Identity Confidentiality in 5G Mobile Telephony Systems

Haibat Khan, Benjamin Dowling, Keith Martin

Research output: Chapter in Book/Report/Conference proceedingChapter (peer-reviewed)peer-review

282 Downloads (Pure)

Abstract

The 3rd Generation Partnership Project (3GPP) recently proposed a standard for 5G telecommunications, containing an identity protection scheme meant to address the long-outstanding privacy problem of permanent subscriber-identity disclosure. The proposal is essentially two disjoint phases: an identification phase, followed by an establishment of security context between mobile subscribers and their service providers via symmetric-key based authenticated key agreement. Currently, 3GPP proposes to protect the identification phase with a public-key based solution, and while the current proposal is secure against a classical adversary, the same would not be true of a quantum adversary. 5G specifications target very long-term deployment scenarios (well beyond the year 2030), therefore it is imperative that quantum-secure alternatives be part of the current specification. In this paper, we present such an alternative scheme for the problem of private identification protection. Our solution is compatible with the current 5G specifications, depending mostly on cryptographic primitives already specified in 5G, adding minimal performance overhead and requiring minor changes in existing message structures. Finally, we provide a detailed formal security analysis of our solution in a novel security framework.
Original languageEnglish
Title of host publicationSecurity Standardisation Research
Subtitle of host publication4th International Conference, SSR 2018
EditorsCas Cremer, Anja Lehmann
Place of PublicationSwitzerland
PublisherSpringer, [Cham]
Pages120-142
Number of pages23
ISBN (Electronic)978-3-030-04762-7
ISBN (Print)978-3-030-04761-0
DOIs
Publication statusE-pub ahead of print - 21 Nov 2018
EventSecurity Standardisation Research 2018 - Technische Universität Darmstadt, Darmstadt, Germany
Duration: 26 Nov 201827 Nov 2018
https://ssr2018.net/

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Verlag
Volume11322

Conference

ConferenceSecurity Standardisation Research 2018
Abbreviated titleSSR 2018
Country/TerritoryGermany
CityDarmstadt
Period26/11/1827/11/18
Internet address

Cite this