5G Security Requirements
Security Architecture
Network Access Security
SBA Domain Security
Identification
With the introduction of 5G, there came a big improvement against man-in-the-middle attacks which used “IMSI catchers”. International Mobile Subscriber Identity (IMSI) catchers are used as fake base stations and can be bought in several countries. They are used to collect data, for example, to see if a certain UE is in an area. Every UE has an IMSI value, which it sends to base stations, to identify and show it is in the area. The reason IMSI Catchers work is that the IMSI data was always sent unencrypted over the network.
5G tackles this issue with the introduction of Subscriber Permanent Identifier (SUPI), which is the successor of the IMSI. The SUPI is encrypted and sent over the network as a one-time temporary identifier called the Subscriber Concealed Identifier (SUCI). The SUPI is encrypted with an Elliptic Curve Integrated Encryption Scheme (ECIES) using the public key of the home network. From that point on it is a SUCI and can be safely sent over the air. At the 5G core, the UDM will decrypt the SUCI to the SUPI again.
