NIST White Paper on 5G SUCI Encryption for Subscriber Identifier Protection

NIST Publications

Published March 19th, 2026

Detected March 21st, 2026

Summary

NIST has published a white paper encouraging 5G network operators to enable Subscription Concealed Identifier (SUCI) protection. This optional 5G capability enhances cybersecurity and privacy by encrypting subscriber identifiers, providing customers with improved protections.

View original document View source feed page

What changed

NIST has released a white paper detailing the benefits of enabling Subscription Concealed Identifier (SUCI) protection in 5G networks. The paper, titled "Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) Applying 5G Cybersecurity and Privacy Capabilities," highlights SUCI as an optional 5G feature that encrypts subscriber identifiers, thereby enhancing both cybersecurity and user privacy. NIST specifically encourages 5G network operators to implement SUCI, configure it to use a non-null encryption cipher scheme, and apply it to their networks and subscriber SIMs.

This guidance is intended for telecommunications firms operating 5G networks. The practical implication is that operators should review their current 5G configurations and consider enabling SUCI to provide enhanced security and privacy for their subscribers. While SUCI is an optional feature, its adoption is recommended by NIST to leverage 5G's advanced security and privacy capabilities. No specific compliance deadline or penalty is mentioned, as this is a recommendation within a white paper.

What to do next

Review 5G network configurations to assess the feasibility of enabling SUCI.
Consider implementing SUCI with a non-null encryption cipher scheme for enhanced subscriber privacy and cybersecurity.
Ensure subscriber SIMs are configured to support SUCI protection.

Source document (simplified)

PUBLICATIONS

Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) Applying 5G Cybersecurity and Privacy Capabilities

Published

March 19, 2026

Author(s)

Michael Bartock, Jeffrey Cichonski, Murugiah Souppaya, Karen Kent, Parisa Grayeli, Sanjeev Sharma, Charles Teague

Abstract

This white paper describes enabling Subscription Concealed Identifier (SUCI) protection, an optional 5G capability which provides important security and privacy protections for subscriber identifiers. 5G network operators are encouraged to enable SUCI on their 5G networks and subscriber SIMs and to configure SUCI to use a non-null encryption cipher scheme; this provides their customers with the advantages of SUCI's protections. This white paper is part of a series called Applying 5G Cybersecurity and Privacy Capabilities, which covers 5G cybersecurity and privacy-supporting capabilities that were demonstrated as part of the 5G Cybersecurity project at the National Cybersecurity Center of Excellence (NCCoE). Citation NIST Cybersecurity White Papers (CSWP) - 36A Report Number 36A Pub Type NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.CSWP.36A Local Download

Keywords

3GPP, 5G, cybersecurity, privacy, Subscription Concealed Identifier (SUCI), Subscription Permanent Identifier (SUPI) Information technology, Cybersecurity and privacy and Advanced communications

Citation

Bartock, M.
, Cichonski, J.
, Souppaya, M.
, Kent, K.
, Grayeli, P.
, Sharma, S.
and Teague, C.

(2026),
Protecting Subscriber Identifiers with Subscription Concealed Identifier (SUCI) Applying 5G Cybersecurity and Privacy Capabilities, NIST Cybersecurity White Papers (CSWP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.CSWP.36A, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=961421       
  (Accessed March 20, 2026)