5G Fundamentals

SUPI, SUCI, 5G-GUTI, PEI — subscriber identifiers

Protecting Subscriber Identity in 5G

The SUPI or Subscription Permanent Identifier is the 5G equivalent of the IMSI and serves as the globally unique subscriber identity stored on the USIM. Unlike earlier generations where the IMSI was transmitted in cleartext over the air, 5G mandates that the SUPI be encrypted into a SUCI before any radio transmission. The encryption uses ECIES with the home network's public key, and only the SIDF function within the home UDM can perform decryption. Even the visited network never sees the SUPI in cleartext, which eliminates the IMSI catcher attacks that plagued 2G through 4G networks.

Back to course

interactive3 min

Lesson 22 of 27

SUPI, SUCI, 5G-GUTI, PEI

Card 1 of 617%

Warm-up: Guess before you learn

Try these first, even if you're not sure. Guessing primes your brain.

Old networks sent the permanent subscriber ID in cleartext. What is the cleanest fix?

When you roam abroad, who should be able to decrypt your hidden identity?

Why not keep using the permanent ID for every message after the phone registers?

Answer all 3to continue — it's OK to be wrong.

All lessons in this level: