Revision 5c95bc9c
Added by osmith about 4 years ago
docs/imsi-pseudo-spec.adoc | ||
---|---|---|
1 |
= IMSI Pseudonymization |
|
1 |
= Specification for IMSI Pseudonymization on the Radio Interface for 2G and Above |
|
2 |
|
|
3 |
== Introduction |
|
4 |
|
|
5 |
A long-standing issue in the 3GPP specifications is, that mobile phones and |
|
6 |
other mobile equipment (ME) have to send the International Mobile Subscriber |
|
7 |
Identity (IMSI) unencrypted over the air. Each IMSI is uniquely identifying the |
|
8 |
person who bought the associated Subscriber Identity Module (SIM) used in the |
|
9 |
ME. Therefore most people can be uniquely identified by recording the IMSI that |
|
10 |
their ME is sending. Efforts are made in the 2G and above specifications to |
|
11 |
send the IMSI less often, and where possible use the Temporary Mobile |
|
12 |
Subscriber Identity (TMSI) instead. |
|
13 |
|
|
14 |
But this is not enough. So-called IMSI catchers were invented and are used to |
|
15 |
not only record IMSIs when they have to be sent. But also to force ME to send |
|
16 |
their IMSI by immitating a Base Transceiver Station (BTS). IMSI catchers have |
|
17 |
become small and affordable, even criminals actors without much budget can use |
|
18 |
them to track anybody with a mobile phone. |
|
19 |
|
|
20 |
The solution presented in this document is to periodically change the IMSI of |
|
21 |
the ME to a new pseudonymous IMSI allocated by the Home Location Register (HLR) |
|
22 |
or Home Subscriber Service (HSS). The only component that needs to be changed |
|
23 |
in the network besides the SIM is the HLR/HSS, therefore it should be possible |
|
24 |
for a Mobile Virtual Network Operator (MVNO) to deploy this privacy |
|
25 |
enhancement. |
|
26 |
|
|
27 |
== Location Update |
|
28 |
|
|
29 |
=== Regular |
|
30 |
|
|
31 |
=== With Pseudonymous IMSI |
|
32 |
|
|
33 |
== Implementation Notes |
|
34 |
|
|
35 |
=== Source Code for Reference Implementation |
|
36 |
|
|
37 |
=== Warning the User if the IMSI Does Not Change |
|
38 |
|
|
39 |
=== End to End Encryption of SMS |
|
40 |
|
|
41 |
=== User-configurable Minimum Duration Between IMSI Changes |
Also available in: Unified diff
spec: introduction, headlines