Mobile Networks
The scalable and customizable solution for subscriber authentication and key agreement in mobile networks*

Mobile Network TrustServer

Mobile Network TrustServer - The solution for mobile subscriber authentication and key agreement in mobile networks*

Cryptoserver
  • Compliant with the latest 3GPP Security requirements to ensure a secure operational environment
  • For subscriber identity de-concealing, authentication and key agreement (AKA) in mobile networks*
  • Easy integration through dedicated interface for AKA use case
Die wichtigsten Vorteile

Die wichtigsten Vorteile

Icon

Unique product combination

Mobile Network TrustServer provides the ideal product combination of a certified secure environment and integration interfaces.

Icon

Developed for network element provider

Specially designed to meet the needs of network element provider for subscriber identity de-concealing and authentication and key agreement in mobile networks*.

Icon

Unprecedented Speed

Process subscriber data and generate keys within a secure and tamper-protected environment at unprecedented speed.

Details

Details

Utimaco’s HSM platform specially designed to meet the needs of network element providers in mobile networks*.

As network solution vendor your solutions must comply with 3GPP security requirements as defined in Technical Specification 33.501. Therefore, your security architecture as well as related procedures for network elements must foresee a secure environment that protects long-term keys K and Home Network Private keys from physical attacks. Functions which process sensitive subscriber data, i.e. subscriber identity de-concealing as well as authentication and key agreement, must also be executed in this secure environment.

Mobile Network TrustServer is an idealsolution to meet these requirements as it provides the unique combination of a certified secure environment and an integration API dedicated to subscriber identity de-concealing, authentication and key agreement.

Mobile Network TrustServer is suitable for decryption of concealed subscriber identities in 5G mobile networks, and for key generation according to Authentication and Key Agreement (AKA) protocols in 3G, 4G and 5G mobile networks.

Mobile Network TrustServer ensures an easy implementation into an existing environment and effectively handles tasks related to subscriber identity de-concealing, authentication and key agreement efficiently; even without in-depth crypto knowledge.

Mobile Network Trustserver Chart


*Available for 3G, 4G and 5G mobile networks. Availability for 2G mobile networks expected in July.

LAN-Box

 

Unique product combination

  • Provides a unique combination of a certified secure environment and integration API dedicated to subscriber identity de-concealing, authentication and key agreement

Developed for network element provider

  • Specially designed to meet the needs for subscriber identity de-concealing and authentication and key agreement in mobile networks*
  • Process subscriber data and key generation within a secure and tamper-protected environment

Compliant with latest requirements

  • Secure environment that protects against physical attacks as required in 3GPP Technical Specification 33.501 “Security architecture and procedures for 5G System”
  • FIPS 140-2, PCI HSM and Common Criteria proven Hardware Security Module and cryptographic algorithms

Subscriber identity de-concealing function (SIDF)

  • Decrypts the Subscriber Concealed Identifier (SUCI) with Subscriber Identity De-concealing Function (SIDF) in the home network
  • Secures storage and usage of the Home Network Private Key to ensure privacy of the permanent identifier SUPI.
  • Deconceals the SUCI inside the tamper protected HSM according to Profile A and Profile B.

Key Generation according to AKA protocols

  • Support of all relevant 3G, 4G and 5G Subscriber Authentication and Key Agreement (AKA) protocols
  • Derives the key material from the subscriber’s unique key K inside the tamper protected HSM.

Tailored API

  • MNAUTH API, the C-style application programming interface (API) dedicated for Mobile Network security use cases
  • Easy Integration into mobile network functions by using MNAUTH API

Unprecedented Speed and High Availability

  • Processes subscriber data and generates keys at unprecedented speed
  • High availability when running authentication and agreement protocols in a redundant system setup

Scalability and Customizability

  • Easy extension to support future versions of SIDF Profiles and AKA protocols, including future quantum-safe algorithms
  • Customizable to specific requirements of Mobile Network Operators
  • Ensures the best fit for existing and future requirements, guaranteeing long-term investment security

For each network size

  • Available in three performance options
  • From the entry level model for mobile networks with low numbers of subscribers and limited dynamics to a high-performance option for large networks with millions of subscribers

SecurityServer

Our general-purpose Hardware Security Module designed to handle the most common business applications. It meets and fulfills numerous compliance requirements and industry standards and supports all common cryptographic algorithms and interfaces (APIs).

Find more details

u.trust 360

The centralized management and remote monitoring solution for Atalla AT1000 and CryptoServer LAN V5 HSMs.

Find more details

Contact us

We look forward to answering your questions.

Our Partners

Look for the best implementation or distribution partner for your project.

Nehmen Sie Kontakt auf

Sprechen Sie mit einem unserer Spezialisten und erfahren Sie, wie Utimaco Ihnen helfen kann.