For academic researchers, data privacy is a fundamental requirement of ethical field research. Whether conducting sociological interviews in high-surveillance zones or transmitting encrypted climate data from remote stations, the underlying connectivity must be a "Hardened Pipe."
The SM-DP+ Handshake Protocol
Our initiative utilizes the GSMA SGP.22 Consumer Architecture. Unlike the older push-model M2M standards, the Consumer model uses a Client-Driven Pull Handshake via an SM-DP+ (Subscription Manager Data Preparation) server.
This handshake establishes a secure, mutually authenticated channel. We employ AES-256-GCM for profile encryption and ECDSA (Elliptic Curve Digital Signature Algorithm) to verify that the profile comes strictly from our Warsaw-based academic node, preventing "Man-in-the-Middle" (MitM) profile substitution.
Audit of Security Safeguards
| Security Layer | Protocol Standard | Research Benefit |
|---|---|---|
| Data in Transit | TLS 1.3 / HTTPS REST | MitM Protection |
| Identity Privacy | IMSI Masking (eUICC) | Anonymized Roaming |
| Key Management | AES-256 Symmetric | Quantum-Resistant Logic |
| Verification | X.509 Cert Chaining | GSMA Root Trust |
Zero-Knowledge Architecture
The "Zero-Knowledge" aspect of freeesim.edu.pl means that we do not maintain a persistent link between your academic credentials (.edu email) and your device hardware identifiers (EID). Once the LPA (Local Profile Assistant) on your device successfully pulls the profile, the session keys are rotated and the temporary mapping is purged from our active cache.