Law Enforcement Agencies (LEAs) heavily rely on Lawful Interception (LI) tools to investigate criminal and terrorist activities. The growing frequency of cybercrime, terrorism-related offenses, and illegal trades in the European Union (EU) has driven LEAs to explore novel LI techniques that align with the developing 5G and Beyond 5G network architectures. Moreover, the emergence of extremely dynamic and distributed networks, the increased usage of end-to-end encryption applications, and privacy protections present limitations for traditional LI approaches. In order to provide a technological solution capable of extending the 3GPP LI standard, this paper presents a novel LI framework designed on top of the standardized 3GPP LI architecture, leveraging an inspection-friendly end-to-end cryptography mechanism (e.g., a Key Escrow algorithm) at the application layer. Moreover, the proposed Lawful Interception (LI) framework enables authorized LEAs to decrypt intercepted end-to-end encrypted data within the core network. Firstly, a security proof validates the security of the proposed LI framework under two attack scenarios. Subsequently, a proof-of-concept workstation implementation that emulates a 5G network for end-to-end data exchange and cloud-based deployment validates the suggested LI framework by affirming the LEA capabilities in decrypting intercepted data. Additionally, the system performance has been studied through experimental tests, ensuring the scalability of the conceived solution and revealing the possibility of intercepting data with mainly real-time latency without affecting the Quality of Service (QoS) experienced by the user.
Read full abstract