Search

EP-4535719-B1 - SUBSCRIPTION CONCEALED IDENTIFIER

EP4535719B1EP 4535719 B1EP4535719 B1EP 4535719B1EP-4535719-B1

Inventors

  • TORVINEN, VESA
  • SAARINEN, Pasi
  • NAKARMI, Prajwol Kumar
  • CASTELLANOS ZAMORA, DAVID
  • BEN HENDA, Noamen
  • WIFVESSON, MONICA

Dates

Publication Date
20260513
Application Date
20180717

Claims (15)

  1. A method performed by an authentication server (14) in a home network (3) of a user equipment (1), UE, for obtaining a subscription permanent identifier, SUPI, which comprises a Mobile Subscription Identification Number, a Mobile Country Code and a Mobile Network Code, the method comprising: receiving, from the UE (1), via an authentication request from a Security Anchor Function, a subscription concealed identifier, SUCI, which comprises an encrypted part in which the Mobile Subscription Identification Number is encrypted, and a clear-text part which comprises a home network identifier for the home network (3), a public key identifier for a public key of the home network (3), and an encryption scheme identifier that identifies an Elliptic Curve Integrated Encryption Scheme used by the UE (1) to encrypt the Mobile Subscription Identification Number in the SUCI, and wherein the home network identifier is the Mobile Country Code and the Mobile Network Code; determining a de-concealing server (19) to use to decrypt the encrypted part of the SUCI; sending the SUCI to the de-concealing server (19), and receiving the SUPI in response.
  2. The method of claim 1, further comprising receiving the SUCI from the UE (1) as part of a registration procedure for registering the UE (1) with a wireless communication network (30).
  3. The method of any one of the preceding claims, further comprising sending the SUCI and a request for an authentication vector for authenticating the UE (1) to the determined de-concealing server (19) in the same message.
  4. The method of claim 3, further comprising receiving the authentication vector and the SUPI from the determined de-concealing server (19) in the same response.
  5. A method performed by a user equipment (1), UE, the method comprising: generating a subscription concealed identifier, SUCI, which comprises an encrypted part in which a Mobile Subscription Identification Number of a subscription permanent identifier, SUPI, is encrypted, and a clear-text part which comprises a home network identifier for a home network (3) of the UE (1), a public key identifier for the home network (3), and an encryption scheme identifier that identifies an Elliptic Curve Integrated Encryption Scheme used by the UE (1) to encrypt the Mobile Subscription Identification Number in the SUCI, and where the home network identifier is a Mobile Country Code of the SUPI and a Mobile Network Code of the SUPI; transmitting the SUCI, via an authentication request from a Security Anchor Function, to an authentication server (14) in the home network for forwarding of the SUCI to a de-concealing server (19) capable of decrypting the SUPI from the SUCI.
  6. The method of claim 5, wherein the SUCI is transmitted in a request to register with a wireless communication network (30).
  7. The method of any one of claims 5-6, wherein generating the SUCI comprises using a tamper resistant secure hardware component (8) of the UE (1) to generate the SUCI.
  8. The method of claim 7, wherein generating the SUCI comprises generating the SUCI based on a privacy key selected from a plurality of privacy keys stored in the tamper resistant secure hardware component (8).
  9. The method of any one of claims 7-8, wherein generating the SUCI comprises sending a time to the tamper resistant secure hardware component (8) for use in the generating.
  10. The method of any one of claims 7-9, generating the SUCI comprises generating the SUCI from a privacy key comprising the SUPI.
  11. The method of any one of claims 5-10, wherein transmitting the SUCI to the authentication server (14) comprises transmitting the SUCI to the authentication server (14) in response to an identifier request message received from an Access and Mobility management Function (4), AMF, as part of a procedure for registering the UE (1) with a wireless communication network (30).
  12. The method of claim 11, further comprising transmitting a registration request to the AMF (4), wherein the registration request comprises a 5G Globally Unique Temporary Identifier, and receiving the identifier request message in response.
  13. The method of any one of claims 11-12, further comprising successfully authenticating with the authentication server (14) after transmitting the SUCI, and receiving a registration acceptance message in response.
  14. An authentication server (14) for a home network (3) of a user equipment (1), UE, for obtaining a subscription permanent identifier, SUPI , which comprises a Mobile Subscription Identification Number, a Mobile Country Code and a Mobile Network Code, the authentication server (14) being configured to: receive from the UE (1), via an authentication request from a Security Anchor Function, a subscription concealed identifier, SUCI, which comprises an encrypted part in which the Mobile Subscription Identification Number of the SUPI is encrypted, and a clear-text part which comprises a home network identifier for the home network (3), a public key identifier for the home network (3), and an encryption scheme identifier that identifies an Elliptic Curve Integrated Encryption Scheme used by the UE (1) to encrypt the Mobile Subscription Identification Number in the SUCI, and wherein the home network identifier is the Mobile Country Code and the Mobile Network Code; determine a de-concealing server (19) to use to decrypt the encrypted part of the SUCI; send the SUCI to the de-concealing server (19), and receive the SUPI in response.
  15. A user equipment (1), UE, configured to: generate a subscription concealed identifier, SUCI, which comprises an encrypted part in which a Mobile Subscription Identification Number of a Subscription Permanent Identifier, SUPI, is encrypted, and a clear-text part which comprises a home network identifier of a home network (3) of the UE (1), a public key identifier for a public key of the home network (3), and an encryption scheme identifier that identifies an Elliptic Curve Integrated Encryption Scheme used by the UE (1) to encrypt the SUPI in the SUCI, and wherein the home network identifier is a Mobile Country Code of the SUPI and a Mobile Network Code of the SUPI; and transmit the SUCI, via an authentication request from a Security Anchor Function, to an authentication server (14) in the home network for forwarding of the SUCI to a de-concealing server (19) capable of decrypting the SUPI.

Description

TECHNICAL FIELD The invention relates to methods performed by an authentication server and a User Equipment (UE), respectively. Furthermore, a UE and an authentication server are also disclosed. BACKGROUND It is important to maintain the confidentiality of a user equipment's (UE's) long-term subscription identifier (e.g., an IMSI (International Mobile Subscriber Identity)). Early generation 3GPP systems (e.g., 4G/LTE, 3G/UMTS, 2G/GSM) included a partial mechanism for long-term subscription identifier confidentiality using one or more short-term subscription identifiers. GUTI (Globally Unique Temporary ID) and C-RNTI (Cell-Radio Network Temporary Identifier) are examples of short-term subscription identifiers in 4G/LTE systems. However, the legacy partial mechanism may expose the long-term subscription identifier in clear text over the air interface. For example, so-called "IMSI catchers" could simply ask the long-term identifier from the UE, e.g., using identifier request/response messages. The 3rd Generation Partnership Project (3GPP) currently discusses how security, such as privacy, can be improved in communications networks. With respect to 5G, the 3GPP TS 33.501 V0.2.0 mentions a Subscription Permanent Identifier (SUPI) and it is there noted that the SUPI may be concealed, e.g. in the form of a pseudonym or a public-key encrypted SUPI. US 2013/003971 A1 discloses a method for determining a network entity based on an identifier, wherein the identifier contains an encrypted part. A request may be sent to the network entity for assistance in decryption of the identifier. WO 2016/209126 A1 discloses a method of protecting confidentiality of an identifier associated by a first network node with a subscription used by a mobile entity in a communications network. The first network node receives a request for authentication of a UE from a second network node in a serving network. The first network node then generates a pseudonym associated with the identifier. SUMMARY An object of the invention is to facilitate security in communication between a UE and a communications network. A first aspect of the invention relates to a method performed by an authentication server in a home network of a UE for obtaining a SUPI which comprises a Mobile Subscription Identification Number (MSIN), a Mobile Country Code (MCC) and a Mobile Network Code (MNC). The method comprises: receiving from the UE, via an authentication request from a Security Anchor Function, a subscription concealed identifier, SUCI, which comprises an encrypted part in which the MSIN of the SUPI is encrypted, anda clear-text part which comprises a home network identifier for the home network, a public key identifier for a public key of the home network, and an encryption scheme identifier that identifies an Elliptic Curve Integrated Encryption Scheme used by the UE to encrypt the MSINin the SUCI, and wherein the home network identifier is the MCC and the MNC;determining a de-concealing server to use to decrypt the encrypted part of the SUCI;sending the SUCI to t he de-concealing server, andreceiving the SUPI in response. The method may in an embodiment further comprise receiving the SUCI from the UE as part of a registration procedure for registering the UE with a wireless communication network. The method may further comprise sending the SUCI and a request for an authentication vector for authenticating the UE to the determined de-concealing server in the same message. The method may further comprise receiving the authentication vector and the SUPI from the determined de-concealing server in the same response. A second aspect relates to a method performed by a UE. The method comprises: generating a SUCI, which comprises an encrypted part in which an MSIN of a SUPI is encrypted, and a clear-text part which comprises a home network identifier for a home network of the UE, a public key identifier for a public key of the home network of the UE, and an encryption scheme identifier that identifies an Elliptic Curve Integrated Encryption Scheme used by the UE to encrypt the MSIN in the SUCI, and where the home network identifier is an MCC of the SUPI and an MNC of the SUPI;transmitting the SUCI, via an authentication request from a Security Anchor Function, to an authentication server in the home network for forwarding of the SUCI to a de-concealing server capable of decrypting the SUPI from the SUCI. The SUCI may be transmitted in a request to register with a wireless communication network. Generating the SUCI may be done using a tamper resistant secure hardware component of the UE to generate the SUCI. In such a case, generating the SUCI may comprise generating the SUCI based on a privacy key selected from a plurality of privacy keys stored in the tamper resistant secure hardware component. In an embodiment, the generation of the SUCI comprises sending a time to the tamper resistant secure hardware component for use in the generation of the SUCI. Generating t