead of increasingly intelligent and adaptive cyberattacks. Figure 3 summarizes key attacks and defense approaches for AI-based functions and case studies in 6G. Figure 3. Attack and defense methods in AI-based functions for 6G and case studies for security in AI-based 6G V2X.         4. The starting era of post-quantum cryptography, quantum security, and semantic communications: 6G will mark the starting era of post-quantum cryptography, where traditional encryption methods can no longer withstand the power of quantum computing. To ensure long-term data protection and mitigate the risks of “collect now, decrypt later” attacks, 6G will adopt quantum-safe cryptographic algorithms, such as ML-KEM and HQC, and explore quantum key distribution technologies (e.g., using satellites or aerial systems). In parallel, semantic communication—a paradigm that transmits meaning rather than raw bits—will transform how information is conveyed and protected amid the explosion of data and the limitations of Shannon’s theory. Together, these advancements will redefine digital trust, enhancing network intelligence, security, and resilience for the quantum age.   Provided by: Van-Linh Nguyen