Securing 5G Subscribers: UE Identities and why there are so many!!!
Mobile networks play an integral role in todays life and with advent of 5G more internet traffic is generated by mobile devices. Ensuring the safety of subscribers and user devices has become critical. 3GPP, the standard body, has introduced new feature to ensure 5G subscriber security. Lets explore.
Your subscription information is stored in a SIM card, which is provided by your network provider. Most of the UE (User Equipment) identities are stored in the SIM whereas the permanent equipment ID is stored in the device (handset) and is called IMEI (International Mobile Equipment Identity).
5G introduced many new identities a UE (User Equipment) can have such as SUCI, SUPI, 5G GUTI, 5G S TIMSI, IMEI, IMEISV, PEI, RNTI, UE Radio Capability ID.
Lets begin with SUPI & SUCI.
SUPI stands for Subscription Permanent Identifier & SUCI stands for Subscription Concealment Identifier.
Each subscriber is allocated one 5G Subscription Permanent Identifier (SUPI) for use within the 3GPP system. Each UE accessing the 5G System is assigned a Permanent Equipment ID (PEI).
The SUPI that is allocated to each SIM is not transmitted over the air, it is encrypted in form of SUCI and is then transmitted over the air interface for security.
SUCI is not always used when a mobile device wants to talk to the network, it is only used during the initial stage, subsequently a temporary ID, GUTI (Globally Unique Temporary ID) is used, which is assigned by AMF in 5G Core networks. (AMF also frequently changes the GUTI).
Please note that SUPI/SUCI//GUTI is not your mobile number (MSISDN).
Lets look into details of SUPI:
Network operator allocate a unique identifier to each SIM card, which is known as IMSI (International Mobile Subscriber Identity) in 4G, and SUPI in 5G. A valid SUPI can be of the following type:
- IMSI
- NAI (Network Access Identifier) (e.g., xyz@yyz.com)
- GCI (Global Cable Identifier) (as per Cable Labs specifications)
- GLI (Global Line Identifier) (as per Broadband forum specifications)
SUPI contains the home address of the home network (MCC, MNC). For interworking with the EPC/4G, the SUPI allocated to the 3GPP UE shall always be based on an IMSI to enable the UE to present an IMSI to the EPC, in case 5G coverage is not available.
(For non-3GPP networks SUPI can be either IMSI or a GLI in a NAI format.)
SUCI
SUCI is privacy preserving identifier containing the concealed SUPI. The UE generates a SUCI by encrypting SUPI with the public key of the Home Network. Public key is securely provisioned to the USIM during USIM registration.
The UE shall generate a SUCI using a protection scheme with the home network public key, that was securely provisioned to the UE in control of the home network. The home network (UDM/SIDF) can then derive the SUPI from the SUCI by using the home network private key. UDM keeps the private key corresponding to the SUCI.
GUTI
The SIM card is assigned a temporary identifier GUTI, by the visited network. These frequently changing temporary identifiers are then used for identification purposes over the radio access link. 5G GUIT is a core network temporary identifier and allocated by AMF (Access and Mobility Management) function to the UE.
· GUTI is 80 bits long core network identifier
· It is consist of major three network identifiers PLMN+AMF ID + TMSI
· It is a temporary identifier so its association is not fixed to a specific subscriber or mobile
· Single 5G-GUTI can be used for accessing 3GPP and non-3GPP technologies security context within the AMF
· An AMF may re-assign a new 5G-GUTI to the UE at any time under specified circumstances
· When is UE is in CM-IDLE, the AMF may delay the assignment of a new 5G-GUTI until the next NAS transaction happens
(AMF Region identifies the region, AMF Set ID uniquely identifies the AMF set within the AMF Region, AMF pointer identifies one or more AMFs within the AMF set.)
Lets look at various 5G Identities Exchange between UE and Network:
Changes in 5G Core with respect to Subscriber security:
5G enhances subscriber privacy and authentication by introducing various network functions such as Subscription Identifier De-concealing Function (SIDF), Authentication Credential Repository and Processing Function (ARPF), Authentication Server Function (AUSF), Unified Data Manager (UDM), and Unified Data Repository (UDR) to ensure that the subscriber identity is always protected.
The ARPF is a functional element of the UDM (Unified Data Management), responsible for generating 5G HE AV (5G Home Environment Authentication Vectors) based on the subscriber’s shared secret key.
In standard 3GPP 5GC solution where the ARPF centralizes and performs all authentication procedures interfacing the rest of the network via the unified data management (UDM) function. In this typical scenario, the ARPF also stores and manages all cryptographic keys and algorithms, performs vector generation and cares for the subscription de-concealing function in 5G.
Note: when the HSM component is added the ARPF still acts as the central point towards the rest of the network, but now it implements extra mechanisms: enabling it to interface with the external HSM module. The subscription de-concealing function, authentication generator function and the storage of keys and algorithms are them transferred to the HSM.
Lets begin with looking into Authentication Data:
Authentication data, including SQN, for subscribers is stored at a single location in UDR. Authentication data in UDR is stored with encrypted Ki and OPC along with protection ParameterID. UDM/HSS uses this information when decrypting authentication data.
For users in the 5G network, auth data is retrieved by UDM via UDR. For users attached via the 4G access network, auth data is retrieved by HSS from UDR over the NU2 interface.
UDM & UDR
UDM & UDR offers services to 5G NFs like AMF, SMF, SMSF, NEF, AUSF, HSS, NWDAF, GMLC, and NSSAAF. These are stateless entities with subscriber and dynamic data stored on UDR. UDM uses Nudr interface for data management. UDM can integrate with any 3rd party UDR over standard Nudr SBI.
For all valid Nudm requests, UDM uses the UDR for data retrieval, modify and delete operations.
UDR Provisioning
UDR provides subscriber provisioning service API to provisioning entity and offers the following services via the Nudr interface for subscriber provisioning:
· Nudr_SubscriberProvisioning Service
This service will get mapped to apiName “Nudr-sp”
For Nudr_SubscriberProvisioning Service, the following service operations are defined:
· Query
· Create
· Delete
· Update
This service allows NF service consumers to retrieve, create, update, modify, and delete subscriber provisioning data stored in UDR.
SIDF
The SIDF is responsible for the de-concealment of the SUCI and fulfills the following requirements:
· The SIDF shall be a service offered by UDM
· The SIDF shall resolve the SUPI from SUCI based on the protection scheme used to generate the SUCI.
The Home Network Private key used for subscriber privacy is protected from physical attacks in the UDM. The UDM holds the Home Network Public key Identifier(s) for private/public key pair(s) used for subscriber privacy. The algorithm used for subscriber privacy is executed in the secure environment of the UDM. One UDM can comprise several UDM instances. The routing Indicator in the SUCI can be used to identify the right UDM instance that is capable of serving a subscriber.
How are keys secured and used:
As part of provisioning, transport security is enabled by encrypting sensitive data like Ki. Encrypted Ki and other parameters are provisioned into UDR using the REST provisioning APIs. For the transport encryption, encryption algorithms and the encryption key used (protection parameter ID mapping table) — are to be provisioned at UDM and HSS.
Algo ID mapping table which is used to derive OP and 3GPP algorithm details like Milenage/TUAK parameters are also to be provisioned at UDM and HSS.
Home network Public Key ID to Home Network Private key mapping tables is used for SIDF functionality and are provisioned at UDM.
As part of authentication (ARPF), authentication subscription parameters are retrieved from UDR, decrypted using the pre-provisioned data (protection parameter ID mapping table) at UDM. Also, as part of de-concealment (SIDF), once the SUCI (and the Public-key-id along with it) is received from UE, the de-concealment function is performed using the pre-provisioned data (Home Network Public Key ID to Home Network Private Key Mapping table) in UDM.
Is is also important to look at Transport-Key Security:
The transport key stored in UDM/UDR cannot be read in clear text. The private key used in the encryption of the Transport Key shall be kept secure through R
BAC. During authentication, the Transport key never leaves UDM. UDM obtains encrypted Ki, and Opc from UDR subscriber profile data.
Conclusion
Subscriber privacy is a critical consideration for Mobile operators and requires careful consideration and strong protection mechanism. SIM based encryption supports various security standards and meet regulatory requirements.
References:
ETSI TS 133 501
