Paper 2021/753

Anonymous Device Authorization for Cellular Networks

Abida Haque, Varun Madathil, Bradley Reaves, and Alessandra Scafuro


Cellular networks connect nearly every human on the planet; they consequently have visibility into location data and voice, SMS, and data contacts and communications. Such near-universal visibility represents a significant threat to the privacy of mobile subscribers. In 5G networks, end-user mobile device manufacturers assign a Permanent Equipment Identifier (PEI) to every new device. Mobile operators legitimately use the PEI to blocklist stolen devices from the network to discourage device theft, but the static PEI also provides a mechanism to uniquely identify and track subscribers. Advertisers and data brokers have also historically abused the PEI for data fusion of location and analytics data, including private data sold by cellular providers. In this paper, we present a protocol that allows mobile devices to prove that they are not in the blocklist without revealing their PEI to any entity on the network. Thus, we maintain the primary purpose of the PEI while preventing potential privacy violations. We describe provably secure anonymous proof of blocklist non-membership for cellular network, based on the RSA accumulators and zero-knowledge proofs introduced by Camenisch and Lysyanskaya (Crypto'02) and expanded upon by Li, Li and Xue (ACNS'07). We show experimentally that this approach is viable for cellular networks: a phone can create a blocklist non-membership proof in only 3432 milliseconds of online computation, and the network can verify the proof in less than one second on average. In total this adds fewer than 4.5 seconds to the rare network attach process. This work shows that PEIs can be attested anonymously in 5G and future network generations, and it paves the way for additional advances toward a cellular network with guaranteed privacy.

Available format(s)
Publication info
Published elsewhere. 14th ACM Conference on Security and Privacy in Wireless and Mobile Networks
5g securityanonymityauthorizationaccumulatorsblocklists
Contact author(s)
ahaque3 @ ncsu edu
vrmadath @ ncsu edu
bgreaves @ ncsu edu
ascafur @ ncsu edu
2021-06-16: revised
2021-06-07: received
See all versions
Short URL
Creative Commons Attribution


      author = {Abida Haque and Varun Madathil and Bradley Reaves and Alessandra Scafuro},
      title = {Anonymous Device Authorization for Cellular Networks},
      howpublished = {Cryptology ePrint Archive, Paper 2021/753},
      year = {2021},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.