This post was originally published in January 2020 and updated in August 2021 to reflect new developments in standardization.
To understand the context behind this question, let’s briefly discuss different types of SIM cards. By "SIM cards", we mean those smart cards that are used in mobile networks. In 2G, the smart card is called the subscriber identity module (SIM) that represents hardware and software together. Even though these SIMs can also be used in 3G systems, for enhanced security, 3G systems use a newer smart card with software and hardware separated. The universal subscriber identity module (USIM) is one of several software applications that resides in the hardware part, called the universal integrated circuit card (UICC).
--------------------------------------------------------------------------------------
Learn how 5G security enables a trustworthy system in our 5G security whitepaper.
--------------------------------------------------------------------------------------
In this post, we refer to these newer smart cards as Rel 99+ USIM which are compatible with 3GPP Release 1999 (first 3G specifications) and afterwards. These Rel 99+ USIMs can be used to access every generation of mobile networks, including 5G. Such backward and forward compatibility is achieved by the carefully designed offloading of some computations and storage to mobile phones.
While accessing the 5G system is one thing, the question we have is whether using the “new” security and privacy features of 5G requires a new kind of USIM other than Rel 99+ USIMs which could be used for 4G security. This is a valid question and something which we address below. For the sake of brevity, in this post, we do not touch upon other new features in 5G that do not concern USIM.
Identity and access management (IdAM)
In 5G, subscription permanent identifier (SUPI) could be in two formats, one is the legacy format called international mobile subscriber identity (IMSI) and another is the format newly adopted in 5G called network access identifier (NAI). SUPIs in the NAI format allow the use of 3GPP 5G technology in the context of private networks and wireless-wireline convergence.Furthermore, 5G provides at least two methods of authentication and key agreement (AKA) for accessing the network. One such method, 5G AKA, is an evolution of the authentication method in 4G. Another, called EAP-AKA', is a method now widely adopted in 5G for broader use of the Extensible Authentication Protocol (EAP) framework.
In any case, from the IdAM viewpoint, the Rel 99+ USIMs that could be used in 4G are still compatible with 5G, in the sense that they can be used to authenticate and gain access to the 5G system. The main reason for this forward compatibility is the fact that there is no need for a new permanent security key shared between USIMs and the network. Another reason is that newer storage and computations required for new security features can be offloaded to mobile phones, like the calculation of a new type of AKA response and new session keys.
The adoption of the EAP framework in 5G and the definition of SUPIs in NAI format, means that it is possible for other methods than EAP-AKA’, such as Extensible Authentication Protocol-Transport Layer Security (EAP-TLS), to be used for isolated deployments. In those cases, it could be such that the USIM's role is skipped. It is also worth noting that, just as with 4G networks, any smart cards older than Rel 99+ USIM (which may be called Rel 98- SIM) cannot be used to access 5G.
Privacy
5G has introduced significant privacy enhancements in terms of how permanent and temporary identifiers are used.
Let's first discuss the most important one which is the use of subscription concealed identifier (SUCI). The SUCI, which basically hides the SUPI over-the-air, can be calculated using standardized schemes like so-called Profile A and Profile B. It also requires some new parameters like public key of the home network, scheme identifier, and routing indicator. While SUCI calculations using Profile A/B can be offloaded to mobile phones, the standards only permit the storage of the new parameters in the USIM. For brevity, in this post we will not discuss the proprietary option where SUCI calculation can be done in USIMs using non-standardized schemes.
Therefore, Rel 99+ USIMs can be used to store the parameters required for SUCI calculation with Profile A/B given that they support creating the necessary files (DF5GS/EFSUCI_Calc_Info/EFRouting_Indicator). This is also true for Rel 99+ USIMs already in the field, i.e., if they support some mechanisms like remote file management over-the-air (OTA), then they could be used for storing the parameters required for SUCI calculation with Profile A/B. Otherwise, SUCI will be calculated by mobile phones using the so-called "null-scheme" which is a dummy scheme and does not hide SUPI. In other words, Rel 99+ USIMs that cannot store new parameters required for SUCI calculation could still be used to get access to the 5G system but without the ability to hide the SUPI over-the-air.
Note that there are also other privacy enhancements in 5G like the strict refreshment of temporary identifiers, decoupling of permanent identifiers from paging procedures, and partial confidentiality protection of initial messages. For these features, the USIM's role is not required in the standards.
Steering of roaming (SoR) and UE parameter update (UPU)
SoR and UPU are two new procedures in 5G between mobile phones and the home network. These new procedures enable the home network to update configuration parameters in mobile phones and/or USIM using control plane signaling. It means that in 5G, the home network has an alternative to existing mechanisms like over-the-air (OTA) updates that use SMS as transport.
Besides the handling of the so-called "secured packet" that mobile phones can basically relay to the USIM, the scope of SoR and UPU procedures include parameters like operator controlled PLMN selector with access technology, default configured network slice selection assistance information (NSSAI), and routing indicator.
The handling of new control plane signaling including security, like calculation and verification of new security tokens, are offloaded to mobile phones. Furthermore, in some cases, storage of parameters is also offloaded to mobile phones like default configured NSSAI and mobile phone's copy of operator controlled PLMN selector with access technology. Therefore, in such cases, special support from the USIM is not required for SoR and UPU in 5G, which means that Rel 99+ USIMs can be used.
However, there are other cases when the storage of the new/updated parameters is still done in USIM, like routing indicator (EFRouting_Indicator), USIM's copy of operator controlled PLMN selector with access technology (EFOPLMNwACT), and any file handling done by the "secured packet". Even then, Rel 99+ USIMs are still compatible with SoR and UPU in 5G given that they support the necessary file management operations.
Long-term key update process (LTKUP)
Security in 3GPP (2G-5G) ultimately relies on the so-called long-term key (Ki or K) securely stored in the SIM cards. This long-term key enables AKA-based authentication, and is the root key for the derivation of session keys. There are also other long-term keys used for the secure management of SIM cards, called over the air (OTA) keys, which are also securely stored in the SIM cards.
If these long-term keys (Ki or K, and OTA keys) leak due to any reason (for example, an accidental exposure or factory compromise), the impact on security would be devastating.
Earlier, the only way of handling such a leak was replacing the SIM cards. Now, 3GPP has recommended two standardized ways for securely and quickly replacing the long-term keys using OTA: one using a Diffie-Hellman based key agreement, and another activating one among multiple sets of keys on the USIM.
If the service provider chooses to use LTKUP, then new SIM cards are indeed required. But LTKUP is specified as informational, i.e., not mandatory, and it is not specific to 5G by any means (it applies from 2G to 5G).
Therefore, LTKUP does not mandate new SIM cards for accessing 5G or enabling any 5G security and privacy features.
Non-public network (NPN)
3GPP recently specified native support for NPNs in 5G. Not only can these NPNs be deployed with support from a public network, called Public Network Integrated NPN (PNI-NPN), but also separately on their own, called Stand-alone NPN (SNPN).
In PNI-NPN, a PLMN subscription is mandatory. This includes a SUPI and credentials securely stored at the device, for example, in the SIM card in case of AKA long-term keys. The PNI-NPN may use Closed Access Groups (CAG) so that only authorized PNI-NPN devices can access the PNI-NPN. In this case, devices may be configured with the list of CAG cells the devices are allowed to access and/or whether the devices are only allowed to access 5GS via CAG cells (for example, a robot within a factory) or if they may also access 5GS via non-CAG cells (for example, a factory worker’s mobile phone that can also connect to the PLMN when outside the factory premises).
Storage of NPN related settings can be offloaded to the NPN device, so NPN itself does not mandate new SIM cards for accessing the NPN.
In SNPN, although a subscriber can be identified and authenticated by an IMSI based SUPI and AKA long term keys, a PLMN subscription is not strictly required. In fact, no SIM card would be required for SNPNs that use authentication EAP methods other than EAP-AKA (EAP-TLS, for example) as explained earlier.
In any case, when it comes to NPN, and specially to SNPN, the assumption is that most of the devices and subscriptions will be new, and in case of requiring the support of a SIM, corresponding SIMs could be appropriately configured to enable all security, privacy and NPN specific settings required from start as required by the NPN.
Summary
To summarize, we discussed impacts on USIMs by relevant security and privacy features that are new in 5G.
Firstly, from an IdAM viewpoint, Rel 99+ USIMs, which could be used for 4G, are still compatible to get access to 5G.
Secondly, regarding SUPI privacy, Rel 99+ USIMs can be used to enable SUCI calculation with Profile A/B as long as they support the necessary file management operations. Regarding other privacy features, Rel 99+ USIMs are fully compatible in their current form.
From the perspective of SoR/UPU procedures, Rel 99+ USIMs are compatible in their current form only in some cases, while compatibility in other cases will depend on them supporting the necessary file management operations.
Next, LTKUP is neither a mandatory feature nor specific to 5G.
Finally, NPNs by themselves do not require new SIM cards, although the assumption is that most NPN users will be connected using new subscriptions for which fresh SIM cards could be appropriately configured from the start.
It is pertinent to mention that ultimately, whether or how the above-mentioned new security and privacy features are used is in the remit of the service provider and therefore, even in the worst-case scenario, they will not prohibit access to the plethora of other basic 5G features.
If you’re a subscriber, you don’t need to concern yourself with what version of SIM card is in your mobile phone and whether or not your service provider swapped an old SIM card; you should rather be interested in the particular features you care about, for example, whether SUPI privacy is enabled or not.
Technical notes
- IdAM part – The formats of SUPI (IMSI and NAI) are defined in 3GPP TS 23.003, see clauses 2.2A, 2.2, and 28.7.2. The new type of AKA response is called RES* and new session keys are called KAUSF and KSEAF. See clauses 6.1 in 3GPP TS 33.501 for details. In Annex B of that TS, you will also find details of using EAP-TLS.
- Privacy part – The formats of SUCI are defined in clauses 2.2B and 28.7.3 in 3GPP TS 23.003. Clause 6.12 and Annex C in 3GPP TS 33.501 contain main details of subscription identifier privacy. Clause 4.4.11 in 3GPP TS 31.102 specifies USIM files specific to 5G.
- SoR/UPU part – The new security tokens are called SoR-MAC-IAUSF, UPU-MAC-IAUSF, SoR-MAC-IUE, and UPU-MAC-IUE. See the main details of SoR and UPU can be found in clauses 6.14 and 6.15 in 3GPP TS 33.501, Annex C in TS 23.112, and Clause 4.20 in TS 23.502.
- LTKUP part – Details of LTKUP are specified in an information series report 3GPP TR 33.935.
- NPN part – General description of NPNs can be found in TS 23.501 and 23.502. Security of NPN is specified in TS 33.501.
We want to thank our wonderful colleagues for their valuable inputs: Vesa Torvinen, Noamen Ben Henda, Christine Jost, Monica Wifvesson, Peter Hedman, Ivo Sedlacek, Eva Fogelström.
Learn more
Read our earlier blog post where we offer an overview of the 3GPP 5G security standard.
Explore 5G
