Project

General

Profile

« Previous | Next » 

Revision a281464e

Added by osmith about 4 years ago

spec: minor fixes, wrap text

View differences:

docs/imsi-pseudo-spec.adoc
7 7 
A long-standing issue in the 3GPP specifications is, that mobile phones and
8 8 
other mobile equipment (ME) have to send the International Mobile Subscriber
9 9 
Identity (IMSI) unencrypted over the air. Each IMSI is a unique identifier for
10 
the subscriber Therefore most people can be uniquely identified by recording the
11 
IMSI that their ME is sending.  The 3GPP specifications provide means for
10 
the subscriber. Therefore most people can be uniquely identified by recording
11 
the IMSI that their ME is sending.  The 3GPP specifications provide means for
12 12 
implementations to send the IMSI less often by using the Temporary Mobile
13 13 
Subscriber Identity (TMSI) where possible.
14 14 

  		




  ......




  365
  365
  
    
the HLR has both the old and the new pseudonymous IMSI allocated at this point,


  		




  366
  366
  
    
the subscriber is not locked out of the network.


  		




  367
  367
  
    

  		




  368
  
  
    
=== Next Pseudonymous IMSI SMS arrives out of order


  		




  
  368
  
    
=== Next Pseudonymous IMSI SMS Arrives Out of Order


  		




  369
  369
  
    

  		




  370
  370
  
    
The next pseudonymous IMSI SMS may arrive out of order. Either, because the


  		




  371
  371
  
    
network is not able to deliver them in order, or even because an attacker would


  		




  ......




  402
  402
  
    
network.


  		




  403
  403
  
    

  		




  404
  404
  
    
The safest way to protect the next pseudonymous IMSI SMS is a layer of end to


  		




  405
  
  
    
end encryption from the HLR to the SIM.  The existing means for OTA SMS security


  		




  406
  
  
    
(3GPP TS 23.048) provide mechanisms for integrity protection, confidentiality


  		




  407
  
  
    
as well as replay protection and must be implemented when using IMSI


  		




  408
  
  
    
pseudonymization.


  		




  
  405
  
    
end encryption from the HLR to the SIM.  The existing means for OTA SMS


  		




  
  406
  
    
security (3GPP TS 23.048) provide mechanisms for integrity protection,


  		




  
  407
  
    
confidentiality as well as replay protection and must be implemented when using


  		




  
  408
  
    
IMSI pseudonymization.


  		




  409
  409
  
    

  		




  410
  410
  
    
=== User-configurable Minimum Duration Between IMSI Changes


  		




  411
  411
  
    

  		












Also available in:  Unified diff




        
        

    














  

  
  Add picture from clipboard
  (Maximum size: 48.8 MB)