WO2023241899A1 - Apparatus, method and computer program for privacy protection of subscription identifiers - Google Patents

Apparatus, method and computer program for privacy protection of subscription identifiers Download PDF

Info

Publication number
WO2023241899A1
WO2023241899A1 PCT/EP2023/064205 EP2023064205W WO2023241899A1 WO 2023241899 A1 WO2023241899 A1 WO 2023241899A1 EP 2023064205 W EP2023064205 W EP 2023064205W WO 2023241899 A1 WO2023241899 A1 WO 2023241899A1
Authority
WO
WIPO (PCT)
Prior art keywords
subscription identifier
length
indication
identifier
usim
Prior art date
Application number
PCT/EP2023/064205
Other languages
French (fr)
Inventor
Ranganathan MAVUREDDI DHANASEKARAN
Rakshesh PRAVINCHANDRA BHATT
Original Assignee
Nokia Technologies Oy
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nokia Technologies Oy filed Critical Nokia Technologies Oy
Publication of WO2023241899A1 publication Critical patent/WO2023241899A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/72Subscriber identity

Definitions

  • the present application relates to a method, apparatus, system and computer program and in particular but not exclusively to privacy protection of distinguishable length NAI identifiers.
  • a communication system can be seen as a facility that enables communication sessions between two or more entities such as user terminals, base stations and/or other nodes by providing carriers between the various entities involved in the communications path.
  • a communication system can be provided for example by means of a communication network and one or more compatible communication devices.
  • the communication sessions may comprise, for example, communication of data for carrying communications such as voice, video, electronic mail (email), text message, multimedia and/or content data and so on.
  • Nonlimiting examples of services provided comprise two-way or multi-way calls, data communication or multimedia services and access to a data network system, such as the Internet.
  • wireless communication system at least a part of a communication session between at least two stations occurs over a wireless link.
  • wireless systems comprise public land mobile networks (PLMN), satellite based communication systems and different wireless local networks, for example wireless local area networks (WLAN).
  • PLMN public land mobile networks
  • WLAN wireless local area networks
  • Some wireless systems can be divided into cells, and are therefore often referred to as cellular systems.
  • a user can access the communication system by means of an appropriate communication device or terminal.
  • a communication device of a user may be referred to as user equipment (UE) or user device.
  • UE user equipment
  • a communication device is provided with an appropriate signal receiving and transmitting apparatus for enabling communications, for example enabling access to a communication network or communications directly with other users.
  • the communication device may access a carrier provided by a station, for example a base station of a cell, and transmit and/or receive communications on the carrier.
  • the communication system and associated devices typically operate in accordance with a given standard or specification which sets out what the various entities associated with the system are permitted to do and how that should be achieved. Communication protocols and/or parameters which shall be used for the connection are also typically defined.
  • UTRAN 3G radio
  • Other examples of communication systems are the long-term evolution (LTE) of the Universal Mobile Telecommunications System (UMTS) radio-access technology and so-called 5G or New Radio (NR) networks.
  • NR is being standardized by the 3rd Generation Partnership Project
  • an apparatus comprising means for: receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
  • the apparatus may comprise means for extending the at least part of the subscription identifier to the length.
  • the apparatus may comprise means for truncating the at least part of the subscription identifier to the length.
  • the length may be fixed or variable.
  • the length may be a maximum length.
  • the apparatus may comprise means for receiving the indication from a home network.
  • the apparatus may comprise means for receiving the indication from an operator.
  • the at least part of the subscription identifier may comprise a username.
  • the at least part of the subscription identifier may be extended to the length.
  • the apparatus may comprise means for decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
  • the at least part of the subscription identifier may be truncated to the length.
  • the length may be fixed or variable.
  • the length may be a maximum length.
  • the apparatus may comprise means for providing the indication from a home network.
  • the apparatus may comprise means for providing the indication from an operator.
  • the at least part of the subscription identifier may comprise a username.
  • a method comprising receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
  • the method may comprise extending the at least part of the subscription identifier to the length.
  • the length may be fixed or variable.
  • the length may be a maximum length.
  • the method may comprise receiving the indication from a home network.
  • the method may comprise receiving the indication from an operator.
  • the at least part of the subscription identifier may be extended to the length.
  • the method may comprise decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
  • the length may be a maximum length.
  • the method may comprise providing the indication from a home network.
  • the subscription identifier may comprise a network access identifier.
  • the apparatus may be caused to extend the at least part of the subscription identifier to the length.
  • the apparatus may be caused to truncate the at least part of the subscription identifier to the length.
  • the apparatus may be caused to receive the indication from a home network.
  • the at least part of the subscription identifier may comprise a username.
  • the apparatus may comprise a universal subscription identifier module, USIM, and is caused to provide an indication of the subscription identifier to a terminal comprising the USIM.
  • USIM universal subscription identifier module
  • an apparatus comprising : at least one processor and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to provide an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receive an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
  • the length may be fixed or variable.
  • the apparatus may be caused to provide the indication from a home network.
  • the apparatus may be caused to provide the indication from an operator.
  • the subscription identifier may comprise a network access identifier.
  • the at least part of the subscription identifier may comprises a username.
  • the apparatus may be caused to perform extending the at least part of the subscription identifier to the length.
  • the apparatus may be caused to perform truncating the at least part of the subscription identifier to the length.
  • the length may be a maximum length.
  • the apparatus may be caused to perform receiving the indication from a home network.
  • the apparatus may be caused to perform receiving the indication from an operator.
  • the subscription identifier may comprise a network access identifier.
  • the at least part of the subscription identifier may comprise a username.
  • the apparatus may comprise a universal subscription identifier module, USIM, and be caused to perform providing an indication of the subscription identifier to a terminal comprising the USIM.
  • USIM universal subscription identifier module
  • a computer readable medium comprising program instructions for causing an apparatus to perform at least the following: providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
  • the apparatus may be caused to perform decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
  • the at least part of the subscription identifier may be truncated to the length.
  • the length may be a maximum length.
  • the apparatus may be caused to perform providing the indication from a home network.
  • the subscription identifier may comprise a network access identifier.
  • the at least part of the subscription identifier may comprise a username.
  • a ninth aspect there is provided a non-transitory computer readable medium comprising program instructions for causing an apparatus to perform at least the method according to the third or fourth aspect.
  • Figure 6 shows a distribution chart for identifier lengths
  • Figure 8 shows a flow diagram of a method according to an example embodiment
  • Figure 9 shows a block diagram of a SUPI_NAI and a SUCI_NAI according to an example embodiment
  • the CN is connected to a terminal device via the radio access network (RAN).
  • the 5GRAN may comprise one or more gNodeB (GNB) distributed unit functions connected to one or more gNodeB (GNB) centralized unit functions.
  • the RAN may comprise one or more access nodes.
  • a possible mobile communication device will now be described in more detail with reference to Figure 2 showing a schematic, partially sectioned view of a communication device 200.
  • a communication device is often referred to as user equipment (UE) or terminal.
  • UE user equipment
  • An appropriate mobile communication device may be provided by any device capable of sending and receiving radio signals.
  • a mobile communication device may provide, for example, communication of data for carrying communications such as voice, electronic mail (email), text message, multimedia and so on. Users may thus be offered and provided numerous services via their communication devices. Non-limiting examples of these services comprise two-way or multi-way calls, data communication or multimedia services or simply an access to a data communications network system, such as the Internet. Users may also be provided broadcast or multicast data. Non-limiting examples of the content comprise downloads, television and radio programs, videos, advertisements, various alerts and other information.
  • a mobile device is typically provided with at least one data processing entity 201 , at least one memory 202 and other possible components 203 for use in software and hardware aided execution of tasks it is designed to perform, including control of access to and communications with access systems and other communication devices.
  • a 5G globally unique SUPI is allocated to each subscriber.
  • a SUCI is a privacy preserving identifier containing the concealed SUPI.
  • the SUCI comprises SUPI type, a Home network identifier, other parameters and the concealed identifier. Only the concealed identifier part is encrypted by SUCI.
  • An NSI may take the form of a Network Access Identifier (NAI) as defined in 3GPP standards.
  • NAI Network Access Identifier
  • the SUPI is of type NSI
  • the Home network identifier is composed of a variable length string called the realm, and the concealed identifier contains a variable length encrypted string called the username.
  • the NAI for SUPI shall have the form username@realm, which can have a variable length username, as specified in 3GPP standards.
  • FIG 7 shows a flowchart of a method according to an example embodiment.
  • the method may be performed at a USIM.
  • the USIM is associated with a mobile equipment (ME) (in other words, a user equipment).
  • ME mobile equipment
  • Figure 8 shows a flowchart of a method according to an example embodiment.
  • the method may be performed at a network function, e.g., a UDM, of a home network (HN).
  • a network function e.g., a UDM
  • HN home network
  • the method comprises receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
  • the USIM may be configured with fixed or variable username lengths, with the result that either SUCI is fixed each time or each iteration of generation will result in different SUCI size for the same UE.
  • the method may comprise receiving the indication of the length from an operator or a home network (e.g., from a function of the HN such as a UDM).
  • a home network e.g., from a function of the HN such as a UDM.
  • UDM ignores the octects after “I” in username.
  • PLMN A may have username extension maximum length of 200 bytes. Even though each user within the same PLMN A may have different usernames and username lengths, the extension after “I” in username is used in SUPI_NAI, so the maximum length of each user's username in PLMN A will be 200 octets.
  • the Network Specific Identifier in NAI format is a NAI constructed as specified in standards and encoded as UTF-8 string.
  • the Network Specific Identifier extension is either set or not set (username extension for anonymity set to “variable” or “fixed”), which is optionally configured by the operator.
  • Network Specific Identifier extension length (conditionally valid only if extension is set to “fixed”) is maximum allowed octets in username so additional octets can be added after Network Specific Identifier.
  • FIG. 10 shows a signalling flow according to an example embodiment.
  • successful primary authentication is performed with SUCI as IMSI format.
  • step 2 the home network (HN) uses existing UPU or SoR procedure to update USIM with NSI extension and the length to be used.
  • step 3 the operator uses existing over the air (OTA) update of USIM with the extension information.
  • OTA over the air
  • SUPI NAI is configured by the operator as a fixed maximum or specific length.
  • step 5 SUCI NAI is generated as described in 3GPP standards.
  • SUPI_NAI includes the extension value after the username.
  • step 6 the ME makes a SUPI_NAI request and reads the EF file of SUPI_NAI which has anonymity configured username from USIM.
  • step 7 the ME requests SUCI_NAI and USIM shares the generated SUCI.
  • step 9 after de-concealment of SUCI_NAI, UDM retrieves the SUPI_NAI as “username!anonymity@realm”. UDM ignores the content after “I” and considers only the username part.
  • the following example data set corresponds to SUCI computation in the UE for network specific identifier-based SUPI and ECIES Profile A.
  • SUP I is : verylongusernamel ! extension_anonymity_username@3gpp . com
  • the ECIES Scheme Output is computed in the UE as defined in TS 33.501 clause C.3.2 with the following example data.
  • Cipher-text vaue
  • An apparatus may comprise means for receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
  • an apparatus may comprise means for providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
  • apparatuses may comprise or be coupled to other units or modules etc., such as radio parts or radio heads, used in or for transmission and/or reception.
  • apparatuses have been described as one entity, different modules and memory may be implemented in one or more physical or logical entities.
  • the various embodiments may be implemented in hardware or special purpose circuitry, software, logic or any combination thereof. Some aspects of the disclosure may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the disclosure is not limited thereto. While various aspects of the disclosure may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof. As used in this application, the term “circuitry” may refer to one or more or all of the following:
  • circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware.
  • circuitry also covers, for example and if applicable to the particular claim element, a baseband integrated circuit or processor integrated circuit for a mobile device or a similar integrated circuit in server, a cellular network device, or other computing or network device.
  • the embodiments of this disclosure may be implemented by computer software executable by a data processor of the mobile device, such as in the processor entity, or by hardware, or by a combination of software and hardware.
  • Computer software or program also called program product, including software routines, applets and/or macros, may be stored in any apparatus-readable data storage medium and they comprise program instructions to perform particular tasks.
  • a computer program product may comprise one or more computerexecutable components which, when the program is run, are configured to carry out embodiments.
  • the one or more computer-executable components may be at least one software code or portions of it.
  • any blocks of the logic flow as in the Figures may represent program steps, or interconnected logic circuits, blocks and functions, or a combination of program steps and logic circuits, blocks and functions.
  • the software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD.
  • the physical media is a non-transitory media.
  • the memory may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory.
  • the data processors may be of any type suitable to the local technical environment, and may comprise one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), Field Programmable Gate Array (FPGA), gate level circuits and processors based on multi core processor architecture, as non-limiting examples.
  • DSPs digital signal processors
  • ASIC application specific integrated circuits
  • FPGA Field Programmable Gate Array

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

There is provided an apparatus, said apparatus comprising means for receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.

Description

APPARATUS, METHOD AND COMPUTER PROGRAM FOR PRIVACY PROTECTION OF SUBSCRIPTION IDENTIFIERS
Field
The present application relates to a method, apparatus, system and computer program and in particular but not exclusively to privacy protection of distinguishable length NAI identifiers.
Background
A communication system can be seen as a facility that enables communication sessions between two or more entities such as user terminals, base stations and/or other nodes by providing carriers between the various entities involved in the communications path. A communication system can be provided for example by means of a communication network and one or more compatible communication devices. The communication sessions may comprise, for example, communication of data for carrying communications such as voice, video, electronic mail (email), text message, multimedia and/or content data and so on. Nonlimiting examples of services provided comprise two-way or multi-way calls, data communication or multimedia services and access to a data network system, such as the Internet.
In a wireless communication system at least a part of a communication session between at least two stations occurs over a wireless link. Examples of wireless systems comprise public land mobile networks (PLMN), satellite based communication systems and different wireless local networks, for example wireless local area networks (WLAN). Some wireless systems can be divided into cells, and are therefore often referred to as cellular systems.
A user can access the communication system by means of an appropriate communication device or terminal. A communication device of a user may be referred to as user equipment (UE) or user device. A communication device is provided with an appropriate signal receiving and transmitting apparatus for enabling communications, for example enabling access to a communication network or communications directly with other users. The communication device may access a carrier provided by a station, for example a base station of a cell, and transmit and/or receive communications on the carrier. The communication system and associated devices typically operate in accordance with a given standard or specification which sets out what the various entities associated with the system are permitted to do and how that should be achieved. Communication protocols and/or parameters which shall be used for the connection are also typically defined. One example of a communications system is UTRAN (3G radio). Other examples of communication systems are the long-term evolution (LTE) of the Universal Mobile Telecommunications System (UMTS) radio-access technology and so-called 5G or New Radio (NR) networks. NR is being standardized by the 3rd Generation Partnership Project (3GPP).
Summary
In a first aspect there is provided an apparatus comprising means for: receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
The apparatus may comprise means for extending the at least part of the subscription identifier to the length.
The apparatus may comprise means for truncating the at least part of the subscription identifier to the length.
The length may be fixed or variable.
The length may be a maximum length.
The apparatus may comprise means for receiving the indication from a home network.
The apparatus may comprise means for receiving the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username.
The apparatus may comprise a universal subscription identifier module, USIM, and means for providing an indication of the subscription identifier to a terminal comprising the USIM. In a second aspect there is provided an apparatus comprising means for providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the user equipment based on the provided indication.
The at least part of the subscription identifier may be extended to the length.
The apparatus may comprise means for decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
The at least part of the subscription identifier may be truncated to the length.
The length may be fixed or variable.
The length may be a maximum length.
The apparatus may comprise means for providing the indication from a home network.
The apparatus may comprise means for providing the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username.
In a third aspect there is provided a method comprising receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
The method may comprise extending the at least part of the subscription identifier to the length.
The method may comprise truncating the at least part of the subscription identifier to the length.
The length may be fixed or variable. The length may be a maximum length.
The method may comprise receiving the indication from a home network.
The method may comprise receiving the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username.
The method may comprise providing an indication of the subscription identifier to a terminal comprising a USIM.
In a fourth aspect there is provided a method comprising providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the user equipment based on the provided indication.
The at least part of the subscription identifier may be extended to the length.
The method may comprise decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
The at least part of the subscription identifier may be truncated to the length.
The length may be fixed or variable.
The length may be a maximum length.
The method may comprise providing the indication from a home network.
The method may comprise providing the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username. In a fifth aspect there is provided an apparatus comprising: at least one processor and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to receive an indication of a length for at least part of a subscription identifier, determine the subscription identifier based on the received indication, encrypt the determined subscription identifier and provide the encrypted subscription identifier to a network.
The apparatus may be caused to extend the at least part of the subscription identifier to the length.
The apparatus may be caused to truncate the at least part of the subscription identifier to the length.
The length may be fixed or variable.
The length may be a maximum length.
The apparatus may be caused to receive the indication from a home network.
The apparatus may be caused to receive the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username.
The apparatus may comprise a universal subscription identifier module, USIM, and is caused to provide an indication of the subscription identifier to a terminal comprising the USIM.
In a sixth aspect there is provided an apparatus comprising : at least one processor and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to provide an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receive an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
The at least part of the subscription identifier may be extended to the length. The apparatus may be caused to decrypt the encrypted subscription identifier and use the at least part of the subscription identifier other than the extended part.
The at least part of the subscription identifier may be truncated to the length.
The length may be fixed or variable.
The length may be a maximum length.
The apparatus may be caused to provide the indication from a home network.
The apparatus may be caused to provide the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprises a username.
In a seventh aspect there is provided a computer readable medium comprising program instructions for causing an apparatus to perform at least the following: receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
The apparatus may be caused to perform extending the at least part of the subscription identifier to the length.
The apparatus may be caused to perform truncating the at least part of the subscription identifier to the length.
The length may be fixed or variable.
The length may be a maximum length.
The apparatus may be caused to perform receiving the indication from a home network.
The apparatus may be caused to perform receiving the indication from an operator. The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username.
The apparatus may comprise a universal subscription identifier module, USIM, and be caused to perform providing an indication of the subscription identifier to a terminal comprising the USIM.
In an eighth aspect there is provided a computer readable medium comprising program instructions for causing an apparatus to perform at least the following: providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
The at least part of the subscription identifier may be extended to the length.
The apparatus may be caused to perform decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
The at least part of the subscription identifier may be truncated to the length.
The length may be fixed or variable.
The length may be a maximum length.
The apparatus may be caused to perform providing the indication from a home network.
The apparatus may be caused to perform providing the indication from an operator.
The subscription identifier may comprise a network access identifier.
The at least part of the subscription identifier may comprise a username. In a ninth aspect there is provided a non-transitory computer readable medium comprising program instructions for causing an apparatus to perform at least the method according to the third or fourth aspect.
In the above, many different embodiments have been described. It should be appreciated that further embodiments may be provided by the combination of any two or more of the embodiments described above.
Description of Figures
Embodiments will now be described, by way of example only, with reference to the accompanying Figures in which:
Figure 1 shows a schematic diagram of an example 5GS communication system;
Figure 2 shows a schematic diagram of an example mobile communication device;
Figure 3 shows a schematic diagram of an example control apparatus;
Figure 4 shows a block diagram of an example encryption of SUFI to generate SUCI;
Figure 5 shows a block diagram of a 3GPP SUPI_NAI and a 3GPP SUCI_NAI;
Figure 6 shows a distribution chart for identifier lengths;
Figure 7 shows a flow diagram of a method according to an example embodiment;
Figure 8 shows a flow diagram of a method according to an example embodiment;
Figure 9 shows a block diagram of a SUPI_NAI and a SUCI_NAI according to an example embodiment; and
Figure 10 shows a signalling flow according to an example embodiment.
Detailed description Before explaining in detail the examples, certain general principles of a wireless communication system and mobile communication devices are briefly explained with reference to Figures 1 to 3 to assist in understanding the technology underlying the described examples.
An example of a suitable communications system is the 5G System (5GS). Network architecture in 5GS may be similar to that of LTE-advanced. Base stations of NR systems may be known as next generation Node Bs (gNBs). Changes to the network architecture may depend on the need to support various radio technologies and finer QoS support, and some on-demand requirements for example QoS levels to support QoE of user point of view. Also network aware services and applications, and service and application aware networks may bring changes to the architecture. Those are related to Information Centric Network (ICN) and User-Centric Content Delivery Network (UC-CDN) approaches. NR may use multiple input - multiple output (MIMO) antennas, many more base stations or nodes than the LTE (a so- called small cell concept), including macro sites operating in co-operation with smaller stations and perhaps also employing a variety of radio technologies for better coverage and enhanced data rates.
5G networks may utilise network functions virtualization (NFV) which is a network architecture concept that proposes virtualizing network node functions into “building blocks” or entities that may be operationally connected or linked together to provide services. A virtualized network function (VNF) may comprise one or more virtual machines running computer program codes using standard or general type servers instead of customized hardware. Cloud computing or data storage may also be utilized. In radio communications this may mean node operations to be carried out, at least partly, in a server, host or node operationally coupled to a remote radio head. It is also possible that node operations will be distributed among a plurality of servers, nodes or hosts. It should also be understood that the distribution of labour between core network operations and base station operations may differ from that of the LTE or even be non-existent.
Figure 1 shows a schematic representation of a 5G system (5GS) 100. The 5GS may comprise a user equipment (UE) 102 (which may also be referred to as a communication device or a terminal), a 5G radio access network (5GRAN) 104, a 5G core network (5GCN) 106, one or more application functions (AF) 108 and one or more data networks (DN) 110.
An example 5G core network (CN) comprises functional entities. The 5GCN 106 may comprise one or more access and mobility management functions (AMF) 112, one or more session management functions (SMF) 1 14, an authentication server function (AUSF) 116, a unified data management (UDM) 118, one or more user plane functions (UPF) 120, a unified data repository (UDR) 122 and/or a network exposure function (NEF) 124. The UPF is controlled by the SMF (Session Management Function) that receives policies from a PCF (Policy Control Function).
The CN is connected to a terminal device via the radio access network (RAN). The 5GRAN may comprise one or more gNodeB (GNB) distributed unit functions connected to one or more gNodeB (GNB) centralized unit functions. The RAN may comprise one or more access nodes.
A UPF (User Plane Function) whose role is called PSA (Protocol Data Unit (PDU) Session Anchor) may be responsible for forwarding frames back and forth between the data network (DN) and the tunnels established over the 5G towards the UE(s) exchanging traffic with the DN.
A possible mobile communication device will now be described in more detail with reference to Figure 2 showing a schematic, partially sectioned view of a communication device 200. Such a communication device is often referred to as user equipment (UE) or terminal. An appropriate mobile communication device may be provided by any device capable of sending and receiving radio signals. Non-limiting examples comprise a mobile station (MS) or mobile device such as a mobile phone or what is known as a ’smart phone’, a computer provided with a wireless interface card or other wireless interface facility (e.g., USB dongle), personal data assistant (PDA) or a tablet provided with wireless communication capabilities, voice over IP (VoIP) phones, portable computers, desktop computer, image capture terminal devices such as digital cameras, gaming terminal devices, music storage and playback appliances, vehiclemounted wireless terminal devices, wireless endpoints, mobile stations, laptop-embedded equipment (LEE), laptop-mounted equipment (LME), smart devices, wireless customerpremises equipment (CPE), or any combinations of these or the like. A mobile communication device may provide, for example, communication of data for carrying communications such as voice, electronic mail (email), text message, multimedia and so on. Users may thus be offered and provided numerous services via their communication devices. Non-limiting examples of these services comprise two-way or multi-way calls, data communication or multimedia services or simply an access to a data communications network system, such as the Internet. Users may also be provided broadcast or multicast data. Non-limiting examples of the content comprise downloads, television and radio programs, videos, advertisements, various alerts and other information. A mobile device is typically provided with at least one data processing entity 201 , at least one memory 202 and other possible components 203 for use in software and hardware aided execution of tasks it is designed to perform, including control of access to and communications with access systems and other communication devices. The data processing, storage and other relevant control apparatus can be provided on an appropriate circuit board and/or in chipsets. This feature is denoted by reference 204. The user may control the operation of the mobile device by means of a suitable user interface such as key pad 205, voice commands, touch sensitive screen or pad, combinations thereof or the like. A display 208, a speaker and a microphone can be also provided. Furthermore, a mobile communication device may comprise appropriate connectors (either wired or wireless) to other devices and/or for connecting external accessories, for example hands-free equipment, thereto.
The mobile device 200 may receive signals over an air or radio interface 207 via appropriate apparatus for receiving and may transmit signals via appropriate apparatus for transmitting radio signals. In Figure 2 transceiver apparatus is designated schematically by block 206. The transceiver apparatus 206 may be provided for example by means of a radio part and associated antenna arrangement. The antenna arrangement may be arranged internally or externally to the mobile device.
Figure 3 shows an example of a control apparatus 300 for a communication system, for example to be coupled to and/or for controlling a station of an access system, such as a RAN node, e.g. a base station, eNB or gNB, a relay node or a core network node such as an mobility management entity (MME) or S-GW or P-GW, or a core network function such as AMF/SMF, or a server or host. The method may be implemented in a single control apparatus or across more than one control apparatus. The control apparatus may be integrated with or external to a node or module of a core network or RAN. In some embodiments, base stations comprise a separate control apparatus unit or module. In other embodiments, the control apparatus can be another network element such as a radio network controller or a spectrum controller. In some embodiments, each base station may have such a control apparatus as well as a control apparatus being provided in a radio network controller. The control apparatus 300 can be arranged to provide control on communications in the service area of the system. The control apparatus 300 comprises at least one memory 301 , at least one data processing unit 302, 303 and an input/output interface 304. Via the interface the control apparatus can be coupled to a receiver and a transmitter of the base station. The receiver and/or the transmitter may be implemented as a radio front end or a remote radio head. So-called International Mobile Subscriber Identity (IMSI) catchers aim to attack subscribers’ anonymity, and consequently track and monitor the associated UEs. To prevent IMSI catchers, the 5G standard has introduced the encryption of a Subscription Permanent Identifier (SUPI) into a Subscription Concealed Identifier (SUCI) using the public key of the home network.
A 5G globally unique SUPI is allocated to each subscriber. A SUCI is a privacy preserving identifier containing the concealed SUPI.
The Elliptic Curve Integrated Encryption Scheme (ECIES) scheme is used to encrypt a SUCI into a SUPI as shown in Figure 4.
ECIES is a hybrid scheme in which key exchange is based on asymmetric cryptography and key derivation and encryption are based on symmetric cryptography. ECIES is a probabilistic encryption scheme where the same plaintext encrypted multiple times produces completely different ciphertexts that cannot be linked to each other or the plaintext. 3GPP has standardized three protection schemes: Nullscheme, Profile A, and Profile B. The “nullscheme” does not do any actual encryption, rather produces the same output as the input. The Profile A and B use Curve25519 or secp256r1 together with AES-128-CTR and HMAC- SHA-256.
The SUPI type may be either International Mobile Subscriber Identity (IMSI) or Network Specific Identifier (NSI).
The SUCI comprises SUPI type, a Home network identifier, other parameters and the concealed identifier. Only the concealed identifier part is encrypted by SUCI.
When the SUPI is of type IMSI, the Home network identifier is composed of a 3-digit Mobile Country Code (MCC), and a 2-3-digit Mobile Network Code (MNC) and the concealed identifier contains encrypted 9-10- digit Mobile Subscription Identification Number (MSIN).
As mentioned, the existing 5G standard allows the use of Network Specific Identifiers (NSI) as SUPI.
An NSI may take the form of a Network Access Identifier (NAI) as defined in 3GPP standards. When the SUPI is of type NSI, the Home network identifier is composed of a variable length string called the realm, and the concealed identifier contains a variable length encrypted string called the username.
In other words, the NAI for SUPI shall have the form username@realm, which can have a variable length username, as specified in 3GPP standards.
Figure 5 shows a 3GPP SUPI_NAI and SUCI_NAI as specified in 3GPP standards. A SUPI containing a network specific identifier take the form of a Network Access Identifier (NAI). The NAI for SUPI has the form username@realm. In SNPN scenarios, the realm part of the NAI include MCC, MNC and the NID of the SNPN. For NAI for SUCI, the username is ciphered.
The existing mechanism to compute SUCIs does not provide complete indistinguishability of SUCIs when the corresponding SUPIs have different lengths.
For SUCI, the symmetric encryption scheme used, as illustrated in Figure 4, is AES-128 in “counter (CTR) mode” (AES-128-CTR). CTR mode is a typical block cipher mode of operation using block cipher algorithm. In this CTR mode, the length of plaintext and the corresponding ciphertext are the same (128 bits for AES-128-CTR). Also, in the symmetric-key setup, security notions like real-or-random, left-or-right, or semantic security are defined in the context where plaintexts have the same lengths. Therefore, the security of AES-128 in CTR mode, according to these notions, is meaningful only when the plaintexts of interest have the similar lengths.
Networks may have the username part of the NAI created from real-world names because earlier and current uses of such identifiers, e.g., in ISIMs (IP Multimedia Services Identity Module), have been based on real-world names.
Researchers have analysed the name length data for the whole of Sweden (ten million people) and four regions (Sweden, China, India, and USA) of an internal company, and have found that the length distributions have tails. The SUCIs that have lengths far from the mean (either to the left or right) have low anonymity and, in the worst cases, are completely distinguishable. In other words, for long or short (far from the mean) lengths of NAI used in SUPIs, SUCIs can be uniquely identified. This impacts subscriber privacy and may be misused by IMSI catchers. A sixth padding scheme “tail-aware block-length” padding (taBlk-l-m-r) as shown in Figure 6 is currently used. The intuition behind it is that the tails of typical distributions have the lowest frequency (meaning lower anonymity), and benefit from padding the most. The middle parts of distributions typically have much higher frequencies and padding those only contribute to message expansion without significant increase in privacy. Therefore, taBlk-l-m-r padding is done as shown in Figure 6, i.e., lengths below LEFT (I) are padded to I; lengths between I and MIDDLE (m) are not padded; and lengths above m are padded to RIGHT (r). Such selective padding may result in a reduction of the overall message expansion.
Figure 7 shows a flowchart of a method according to an example embodiment. The method may be performed at a USIM. The USIM is associated with a mobile equipment (ME) (in other words, a user equipment).
In S1 , the method comprises receiving an indication of a length for at least part of a subscription identifier.
In S2 the method comprises determining the subscription identifier based on the received indication.
In S3, the method comprises encrypting the determined subscription identifier.
In S4, the method comprises providing the encrypted subscription identifier to a network.
Figure 8 shows a flowchart of a method according to an example embodiment. The method may be performed at a network function, e.g., a UDM, of a home network (HN).
In T1 , the method comprises providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module (USIM).
In T2 the method comprises receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
The subscription identifier may be a NAL The at least part of the subscription identifier may be a username of a NAL
Determining the subscription identifier may comprise extending or truncating at least part of the subscription identifier to the length. The length may be fixed or variable. The length may be a maximum length.
In other words, the USIM may be configured with fixed or variable username lengths, with the result that either SUCI is fixed each time or each iteration of generation will result in different SUCI size for the same UE.
The method provides an addition of an extension of username to be included in NSI (which is of the form of NAI) for scenarios where the lengths of NAI are shorter than the mean lengths or truncation of username in NSI (which is of the form of NAI) for scenarios where the lengths of NAI are longer than the mean lengths.
The extensions or truncation schemes may be statistically and automatically derived with or without any inputs from the Operator
The method may ensure a constant length of NSI, which is part of SUPI and is used to generate SUCI.
The extension of username in SUPI NAI may be configured in the USIM by UDM or the operator.
The method may comprise receiving the indication of the length from an operator or a home network (e.g., from a function of the HN such as a UDM).
SUCI NAI generated for all users within the same operator may be of the same length of ciphered text as the plain text considered for SUCI generation is with the added extension.
The extension may be configured by an operator and thus be operator specific, so the username is a constant length with this username extension.
The extended subscription identifier may be in the form username!anonymity@realm. For example, the NAI for SUPI may have the form username!extension@realm.
The content of the username extension is not configured by the operator, the content is filled by user with any “non null string” after “I” in username. The method may comprise decrypting the encrypted subscription identifier and using the at least part of the subscription identifier other than the extended part.
In other words, during de-concealment, UDM ignores the octects after “I” in username.
Each operator may have its own specific extension length. For example, PLMN A may have username extension maximum length of 200 bytes. Even though each user within the same PLMN A may have different usernames and username lengths, the extension after “I” in username is used in SUPI_NAI, so the maximum length of each user's username in PLMN A will be 200 octets.
Assume PLMN B allows username extension maximum length of 253 octets. USIM under this operator will have different username sizes. So, username of each user is extended with “I” with “any non null string” added by each user.
Privacy protection of SUPI NAI or SUCI NAI may be achieved
Figure 9 shows NAI for SUPI according to an example embodiment. SUPI_NAI includes an extension of the username for anonymity. The username with anonymity is ciphered to form the SUCI-NAI. The SUCI_NAI is the same length as the SUPI_NAI.
Each user within the same operator will have a pre-defined or configured maximum length of username part. The input length to the SUCI calculation becomes a constant with total number of characters equal to maximum length defined by the operator. This provides uniformity between different users of same operator.
Table 1 shows an example of coding when the SUPI type is a network specific identifier.
Figure imgf000017_0001
Table 1
The Network Specific Identifier in NAI format is a NAI constructed as specified in standards and encoded as UTF-8 string. The Network Specific Identifier extension is either set or not set (username extension for anonymity set to “variable” or “fixed”), which is optionally configured by the operator. Network Specific Identifier extension length (conditionally valid only if extension is set to “fixed”) is maximum allowed octets in username so additional octets can be added after Network Specific Identifier.
If the operator has configured the UE with fixed NAI, then each time SUCI generation with NAI format has to fill in the content of username with bytes after “I”, example: length of “username!extension_of_userid” is same as maximum length configured by operator always. Irrespective of number of times the SUCI is generated, the size is the same every time for the same UE.
If the operator has configured the UE with variable NAI, then each time SUCI generation with NAI format has to fill in the content of username with bytes after “I”, example: length of “username!extension_of_userid” is variable each time. Irrespective of the number of times the SUCI is generated, the size of SUCI is different every time for the same UE. Operator will ignore the content after “I” after deconcealing.
Assuming the Network Specific Identifier user17lextension_of_userid_for_anonymity@example.com, the Routing Indicator 678, and a Home Network Public Key Identifier of 27, the NAI format for the SUCI takes the form for the null-scheme: typel .rid678.schid0.useriduser17lextension_of_userid_for_anonymity@example.com for an anonymous SUCI: typel .rid678.schid0.useridanonymouslextension_of_userid_for_anonymity@example.com (with username corresponding to "anonymous"), or typel .rid678.schid0.useridlextension_of_userid_for_anonymity@example.com (with username corresponding to an empty string) and for the Profile <A> protection scheme: typel ,rid678.schid1 ,hnkey27.ecckey<ECC ephemeral public key>.cip< encryption of used 7 with extension>.mac<MAC tag value>@example.com.
Figure 10 shows a signalling flow according to an example embodiment. In step 1 , successful primary authentication is performed with SUCI as IMSI format.
Step 2 and Step 3 are two potential ways to update the configurations in USIM.
In step 2, the home network (HN) uses existing UPU or SoR procedure to update USIM with NSI extension and the length to be used.
Alternatively, or in addition, as shown in step 3, the operator uses existing over the air (OTA) update of USIM with the extension information. This step may be executed even when the UE is in Idle mode.
In step 4, SUPI NAI is configured by the operator as a fixed maximum or specific length.
In step 5, SUCI NAI is generated as described in 3GPP standards. SUPI_NAI includes the extension value after the username.
In step 6, the ME makes a SUPI_NAI request and reads the EF file of SUPI_NAI which has anonymity configured username from USIM.
In step 7, the ME requests SUCI_NAI and USIM shares the generated SUCI.
In step 8, the ME sends the SUCI_NAI to HN.
In step 9, after de-concealment of SUCI_NAI, UDM retrieves the SUPI_NAI as “username!anonymity@realm”. UDM ignores the content after “I” and considers only the username part.
The following example data set corresponds to SUCI computation in the UE for network specific identifier-based SUPI and ECIES Profile A.
SUP I is : verylongusernamel ! extension_anonymity_username@3gpp . com
The ECIES Scheme Output is computed in the UE as defined in TS 33.501 clause C.3.2 with the following example data.
Home Network Private Key : ' C53C22208B61860B06C62E5406A7B330C2B577AA5558981510D128247D38BD1D '
Home Network Public Key :
' 5A8D38864820197C3394B92613B20B91633CBD897119273BF8e4A6f 4EEC0A650 '
Eph . Private Key :
' BE 9EFF3E9F22A4B42A3D236E7A6C500B3F2E7E0C7449988BA800D664BF4FCD 97 '
Eph . Public Key :
' 977D8B2FDAA7B64AA700D04227D5B440630EA4EC50F9082273A26BB678C92222 '
Eph . Shared Key :
' 511C1DF473BB88317F923501F8BA944FD3B667D25699DCB552DBCEF60BBDC56D '
Eph . Enc . Key :
' FE77B87D87F40428EDD71BCA69D79059 '
Plaintext block :
' 766572796C6F6E67757365726E616D6531796C6F6E 67757365726E501F8BA944FD3
B667D25699D '
Cipher-text vaue :
' 8E358A1582ADB15322C10E515141D2039Ae 61af 4ebdbd293ea4 f 942696b9e8156a7 b3f 6709a079 '
Eph . mac key :
' D87B69F4FE8CD 6B211264EA5E 69F682F151A82252684CDB15A047E 6EF0595028 '
MAC-tag value :
' 12E1D7783A97F1AC '
Scheme Output : ecckey977D8B2FDAA7B64AA700D04227D5B440630EA4EC5 OF 9082273A26BB678C922 22 . cip8E358A1582ADB15322C10E515141D2039Ae61af 4ebdbd293ea4 f 942696b9e8 156a7b3f 6709a079 .macl2ElD7783A97FlAC An apparatus may comprise means for receiving an indication of a length for at least part of a subscription identifier, determining the subscription identifier based on the received indication, encrypting the determined subscription identifier and providing the encrypted subscription identifier to a network.
Alternatively, or in addition, an apparatus may comprise means for providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
It should be understood that the apparatuses may comprise or be coupled to other units or modules etc., such as radio parts or radio heads, used in or for transmission and/or reception. Although the apparatuses have been described as one entity, different modules and memory may be implemented in one or more physical or logical entities.
It is noted that whilst some embodiments have been described in relation to 5G networks, similar principles can be applied in relation to other networks and communication systems. Therefore, although certain embodiments were described above by way of example with reference to certain example architectures for wireless networks, technologies and standards, embodiments may be applied to any other suitable forms of communication systems than those illustrated and described herein.
It is also noted herein that while the above describes example embodiments, there are several variations and modifications which may be made to the disclosed solution without departing from the scope of the present invention.
In general, the various embodiments may be implemented in hardware or special purpose circuitry, software, logic or any combination thereof. Some aspects of the disclosure may be implemented in hardware, while other aspects may be implemented in firmware or software which may be executed by a controller, microprocessor or other computing device, although the disclosure is not limited thereto. While various aspects of the disclosure may be illustrated and described as block diagrams, flow charts, or using some other pictorial representation, it is well understood that these blocks, apparatus, systems, techniques or methods described herein may be implemented in, as non-limiting examples, hardware, software, firmware, special purpose circuits or logic, general purpose hardware or controller or other computing devices, or some combination thereof. As used in this application, the term “circuitry” may refer to one or more or all of the following:
(a) hardware-only circuit implementations (such as implementations in only analog and/or digital circuitry) and
(b) combinations of hardware circuits and software, such as (as applicable):
(i) a combination of analog and/or digital hardware circuit(s) with software/firmware and
(ii) any portions of hardware processor(s) with software (including digital signal processor(s)), software, and memory(ies) that work together to cause an apparatus, such as a mobile phone or server, to perform various functions) and
(c) hardware circuit(s) and or processor(s), such as a microprocessor(s) or a portion of a microprocessor(s), that requires software (e.g., firmware) for operation, but the software may not be present when it is not needed for operation.”
This definition of circuitry applies to all uses of this term in this application, including in any claims. As a further example, as used in this application, the term circuitry also covers an implementation of merely a hardware circuit or processor (or multiple processors) or portion of a hardware circuit or processor and its (or their) accompanying software and/or firmware. The term circuitry also covers, for example and if applicable to the particular claim element, a baseband integrated circuit or processor integrated circuit for a mobile device or a similar integrated circuit in server, a cellular network device, or other computing or network device.
The embodiments of this disclosure may be implemented by computer software executable by a data processor of the mobile device, such as in the processor entity, or by hardware, or by a combination of software and hardware. Computer software or program, also called program product, including software routines, applets and/or macros, may be stored in any apparatus-readable data storage medium and they comprise program instructions to perform particular tasks. A computer program product may comprise one or more computerexecutable components which, when the program is run, are configured to carry out embodiments. The one or more computer-executable components may be at least one software code or portions of it.
Further in this regard it should be noted that any blocks of the logic flow as in the Figures may represent program steps, or interconnected logic circuits, blocks and functions, or a combination of program steps and logic circuits, blocks and functions. The software may be stored on such physical media as memory chips, or memory blocks implemented within the processor, magnetic media such as hard disk or floppy disks, and optical media such as for example DVD and the data variants thereof, CD. The physical media is a non-transitory media. The memory may be of any type suitable to the local technical environment and may be implemented using any suitable data storage technology, such as semiconductor based memory devices, magnetic memory devices and systems, optical memory devices and systems, fixed memory and removable memory. The data processors may be of any type suitable to the local technical environment, and may comprise one or more of general purpose computers, special purpose computers, microprocessors, digital signal processors (DSPs), application specific integrated circuits (ASIC), Field Programmable Gate Array (FPGA), gate level circuits and processors based on multi core processor architecture, as non-limiting examples.
Embodiments of the disclosure may be practiced in various components such as integrated circuit modules. The design of integrated circuits is by and large a highly automated process. Complex and powerful software tools are available for converting a logic level design into a semiconductor circuit design ready to be etched and formed on a semiconductor substrate.
The scope of protection sought for various embodiments of the disclosure is set out by the independent claims. The embodiments and features, if any, described in this specification that do not fall under the scope of the independent claims are to be interpreted as examples useful for understanding various embodiments of the disclosure.
The foregoing description has provided by way of non-limiting examples a full and informative description of the exemplary embodiment of this disclosure. However, various modifications and adaptations may become apparent to those skilled in the relevant arts in view of the foregoing description, when read in conjunction with the accompanying drawings and the appended claims. However, all such and similar modifications of the teachings of this disclosure will still fall within the scope of this invention as defined in the appended claims. Indeed, there is a further embodiment comprising a combination of one or more embodiments with any of the other embodiments previously discussed.

Claims

We Claim:
1 . An apparatus comprising: at least one processor and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to: receive an indication of a length for at least part of a subscription identifier; determine the subscription identifier based on the received indication; encrypt the determined subscription identifier; and provide the encrypted subscription identifier to a network.
2. An apparatus according to claim 1 , wherein the apparatus is caused to extend the at least part of the subscription identifier to the length.
3. An apparatus according to claim 1 , wherein for the apparatus is caused to truncate the at least part of the subscription identifier to the length.
4. An apparatus according to any of claims 1 to 3, wherein the length is fixed or variable.
5. An apparatus according to any of claims 1 to 4, wherein the length is a maximum length.
6. An apparatus according to any of claims 1 to 5, wherein the apparatus is caused to receive the indication from a home network.
7. An apparatus according to any one of claims 1 to 6, wherein the apparatus is caused to receive the indication from an operator.
8. An apparatus according to any of claims 1 to 7, wherein the subscription identifier comprises a network access identifier.
9. An apparatus according to claim 8, wherein the at least part of the subscription identifier comprises a username.
10. An apparatus according to any of claims 1 to 9, wherein the apparatus comprises a universal subscription identifier module, USIM, and is caused to provide an indication of the subscription identifier to a terminal comprising the USIM.
11. An apparatus comprising: at least one processor and at least one memory storing instructions that, when executed by the at least one processor, cause the apparatus at least to: provide an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM; and receive an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
12. An apparatus according to claim 11 , wherein the at least part of the subscription identifier is extended to the length.
13. An apparatus according to claim 12, wherein the apparatus is caused to decrypt the encrypted subscription identifier and use the at least part of the subscription identifier other than the extended part.
14. An apparatus according to claim 11 , wherein the at least part of the subscription identifier is truncated to the length.
15. An apparatus according to any of claims 11 to 14, wherein the length is fixed or variable.
16. An apparatus according to any of claims 11 to 15, wherein the length is a maximum length.
17. An apparatus according to any of claims 11 to 16, wherein the apparatus is caused to provide the indication from a home network.
18. An apparatus according to any one of claims 11 to 17, wherein the apparatus is caused to provide the indication from an operator.
19. An apparatus according to any of claims 11 to 18, wherein the subscription identifier comprises a network access identifier.
20. An apparatus according to claim 19, wherein the at least part of the subscription identifier comprises a username.
21. A method comprising: receiving an indication of a length for at least part of a subscription identifier; determining the subscription identifier based on the received indication; encrypting the determined subscription identifier; and providing the encrypted subscription identifier to a network.
22. A method comprising: providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM; and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
23. An apparatus comprising means for: receiving an indication of a length for at least part of a subscription identifier; determining the subscription identifier based on the received indication; encrypting the determined subscription identifier; and providing the encrypted subscription identifier to a network.
24. An apparatus comprising means for: providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM; and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the user equipment based on the provided indication.
25. A computer readable medium comprising program instructions for causing an apparatus to perform at least the following: receiving an indication of a length for at least part of a subscription identifier; determining the subscription identifier based on the received indication; encrypting the determined subscription identifier; and providing the encrypted subscription identifier to a network.
26. A computer readable medium comprising program instructions for causing an apparatus to perform at least the following: providing an indication of a length for at least part of a subscription identifier to a universal subscription identifier module, USIM; and receiving an encrypted subscription identifier from the USIM, wherein the subscription identifier is determined at the USIM based on the provided indication.
PCT/EP2023/064205 2022-06-17 2023-05-26 Apparatus, method and computer program for privacy protection of subscription identifiers WO2023241899A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
IN202241034885 2022-06-17
IN202241034885 2022-06-17

Publications (1)

Publication Number Publication Date
WO2023241899A1 true WO2023241899A1 (en) 2023-12-21

Family

ID=86776484

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2023/064205 WO2023241899A1 (en) 2022-06-17 2023-05-26 Apparatus, method and computer program for privacy protection of subscription identifiers

Country Status (1)

Country Link
WO (1) WO2023241899A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160366717A1 (en) * 2014-02-19 2016-12-15 Zte Corporation Signal Processing Method and Device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160366717A1 (en) * 2014-02-19 2016-12-15 Zte Corporation Signal Processing Method and Device

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study of privacy of identifiers over radio access; (Release 18)", no. V0.4.0, 20 October 2022 (2022-10-20), pages 1 - 26, XP052211617, Retrieved from the Internet <URL:https://ftp.3gpp.org/Specs/archive/33_series/33.870/33870-040.zip draft_33.870-0.4.0-cl.docx> [retrieved on 20221020] *
ERICSSON: "Concealing the length of NAI format SUPI exposed in SUCI by padding the SUPI before using non-null schemes", vol. SA WG3, no. e-meeting; 20211108 - 20211119, 1 November 2021 (2021-11-01), XP052073711, Retrieved from the Internet <URL:https://ftp.3gpp.org/tsg_sa/WG3_Security/TSGS3_105e/Docs/S3-214302.zip S3-214302_concealing_length_of_NAI_format_SUPI .docx> [retrieved on 20211101] *
INTERDIGITAL: "Padding SUPIs in NAI format with Random Length of Characters for non-null schemes", vol. SA WG3, no. e-meeting; 20211108 - 20211119, 30 October 2021 (2021-10-30), XP052073192, Retrieved from the Internet <URL:https://ftp.3gpp.org/tsg_sa/WG3_Security/TSGS3_105e/Docs/S3-213902.zip S3-213902.docx> [retrieved on 20211030] *
NOKIA ET AL: "New solution for privacy prevention of NAI", vol. SA WG3, no. e-meeting; 20220627 - 20220701, 20 June 2022 (2022-06-20), XP052195698, Retrieved from the Internet <URL:https://ftp.3gpp.org/tsg_sa/WG3_Security/TSGS3_107e-AdHoc/Docs/S3-221378.zip S3-221378_Solution_SUPI_NIA.doc> [retrieved on 20220620] *

Similar Documents

Publication Publication Date Title
CN110167013B (en) Communication method and device
US11689920B2 (en) System and method for security protection of NAS messages
US11570617B2 (en) Communication method and communications apparatus
WO2020029938A1 (en) Secure conversation method and device
WO2020248624A1 (en) Communication method, network device, user equipment and access network device
CN113573326B (en) Address acquisition method and device
CN113994633B (en) Authorization of a set of network functions in a communication system
WO2021052697A1 (en) Improved physical layer security in wireless networks
US20220086145A1 (en) Secondary Authentication Method And Apparatus
EP4135376A1 (en) Method and device for secure communication
US20210168614A1 (en) Data Transmission Method and Device
WO2023071836A1 (en) Communication method and apparatus
Shahabuddin et al. Evolution of cellular systems
WO2023241899A1 (en) Apparatus, method and computer program for privacy protection of subscription identifiers
WO2020147602A1 (en) Authentication method, apparatus and system
CN113873510A (en) Secure communication method, related device and system
WO2021013317A1 (en) Apparatus, method and computer program for wireless key generation
WO2023131044A1 (en) Authentication and security method and device, and storage medium
WO2024092529A1 (en) Determining authentication credentials for a device-to-device service
US20230292121A1 (en) System and method for security protection of nas messages
WO2023160624A1 (en) Communication method and apparatus
CN116349326A (en) Wireless communication method, device and storage medium
CN117083893A (en) First node, second node, third node for handling encrypted traffic in a communication network and method performed by the same

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23731114

Country of ref document: EP

Kind code of ref document: A1