Revision b9fc075b
Added by osmith about 4 years ago
| docs/specification.md | ||
|---|---|---|
| 1 |
# [WIP] Make IMSI Pseudonymization an optional extension of 3GPP TS |
|
| 2 |
|
|
| 3 |
Optional additions we need to make, and where to make them: |
|
| 4 |
|
|
| 5 |
* Initial provisioning of the SIM: can optionally have a pseudo IMSI |
|
| 6 |
* During location update, the HLR uses the pseudo IMSI for all communication |
|
| 7 |
with the VLR / MSC |
|
| 8 |
* After successful location update: |
|
| 9 |
* HLR deallocates a subscriber's previous pseudo IMSI, if it exists, and the |
|
| 10 |
subscriber has done the location update with the newer pseudo IMSI entry. |
|
| 11 |
This is the case, if the SIM applet acknowledged the new pseudo IMSI, but |
|
| 12 |
its ACK SMS did not arrive at the HLR. There are at most two pseudo IMSIs |
|
| 13 |
allocated for one subscriber. |
|
| 14 |
* If there is just one pseudo IMSI for the subscriber (no new pseudo IMSI to |
|
| 15 |
switch to), the HLR allocates a new pseudo IMSI, and increases the |
|
| 16 |
session_id by one for that new pseudo IMSI, compared to the last pseudo |
|
| 17 |
IMSI. |
|
| 18 |
* The HLR sends the new pseudo IMSI, and the associated session_id, to the |
|
| 19 |
SIM via SMS. No matter, if the new pseudo IMSI was just created, or if it |
|
| 20 |
existed already. |
|
| 21 |
* The SIM applet checks, if the session_id is greater than the one that it |
|
| 22 |
has stored, and rejects the SMS otherwise. If the session_id is fine, it |
|
| 23 |
overwrites the SIM's IMSI and session_id with the new data. Then the SIM |
|
| 24 |
sends an ACK packet back to the HLR, containing both the new session_id and |
|
| 25 |
the new pseudo IMSI. |
|
| 26 |
* The HLR verifies the session_id and pseudo IMSI in the ACK packet, discards |
|
| 27 |
the packet if it doesn't know both. If it was not discarded, the HLR |
|
| 28 |
deallocates the old pseudo IMSI. |
|
| 29 |
* When allocating and deallocating pseudo IMSIs, the HLR flushes information in |
|
| 30 |
the VLR related to them, so an old TMSI does not point to the wrong pseudo |
|
| 31 |
IMSI. |
|
| 32 |
|
|
| 33 |
TODO: |
|
| 34 |
* extend the list above with the exact sections of the spec, where the new |
|
| 35 |
information should be placed |
|
| 36 |
* Is there a spec for SIM applets, or do we put the SIM applet behaviour in the |
|
| 37 |
regular spec for SIM cards, or mention its behavior in the location update |
|
| 38 |
related change? |
|
Also available in: Unified diff
docs/specification.md: begin specification
Start with a rough draft of what I expect that needs to be changed in
the specs, so we can extend it with the actual chapters in the TS in the
next step.