US 12,075,236 B2
Method for concealing a subscription identifier at a user equipment of a mobile communication network, and corresponding system and computer program product
Francesco Caserta, Naples (IT); and Amedeo Veneroso, Caserta (IT)
Assigned to STMicroelectronics S.r.l., Agrate Brianza (IT)
Filed by STMicroelectronics S.r.l., Agrate Brianza (IT)
Filed on Mar. 22, 2022, as Appl. No. 17/655,867.
Claims priority of application No. 102021000008951 (IT), filed on Apr. 9, 2021.
Prior Publication US 2022/0330017 A1, Oct. 13, 2022
Int. Cl. H04W 12/03 (2021.01); H04W 8/18 (2009.01); H04W 12/041 (2021.01); H04W 12/0431 (2021.01)
CPC H04W 12/03 (2021.01) [H04W 8/18 (2013.01); H04W 12/041 (2021.01); H04W 12/0431 (2021.01)] 20 Claims
OG exemplary drawing
 
1. A method for concealing a subscription identifier at a user equipment of a mobile communication network, comprising a mobile equipment and an integrated circuit card which stores subscription data for accessing the mobile communication network including the subscription identifier, the method comprising:
receiving at the user equipment a corresponding request by a server to provide a corresponding subscription identifier;
sending, by the mobile equipment, an identity retrieve command to the integrated circuit card;
performing an elliptical curve encryption of the subscription identifier to generate a concealed subscription identifier, the elliptical curve encryption comprising performing, at the integrated circuit card:
generating an ephemeral key pair comprising an ephemeral private key and an ephemeral public key, including performing a first scalar multiplication of the ephemeral private key by a generator value to obtain the ephemeral public key;
generating a shared secret key performing a second scalar multiplication of the ephemeral private key by a server public key, the first and second scalar multiplications being performed iteratively for each bit of the ephemeral private key; and
using the shared secret key to derive keys used to encrypt the subscription identifier, which is to be sent to the server as the concealed subscription identifier in response to the identity retrieve command;
performing, before receiving the identity retrieve command at the integrated circuit card, a pre-calculation of the ephemeral key pair comprising the ephemeral private key and the ephemeral public key and the shared secret key, the pre-calculation including:
performing an interruptible calculation of the first and second scalar multiplication during each execution time of given periodic commands sent by the mobile equipment to the integrated circuit card; and
storing a respective state of completion of the interruptible calculation, the interruptible calculation including checking, at a beginning of each execution time, the respective state of completion; and
in response to the respective state of completion indicating completion of a computation of a valid ephemeral key pair or shared secret key, storing corresponding values of the ephemeral private key, the ephemeral public key, and the shared secret key in a table in a memory of the integrated circuit card at the user equipment.