In part one of this mini-series on the 5G core network I’ve taken a look at some of the new concepts and how the network entities there with their new names map to what we already know from the EPC, i.e. the 4G core network. Now that this is done let’s have a look at the new names of some identifiers.
The International Mobile Subscriber Identity, the IMSI, has made it with this name through three generations of mobile networks. In 5G, however, a somewhat more generic term is now used, the Subscription Permanent Identifier, or SUPI for short (German speakers will probably smile a bit now).
One confidentiality issue present in all prior mobile network incarnations is that when push comes to shove, the mobile device has to reveal its IMSI to the network. Once the subscriber is authenticated and encryption is activated an anonymized temporary identifier would then be assigned and used. Unfortunately, this early moment of openness can be used to make the UE reveal its subscriber identity by malicious actors at any time, e.g. with fake base stations telling the UE that the temporary identifier is unknown. It looks like with the 5G core this is going to be fixed, as in addition to the SUPI, the Subscription Concealed Identifier, the SUCI (finally something to smile for English speakers as well), has been introduced. The difference to the temporary ID (e.g. P-TMSI) used so far is that the SUCI contains the mobile country code and mobile network code and is (probably) stored in the central user database, so even when roaming, it can be used to initially get authentication credentials for the subscriber from the home network. I had a post on this when the concept was first proposed and now that it has been finalized, I have to go back to the specs and have a closer look at the details.
The unique device identifier, the IMEI has also received a revamp, it is now referred to as the Permanent Equipment Identity or PEI for short. It looks like the PEI can have different formats as the specs say that “[the] UE must support a PEI in IMEI format when using 3GPP access technology”. This sentence also reveals why the identifiers have been generalized to some extent: The 5G core specs no longer only address connectivity to a 3GPP radio network (i.e. 5G RAN) but also fixed-line and non-3GPP/LTE/5G radio networks (e.g. Wifi). More on this in one of the following posts.
One identifier that has made it unscathed into the 5G world seems to be the (5G) GUTI, the Globally Unique Temporary Identifier which contains the MCC, the MNC, the AMF ID (see previous post) and other pieces of information.
For further details on these identifiers have a look at 3GPP TS 23.501, Chapter 5.9.