Regarding the technical principles and application scenarios of 5G SUCI SIM cards, the protocol specifications and security mechanisms in the search results are analyzed as follows:

I. Technical positioning and core role of SUCI

SUCI (Subscription Concealed Identifier) is a user privacy protection identifier in the 5G network, which is used to replace the IMSI/SUPI transmitted in plain text in the traditional network. Its core role is reflected in:

Encrypted identity transmission: The MSIN part in SUPI is encrypted through ECIES (Elliptic Curve Integrated Encryption Scheme), and only the plain text MCC/MNC is retained for routing112;

Anti-tracking attack: Different SUCI values are dynamically generated each time registration to avoid tracking user locations through fixed identifiers15;

Support multiple authentication scenarios: Compatible with two SUPI types: 3GPP access (IMSI) and non-3GPP access (NAI)12. 2. Technical upgrade requirements for SIM cards

Key upgrade points of 5G SUCI SIM cards compared to 4G USIM cards:

Hardware security enhancement: integrated SE security chip, supports ECC encryption algorithm and key storage7;

File system expansion: Added EF_SUCI_CalcInfo file to store parameters such as home network public key identifier (0-255), routing indicator (1-4 digits)1;

Dynamic computing capability: SIM card has built-in SUCI generation module, and real-time calculation of protection scheme output field15.

3. Detailed explanation of SUCI generation mechanism (taking IMSI type as an example)

When SUPI=234150999999999:

Decomposition structure: MCC=234, MNC=15, MSIN=09999999991;

Encryption object: Only apply Profile A protection scheme to the MSIN part, and use HPLMN public key (identifier 27) and temporary key for encryption1;

Output format: SUCI=0|234|15|678|1|27|<encrypted MSIN+MAC tag>12.

4. Network side processing flow

AMF decryption: Match the private key through Home Network Public Key Identifier and restore SUPI15;

Failure processing: If decryption fails, the secondary authentication process is triggered, and SUCI using the Null scheme protection scheme is rejected12;

Key management: HPLMN needs to maintain a rotation mechanism for 255 ECC key pairs and regularly update the public key identifier in the SIM card1. 5. Impact of industrial applications

Internet of Things security: Industrial equipment uses SUCI to avoid device ID exposure and prevent production line status data from being associated and analyzed7;

Virtual operators: Support NAI type SUCI, so that MVNO can use email format user identification (user@mvno.com)12;

International roaming: The routing indicator field realizes cross-operator network addressing, and China Mobile users can preferentially access local cooperative nodes when roaming1.

China Telecom has currently launched a 5G security enhanced SIM card that supports SUCI. Its white paper shows that the card shortens the key negotiation time to 120ms in the smart grid scenario, which is 40% more efficient than the traditional solution711. Users can replace it through the operator’s business hall, but it should be noted that some old 5G mobile phones may not be compatible with the file system structure of the new card

For bulk order or 5G SUCI SIM Card customize requests, please kindly contact us.