Blockchain powered eSIM

0.0.4

Blockchain and eSIM are disruptive technologies in the mobile industry facing resistance from established players. Despite this, they are slowly being adopted due to innovation and companies that see the value in change. Both technologies have a secure future and it's only a matter of time before eSIMs become the norm, with blockchain helping to drive their adoption.

This is the 4th article / Week4 progress report of my journey at EthIndia Fellowship 3.0 , building Blockchain Powered eSIM.

Here’s the link of the third article of this series in which I’m aiming to build Blockchain Powered eSIM.

This article discusses how the telecom industry can enhance its protocols, algorithms using Zero Knowledge Proofs and explores how this technology can be incorporated into this project.

Let’s begin with learning a little about Zero Knowledge Proofs:

Zero Knowledge Proofs

A new notion of a Proof !*
A new way to prove bound on the amount of knowledge released in an interaction !
If ‘Simulated View’ and ‘Real Interaction’ are computationally indistinguishable *!

- Shafi Goldwasser

A zero-knowledge proof (ZKP) is a method of proving the possession of certain information, such as a private key, without revealing that information, or any other information beyond the fact that the information exists and is held by the prover. In other words, a ZKP allows one party (the prover) to prove to another party (the verifier) that a statement is true, without revealing any information beyond the fact that the statement is true. ZKP protocols are used in various applications, including secure multiparty computations, digital rights management, and blockchain technology.

ELI5

Imagine you have a secret toy and you want to show your friend that you have it, but you don't want to give it away or show them what it looks like. You can show them a proof that you have the toy, without actually showing them the toy itself. This proof is called a "zero-knowledge proof" because your friend doesn't learn any extra information other than the fact that you have the toy.

It's like you have a box with a toy inside, and you want to prove to your friend that there is a toy inside the box without opening it. You can shake the box and let them hear the noise the toy makes. Your friend can tell that there is something inside the box because of the noise, but they don't know what the toy looks like.

It's similar to real-life situations like, when you go to the bank, you prove your identity to the teller by showing them your ID card, but you don't show them all your personal information or how much money you have.

Note: I’ve been learning ZKPs from a past few months and on the basis on my learning i’m writing this article, please correct me if i’m wrong.

Firstly, let’s get into a few protocols that i came across and how they can be improved by ZKP:

There are several protocols in telecom that can be improved with zero-knowledge proofs (ZKPs), here are some examples:

  1. Authentication and Authorization:ZKPs can be used to prove identity or access rights to the network without revealing any personal information.
    For example, in the 5G network, ZKPs can be used to provide secure authentication and authorization of devices without disclosing the device's identity or location. This can protect against unauthorized access to user data and enhance privacy.

  2. Billing and Charging:
    ZKPs can be used to enable secure billing and charging of telecom services without revealing any personal information.
    For example, in the context of mobile payments, ZKPs can be used to prove the ownership of a mobile wallet without disclosing the owner's identity or transaction details. This can prevent fraud and enhance privacy.

  3. Location Tracking:
    ZKPs can be used to enable secure location tracking of mobile devices without revealing the device's location to third parties.
    For example, in the context of emergency services, ZKPs can be used to provide secure location tracking of a device without disclosing the device's location to unauthorized parties. This can enhance privacy and security.

  4. Network Optimization:
    ZKPs can be used to enable secure sharing of network data between telecom operators without disclosing any sensitive information.
    For example, in the context of network optimization, ZKPs can be used to share network statistics between operators without revealing any personal information or specific user behavior. This can enhance network performance while preserving privacy.

Overall, ZKPs offer a promising way to enhance the security and privacy of various protocols in telecom. By leveraging ZKPs, telecom operators can provide more secure and private services while protecting against fraud and unauthorized access to user data.

Secondly, let’s get into a few algorithms that can be improved using Zero Knowledge Proofs.

Improvements in Global System for Mobile Communication (GSM) using ZKPs

GSM (Global System for Mobile Communications) is a widely used mobile communication standard that provides voice and data services to mobile devices.

Currently, GSM uses a challenge-response auth mechanism, where the network sends a challenge to the mobile device, and the mobile device responds with a value calculated using a secret key. This mechanism is vulnerable to attacks such as eavesdropping and man-in-the-middle attack

One way that ZKP could be used to improve GSM is to enhance the security of the authentication process between the mobile device and the network.

ZKP could be used to create a more secure authentication mechanism by allowing the mobile device to prove to the network that it possesses the secret key without revealing the key itself.

In this scheme, the network would send a random challenge to the mobile device, and the mobile device would use the secret key to generate a response.

Instead of sending the response directly to the network, the mobile device would use a ZKP to prove to the network that it possesses the secret key without revealing the key itself.

Another potential use of ZKP in GSM is to enhance the privacy of user data. With traditional auth mechanisms, the network knows the identity of the user and can link their activity to their identity.

By using ZKP, the user could prove their identity without revealing it to the network, thus providing an extra layer of privacy.

Implementing ZKP in GSM would require significant changes to the existing infrastructure, so it may take some time before we see this technology being used in practice.

Improvements in Advanced Encryption Standard (AES) and Data Encryption Standard (DES) using ZKPs

Zero-knowledge proofs (ZKPs) can potentially help in advancing the Advanced Encryption Standard (AES) and Data Encryption Standard (DES) by improving their security and privacy.

ZKPs allow a prover to convince a verifier of the truth of a statement without revealing any additional information beyond the fact that the statement is true. In the context of cryptography, ZKPs can be used to prove that certain computations were performed correctly or that certain data satisfies certain conditions, without revealing the actual computation or data.

For AES and DES, ZKPs can be used to prove that the encryption or decryption of a message was performed correctly, without revealing the encryption key or the plaintext message. This can be useful in situations where the confidentiality of the encryption key or the plaintext message must be maintained, but it is still necessary to prove that the encryption or decryption was performed correctly.

Additionally, ZKPs can also be used to prove that certain cryptographic primitives, such as hash functions or symmetric encryption algorithms, are secure and resistant to attacks. This can be useful in verifying the security of AES and DES, as well as in developing new cryptographic primitives that are more secure and efficient than existing ones.

In summary, ZKPs can potentially help in advancing AES and DES by improving their security and privacy, as well as in verifying the security of cryptographic primitives used in these algorithms.

Improvements in Authentication and Key Agreement (AKA) protocol using ZKPs

The Authentication and Key Agreement (AKA) protocol is a security protocol used in cellular networks to authenticate users and establish secure communication channels. Zero-knowledge proofs (ZKPs) can be used to improve the security and privacy of the AKA protocol in several ways:

  1. Enhancing User Privacy: ZKPs can be used to verify user identities without revealing any additional information about the user, beyond the fact that the user has the necessary credentials to access the network. This can help protect user privacy by preventing the disclosure of unnecessary personal information.

  2. Mitigating Replay Attacks: Replay attacks occur when an attacker intercepts and retransmits previously sent messages, in order to gain unauthorized access to the network. ZKPs can be used to prevent replay attacks by including a time stamp in the message, which is then verified using a ZKP to ensure that the message is current and has not been previously transmitted.

  3. Improving Key Agreement: ZKPs can be used to establish shared secret keys between users and the network, without revealing the actual keys themselves. This can improve the security of the key agreement process, as it prevents the interception of the keys by attackers.

  4. Protecting Against Man-in-the-Middle Attacks: Man-in-the-middle attacks occur when an attacker intercepts and modifies messages between two parties, in order to gain access to the network. ZKPs can be used to protect against man-in-the-middle attacks by providing a secure channel for verifying the identities of the parties involved in the communication.

Overall, the use of ZKPs in the AKA protocol can enhance the security and privacy of cellular networks, by mitigating various types of attacks and improving the key agreement process. However, the implementation of ZKPs can also introduce additional computational overhead and complexity, which must be carefully balanced against the benefits of increased security and privacy.

Finally, I’m explaining how ZKPs can provide a higher level of security for user data and how i can use ZKPs in my project to enhance the security and privacy of traditional SIM cards/ eSIM by enabling users to prove their identity or access rights to the network without revealing any of their private information.

So as this is the overview of my project,The goal of this project is to build a blockchain-powered eSIM solution that seamlessly integrates with the user's existing crypto wallets. Account abstraction will be used to create a virtual account linked to the user's eSIM ID, which will allow secure access to their crypto wallets without exposing private keys. The eSIM solution will provide cryptographic identity services and be backed by zero-knowledge proofs to ensure privacy and security. The blockchain technology will be used to store and manage the eSIM data, providing a secure and decentralized solution that is resistant to data breaches and other security threats.

And this is one of the problem that i want to tackle in this project,

***The traditional SIM card (a physical card) and an eSIM stores information such as user identity, location and phone number, network authorization data, personal security keys, contact lists and stored text messages.
***So let’s get into it and how we can make it more secure.

How zero-knowledge proofs can provide a higher level of security for user data

Zero-knowledge proofs (ZKPs) can be used in various ways to enhance the security and privacy of the proposed blockchain-powered eSIM solution. Here are some possible use cases:

  1. Authenticating the eSIM: ZKPs can be used to prove the authenticity of the eSIM without revealing any sensitive information. This can prevent fraudulent use of fake or stolen eSIMs. ZK-SNARK is a suitable algorithm for this use case.

  2. Proving ownership of the eSIM: ZKPs can be used to prove ownership of the eSIM without revealing the user's identity or personal information. This can enable seamless and secure access to applications and services. ZK-STARK is a suitable algorithm for this use case.

  3. Secure communication: ZKPs can be used to enable secure communication between the user's device and the eSIM without revealing the content of the communication to any third party. This can protect the privacy and security of sensitive data transmitted through the eSIM. ZK-SNARK or ZK-STARK can be used for this use case.

The implementation of ZKPs can be done using programming languages like C++, Rust, or Python, and libraries like libsnark, bellman, or zokrates. Trusted setup ceremonies can be performed using tools like the Powers of Tau or other similar tools.

In conclusion, ZKPs offer a promising way to enhance the security and privacy of the proposed blockchain-powered eSIM solution. By leveraging ZKPs, the solution can offer a more secure and private way to authenticate eSIMs, prove ownership, and enable secure communication, which can improve the trust and confidence of users in the solution.

How Zero knowledge proofs can be useful in enhancing the security and privacy of traditional SIM cards by enabling users to prove their identity or access rights to the network without revealing any of their private information.

Zero knowledge proofs (ZKPs) can be useful in enhancing the security and privacy of traditional SIM cards by enabling users to prove their identity or access rights to the network without revealing any of their private information.

For instance, ZKPs can be used to verify the authenticity of a SIM card without exposing the user's personal information to a third party. This could prevent fraudulent use of stolen SIM cards or the creation of fake SIM cards.

Additionally, ZKPs could be used to securely authenticate users to the network without revealing their personal identification or location data. This could enhance the privacy of the user and protect against unauthorized access to their personal information.

Moreover, ZKPs could be used to enable secure communication between two parties without revealing the content of the communication to any third party. This could be useful for protecting the privacy of text messages, voice calls or other sensitive data transmitted through the SIM card.

Overall, ZKPs offer a promising way to enhance the security and privacy of traditional SIM cards, which could improve the trust and confidence of users in their mobile networks.

However, it is important to note that implementing ZKPs in SIM cards may require significant changes to existing systems and infrastructure, which can be costly and time-consuming. Additionally, ZKPs are not a foolproof solution, and there is always a risk of vulnerabilities or flaws in the underlying cryptographic algorithms or implementations.

Using zk-SNARK

Designing the architecture of a ZK-SNARK implementation for a SIM card to prove all the information it stores without revealing it would involve several components. Here is a high-level overview of the architecture:

  1. Circuit design: The first step is to design a circuit that represents all the information that a SIM card stores. This circuit should be designed in a way that allows it to prove the authenticity of the information without revealing it. The circuit can be designed using programming languages like C++, Python or Rust and libraries like libsnark, bellman or zokrates.

  2. Prover and verifier modules: The next step is to implement the prover and verifier modules that will generate and verify the proofs respectively. These modules will use the circuit design to generate and verify the proofs. These modules can be implemented in the same programming languages as the circuit design.

  3. Key generation: To generate the proving and verification keys, a trusted setup ceremony can be performed. This ceremony involves generating the keys on a trusted system and distributing them to the parties involved in the implementation. The proving key is used by the prover module to generate the proofs, while the verification key is used by the verifier module to verify the proofs.

  4. Integration with SIM card: Once the circuit design and the prover and verifier modules are implemented, they need to be integrated with the SIM card. This can be done using standard SIM card programming languages like Java Card or Global Platform.

  5. Deployment and testing: After the integration is complete, the implementation needs to be tested thoroughly to ensure that it works as expected. The implementation can be tested using simulation tools or actual SIM card devices.

In terms of the specific tools and languages that can be used, here are some suggestions:

  • Circuit design: C++, Python, Rust, libsnark, bellman, zokrates.

  • Prover and verifier modules: C++, Python, Rust.

  • Key generation: Trusted setup ceremonies can be performed using tools like the Powers of Tau and other similar tools.

  • Integration with SIM card: Java Card or Global Platform can be used to integrate the implementation with the SIM card.

  • Testing: Tools like SnarkJS or Circom can be used for testing.

It is important to note that implementing ZK-SNARKs for SIM cards is a complex process that requires expertise in cryptography, software development, and SIM card programming. It is recommended to consult with experts in the field to ensure proper implementation and security.

Why zk-SNARK

ZK-SNARKs are considered to be one of the most efficient and secure algorithms for implementing zero-knowledge proofs. They offer several advantages over other algorithms, including:

  1. Efficiency: ZK-SNARKs are highly efficient and can be used to prove complex statements using very short proofs. This makes them ideal for use cases where computational efficiency and low communication overhead are critical, such as in the case of SIM cards.

  2. Security: ZK-SNARKs are based on advanced cryptographic techniques such as elliptic curve cryptography and pairings, which provide a high level of security against attacks. This makes them suitable for applications where security is a top priority.

  3. Flexibility: ZK-SNARKs can be used to implement a wide range of applications, including authentication, identification, and encryption, making them highly versatile.

  4. Privacy: ZK-SNARKs allow users to prove the correctness of a statement without revealing any information about the inputs. This provides a high level of privacy, which is critical for applications such as SIM cards, where protecting personal information is paramount.

Overall, ZK-SNARKs offer several advantages that make them an excellent choice for implementing zero-knowledge proofs in applications such as SIM cards. While there may be other algorithms that could be used for this purpose, ZK-SNARKs are widely regarded as the most efficient, secure, and versatile option available.

So this is all my learning on ZKPs and how it can be used in telecom industry, I’m still far away implementing this in my project.
Currently i’m working on the module in the middle of the below (not good) flow diagram “Couple eSIM ID with Crypto Wallet“ .

High level flow of how Mobile activation works and where i'm integrating a crypto wallet
High level flow of how Mobile activation works and where i'm integrating a crypto wallet

I’ll be working on a LPA for the rest of the week in this fellowship,
LPA is a standalone, system app that should be included in the Android build image.

Management of the profiles on the eSIM is generally done by the LPA,
As it serves as a bridge between the SM-DP+(remote service that prepares, stores and delivers profile packages to devices) and the eUICC chip.

The LPA APK can optionally include a UI component, called the LPA UI or LUI, to provide a central place for the end user to manage all eSIM profiles.

What i’m trying to achieve with this,

  • Provide an profile template to carrier providers and rest of the flow with all the data placing in this eSIM

  • Mention features to mobile device manufacturers who’s going to support this eSIM

Thanks a lot and again any advice, comments, feedbacks and questions are much appreciated. Reach me out on twitter or linkedIn.

Subscribe to DungeoN
Receive the latest updates directly to your inbox.
Mint this entry as an NFT to add it to your collection.
Verification
This entry has been permanently stored onchain and signed by its creator.