Security Enhancements to Subscriber Privacy Protection Scheme in 5G Systems

Subscription permanent identifier has been concealed in the 5G systems by using the asymmetric encryption scheme as specified in standard 3GPP TS 33.501 to protect the subscriber privacy. The standardized scheme is however subject to the SUPI guess attack as the public key of the home network is publicly available. Moreover, it lacks the inherent mechanism to prevent SUCI replay attacks. In this paper, we propose three methods to enhance the security of the 3GPP scheme to thwart the SUPI guess attack and replay attack. One of these methods is suggested to be used to strengthen the security of the current subscriber protection scheme.