Strongly unforgeable and lightweight identity privacy scheme for the IoT-enabled 3GPP mobile networks
摘要
The ability to manage a large number of heterogeneous devices while providing high privacy assurances is one of the most critical aspects of designing IoT-enabled cellular networks. Several privacy issues are considered in these networks, including identity privacy, data privacy, and location privacy. In the IoT-enabled 3GPP security architecture, to preserve identity privacy, the user equipment (UE) communicates with the core network using its subscriber concealed identifier (SUCI) rather than the subscriber permanent identifier (SUPI). Since the UE generates its SUCI using a public-key encryption scheme, an attacker can easily forge valid SUCIs and violate several privacy requirements. Several schemes were proposed to modify the 3GPP scheme; however, they are incompatible with the 3GPP security architecture. In this paper, we suggest an improved identity privacy scheme that meets the privacy requirements while also being compatible with the IoT-enabled 3GPP security architecture. The improved scheme assigns each UE a temporary SUCI. To assess the scheme's security, we introduce a fixed-length identifier-generating construction. We then prove that it is strongly unforgeable under the adaptive chosen-ciphertext attack. Then, we demonstrate that SUCI generated by the scheme, as a particular case of the mentioned construction, is also strongly unforgeable under the adaptive chosen-ciphertext attack. Furthermore, we conclude that the scheme achieves anonymity, unforgeability, secure identifier sharing, one-wayness, unlinkability, and dependability requirements while being immune to Man-in-the-Middle, impersonation, replay, Machine-Learning/Artificial-Intelligence, quantum, and identity-catching attacks. Finally, we demonstrate that the scheme has low communication and computational overheads, is lightweight, and has reasonable storage overhead, suitable for the IoT-enabled 3GPP networks.