diff options
author | Oliver Smith <osmith@sysmocom.de> | 2020-04-03 14:03:24 +0200 |
---|---|---|
committer | Oliver Smith <osmith@sysmocom.de> | 2020-04-03 14:03:24 +0200 |
commit | 5c95bc9cafad3282a05a45cb5b2612c0015742a6 (patch) | |
tree | e7b1ff76d8379c3963dfac3d6ed872c8dee85427 | |
parent | 2baa0d530537315f2fd68cc2d4f8f3693b78440c (diff) |
spec: introduction, headlines
-rw-r--r-- | docs/imsi-pseudo-spec.adoc | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/docs/imsi-pseudo-spec.adoc b/docs/imsi-pseudo-spec.adoc index 4cb365d..1b4c2f7 100644 --- a/docs/imsi-pseudo-spec.adoc +++ b/docs/imsi-pseudo-spec.adoc @@ -1 +1,41 @@ -= IMSI Pseudonymization += Specification for IMSI Pseudonymization on the Radio Interface for 2G and Above + +== Introduction + +A long-standing issue in the 3GPP specifications is, that mobile phones and +other mobile equipment (ME) have to send the International Mobile Subscriber +Identity (IMSI) unencrypted over the air. Each IMSI is uniquely identifying the +person who bought the associated Subscriber Identity Module (SIM) used in the +ME. Therefore most people can be uniquely identified by recording the IMSI that +their ME is sending. Efforts are made in the 2G and above specifications to +send the IMSI less often, and where possible use the Temporary Mobile +Subscriber Identity (TMSI) instead. + +But this is not enough. So-called IMSI catchers were invented and are used to +not only record IMSIs when they have to be sent. But also to force ME to send +their IMSI by immitating a Base Transceiver Station (BTS). IMSI catchers have +become small and affordable, even criminals actors without much budget can use +them to track anybody with a mobile phone. + +The solution presented in this document is to periodically change the IMSI of +the ME to a new pseudonymous IMSI allocated by the Home Location Register (HLR) +or Home Subscriber Service (HSS). The only component that needs to be changed +in the network besides the SIM is the HLR/HSS, therefore it should be possible +for a Mobile Virtual Network Operator (MVNO) to deploy this privacy +enhancement. + +== Location Update + +=== Regular + +=== With Pseudonymous IMSI + +== Implementation Notes + +=== Source Code for Reference Implementation + +=== Warning the User if the IMSI Does Not Change + +=== End to End Encryption of SMS + +=== User-configurable Minimum Duration Between IMSI Changes |