SUPI-Rear: Privacy-Preserving Subscription Permanent Identification Strategy in 5G-AKA

Publications

SUPI-Rear: Privacy-Preserving Subscription Permanent Identification Strategy in 5G-AKA

Author : Dr K Sowjanya

Year : 2025

Publisher : Springer Science and Business Media Deutschland GmbH

Source Title : Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Document Type :

Abstract

Security and privacy concerns are crucial for the success of any new technology. With the global rollout of 5G networks, new use cases are continually emerging. The 3GPP consortium mentioned the authentication and key agreement protocol for the 5th generation (5G) mobile communication system (i.e., 5G-AKA) in the technical specification (TS) 33.501. It introduces public key encryption to conceal the so-called Subscription Permanent Identifier (SUPI) to enhance mobile users’ privacy. However, the user’s permanent identity i.e., SUPI is available in cleartext to the Serving Network (SN) after the successful primary authentication. SUPI availability is required for the operational and regulatory perspective of SUPI usage. In 5G-AKA, the SUPI is available in cleartext to the Serving Network (SN). Since the SNs are considered semi-trusted because the long-term secret key and the sequence numbers are not revealed with SNs, only SUPI is provided in cleartext for proper billing. Hence, SUPI availability in cleartext under a zero-trust, multi-tenant-based 5G network compromises the user’s privacy. This work provides a way to enhance privacy and security during communication between the Home Network (HN) and the SN without compromising the original SUPI. Furthermore, the proposed solutions (termed collectively as SUPI-Rear) are also applicable to various use cases where SUPI privacy is required, like Public Land Mobile Network (PLMN) hosting Non-Public Network (NPN) scenario. Moreover, it abides by the lawful requirements and 5G AKA authentication procedure.