Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Encrypting IMSI to improve privacy in 5G Networks
KTH, School of Information and Communication Technology (ICT).
2017 (English)Independent thesis Advanced level (professional degree), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Nowadays, the long-term identifier of a user in a mobile network, namely International Mobile Subscriber Identity or IMSI, is transmitted in clear text over the radiointerface. Given that this interface is used as a shared medium, anyone with a radio transceiver and processing software can thus read such identifier.

This fact constitutes a threat to user privacy, considering that the user is traceable by following the presence of the identifier in the network. Moreover, the menace has been known in the literature for the last 25 years, but no countermeasures have been deployed because the severity was judged not to be sufficiently high.

However, the current situation is different. One the one hand, the user is made more vulnerable: the needed equipment for catching IMSIs over the radio interface is becoming cheaper, while user-related connected devices are arising in the form of Internet of Things. On the other hand, mobile devices are now computationally more powerful, and the upcoming standardization of 5G represents an opportunity to address such issues.

This dissertation presents a proposal to encrypt the IMSI based on Elliptic Curve Integrated Encryption Scheme, a public-key approach in which the long-term subscription identifier is concealed over the radio interface. By doing so, the IMSI is never publicly disclosed, and thus privacy is enhanced.

Besides, research was conducted to show the technical feasibility of the proposal. First, the impact of the encrypted identifier on the network was studied. Secondly,the execution time needed for Android devices to perform encryption operations was measured. In both cases, the results were favorable, drawing the conclusion that there are no impediments to the adoption of the presented solution.

The Thesis was developed in cooperation with Ericsson AB, Security Research.

Abstract [sv]

Den långsiktiga identifieraren för en användare i ett mobilt nätverk, IMSI (International Mobile Subscriber Identity), överförs i klartext via radiogränssnittet. Med detta gränssnitt som delat medium kan någon med en radiomottagare och mjukvara läsasåna identierare.

Detta utgör ett hot mot användarnas personliga integritet med tanke på att användaren kan spåras genom att följa förekomsten av identifierare i nätverket. Dessutom har hotet varit känt under de senaste 25 åren, men inga åtgärder har använts eftersom att risken bedömdes inte vara tillräckligt hög.

Däremot är den nuvarande situationen annorlunda. Å ena sidan är användaren mer sårbar: den utrustning som behövs för att fånga IMSI över radiogränssnittet blir billigare medan antalet användarrelaterade anslutna enheter ökar. Å andra sidan kan moderna mobila enheter utföra mycket mer beräkningar, och den kommande standardiseringen av 5G utgör en möjlighet att lösa sådana problem.

Rapporten presenterar ett förslag för att kryptera IMSI baserat på ECIES (Elliptic Curve Integrated Encryption Scheme), en asymmetrisk-kryptografi algoritm där den långsiktiga identifieraren är dold över radiogränssnittet. Genom att göra så avslöjas aldrig IMSI, och därmed förbättras den personliga integriteten.

Dessutom har forskning bedrivits för att visa den tekniska genomförbarheten avförslaget. Först studerades effekten av den krypterade identifieraren i nätverket. Sedan mättes exekveringstiden som krävs för Android-enheter för att utföra krypteringsoperationer. I båda fallen var resultaten gynnsamma, och därav dras slutsatsen att det inte finns några hinder för antagandet av den presenterade lösningen.

Denna rapport framställdes i samarbete med Ericsson AB, Security Research.

Place, publisher, year, edition, pages
2017. , p. 83
Series
TRITA-ICT-EX ; 2017:19
Keywords [en]
5G, Privacy, IMSI, Security, ECIES, Android
Keywords [sv]
5G, Personlig Integritet, IMSI, Säkerhet, ECIES, Android
National Category
Electrical Engineering, Electronic Engineering, Information Engineering
Identifiers
URN: urn:nbn:se:kth:diva-207109OAI: oai:DiVA.org:kth-207109DiVA, id: diva2:1095875
External cooperation
UPM Technical University of Madrid; Ericsson AB, Security Research
Subject / course
Microelectronics and Applied Physics
Educational program
Master of Science in Engineering - Electrical Engineering
Supervisors
Examiners
Available from: 2017-05-17 Created: 2017-05-16 Last updated: 2017-05-17Bibliographically approved

Open Access in DiVA

fulltext(1429 kB)173 downloads
File information
File name FULLTEXT01.pdfFile size 1429 kBChecksum SHA-512
bd1f6975278929845d8719c93ae443a66f0409e21a4760da5a2c2e36f94fad476554f491d47e88465dee6b93b3d02fc580bc8be47fcbc843a25a5579e260db8c
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Electrical Engineering, Electronic Engineering, Information Engineering

Search outside of DiVA

GoogleGoogle Scholar
Total: 173 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 378 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf