I 1111111111111111 1111111111 11111 111111111111111 IIIII IIIII IIIIII IIII IIII IIII
`US011039312B2
`
`c12) United States Patent
`Lehtovirta et al.
`
`(IO) Patent No.: US 11,039,312 B2
`Jun.15,2021
`(45) Date of Patent:
`
`(54) HANDLING OF MULTIPLE
`AUTHENTICATION PROCEDURES IN 5G
`
`(71) Applicant: TELEFONAKTIEBOLAGET LM
`ERICSSON (PUBL), Stockholm (SE)
`
`(72)
`
`Inventors: Vesa Lehtovirta, Espoo (FI); Noamen
`Ben Benda, Vallingby (SE); David
`Castellanos Zamora, Madrid (ES);
`Monica Wifvesson, Lund (SE)
`
`(73) Assignee: TELEFONAKTIEBOLAGET LM
`ERICSSON (PUBL), Stockholm (SE)
`
`( *) Notice:
`
`Subject to any disclaimer, the term ofthis
`patent is extended or adjusted under 35
`U.S.C. 154(b) by O days.
`
`(21) Appl. No.: 17/153,522
`
`(22) Filed:
`
`Jan. 20, 2021
`
`(65)
`
`Prior Publication Data
`
`US 2021/0144548 Al May 13, 2021
`
`(63)
`
`(60)
`
`(51)
`
`(52)
`
`Related U.S. Application Data
`
`Continuation-in-part
`application
`of
`PCT/EP2020/060968, filed on Apr. 20, 2020.
`
`No.
`
`Provisional application No. 62/840,021, filed on Apr.
`29, 2019.
`
`Int. Cl.
`H04M 1166
`H04W 12106
`H04W 1210431
`H04W 121106
`U.S. Cl.
`CPC ....... H04W 12106 (2013.01); H04W 1210431
`(2021.01); H04W 121106 (2021.01)
`
`(2006.01)
`(2021.01)
`(2021.01)
`(2021.01)
`
`UE
`400
`
`Visited PLMN1
`
`AMF1
`5001
`
`la. Registration and
`~--~p_r_im_a-;ry authentication
`
`3a. Registration and primary authentication
`~--..__-~
`4a. UE stores
`second KAus, key
`keeping track of
`latest
`
`(58) Field of Classification Search
`CPC . H04W 12/06; H04W 12/062; H04W 12/065;
`H04W 12/069
`See application file for complete search history.
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`10,299,128 Bl*
`2008/0028459 Al*
`
`5/2019 Suthar ................... H04L 9/0637
`1/2008 Suh ......................... H04L 9/083
`726/14
`
`(Continued)
`
`OTHER PUBLICATIONS
`
`3GPP TR 33.835, V0.4.0, 3rd Generation Partnership Project;
`Technical Specification Group Services and System Aspects; Study
`on authentication and key management for applications; based on
`3GPP credential in 5G (Release 16), Mar. 2019.
`(Continued)
`
`Primary Examiner - Shantell L Reiber
`
`ABSTRACT
`(57)
`A method by an AUSF of a home PLMN configured to
`communicate through an interface with electronic devices is
`provided. A first authentication request is received from a
`first PLMN that is authenticating an electronic device. A first
`security key used for integrity protection of messages deliv(cid:173)
`ered from the home PLMN to the electronic device is
`obtained. A second authentication request is received from a
`second PLMN that is authenticating the electronic device. A
`second security key used for integrity protection of the
`messages delivered from the home PLMN to the electronic
`device is obtained. A message protection request is received.
`Which of the first security key and the second security key
`is a latest security key is determined. The latest security key
`is used to protect a message associated with the message
`protection request.
`
`20 Claims, 14 Drawing Sheets
`
`HomePLMN
`
`UDM
`300
`
`3b. Registration and
`primary authen,e,t""ic...,at.,.io,,_,n__.__ _ _ ~
`4b. AUSF stores
`second KAusr key
`keeping track of
`latest one
`5. SoR Protection
`Request
`
`~-~~-~
`
`7. SoR Protection -
`Response
`
`-. U_E_u_s~es=l=at=e=st=-,-------+-:8. Delivery of protelcted SoR messag
`
`~
`
`9
`
`stored KAusr
`
`APPLE 1001
`
`1
`
`

`

`US 11,039,312 B2
`Page 2
`
`(56)
`
`References Cited
`
`U.S. PATENT DOCUMENTS
`
`2010/0220845 Al *
`
`9/2010 Oliver.
`
`2012/0047499 Al*
`
`2013/0046971 Al*
`
`H04W 12/041
`379/202.01
`2/2012 Krzystofczyk ........... G06F 8/63
`717/174
`2/2013 Lu ........................... H04L 63/08
`713/155
`H04W 12/06
`455/411
`H04W 12/069
`713/171
`H04W 12/037
`370/236
`2016/0337898 Al* 11/2016 Jeong .
`H04W 12/0431
`2019/0014472 Al*
`1/2019 Ying ....................... H04L 63/06
`2020/0221281 Al*
`7/2020 Rajadurai
`H04W76/30
`2020/0322805 Al* 10/2020 Wang .................... G0lS 19/215
`
`2013/0331063 Al* 12/2013 Cormier.
`
`2014/0013117 Al*
`
`1/2014 Yun.
`
`2014/0036685 Al *
`
`2/2014 Kim.
`
`OTHER PUBLICATIONS
`
`NEC, "Discussion on use of established keys for AKMA root key",
`3GPP TSG-SA WG3 Meeting #94Ad-Hoc, S3-190640, Stockholm,
`Sweden, Mar. 11-15, 2019.
`NEC, "Kausf Desynchronization problem and solutions", 3GPP
`TSG-SA WG3 Meeting #95, S3-191203, Reno, USA, May 6-10,
`2019.
`
`* cited by examiner
`
`2
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 1 of 14
`
`US 11,039,312 B2
`
`z
`0
`
`I..D z
`
`u..
`a..
`:::)
`
`("I") z
`
`z
`
`<( -0::
`
`0) z
`
`n
`QJ
`!....
`::J
`b.O
`LL.
`
`<+(cid:173)ro z
`
`u..
`<(
`
`~
`0
`:::)
`
`u.. u
`a..
`
`u..
`0:: z
`
`u..
`LU z
`
`u..
`V')
`V') z
`
`E
`"'O
`::J z
`
`<+-u
`c.. z
`
`<+-I,...
`C z
`
`<+-
`Q)
`
`C z
`
`<+(cid:173)
`V)
`V)
`
`C z
`
`N z
`
`u..
`~
`V')
`
`u..
`~
`<(
`
`u..
`V')
`:::)
`<(
`
`<+-
`E
`V) z
`
`<+-
`E
`ro z
`
`<+-
`V)
`::J
`
`ro z
`
`3
`
`

`

`"'""' N = N
`\0 w
`"' = w
`"'""'
`"'""'
`d r.,;_
`
`....
`0 ....
`N
`.....
`rJJ =(cid:173)
`
`('D
`('D
`
`.i;...
`
`? ....
`2'
`
`N ....
`
`0
`N
`"'Ul
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`Figure 2
`
`N6
`
`SMF
`
`N11
`
`N4
`
`UPF
`
`N3
`
`AMF
`
`N2
`
`N31WF
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-•v2--
`
`N6
`
`UPF
`
`N4
`
`UE
`
`or HPLMN
`VPLMN2
`
`Networks
`Non-3GPP
`
`VPLMN1
`
`3GPP
`
`4
`
`

`

`"""' N = N
`\0 w
`"' = w
`"""'
`"""'
`d r.,;_
`
`~
`
`('D
`('D
`
`....
`0 ....
`.....
`rJJ =(cid:173)
`
`.i;...
`
`? ....
`2'
`
`N ....
`
`0
`N
`"'Ul
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`I
`
`I UDM
`
`300
`
`AUSF I
`
`600
`
`HomePLMN
`
`Visited PLMN2
`
`~
`IAMFi7
`
`Visited PLMN1
`
`400
`UE
`
`~
`
`Figure 3
`
`stored KAusF
`
`I
`
`9. U E uses latest
`
`--------------t--8. Delivery of protected SoR message-------------
`-+-
`
`Response
`
`7. SoR Protection
`
`,_
`
`Request
`
`----L----,
`
`latest KAusF
`6. AUSF uses
`
`1:--s. SoR Protection_,
`
`1
`
`latest one
`
`keeping track of
`second KAusF key
`4b. AUSF stores
`
`latest
`
`keeping track of
`second KAusF key
`
`4a. UE stores
`
`1
`
`.
`
`.... 3b. Registration and +
`
`primary authentication
`
`3a. Registration and primary authentrcatron
`
`-
`
`.
`
`.
`
`KAusF key
`
`first KAusF key
`2b. AUSF stores
`
`primary authentication
`
`2a. u E stores first
`---.....L.--=-----;
`
`ti cation---+'
`
`la. Registration and .....i~ib. Registration and primary authen
`
`5
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 4 of 14
`
`US 11,039,312 B2
`
`Electronic Device
`,,
`(400}
`,....N_e_t_w_o_r_k -I n-t-er-f-ac_e_, I Transceiver-I
`I
`I
`401
`407
`- - i r - -
`.
`
`,,
`
`u
`
`Processor
`403
`
`'
`Memory
`405
`
`Figure 4
`
`Access and Mobility Management Function
`(AMF}
`
`Network Interface
`507
`
`A
`
`,,
`Processor
`503
`•
`t
`Memory
`505
`
`Figure 5
`
`6
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 5 of 14
`
`US 11,039,312 B2
`
`Authentication Server Function
`(AUSF)
`600
`
`Network Interface
`607
`a
`,,
`Processor
`603
`a
`
`y
`Memory
`605
`
`Figure 6
`
`900
`
`902
`
`Obtain first time stamp
`
`Obtain second time
`stamp
`
`Yes
`
`No
`
`Determine that first
`security key is latest
`security key
`
`906
`
`Determine that second
`security key is latest
`security key
`
`908
`
`Figure 9
`
`7
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 6 of 14
`
`US 11,039,312 B2
`
`Begin
`
`Receive first
`authentication request
`from first PLMN
`
`( ___ Be--rg_in __ )
`
`+
`
`700
`
`800
`
`Transmit first registration
`request to first PLMN
`
`Obtain first security key
`
`702
`
`802
`
`Generate first security key
`
`Store first security key
`
`704
`
`804
`
`Store first security key
`
`Receive second
`authentication request
`from second PLMN
`
`706
`
`806
`
`Transmit second
`registration request to
`second PLMN
`
`Obtain second security
`key
`
`Store second security key
`
`Receive message
`protection request
`
`Determine which of first
`security key and second
`security key is latest
`security key
`
`708
`
`710
`
`712
`
`808
`
`810
`
`812
`
`714
`
`814
`
`Use latest security key to
`protect message
`
`716
`
`816
`
`End
`
`Figure 7
`
`Generate second security
`key
`
`Store second security key
`
`Receive protected
`message
`
`Determine which of first
`security key and second
`security key is latest
`securit ke
`
`Use latest security key to
`determine message
`content
`
`End
`
`Figure 8
`
`8
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 7 of 14
`
`US 11,039,312 B2
`
`1000
`
`Obtain value of counter
`associated with first
`time stamp
`
`Obtain value of counter
`1002 ~~ associated with second
`
`Yes
`
`No
`
`Determine that first
`security key is latest
`security key
`
`1006
`
`Figure 10
`
`Determine that second
`security key is latest
`security key
`
`1008
`
`Yes
`
`No
`
`Delete the second
`security key
`
`Delete the first security
`key
`
`1102
`
`1104
`
`Figure 11
`
`9
`
`

`

`"'""' N = N
`\0 w
`"' = w
`"'""'
`"'""'
`d r.,;_
`
`....
`0 ....
`.....
`rJJ =(cid:173)
`
`QO
`
`('D
`('D
`
`.i;...
`
`? ....
`2'
`
`N ....
`
`0
`N
`"'Ul
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`:1 _ AMPLIFIER(S) _ J:
`i~.:i.!~~~~T_E£H_5l_J i ~1_EB!Y1J~~L5J
`1
`I 4192 RADIO FRONT I: PORTS/
`:
`r---L--------1 r--4194--,• 1
`lt::=:::::::I ===:;-,
`
`INTERFACE
`
`4190
`
`I I
`
`1
`
`4196
`
`
`
`11
`
`I
`IANTENNA(S)
`j4162
`
`I
`
`I
`
`NODE
`
`4160 NETWORK
`
`:~--~~-~-~~~.:::i:LJ1!!~6=A~:~1~1!~'~=1:
`
`LANTENNA(S)_f 4112-RADIOFRONTENDCIRCUITRY-~
`£."'' 4111
`4110 WIRELESS DEVICE
`
`1r
`
`-
`
`-
`
`4114 INTERFACE
`
`-----------.--------1
` __ 1
`1
`r-------------------~
`I
`4184 AUXILIARY EQUIPMENT ]._--'
`------------------------I
`I
`I
`I
`I
`
`I(cid:141)~
`:-+i 4180 DEVICE READABLE MEDIUM I
`I
`
`-··--
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`1--
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`L __ CIRCUITRY ___ 1
`4174 BASEBAND
`1r------------
`i_ 4172RFTRANCEIVERCIRCUITRY __ 1
`
`: PROCESSING
`
`4170
`
`I
`
`-------------
`
`I
`I
`
`1+
`
`4186 POWER SOURCE
`
`CIRCUITRY
`
`POWER
`4187
`
`CIRCUITRY
`PROCESSING
`
`4122 RF
`
`!+--•
`--+i
`I
`--.f 4134 AUXILIARY EQUIPMENT __ J._ -:
`._ __ MEDIUM ___ I L------~-----I
`I I
`-~ READABLE
`1 4130 DEVICE
`: I
`r-----------i--4132 USER --, I
`I
`_ I
`
`_______________________ )
`r----------------------~
`
`4136 POWER SOURCE
`
`1 1 EQUIPMENT
`INTERFACE
`: :
`
`'
`
`i
`
`CIRCUITRY
`
`_1 __ CIRCUITRY __ 1
`: 4120 PROCESSING I I
`[ 4124 BASEBAND
`~-----------~-------------
`1 CIRCUITRY
`II
`1
`:
`1 TRANCEIVER
`II
`ii 4126 APPLICATION 1
`:
`
`,_ __ ___,
`
`CIRCUITRY
`
`POWER
`
`4137
`
`-----------r------------11 II I END CIRCUITRY
`
`L.:::.==========-----L/'~
`
`4160b NETWORK NODE
`
`~--======--------
`
`NETWORK
`
`4106
`
`Figure 12
`
`4110b WIRELESS DEVICE --------=-====.-
`
`(cid:143)
`(cid:143)
`
`WIRELESS SIGNAL
`
`4110c WIRELESS DEVICE
`
`10
`
`

`

`"'""' N = N
`\0 w
`"' = w
`"'""'
`"'""'
`d r.,;_
`
`.i;...
`
`....
`0 ....
`.....
`rJJ =(cid:173)
`
`1,0
`
`('D
`('D
`
`Receiver
`
`4235
`
`Transmitter
`
`4233
`
`4227 Data
`
`4225 Application Programs
`
`4223 Operating System
`4221 Storage Medium
`
`4219 ROM
`
`4217 RAM
`
`>
`
`4231 Communication Subsystem
`
`4215 Memory
`
`4202 Bus
`
`N ....
`~ = ? ....
`
`0
`N
`"'Ul
`
`I
`
`I
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`I
`
`Power Source
`
`4213
`
`Interface
`Connection
`Network
`
`4211
`
`RF Interface
`
`4209
`
`Interface
`
`Input/Output
`
`4205
`
`I I
`
`Processor
`
`4201
`
`~ ~
`
`( 4L4:Sa 1\let:worK )
`
`Figure 13
`
`<
`
`4200
`
`11
`
`

`

`""'"' N = N
`\0 w
`"' = w
`""'"'
`""'"'
`d r.,;_
`
`....
`0 ....
`0
`....
`.....
`rJJ =(cid:173)
`
`('D
`('D
`
`.i;...
`
`? ....
`2'
`
`N ....
`
`0
`N
`"'Ul
`
`~ = ~
`
`~
`~
`~
`•
`00
`
`e •
`
`Control System
`
`--------1
`
`43230
`
`I
`I
`I
`I
`(cid:141)1
`
`43210
`
`43200
`
`I
`
`-f-Antenna(s)
`/"'', 43225
`
`I Transmitter I 1
`______ ....
`I
`I
`I I
`1------1 I
`~ --Recebler _ J 1
`: I
`I
`I 1-------1
`I Radio Unit
`I
`I
`I
`I ___ ....J ____ I
`
`----r---
`
`43220
`
`~
`
`(cid:141)
`
`~
`
`~
`
`--
`
`I
`I
`
`' -r ...
`
`/'
`
`/
`
`Antenna(s)
`
`43225
`
`'l..oo----(cid:173)
`
`✓f%:i
`
`----------l
`:
`
`st0rage : 4395 Instr.
`4390-2 Non transitory
`I
`
`I 4380 Physical NI
`4370 NIC
`
`------
`14395
`I
`r-----1
`
`4390-1 Memory
`
`4360 Processing circuitry
`
`4330 HW
`
`:
`
`-------ir--------------
`
`4330 HW
`
`L 4340 VM : I 4340 VM
`
`server/ instance
`
`appliance/ virtual node or
`
`Application/ virtual
`
`4320
`
`Figure 14
`
`: ____ 4350 Virtualization Layer ____ 1 4350 Virtualization Layer
`---------------------,
`______ .... L __ 4340 VM ___ :(cid:127)
`IL--4340 VM -~
`
`(cid:127)
`
`L----L----
`I
`I
`I App
`1···
`I 4320
`:
`1-----, 1-----,
`
`I
`I App
`I 4320
`
`I
`I
`:
`
`L ______ _.
`1 Application
`:
`:
`I
`r-------1
`
`4320
`
`_______ ... --------------
`L..:
`L ____________ .... I
`L-------.J I
`1
`I 1 1
`14395 Instr.
`storage
`r-------. I
`I
`14390-2 Non transitory
`: 1
`r-------------I
`I
`I 1
`1
`orchestration 11:
`: 1
`: I I 4370 NIC
`I I
`1
`;::::::--
`114390-1 Memory ~395 -I ..
`43100 1-------------~
`L _ -
`-_,
`: 4360 Processing circuitry
`:
`
`.... 1
`
`-
`
`-
`
`1-
`
`L... _________ .J
`4380 P ys1ca NI
`---h--: -
`
`
`
`r1
`
`-_______ .J
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`Management 1
`
`and
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`-
`
`12
`
`(cid:127)
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 11 of 14
`
`US 11,039,312 B2
`
`4421
`
`4450 \
`
`:
`:
`
`!,
`
`:
`
`/-, -
`• • ,: .. : .. '. •... : .: .. : •. ,.~.,.( <- i
`, ~
`<
`\~ .
`~ :
`.
`•.
`4420
`V
`")..., __ /
`1,, ·..
`.
`. : . : . : . : . : . : . :
`'- ,,:,,,.,,,, .... _,,.,
`
`I
`
`/
`
`'I '. : . .
`
`~-------- ----• • •
`
`0
`
`4430
`
`4422
`
`4415
`
`Figure 15
`
`4492
`
`4412a
`
`13
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 12 of 14
`
`US 11,039,312 B2
`
`4510 Host computer
`
`4512
`Host application
`:
`:
`
`4516 ............
`
`Communication
`interface
`4518
`Processing circuitry
`
`cf
`f;f
`........ ··-.
`·[
`, ____ -
`17 · ••
`--, ·.
`'
`I
`• ••
`I
`• ••
`I
`I
`I
`
`,----
`
`1
`I
`
`-4S7.
`:
`0~
`
`4532
`Client application
`·.
`
`'4511
`SW
`
`4515
`HW
`
`\..
`
`4530 UE
`
`4531
`SW
`
`4535
`HW
`
`4520 Base station
`
`'4521
`SW
`
`4525
`··HW. ..... _>
`
`- - - - - - - L
`
`•
`
`---------)
`
`4526
`Communication
`interface
`
`4527
`Radio interface
`
`4528
`Processing circuitry
`
`\..
`
`I:\"·
`4 :Soo.-.
`Figure 16
`
`4537
`Radio interf~ce
`
`(----- -
`
`4538
`Processing circuitry
`
`.... ~
`........... ,.,. ..
`~S..t
`·········
`~
`
`14
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 13 of 14
`
`US 11,039,312 B2
`
`(
`
`)
`
`BEGIN
`
`. . . . +
`
`4610
`Host computer
`provides user data
`
`. . . . .
`
`~
`
`4620
`Host computer
`initiates
`transmission
`carrying the user
`data to the U E
`
`-
`
`. . . . .
`- _+_ - - - ,
`r -
`4630
`I
`I
`: Base station
`:
`1transmits the useri
`____ J
`data
`I
`I
`L ___
`7
`l ____ j ____ l
`
`:
`4640
`I
`: UE executes client I
`I
`application
`I
`I
`I
`
`____ 7 ____ .J
`*
`
`(_EN_D )
`
`Figure 17
`
`I
`4611
`I
`Host computer
`~--·(cid:157) I
`I
`executes host
`I
`application
`I
`----------
`
`( BEGIN )
`. . . . +
`
`4710
`Host computer
`provides user data
`
`. . . . . . . . +
`
`4720
`Host computer
`initiates transmission
`carrying the user data
`to the UE
`
`. . . . . . . . .
`
`_____ _j _____ ,
`I
`I
`4730
`:
`I
`1 U E receives the user :
`data
`I
`I
`I
`I
`
`L----7-----~
`t
`
`(_EN_D )
`
`Figure 18
`
`15
`
`

`

`U.S. Patent
`
`Jun.15,2021
`
`Sheet 14 of 14
`
`US 11,039,312 B2
`
`(
`
`BEGIN
`
`)
`
`BEGIN
`
`-
`
`-
`
`'
`' ' ' '
`' '
`- •- - - - -,
`r- -
`I
`I
`I
`I
`I
`4910
`I
`I Base station receives I
`: user data from U E
`:
`I
`I
`
`L ____ r ____ l
`
`_____ ,i ____ _
`I
`I
`I
`4920
`I
`I Base station initiates
`: transmission of user
`1 data to the host
`I
`computer
`I
`I
`
`L ____ r ___ _
`
`~
`
`4930
`Host computer
`receives the user data
`
`END
`
`Figure 20
`
`' ' ' '
`l _____ _y ----- r - - - - - - - -1
`I
`I
`I
`4811
`:
`II
`
`4810
`UE receives input data 1,
`,----~ U E executes
`1
`provided at host
`I
`I
`client application I
`t
`1
`compu er
`1
`
`1
`I
`I
`
`I:
`
`II
`
`r--------,
`~ ___ j____
`I
`I
`4821
`I
`I
`I
`4820
`I
`I
`I
`I
`I
`1 U E provides user IE-----------)1 U E executes
`1
`1 client application I
`data
`:
`I
`L---~----
`I
`I
`i
`I
`I
`~--------
`:
`,- - - - - i _ - - - -1
`I
`4830
`I
`I
`I
`UE initiates
`1
`I
`transmission of the 1
`I
`I
`I
`1 user data to the host 1
`computer
`I
`I
`._ ____ 7 _____ .J
`I
`I
`•
`
`4840
`Host computer receives
`user data transmitted
`from the UE
`
`' ' . ' *
`
`(_EN_D )
`
`Figure 19
`
`1 1
`
`I
`1
`I
`
`------r: _____ , ~--------
`
`16
`
`

`

`US 11,039,312 B2
`
`1
`HANDLING OF MULTIPLE
`AUTHENTICATION PROCEDURES IN SG
`
`PRIORITY CLAIM
`
`The application is a continuation of International Patent
`Application No. PCT/EP2020/060968, filed Apr. 20, 2020,
`which claims the benefit of and priority to U.S. Provisional
`Patent Application 62/840,021 entitled "HANDLING OF
`MULTIPLE AUTHENTICATION PROCEDURES IN 5G,"
`and filed with the United States Patent and Trademark Office
`on Apr. 29, 2019, the disclosure of which are hereby
`incorporated in their entirety.
`
`TECHNICAL FIELD
`
`The present disclosure relates generally to communica(cid:173)
`tions, and more particularly to communication methods and
`related devices and nodes supporting communications.
`
`BACKGROUND
`
`The 3GPP security standardization working group SA3
`has finalized the security specification for the Release 15 of
`the 5G System in TS 33.501 [1]. The 5G System includes 25
`many new features that require the introduction of additional
`security mechanisms. For example, the 5G System inte(cid:173)
`grates non-3GPP access (e.g. WLAN) alongside 3GPP
`access (New Radio and LTE) in a seamless manner More
`precisely, in 5G, the UE can run the usual service access 30
`procedure independently of the underlying access.
`The 5G System consists of the Access network (AN) and
`the Core Network (CN). The AN is the network that allows
`the UE to gain connectivity to the CN, e.g. the base station
`which could be a next generation node B (gNB) or a next 35
`generation evolved node B (ng-eNB) in 5G. The CN con(cid:173)
`tains all the Network Functions (NF) ensuring a wide range
`of different functionalities such as session management,
`connection management, charging, authentication, etc. FIG.
`1, from TS 23.501 [2], provides a high overview of the 5G 40
`architecture for the non-roaming scenario.
`The communication links between the UE and the net(cid:173)
`work (AN and CN) can be grouped in two different strata.
`The UE may communicate with the CN over the Non(cid:173)
`Access Stratum (NAS), and may communicate with the AN 45
`over the Access Stratum (AS). All the NAS communication
`takes place between the UE and the Access and connectivity
`Management Function (AMF) in the CN over the NAS
`protocol (Nl interface in FIG. 1). Protection of the commu(cid:173)
`nications over this these strata is provided by the NAS 50
`protocol (for NAS) and the packet data convergence proto(cid:173)
`col (PDCP) protocol (for AS).
`More details on the 5G security can be found in TS 33.501
`[1]. In general, the security mechanisms for these protocols
`rely on multiple different security keys. In the 5G security 55
`specification, these keys are organized in a hierarchy. At the
`top level there is the long-term key part of the authentication
`credential and stored in the SIM card on the UE side and in
`the unified data management/authentication credential
`repository and processing function (UDM/ARPF) on the
`Home Public Land Mobile Network (PLMN) side.
`A successful Primary Authentication between the UE and
`the AUSF in the Home PLMN may lead to the establishment
`of the KAusF key which is the second level key in the
`hierarchy. This key is not intended to leave the Home PLMN
`and is used for new features introduced in the 5G System,
`such as for the provisioning of parameters to the UE from
`
`5
`
`2
`the Home PLMN. More precisely the KAusF key may be
`used for the integrity protection of the messages delivered
`from the Home PLMN to the UE. As described in TS 33 .501
`[1], such new features include the Steering of Roaming
`(SoR) and the UDM parameter delivery procedures.
`The KAusF may be used to derive another key (KsEAF)
`that is sent to the serving PLMN. The serving PLMN key
`(KsEAF) may then be used to derive the subsequent NAS and
`AS protection keys. These lower level keys together with
`10 other security parameters such as the cryptographic algo(cid:173)
`rithms, the UE security capabilities, the value of the counters
`used for replay protection in the different protocols, etc.,
`constitute what is defined as the 5G security context in TS
`33.501 [1]. KAusFis not part of the 5G security context since
`15 5G security context resides in the serving network.
`
`SUMMARY
`
`According to some embodiments of inventive concepts, a
`20 mechanism can be provided to determine which security key
`is to be used in protecting messages sent from a Home
`PLMN to an electronic device.
`According to some embodiments of inventive concepts, a
`method is provided to operate an Authentication Server
`Function (AUSF) of a home PLMN. The method includes
`receiving a first r authentication request from a first PLMN
`that is authenticating an electronic device. The method
`further includes obtaining a first security key used for
`integrity protection of messages delivered from the home
`PLMN to the electronic device. The method further includes
`receiving a second authentication request from a second
`PLMN that is authenticating the electronic device. The
`method includes obtaining a second security key used for
`integrity protection of the messages delivered from the home
`PLMN to the electronic device. The method includes receiv(cid:173)
`ing a message protection request. The method further
`includes determining which of the first security key and the
`second security key is a latest security key. The method
`includes using the latest security key to protect a message
`associated with the message protection request.
`Authentication server function (AUSFs) of a communi(cid:173)
`cation system, computer programs, and computer program
`products are provided that perform analogous operations to
`the above embodiments of inventive concepts.
`One advantage that may be provided is that the KAusF key
`to be used for the SoR and UPU like procedures is synchro(cid:173)
`nized between the Home PLMN and the electronic device.
`This advantage protects the integrity of information to be
`delivered from the Home PLMN to the electronic device. A
`further advantage that may be provided is that no additional
`signaling overhead between the electronic device and the
`network is necessary.
`According to other embodiments of inventive concepts, a
`method is provided in an electronic device configured to
`communicate through a wireless air interface with a home
`PLMN and visiting PLMNs. The method includes transmit-
`ting a first registration request to a first PLMN to register the
`electronic device. The method further includes generating a
`first security key used for integrity protection of messages
`60 delivered from the home PLMN to the electronic device and
`storing the first security key. The method further includes
`transmitting a second registration request to a second PLMN
`that is authenticating the electronic device. The method
`further includes generating a second security key used for
`65 integrity protection of the messages delivered from the home
`PLMN to the electronic device and storing the second
`security key. The method further includes receiving a pro-
`
`17
`
`

`

`3
`tected message from the home PLMN. The method further
`includes determining which of the first security key and the
`second security key is a latest security key. The method
`includes using the latest security key to determine contents
`of a message received from the home PLMN.
`Electronic devices, computer programs, and computer
`program products are provided that perform analogous
`operations to the above embodiments of inventive concepts.
`
`BRIEF DESCRIPTION OF THE DRAWINGS
`
`35
`
`The accompanying drawings, which are included to pro(cid:173)
`vide a further understanding of the disclosure and are
`incorporated in and constitute a part of this application,
`illustrate certain non-limiting embodiments of inventive
`concepts. In the drawings:
`FIG. 1 is block diagram illustrating an overview of the 5G
`architecture for the non-roaming scenario;
`FIG. 2 is a block diagram illustrating a local breakout
`(LBO) architecture for a 5G Core Network with non-3GPP
`access;
`FIG. 3 is a flow chart illustrating an example of manage(cid:173)
`ment of multiple KAusF for protection of messages delivered
`from the HPLMN to an electronic device (e.g., UE) accord(cid:173)
`ing to some embodiments of the present disclosure;
`FIG. 4 is a block diagram illustrating an electronic device
`according to some embodiments of inventive concepts;
`FIG. 5 is a block diagram illustrating a core network node
`( e.g., an AMF node, etc.) according to some embodiments of 30
`inventive concepts;
`FIG. 6 is a block diagram illustrating a PLMN node (e.g.,
`an AUSF node);
`FIG. 7 is a flow chart illustrating operations of an AUSF
`node according to some embodiments of inventive concepts;
`FIG. 8 is a flow chart illustrating operations of an elec(cid:173)
`tronic device according to some embodiments of inventive
`concepts;
`FIGS. 9-11 are flow charts illustrating operations of an 40
`AUSF node and/or an electronic device according to some
`embodiments of inventive concepts;
`FIG. 12 is a block diagram of a wireless network m
`accordance with some embodiments;
`FIG. 13 is a block diagram of a user equipment m 45
`accordance with some embodiments;
`FIG. 14 is a block diagram of a virtualization environment
`in accordance with some embodiments;
`FIG. 15 is a block diagram of a telecommunication
`network connected via an intermediate network to a host 50
`computer in accordance with some embodiments;
`FIG. 16 is a block diagram of a host computer commu(cid:173)
`nicating via a base station with a user equipment over a
`partially wireless connection in accordance with some
`embodiments;
`FIG. 17 is a block diagram of methods implemented in a
`communication system including a host computer, a base
`station and a user equipment in accordance with some
`embodiments;
`FIG. 18 is a block diagram of methods implemented in a
`communication system including a host computer, a base
`station and a user equipment in accordance with some
`embodiments;
`FIG. 19 is a block diagram of methods implemented in a
`communication system including a host computer, a base
`station and a user equipment in accordance with some
`embodiments; and
`
`US 11,039,312 B2
`
`4
`FIG. 20 is a block diagram of methods implemented in a
`communication system including a host computer, a base
`station and a user equipment in accordance with some
`embodiments.
`
`DETAILED DESCRIPTION
`
`Inventive concepts will now be described more fully
`hereinafter with reference to the accompanying drawings, in
`10 which examples of embodiments of inventive concepts are
`shown. Inventive concepts may, however, be embodied in
`many different forms and should not be construed as limited
`to the embodiments set forth herein. Rather, these embodi-
`15 ments are provided so that this disclosure will be thorough
`and complete, and will fully convey the scope of present
`inventive concepts to those skilled in the art. It should also
`be noted that these embodiments are not mutually exclusive.
`Components from one embodiment may be tacitly assumed
`20 to be present/used in another embodiment.
`The following description presents various embodiments
`of the disclosed subject matter. These embodiments are
`presented as teaching examples and are not to be construed
`as limiting the scope of the disclosed subject matter. For
`25 example, certain details of the described embodiments may
`be modified, omitted, or expanded upon without departing
`from the scope of the described subject matter.
`In TS 33.501[1], there are two features that may make use
`of the KAusF key.
`The first feature of these two features is the Steering of
`Roaming (SoR) security mechanism described in clause
`6.14 of TS 33.501 [1]. The SoR mechanism is used for the
`delivery of information about the list of preferred PLMNs
`from the UDM in the Home PLMN to the UE. This
`information is included in an integrity protected message
`where the KAusF key may be used for the calculation of the
`Message Authentication Code (MAC) as described in Annex
`A.17 of TS 33.501 [1].
`The second feature of the two features is the UE param(cid:173)
`eters update (UPU) via UDM control procedure security
`mechanism specified in clause 6.15 of TS 33.501 [1]. This
`control procedure is for the delivery of UE parameter
`updates from the UDM in the Home PLMN to the UE. The
`UPU updates may be included in an integrity protected
`message where the KAusF is used for the calculation of the
`MAC (see Annex A.19 of TS 33.501 [1]).
`In the 5G System, a UE can be simultaneously registered
`to the network via 3GPP and non-3GPP accesses. In such a
`case, the UE can establish and maintain two parallel NAS
`connections and run in parallel any of the NAS procedures
`to request resources and access services over each of the
`accesses independently and in parallel. The UE can also be
`registered simultaneously to two different PLMNs, each
`over a specific type of access as shown in FIG. 2, which is
`55 from TS 23.501 [2].
`In the scenario of FIG. 2, the UE is registered over 3GPP
`access to a Visited PLMN (designated as VPLMNl in FIG.
`2) and over non-3GPP access to a different Visited PLMN
`(designated as VPLMN2 in FIG. 2). Thus, the UE may be
`60 communicating in parallel with two different Visited
`PLMNs. In order to secure the communication, the UE may
`be required to maintain and use in parallel two different 5G
`security contexts each associated with a specific PLMN as
`described in clause 6.3.2 of TS 33.501 [1]. These two 5G
`65 security context are resulting from two different independent
`Primary Authentication procedures involving the HPLMN,
`each for a specific VPLMN over the corresponding access.
`
`18
`
`

`

`US 11,039,312 B2
`
`5
`
`5
`Each procedure would be typically performed during initial
`registration with each VPLMN.
`An issue that may arise is that these Primary Authentica(cid:173)
`tions may lead to two different KAusF keys in the HPLMN
`side and in the UE side. It may not be clear which of the two
`different KAusF keys to use for services such as the SoR or
`the UD M parameter updates. If the UE and the A USF KA usF
`keys are not synchronized, then there is a risk that the UE
`and the AUSF may use different KAusF keys for the SoR and
`SoR-like procedures leading to an integrity check failure.
`Consequently, the HPLMN information may not be deliv(cid:173)
`ered. The UE would not know whether the failure is due to
`some entity tampering with the information or due to the
`usage of the wrong KAusP- This failure could also lead to a
`deadlock since if the UE does not acknowledge the receipt
`of the message due to integrity check failure, then the AUSF
`would simply attempt delivering it again which would only
`lead to the same failure.
`FIG. 4 is a block diagram illustrating elements of an
`electronic device 400 (also referred to as a terminal, a
`mobile terminal, a mobile communication terminal, a wire(cid:173)
`less communication device, a wireless terminal, a wireless
`device, a wireless communication terminal, a wired device,
`user equipment, UE, a user equipment node/terminal/device,
`etc.) configured to provide communication according to
`embodiments of inventive concepts. The electronic device
`400 may be a wired device or a wireless device. (When the
`electronic device 400 is a wireless device, the wireless
`device may be provided, for example, as discussed below
`with respect to wireless device 4110 of FIG. 12.) As shown, 30
`when the electronic device 400 is a wireless electronic
`device, the wireless electronic device may include an
`antenna 409 (e.g., corresponding to antenna 4111 of FIG.
`12), and transceiver circuitry 407 (also referred to as a
`transceiver, e.g., corresponding to interface 4114 of FIG. 12)
`including a transmitter and a receiver configured to provide
`uplink and downlink radio communications with a base
`station(s) ( e.g., corresponding to network node 4160 of FIG.
`12) of a radio access network. The electronic device 400
`may also include processing circuitry 403 ( also referred to as 40
`a processor, e.g., corresponding to processing circuitry 4120
`of FIG. 12) coupled to the transceiver circuitry, and memory
`circuitry 405 (also referred to as memory, e.g., correspond(cid:173)
`ing to device readable medium 4130 of FIG. 12) coupled to
`the processing circuitry. The memory circuitry 405 may 45
`include computer readable program code that when executed
`by the processing circuitry 403 causes the processing cir(cid:173)
`cuitry to perform operations according to embodiments
`disclosed herein. According to other embodiments, process(cid:173)
`ing circuitry 403 may be defined to include memory so that 50
`separate memory circuitry is not required. The electronic
`device 400 may also include a network interface 401
`coupled to processing circuitry 4033 and configured to
`provide communications with a base station( s) and may
`include other interfaces (such as a user interface) coupled 55