Providing Identity Privacy in 5G Networks by Using Pseudonyms
Akman, Gizem (2018-05-28)
Providing Identity Privacy in 5G Networks by Using Pseudonyms
Akman, Gizem
(28.05.2018)
Tätä artikkelia/julkaisua ei ole tallennettu UTUPubiin. Julkaisun tiedoissa voi kuitenkin olla linkki toisaalle tallennettuun artikkeliin / julkaisuun.
Turun yliopisto
Tiivistelmä
This thesis aims for presenting a solution for providing the identity privacy in mobile networks. The user is identified in mobile networks by an International Mobile Subscriber Identity (IMSI). An IMSI catcher is a device that acts like a fake base station and targets information such as identity and location. Location tracking is one of the most serious outcomes, in case attacker captures these details. Since building an IMSI catcher is now cheaper than before and detecting one is very hard, threat caused by this device has become a serious issue, especially while developing 5G.
Several solutions to protect against IMSI catchers are explained in this thesis, and one solution for defeating IMSI catchers is using pseudonyms instead of real identity. We claim that pseudonym can be an effective solution for providing identity privacy in 5G networks and can be also compatible with legacy networks. We have implemented a prototype that demonstrates how pseudonym can be imposed to an existing Authentication and Key Agreement (AKA) procedure. This prototype has been presented in two public demonstration sessions.
This thesis includes the history of the mobile networks including 5G. The changes between generations of networks show the requirements for better infrastructure, and also for improved security. We have also examined the development of AKA, since AKA is one of the most important procedures to provide secure service to valid users. Moreover, our prototype is about enhancing AKA for adapting pseudonym approach.
This thesis also mentions about a block cipher called KASUMI, which is used for encrypting and decrypting pseudonym during AKA in the prototype. Since KASUMI is designed specifically for 3GPP and cryptanalyses show it is still safe to use KASUMI, it was chosen to be used in the prototype.
Several solutions to protect against IMSI catchers are explained in this thesis, and one solution for defeating IMSI catchers is using pseudonyms instead of real identity. We claim that pseudonym can be an effective solution for providing identity privacy in 5G networks and can be also compatible with legacy networks. We have implemented a prototype that demonstrates how pseudonym can be imposed to an existing Authentication and Key Agreement (AKA) procedure. This prototype has been presented in two public demonstration sessions.
This thesis includes the history of the mobile networks including 5G. The changes between generations of networks show the requirements for better infrastructure, and also for improved security. We have also examined the development of AKA, since AKA is one of the most important procedures to provide secure service to valid users. Moreover, our prototype is about enhancing AKA for adapting pseudonym approach.
This thesis also mentions about a block cipher called KASUMI, which is used for encrypting and decrypting pseudonym during AKA in the prototype. Since KASUMI is designed specifically for 3GPP and cryptanalyses show it is still safe to use KASUMI, it was chosen to be used in the prototype.