Research Article
Privacy of the long-term identities in cellular networks
@INPROCEEDINGS{10.4108/eai.18-6-2016.2264410, author={Philip Ginzboorg and Valtteri Niemi}, title={Privacy of the long-term identities in cellular networks}, proceedings={2nd International Workshop on 5G Security}, publisher={ACM}, proceedings_a={IW5GS}, year={2016}, month={12}, keywords={communication system security; data privacy; encryption; identity management systems; public key}, doi={10.4108/eai.18-6-2016.2264410} }- Philip Ginzboorg
Valtteri Niemi
Year: 2016
Privacy of the long-term identities in cellular networks
IW5GS
ACM
DOI: 10.4108/eai.18-6-2016.2264410
Abstract
Identity and location privacy are of particular interest for mobile devices because people typically carry their mobile phone all the time and they also use the same device for a long time. Attacks by IMSI catchers have been reported in many countries. Cellular systems have had protection against passive attackers since GSM: identity confidentiality is provided by use of temporary identities that are delivered from the network to the mobile device over encrypted signalling channel. We discuss the reasons why protection against active attackers, e.g. IMSI catchers, is not provided in 3G or 4G networks. In 5G networks, the number of different kinds of heterogeneous network operators could increase, and we explain that some of these may become active or passive attackers against identity and location privacy. We show that typical protection mechanisms that have been proposed against active attackers who are outsiders would not work against these insider attackers. Then, we discuss further protection mechanisms against insider attackers and conclude that these would become too heavy for large-scale consumer networks like 5G.