Skip to main content
SpringerLink
Log in

Identity Confidentiality in 5G Mobile Telephony Systems

  • Conference paper
  • First Online:
Security Standardisation Research (SSR 2018)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 11322))

Included in the following conference series:

Abstract

The 3\(^\mathrm{rd}\) Generation Partnership Project (3GPP) recently proposed a standard for 5G telecommunications, containing an identity protection scheme meant to address the long-outstanding privacy problem of permanent subscriber-identity disclosure. The proposal is essentially two disjoint phases: an identification phase, followed by an establishment of security context between mobile subscribers and their service providers via symmetric-key based authenticated key agreement. Currently, 3GPP proposes to protect the identification phase with a public-key based solution, and while the current proposal is secure against a classical adversary, the same would not be true of a quantum adversary. 5G specifications target very long-term deployment scenarios (well beyond the year 2030), therefore it is imperative that quantum-secure alternatives be part of the current specification. In this paper, we present such an alternative scheme for the problem of private identification protection. Our solution is compatible with the current 5G specifications, depending mostly on cryptographic primitives already specified in 5G, adding minimal performance overhead and requiring minor changes in existing message structures. Finally, we provide a detailed formal security analysis of our solution in a novel security framework.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    The official 3GPP documentation uses the term “Identity Confidentiality” to refer to the privacy of user identity. We follow the 3GPP naming convention.

  2. 2.

    Users can also be identified through other unique identifiers, for instance International Mobile Equipment Identity (IMEI) which uniquely identifies the mobile equipment. However, it is only the IMSI/SUPI which is used for initial identification purposes.

  3. 3.

    The 3GPP documentation uses the term “key generating function” for these algorithms, while these are technically key derivation functions.

  4. 4.

    This first Step is numbered 0 because its not an exclusive part of the AKA but rather the identification phase.

  5. 5.

    The null-scheme is used only if the UE is making an unauthenticated emergency session or if the HN has configured “null-scheme” to be used or if the HN has not provisioned the public key needed to generate SUCI.

  6. 6.

    Note that HN will maintain a separate distinct value of \( SQNID _{{ HN }}\) for each \( UE \) in its database.

  7. 7.

    Note that \(\mathtt {label}_{\mathtt {ps}}\) is a constant value indicating the protection scheme, and \(\mathtt {label}_{{ HN }}\) is a constant value identifying the \({ HN }\).

  8. 8.

    Note that here we are using \(\subset \) to indicate substrings.

References

  1. Arkko, J., Lehtovirta, V., Eronen, P.: Improved extensible authentication protocol method for 3rd generation authentication and key agreement (EAP-AKA’). RFC 5448, 1–29 (2009). https://doi.org/10.17487/RFC5448

  2. van den Broek, F., Verdult, R., de Ruiter, J.: Defeating IMSI catchers. In: Ray, I., Li, N., Kruegel, C. (eds.) Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, Denver, CO, USA, 12–16 October 2015, pp. 340–351. ACM (2015). https://doi.org/10.1145/2810103.2813615

  3. Chen, L., et al.: Report on post-quantum cryptography. US Department of Commerce, National Institute of Standards and Technology (2016)

    Google Scholar 

  4. ETSI-SAGE: First response on ECIES for concealing IMSI or SUPI, October 2017. https://portal.3gpp.org/ngppapp/CreateTdoc.aspx?mode=view&contributionId=832160

  5. Fox, D.: Der imsi-catcher. Datenschutz und Datensicherheit 26(4), 212–215 (2002)

    Google Scholar 

  6. 3rd Generation Partnership Project: Rationale and track of security decisions in Long Term Evolution (LTE) RAN/3GPP System Architecture Evolution (SAE) (3GPP TR 33.821 Version 9.0.0 Release 9), June 2009. http://www.3gpp.org/DynaReport/33821.htm

  7. 3rd Generation Partnership Project: Study on the security aspects of the next generation system (3GPP TR 33.899 Version 1.3.0 Release 14), August 2017. http://www.3gpp.org/DynaReport/33899.htm

  8. 3rd Generation Partnership Project: 3G Security; Security Architecture (3GPP TS 33.102 Version 15.0.0 Release 15), June 2018. http://www.3gpp.org/DynaReport/33102.htm

  9. 3rd Generation Partnership Project: Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA) (3GPP TS 33.220 Version 15.2.0 Release 15), June 2018. http://www.3gpp.org/DynaReport/33220.htm

  10. 3rd Generation Partnership Project: Mobile Application Part (MAP) Specification (3GPP TS 29.002 Version 15.3.0 Release 15), March 2018. http://www.3gpp.org/DynaReport/29002.htm

  11. 3rd Generation Partnership Project: Security Architecture and Procedures for 5G Systems (3GPP TS 33.501 Version 15.0.0 Release 15), March 2018. http://www.3gpp.org/DynaReport/33501.htm

  12. 3rd Generation Partnership Project: System Architecture for the 5G System (3GPP TS 23.501 Version 15.1.0 Release 15), March 2018. http://www.3gpp.org/DynaReport/23501.htm

  13. Grover, L.K.: A fast quantum mechanical algorithm for database search. In: Miller, G.L. (ed.) Proceedings of the Twenty-Eighth Annual ACM Symposium on the Theory of Computing, Philadelphia, Pennsylvania, USA, 22–24 May 1996, pp. 212–219. ACM (1996). http://doi.acm.org/10.1145/237814.237866

  14. Kelly, J.: A Preview of Bristlecone, Google’s New Quantum Processor. https://ai.googleblog.com/2018/03/a-preview-of-bristlecone-googles-new.html. Accessed 08 June 2018

  15. Khan, M.S.A., Mitchell, C.J.: Improving air interface user privacy in mobile telephony. In: Chen, L., Matsuo, S. (eds.) SSR 2015. LNCS, vol. 9497, pp. 165–184. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-27152-1_9

    Chapter  Google Scholar 

  16. Khan, M.S.A., Mitchell, C.J.: Trashing IMSI catchers in mobile networks. In: Noubir, G., Conti, M., Kasera, S.K. (eds.) Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks, WiSec 2017, Boston, MA, USA, 18–20 July 2017, pp. 207–218. ACM (2017). https://doi.org/10.1145/3098243.3098248

  17. Lilly, A.: IMSI catchers: hacking mobile communications. Netw. Secur. 2017(2), 5–7 (2017). https://doi.org/10.1016/S1353-4858(17)30014-4

    Article  Google Scholar 

  18. Mattsson, J.: Post-quantum cryptography in mobile networks (2017). https://www.ericsson.com/research-blog/post-quantum-cryptography-mobile-networks/

  19. SECG SEC 1: Recommended Elliptic Curve Cryptography, Version 2.0 (2009). http://www.secg.org/sec1-v2.pdf

  20. Shaik, A., Seifert, J., Borgaonkar, R., Asokan, N., Niemi, V.: Practical attacks against privacy and availability in 4G/LTE mobile communication systems. In: 23rd Annual Network and Distributed System Security Symposium, NDSS 2016, San Diego, California, USA, 21–24 February 2016. The Internet Society (2016). http://wp.internetsociety.org/ndss/wp-content/uploads/sites/25/2017/09/practical-attacks-against-privacy-availability-4g-lte-mobile-communication-systems.pdf

  21. Shor, P.W.: Algorithms for quantum computation: discrete logarithms and factoring. In: 35th Annual Symposium on Foundations of Computer Science, Santa Fe, New Mexico, USA, 20–22 November 1994, pp. 124–134. IEEE Computer Society (1994). https://doi.org/10.1109/SFCS.1994.365700

  22. Shoup, V.: A proposal for an ISO standard for public key encryption. IACR Cryptology ePrint Archive 2001, 112 (2001). http://eprint.iacr.org/2001/112

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, UK

    Haibat Khan, Benjamin Dowling & Keith M. Martin

Authors
  1. Haibat Khan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Benjamin Dowling
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Keith M. Martin
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Haibat Khan .

Editor information

Editors and Affiliations

  1. CISPA-Helmholtz-Zentrum (i.G.), Saarbrücken, Germany

    Cas Cremers

  2. IBM Research Zurich, Rüschlikon, Switzerland

    Anja Lehmann

Rights and permissions

Reprints and permissions

Copyright information

© 2018 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Khan, H., Dowling, B., Martin, K.M. (2018). Identity Confidentiality in 5G Mobile Telephony Systems. In: Cremers, C., Lehmann, A. (eds) Security Standardisation Research. SSR 2018. Lecture Notes in Computer Science(), vol 11322. Springer, Cham. https://doi.org/10.1007/978-3-030-04762-7_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-04762-7_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-04761-0

  • Online ISBN: 978-3-030-04762-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation