SUPI concealment → SUCI (ECIES encryption)

The IMSI Catching Problem

In 2G, 3G, and 4G networks, the network could request a subscriber's permanent identity in cleartext over the air interface. Attackers exploited this with IMSI catchers — rogue base stations that impersonate legitimate towers to harvest subscriber identities. Once a device responds with its IMSI, the attacker captures the permanent identity of every nearby subscriber. This enables tracking, surveillance, and even call interception. The fundamental flaw was that the protocol required the UE to transmit its permanent identity completely unprotected before any security context was established.