5G | ShareTechnote (2024)

Table of Contents
What's happening onUE side ? What's happening onNetworkside ? RegistrationRequest / RegistrationAccept IdentityRequest IdentityResponse with SUCI Example 01 > SUCI with ECIES-A in RegistrationRequest Example 02 > SUCI with Null Algorithm in Identity Response FAQs
UE IDs

The UE ID in a 5G network is used to uniquely identify the UE and establish secure communication between the UE and the network. The UE ID can be a temporary identifier (SUCI) or a permanent identifier (SUPI), and it is used in various network procedures, such as registration, authentication, and key agreement.

Basically the intended role of UE ID is same in 5G and in other legacy technology (4G, 3G etc), but UE IDs in 5G is extended and enhanced to compensate for various issues / vunerabilities observed in previous technologies.

In this note, I want to talk about what type of new UE IDs are introduced in 5G and how they can handlevarious issues we faced in previous technology.

  • Types of UE IDs
  • Differences between 4G UE ID and 5G UE ID ?
  • How SUPI turn into SUCI ?
    • What's happening on UE side ?
    • What's happening on Network side ?
    • RegistrationRequest / RegistrationAccept
    • IdentityRequest
    • IdentityResponse with SUCI
    • Example 01 > SUCI with ECIES-A in RegistrationRequest
    • Example 02 > SUCI with Null Algorithm in Identity Response
  • Get the Test Procedure and Log / Amarisoft TechAcademy

There are many different types of UE IDs in 5G. A simple way to check on the type of UE IDs in 5G would be to check on the list of UE IDs used in 5G Registration message which are listed as below. You would see some of the IDs same as in 4G (e.g, IMEI, IMEISV) but most of others are new types introduced in 5G (e.g, SUCI, 5G-GUTI etc)

    SUCI

      SUCI (SUPI Format = IMSI)

        mcc

        mnc

        Routing Indicator (16 bit, 4 digit)

        Protection scheme Id (4 bit)

        Home network public key identifier (8 bit)

        Scheme output (n Bytes)

      SUCI (SUPI Format = Network specific identifier)

        Type of identity (3 bit)

        SUCI NAI (n bytes)

    5G-GUTI

      mcc

      mnc

      AMF Region ID (8 bit)

      AMF Set ID (10 bit)

      AMF Pointer (6 bit)

      5G TMSI (32 bit)

    IMEI

    5G-S-TMSI

      AMF Set ID (8 bit)

      AMF Pointer (8 bit)

      5G - TMSI(32 bit)

    IMEISV

International Mobile Subscriber Identity (IMSI): This is a unique identifier assigned to a mobile device that is used to identify the device and its associated subscription information. The IMSI is typically stored on the SIM card and is used during initial registration and authentication with the mobile network.

Temporary Mobile Subscriber Identity (TMSI): This is a temporary identifier assigned to a mobile device by the network to protect the device's identity during normal operation. The TMSI is used instead of the IMSI to reduce signaling overhead and improve security.

5G Globally Unique Temporary Identity (5G-GUTI): This is a temporary identifier used in 5G networks to identify a mobile device and its associated subscription information. The 5G-GUTI is used instead of the IMSI to protect the device's identity and provide improved security and privacy.

    NOTE : We have GUTI in 4G as well. What is the differeces between 4G GUTI and 5G GUTI ?

    The main difference between 4G GUTI and 5G GUTI is that the 5G GUTI contains a temporary identifier (SUCI) that provides enhanced security and privacy features, while the 4G GUTI contains the IMSI which can be used to track a user's location and identity. Additionally, the 5G GUTI is used to identify the UE within a specific network slice, while the 4G GUTI is used to identify the UE within a specific PLMN.

International Mobile Equipment Identity (IMEI): This is a unique identifier assigned to a mobile device by the manufacturer. The IMEI is used to identify the device and is used for purposes such as blocking stolen devices from accessing the network.

Subscription Permanent Identifier (SUPI) : Thisis a unique identifier used to represent a subscriber's permanent identity in a 5G network. It replaces the IMSI used in 4G networks and is designed to provide enhanced privacy and security features.

Subscription Concealed Identifier (SUCI) : This is a temporary identifier used to conceal the subscriber's permanent identity (SUPI) in a 5G network. It is used for authentication and authorization purposes and provides improved security and privacy features compared to the IMSI used in 4G networks.

The main differences among these IDs are the purpose for which they are used and their scope of use. The IMSI and TMSI are primarily used by the network to identify and authenticate the device, while the 5G-GUTI provides improved security and privacy. The IMEI is used by the network to identify the device and may be used for additional purposes such as blocking stolen devices. Each of these IDs has its own unique characteristics and advantages, and their use may vary depending on the specificrequirements of the network and the device.

In general, 5G UE ID is more complex and provides improved security and privacy compared to 4G UE ID. Main reasons behind these differnces comes from the differnces of network architecture and from the motivation for improved security protection. Followings are some of the important differneces between 4G UE ID and 4G UE ID.

Format: 4G UE ID is usually made up of simple information assigned by manufacturer (e.g,IMEI) and network operator(e.g, IMSI). On the other hand, 5G UE ID is a combination of several identifiers, including the 5G-GUTI (5G Globally Unique Temporary Identity) and the 5G-S-TMSI (5G S-Temporary Mobile Subscriber Identity), which are assigned by the network.

Security: 5G UE ID provides enhanced security and privacy compared to 4G UE ID. In 5G networks, the 5G-GUTI is used as a temporary identifier to protect the UE's identity and prevent tracking. Additionally, 5G networks use stronger encryption algorithms than 4G networks, which further enhance security.

    NOTE : An example of security volnerability in 4G is to use IMSI at the early stage of registration process (e.g, before authentication and key agreement). In 5G, SUPI is a counter part to IMSI in previous technology. But in 5G, it is not allowed to use SUPI even before authentication and key agreement. 5G does not allow SUPI (Plain text information). It uses a kind of encrypted version called SUCI

    NOTE : Refer to How SUPI turn into SUCI section for further details on this.

Network Architecture: 5G networks have a different network architecture than 4G networks, which also affects the UE ID. In 5G networks, the UE ID is used to identify the UE and its associated subscription information in a specific network slice, while in 4G networks, the UE ID is used to identify the UE and its associated subscription information in a specific PLMN (Public Land Mobile Network).

Network Services: 5G networks provide new services such as network slicing and edge computing that require the UE to be identified in a specific network slice. In contrast, 4G networks provide services such as voice and data that do not require the same level of UE identification.

See Also
What Is 5G & How to Get 5G | Samsung UKUnderstanding what a 5G SIM is and its benefitsSIM card and eSIM FAQsSIM card not working, eSIM not working

Now I understand a few important things about SUCI as listed below.

  • In 5G, It does not allow SUPI to get directly exchanged over the air since it can easily get snatched by attackers.
  • So they encrypt the SUPI first and transmit the encrypted information over the air. That encrypted version of SUPI is called SUCI.
  • Usually(but not always)this SUCI is transmitted from UE to the network via RegistrationRequest

Now a question arises in my mind. RegistrationRequest is the first NAS message from UE to network and there is no information shared between UE and Network at this point. How can thenetworkdecrypt SUCI into SUPI when it recieves it ?

In simple words, the logic is similar to Authentication process. It can be described breifly as below.

  • UE encrypt SUPI using a specifically predefined algorithm known to both UE and the network. UE can select an algorithm from the list as below. (NOTE : you would notice that operate can define their own algorithm if they want. Of course, in that case the operator need to provision the algorithm in USIM and decrypt algorithm in their core network)
    • Null scheme
    • ECIES scheme profile A
    • ECIES scheme profile B
    • Operator-specific protection scheme
  • UE send the encrypted data and a few additional information required for the decoding in RegistrationRequest message (or IdentityInformation if requested by network).
  • Network decrypt the SUCI into plain text using the data and the information contained in the SUCI it recieves (NOTE : This decryption would happen in UDM. SUCI de-consealment is one of UDM functionaligy (23.501-6.2.7)).

Now let's look into this process a little bit more in detail. I am not an expert in encryption. So I would just to write down the overview of the process and do not have detailed knowledge on the encryption and decryption algorithm itself.

Overall signaling flow with SUCI can be illustrated as below.

5G | ShareTechnote (1)

What's happening onUE side ?

Inside of UE, the process of encrypting SUPI into an encrypted information called SUCI. UE can use a specific algorithm from a list of a few different predefined algorith. Following is the illustration of showing the overview of ECIES based encryption algorithm happening in UE.

< 33.501-Figure C.3.2-1: Encryption based on ECIES at UE >

5G | ShareTechnote (2)

What's happening onNetworkside ?

Once SUCI is transmitted by UE and received by Network. The network has to decode it notified by UE with information elements : Protection Scheme ID. Following is the illustration of showing the overview of ECIES based decryption algorithm happening in Network.

< 33.501-Figure C.3.3-1: Decryption based on ECIES at home network >

5G | ShareTechnote (3)

RegistrationRequest / RegistrationAccept

Once UE encrypted SUPI into SUCI, it would send it to network via RegistrationRequest message at 5GS mobile identity. NOTE : It is not mandatory in terms of 3GPP for UE to use SUCI. It is allowed to use any type of UE IDs shown here. Which type of ID should be used is determined by the requirement from Network Operator and USIM configuration.

    SUCI

      SUCI (SUPI Format = IMSI)

        mcc

        mnc

        Routing Indicator (16 bit, 4 digit)

        Protection scheme Id (4 bit)

        Home network public key identifier (8 bit)

        Scheme output (n Bytes)

      SUCI (SUPI Format = Network specific identifier)

        Type of identity (3 bit)

        SUCI NAI (n bytes)

    5G-GUTI

      mcc

      mnc

      AMF Region ID (8 bit)

      AMF Set ID (10 bit)

      AMF Pointer (6 bit)

      5G TMSI (32 bit)

    IMEI

    5G-S-TMSI

      AMF Set ID (8 bit)

      AMF Pointer (8 bit)

      5G - TMSI(32 bit)

    IMEISV

IdentityRequest

If UE has not used SUCI at RegistrationRequest and Network wants to know of SUCI, Network can request UE to to informSUCI by sending IdentityRequest with SUCI.

IdentityResponse with SUCI

If network request UE to send SUCI via IdentityRequest, UE should send IdentityResponse with SUCI in the format shown below.

    SUCI

      SUCI (SUPI Format = IMSI)

        mcc

        mnc

        Routing Indicator (16 bit, 4 digit)

        Protection scheme Id (4 bit)

        Home network public key identifier (8 bit)

        Scheme output (n Bytes)

      SUCI (SUPI Format = Network specific identifier)

        Type of identity (3 bit)

        SUCI NAI (n bytes)

Quote from 24.501-Table 9.11.3.4.1: 5GS mobile identity information element

Protection scheme identifier (octet 10 bits 1 to 4)

Bits

4 3 2 1

0 0 0 0 Null scheme

0 0 0 1 ECIES scheme profile A

0 0 1 0 ECIES scheme profile B

0 0 1 1

to Reserved

1 0 1 1

1 1 0 0

to Operator-specific protection scheme

1 1 1 1

Bits 5-8 of octet 10 are spare and shall be coded as zero.

Home network public key identifier (octet 10)

The Home network public key identifier (PKI) field is coded as defined in 3GPP TS 23.003. Home network public key identifier shall be coded as "00000000" when Protection scheme identifier is set to "0000" (i.e. Null scheme).

Bits

8 7 6 5 4 3 2 1

0 0 0 0 0 0 0 0 Home network PKI value 0

0 0 0 0 0 0 0 1

to Home network PKI value (1-254)

1 1 1 1 1 1 1 0

1 1 1 1 1 1 1 1 Reserved

Scheme output (octets 12 to x)

The Scheme output field consists of a string of characters with a variable length or hexadecimal digits as specified in 3GPP TS 23.003. If Protection scheme identifier is set to "0000" (i.e. Null scheme), then the Scheme output consists of the MSIN and is coded using BCD coding with each digit of the MSIN coded over 4 bits. If the MSIN includes an odd number of digits, bits 5 to 8 of octet x shall be coded as "1111".If Protection scheme identifier is not "0000"(i.e. ECIES scheme profile A, ECIES scheme profile B or Operator-specific protection scheme), then Scheme output is

coded as hexadecimal digits.

For the SUCI with SUPI format set to "Network specific identifier", the SUCI NAI field contains an NAI constructed as specified in subclause 28.7.3 of 3GPP TS 23.003 and encoded as UTF-8 string.

For the SUCI with SUPI format set to "GCI", the SUCI NAI field contains an NAI constructed as specified in subclause 28.15.5 of 3GPP TS 23.003and encoded as UTF-8 string.

For the SUCI with SUPI format set to "GLI", the SUCI NAI field contains an NAI constructed as specified in subclause 28.16.5 of 3GPP TS 23.003and encoded as UTF-8 string.

For the SUCI with SUPI format set to "GLI", the SUCI NAI field contains an NAI constructed as specified in subclause 28.16.5 of 3GPP TS 23.003and encoded as UTF-8 string.

For the 5G-S-TMSI, bits 5 to 8 of octet 4 are coded as "1111". The coding of the 5G-STMSI is left open for each administration.

NOTE : For the full log with Amarisoft WebGUI, check outthis tutorial of Amarisoft TechAcademy.

Example 01 > SUCI with ECIES-A in RegistrationRequest

Following is an example of SUCI being used in real communication between UE and a Network. (NOTE : This is an example from Amarisoft Callbox and Amarisoft UEsim)

    Protocol discriminator = 0x7e (5GS Mobility Management)

    Security header = 0x0 (Plain 5GS NAS message, not security protected)

    Message type = 0x41 (Registration request)

    5GS registration type:

    Follow-on request bit = 1

    Value = 1 (initial registration)

    ngKSI:

    TSC = 0

    NAS key set identifier = 7

    5GS mobile identity:

    SUCI

    SUPI format = 0 (IMSI)

    MCC = 001

    MNC = 01

    Routing indicator = 0

    Protection sheme id = 1 (ECIES scheme profile A)

    Home network public key identifier = 2

    ECC ephemeral public key = 0x13e1feffd2e39a0674efe37ab493bb4bb8a0a338077b28ef294e247709907350

    Ciphertext = 0x294a3f4f32

    MAC tag = 0xd08cab25fd4f58f3

    UE security capability:

    0xe0 (5G-EA0=1, 128-5G-EA1=1, 128-5G-EA2=1, 128-5G-EA3=0, 5G-EA4=0, 5G-EA5=0, 5G-EA6=0, 5G-EA7=0)

    0xe0 (5G-IA0=1, 128-5G-IA1=1, 128-5G-IA2=1, 128-5G-IA3=0, 5G-IA4=0, 5G-IA5=0, 5G-IA6=0, 5G-IA7=0)

Example 02 > SUCI with Null Algorithm in Identity Response

Following is an example of SUCI being used in real communication between UE and a Network. (NOTE : This is an example from Amarisoft Callbox and Commerical UE)

    Protocol discriminator = 0x7e (5GS Mobility Management)

    Security header = 0x1 (Integrity protected)

    Auth code = 0xd6ead5fa

    Sequence number = 0x0a

    Protocol discriminator = 0x7e (5GS Mobility Management)

    Security header = 0x0 (Plain 5GS NAS message, not security protected)

    Message type = 0x5c (Identity response)

    Mobile identity:

    SUCI

    SUPI format = 0 (IMSI)

    MCC = 001

    MNC = 01

    Routing indicator = 0

    Protection sheme id = 0 (Null scheme)

    Home network public key identifier = 0

    MSIN = 0123456789

5G | ShareTechnote (2024)

FAQs

What exactly does 5G do? ›

5G is the fifth generation of wireless cellular technology, offering higher upload and download speeds, more consistent connections, and improved capacity than previous networks.

Discover More
Is 5G better than LTE? ›

5G gives faster data speeds than LTE and supports more devices and users on the same network. Here is how long it would take to download a 1 GB file on different networks: On a 5G network, it would take about 10 seconds. On an LTE network, it would take about 2 minutes.

Read On
What is the real purpose of 5G? ›

5G wireless technology is meant to deliver higher multi-Gbps peak data speeds, ultra low latency, more reliability, massive network capacity, increased availability, and a more uniform user experience to more users. Higher performance and improved efficiency empower new user experiences and connects new industries.

Continue Reading
What is 5G and its disadvantages? ›

While 5G's algorithms are even more comprehensive than its predecessors, users are still vulnerable to cyberattacks. One area of concern is encryption. While apps on 5G networks are encrypted, the 5G NR standard doesn't have end-to-end encryption, leaving it open to certain kinds of attacks.

Get More Info Here
How fast is 5G vs 4G? ›

Depending on the plan, while top 4G download speeds can range from 50 to 180Mbps, 5G download speeds sometimes peak out at 250Mbps. But that number doesn't come close to the fastest 5G can get. In the best conditions, it can reach a whopping 20Gbps.

Read On
What is the difference between 4G and 5G phones? ›

The biggest difference between 4G and 5G is latency. 5G can offer low latency under 5 milliseconds, while 4G latency ranges from 60 ms to 98 ms. Lower latency brings advancements in other areas, such as faster download speeds.

Discover More
Why is 5G banned in some countries? ›

Countries such as the United States and Australia have expressed fears that 5G infrastructure could be used as tools for malign activities. These fears are based on the fact that 5G networks involve a greater number of interconnected devices, making them more susceptible to cyber-attacks.

Get More Info
Do I actually need 5G? ›

5G offers significantly faster downloads, quicker uploads, and more people to be connected at the same time. That means fewer delays when using your phone and accessing web content.

Read On
Is 5G faster than WiFi? ›

Speed. Both Wi-Fi 6 and 5G can theoretically provide gigabit speeds, which are often more than enough for most businesses. In a controlled environment, Wi-Fi 6 can achieve 9.6 Gbps while 5G can do up to 20 Gbps. In most cases, 5G will be faster but not all 5G is created equally.

See More
Why does my phone say LTE instead of 5G? ›

When 5G speeds don't provide a noticeably better experience, your iPhone automatically switches to LTE, saving battery life. The 5G icon appears based on the configuration of the carrier network, and in rare cases, may appear even when 5G coverage is not available. 5G On: Always uses 5G network when it's available.

Read On

Why does 5G seem slower? ›

"Many people still have 4G compatible and not 5G compatible phones. And when that ratio gets off, you might be in a place where 5G is under-provisioned, which is there are not enough resources kept behind 5G to make it works as fast as 4G," he said.

Explore More
Can 5G track you? ›

This data can also enable advertisers and data brokers to see the exact routes you take each day and even which buildings you go into. And anyone with access to your mobile network's cell tower data will now be able to track your movements in real time.

Read More
Why turn off 5G? ›

Here are some advantages to switching back to 4G on your Samsung device. Preserves your battery life. Your phone's battery will drain faster on 5G than on 4G due to its higher data transfer speeds and the need for your device to constantly search for a 5G signal, especially in areas with limited coverage.

Get More Info
Can 5G affect brain waves? ›

Statistical analysis with repeated-measures ANOVA showed no significant changes in the EEG waves in the subjects exposed to the 5G signal, except for a few electrodes in the alpha and beta oscillations, as mentioned in Section 3.1 and Section 3.2.

Read On
What is the downfall of 5G? ›

Weak Network Links

5G networks consist of multiple links, and each link in the network can use different types of 5G security protocols. As such, the weakest link in the chain can ultimately become its downfall.

Continue Reading
Is switching to 5G worth it? ›

5G offers a lot of benefits, including wider channels (increased speed), lower latency (responsiveness), and more bandwidth (the ability to connect a lot more devices at once).

Discover More
What is the threat of 5G? ›

Some of these 5G security risks include: Cyber-Attacks: 5G networks will be exposed to various cyber threats, including Distributed Denial of Service (DDoS) attacks, potential data breaches, and ransomware.

See More
Is there a 6G network? ›

6G internet is expected to launch commercially in 2030. The technology makes greater use of the distributed radio access network (RAN) and the terahertz (THz) spectrum to increase capacity, lower latency and improve spectrum sharing.

Tell Me More
Should I use 5G or LTE? ›

For example, use 5G to download data at high speeds. Use LTE for general web browsing and email. 5G will also be able to offload traffic onto LTE when there is too much congestion on the 5G network. This will help to ensure that users always have a consistent experience, even as demand for 5G grows.

Keep Reading
Does 5G use more battery? ›

Yes, 5G can use more battery than 4G LTE in many scenarios. You're also not alone if you've noticed higher battery drain than usual while connected to a 5G network. Samsung, Apple, T-Mobile, and others have admitted that you should probably switch to 4G if you care about battery life.

See Details

Do I really need 5G? ›

Investing in a new 5G phone is generally the best move if you can afford it since it ensures that your device will feel fast and relevant for years to come. But if your budget is limited, or the 5G phones available to you right now don't fit your needs, you won't be missing out on too much by opting for 4G instead.

Discover More
What are the disadvantages of a 5G network? ›

Many phone owners report that when using 5G, their handsets become hotter. Phones that use a 5G connection will undergo significant power drain, reducing battery life significantly. As a result, producers must invest in innovative battery technology to prevent batteries from breakage and other issues.

Explore More
Will 4G phones be obsolete? ›

Many experts say that 4G should be available well into 2030, so even though you may see 5G utilized more prevalently, especially in large cities, there's no reason to believe that 4G is becoming more scarce.

Show Me More
Are there any benefits to 5G? ›

5G benefits applications such as factory automation, video surveillance and connected vehicles due to its lower latency, high speeds and support for numerous connected devices compared with 4G networks. 5G takes a massive leap from forward in speed and throughput from 4G and 3G, as shown in our illustration.

Know More
Is it worth using 5G? ›

5G offers a lot of benefits, including wider channels (increased speed), lower latency (responsiveness), and more bandwidth (the ability to connect a lot more devices at once). But before you make the move to a 5G cellular router, you'll want to make sure you're in a position to take full advantage of it.

Read More
Does 5G use more data? ›

No, 5G does not use more than 4G. When you download a file on 5G, it's the same size as that on the 4G, so there isn't a reason why 5G would consume more data. Data usage in the 5th generation will still be higher.

Get More Info
What is the physics behind 5G? ›

5G offers an order of magnitude – 10 times – more bandwidth than its predecessor, 4G. The greater bandwidth is possible because over and above low and medium frequency radio waves, 5G uses additional higher-frequency waves to encode and carry information.

View Details
Top Articles
How Much Sauerkraut To Eat Per Day? Complete Guide
Why You Should Try Adding Salt And Vinegar To Your Mashed Potatoes
Cu Boulder Psc
Jane Fonda Lenscrafters Commercial
70 Choose 5
Storage Units in Killeen, TX at 4201 Clear Creek Rd
Junees Cedarhurst
Mr Seconds Geneseo
Ariadne Getty Net Worth
Moniqure
Latest Posts
Kodak XTOL Film Developer, 5 litres
The Secret To Better Caramels? Burning the Sugar
Article information

Author: Arielle Torp

Last Updated:

Views: 5665

Rating: 4 / 5 (41 voted)

Reviews: 88% of readers found this page helpful

Author information

Name: Arielle Torp

Birthday: 1997-09-20

Address: 87313 Erdman Vista, North Dustinborough, WA 37563

Phone: +97216742823598

Job: Central Technology Officer

Hobby: Taekwondo, Macrame, Foreign language learning, Kite flying, Cooking, Skiing, Computer programming

Introduction: My name is Arielle Torp, I am a comfortable, kind, zealous, lovely, jolly, colorful, adventurous person who loves writing and wants to share my knowledge and understanding with you.