Lawful Interception (LI) is a legal obligation of Communication Service Providers (CSPs) to provide interception capabilities to Law Enforcement Agencies (LEAs) in order to gain insightful data from network communications for criminal proceedings, e.g., network identifiers for tracking suspects. With the privacy-enhancements of network identifiers in the 5th generation of mobile networks (5G), LEAs need to interact with CSPs for network identifier resolution. This raises new privacy issues, as untrusted CSPs are able to infer sensitive information about ongoing investigations, e.g., the identities of their subscribers under suspicion. In this work, we propose P3LI5, a novel system that enables LEAs to privately query CSPs for network identifier resolution leveraging on an information retrieval protocol, SparseWPIR, that is based on private information retrieval and its weakly private version. As such, P3LI5 can be adapted to various operational scenarios with different confidentiality or latency requirements, by selectively allowing a bounded information leakage for improved performance. We implement P3LI5 on the 5G LI infrastructure using well known open-source projects and demonstrate its scalability to large databases while retaining low latency. To the best of our knowledge, P3LI5 is the first proposal for addressing the privacy issues raised by the mandatory requirement for LI on the 5G core network.

翻译：合法监听（LI）是通信服务提供商（CSP）的法定义务，即向执法机构（LEA）提供监听能力，从而从网络通信中获取刑事调查所需的关键数据（例如用于追踪嫌疑人的网络标识符）。随着第五代移动网络（5G）中网络标识符隐私增强技术的应用，LEA需与CSP交互以解析网络标识符。然而，这一过程引发了新的隐私问题——不诚实的CSP可推断出调查中的敏感情报（例如其订阅用户中受监控者的身份）。本研究提出P3LI5这一新型系统，其利用基于私有信息检索及其弱隐私变体的信息检索协议SparseWPIR，使LEA能够以隐私保护方式向CSP查询网络标识符解析结果。通过选择性允许有界信息泄露以换取性能提升，P3LI5可适配不同机密性或时延要求的各类运营场景。我们基于知名开源项目在5G LI基础设施上实现了P3LI5，并证明了其在大规模数据库场景下的可扩展性与低时延特性。据我们所知，P3LI5是首个解决5G核心网强制LI要求所引发隐私问题的技术方案。