TY - GEN
T1 - Improving Air Interface User Privacy in Mobile Telephony
AU - Khan, Mohammed
AU - Mitchell, Christopher J
PY - 2015/12/9
Y1 - 2015/12/9
N2 - Although the security properties of 3G and 4G mobile networks have significantly improved by comparison with 2G (GSM), significant shortcomings remain with respect to user privacy. A number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy; however, they all require significant alterations to the existing deployed infrastructures, which are almost certainly impractical to achieve in practice. In this article we propose an approach which does not require any changes to the existing deployed network infrastructures, i.e. to the serving networks or the mobile devices, but offers improved user identity protection over the air interface. The proposed scheme makes use of multiple IMSIs for an individual USIM to offer a degree of pseudonymity for a user. The only changes required are to the operation of the authentication centre in the home network and to the USIM, both owned by a single entity in the mobile telephony system. The scheme could be deployed immediately since it is completely transparent to the existing mobile telephony infrastructure. We present two different approaches to the use and management of multiple IMSIs, and report on experiments to validate its deployability.
AB - Although the security properties of 3G and 4G mobile networks have significantly improved by comparison with 2G (GSM), significant shortcomings remain with respect to user privacy. A number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy; however, they all require significant alterations to the existing deployed infrastructures, which are almost certainly impractical to achieve in practice. In this article we propose an approach which does not require any changes to the existing deployed network infrastructures, i.e. to the serving networks or the mobile devices, but offers improved user identity protection over the air interface. The proposed scheme makes use of multiple IMSIs for an individual USIM to offer a degree of pseudonymity for a user. The only changes required are to the operation of the authentication centre in the home network and to the USIM, both owned by a single entity in the mobile telephony system. The scheme could be deployed immediately since it is completely transparent to the existing mobile telephony infrastructure. We present two different approaches to the use and management of multiple IMSIs, and report on experiments to validate its deployability.
UR - http://www.chrismitchell.net/Papers/iaiupi2.pdf
U2 - 10.1007/978-3-319-27152-1_9
DO - 10.1007/978-3-319-27152-1_9
M3 - Conference contribution
SN - 978-3-319-27151-4
T3 - Lecture Notes in Computer Science
SP - 165
EP - 184
BT - Security Standardisation Research, Second International Conference, SSR 2015, Tokyo, Japan, December 15-16, 2015, Proceedings
A2 - Chen, Liqun
A2 - Matsuo, Shin'ichiro
PB - Springer-Verlag
ER -