Internet Engineering Task Force Francis Dupont INTERNET DRAFT Loutfi Nuaymi Expires in June 2003 ENST Bretagne January 2003 IMEI-based universal IPv6 interface IDs Status of this Memo This document is an Internet Draft and is in full conformance with all provisions of Section 10 of RFC 2026. This document is an Internet-Draft. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet- Drafts as reference material or to cite them other than as "work in progress." The list of current Internet Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Distribution of this memo is unlimited. Abstract The IPv6 addressing architecture [1] defines a modified EUI-64 format for interface identifiers. These interface identifiers may have global scope when a global token is available (e.g., IEEE 802 48-bit MAC or IEEE EUI-64 identifiers). Such a global token, the IMEI (International Mobile station Equipment Identity), is defined for GSM and UMTS terminals [2, 3, 4] and has the same properties than identifiers based on IEEE standards. This document explains the construction of a global IPv6 interface identifier from an IMEI. draft-dupont-ipv6-imei-02.txt [Page 1] INTERNET-DRAFT IMEI-based interface IDs Jan 2003 1. Modified EUI-64 Interface Identifiers The modified EUI-64 format is required for all unicast addresses, except those that start with binary value 000. Two bits have a special role in IEEE EUI-64 and in modified EUI-64: the "u" bit, one means global scope, zero local scope, and the "g" bit which is the "individual/group" in IEEE standards and is always set to zero for any modified EUI-64 identifier derived from an IEEE 802 identifier. So when both the "u" and "g" bits are set to one, a modified EUI-64 identifier has a global scope (i.e. is universal) and is not derived from an IEEE identifier. 2. IMEIs The IMEI (International Mobile station Equipment Identities) is 14 decimal digit number attached to the hardware of any GSM [2, 3] or UMTS [4] terminal. It is usually written on a label in the battery compartment of the handset or displayed when dialing the code *#06# (it can come with a spare digit and/or the software version number), etc. The Mobile Station Equipment is uniquely defined by the IMEI. The EIR (Equipment Identity Register) is the database of all IMEIs, it can be used in order to block or trace stolen terminals even only some operators currently check IMEIs. The IMEI is divided into a Type Approval Code (which begins by a country code) on 6 decimal digits followed by a Final Assembly Code on 2 decimal digits and the Serial Number on 6 decimal digits. The IMEI has the same properties than an IEEE MAC-48 address, it is attached to the hardware and reveals only basic information like the producer and the model of the hardware (this is not always true for ESN (Electronic Serial Numbers) which are used in some USA mobile phone networks). IMEIs are globally unique, two different equipments can be assumed to have different IMEIs and when this is not true (manufacturer error, hardware problem, cloning) the problem can cause damage at a higher level than interface identifier collision, exactly as a MAC address collision is a very serous incident which has nothing in common with an interface identifier collision. draft-dupont-ipv6-imei-02.txt [Page 2] INTERNET-DRAFT IMEI-based interface IDs Jan 2003 3. IMEI-based Interface Identifiers This document defines a method to create an interface identifier in the modified EUI-64 format from an IMEI. The first octet is 03 in hexadecimal ("u" and "g" bits set to one, others to zero) followed by the 14 decimal digits of the IMEI in BCD (Binary Coded Decimal), i.e. with each decimal digit mapped to its value on 4 bits. The IMEI 330001 53 007826 gives the 0333:0001:5300:7826 (usually written 333:1:5300:7826) interface identifier. 4. Security Considerations The security considerations of IMEI-based interface identifiers are exactly the same than for IEEE EUI-64, EUI-48 or MAC-48 based interface identifiers. The concerns about traceability and/or privacy are addressed in [5]. The IMEI is supposedly used to report stolen terminals to telecom operators. It seems common sense that these operators are to perform some additional owner's identity verification before accepting such kind of report. Somebody capable of intercepting the IMEI of a terminal cannot easily report it as stolen. 5. Acknowledgments The idea came during an E-mail exchange about Marcelo Bagnulo's draft [6] on random generation of interface identifiers. Our GSM expert, Xavier Lagrange, provides in some seconds all the GSM and 3GPP references and the (real) IMEI of the example. The same idea was developped in the EU project "Moby Dick" [7] (signaled by Michelle Wetterwald). 6. Normative References [1] R. Hinden, S. Deering, "IP Version 6 Addressing Architecture", draft-ietf-ipngwg-addr-arch-v3-11.txt (update of RFC 2373), October 2002. [2] "Digital cellular telecommunications system: Numbering, addressing and identification", ETS 300 927 aka GSM 03.03, ETSI, November 1999. [3] "Digital cellular telecommunications system: International Mobile station Equipment Identities (IMEI)", GSM 02.16, ETSI, February 2000. draft-dupont-ipv6-imei-02.txt [Page 3] INTERNET-DRAFT IMEI-based interface IDs Jan 2003 [4] "3rd Generation Partnership Project: Technical Specification Group Core Network; Numbering, addressing and identification (Release 1999)", 3GPP TS 23.003, 3GPP, June 2001. [5] T. Narten, R. Draves, "Privacy Extensions for Stateless Address Autoconfiguration in IPv6", RFC 3041, January 2001. 7. Informative References [6] M. Bagnulo, I. Soto, A. Garcia-Martinez, A. Azcorra, "Random generation of interface identifiers", draft-soto-mobileip-random-iids-00.txt, January 2002. [7] M. Liebsch, X. Perez, R. Schmitz, A. Sarma, J. Jaehnert, S. Tessier, M. Wetterwald, I. Soto, "Solutions for IPv6-based mobility in the EU project Moby Dick", WTC 2002, Paris, 22-27 September 2002. 8. Changes from Previous Drafts The Security Considerations section was updated to answer to a concern raised at the 53th IETF at Minneapolis in March 2002. A reference to a conference paper which includes this idea was added in the Informative References section. 9. Authors' Addresses Francis Dupont ENST Bretagne Campus de Rennes 2, rue de la Chataigneraie BP 78 35512 Cesson-Sevigne Cedex FRANCE Fax: +33 2 99 12 70 30 EMail: Francis.Dupont@enst-bretagne.fr Loutfi Nuaymi ENST Bretagne Campus de Rennes 2, rue de la Chataigneraie BP 78 35512 Cesson-Sevigne Cedex FRANCE Fax: +33 2 99 12 70 30 EMail: Loutfi.Nuaymi@enst-bretagne.fr draft-dupont-ipv6-imei-02.txt [Page 4]