Secured SIM secrets

See Multi-IMSI eSIM page

Ticket Number	YT:BA-45177
Project Goal	Prevent disclosure of sensitive key material related to SIM cards
Why this project exists ?	Sensitive key material related to SIM cards is stored in the plaintext form and is available in such a form to any API user with a corresponding access role
Who are the users / whom we bring value ?	Identity Theft Protection: In the modern world, your phone number is your identity. It is the primary recovery method for bank accounts, email, and social media. Secure keys prevent SIM Swapping and cloning, which are the leading precursors to total financial takeover. Privacy and Encryption: The $K i$ is used to generate the session keys ( $K_{c}$ or $C_{k} / I_{k}$ ) that encrypt voice and data. Strong key security ensures that local eavesdroppers (using IMSI catchers or "Stingrays") cannot easily decrypt your private conversations or web traffic. Service Continuity: A compromised SIM can be "bricked" or deactivated by an attacker. Secure key management ensures the user doesn't lose access to their lifeline—essential for emergency calls and daily navigation. Seamless Global Roaming: Secure authentication allows users to travel internationally and connect to partner networks securely. Without trusted key exchange, roaming would be a massive security hole.
What are the benefits for CSP/ PortaSwitch owner?	Fraud Prevention (Revenue Protection): If $K i$ values are leaked, attackers can "clone" SIM cards. This allows them to use premium services, make international calls, or consume massive amounts of data on the carrier’s dime without the legitimate user ever knowing. Network Integrity: Authentication keys ensure that only authorized devices attach to the RAN (Radio Access Network). Preventing unauthorized access protects the network from signaling storms, DDoS attacks launched from rogue devices, and "man-in-the-middle" rogue base stations. Regulatory Compliance & Brand Trust: Under frameworks like GDPR, CCPA, or telecom-specific mandates, a leak of subscriber keys is considered a major data breach. Avoiding the massive fines and the "front-page news" of a breach preserves the carrier's reputation. B2B Reliability: Many CSPs provide connectivity for IoT (meters, cars, medical devices). Securing the keys ensures that these critical industrial "subscribers" cannot be hijacked, which is a major selling point for enterprise contracts.
Target Release	MR128-0
Area	BillingAdmin