WO2019063098A1 - Methods and nodes for registration during mobility - Google Patents

Methods and nodes for registration during mobility Download PDF

Info

Publication number
WO2019063098A1
WO2019063098A1 PCT/EP2017/074839 EP2017074839W WO2019063098A1 WO 2019063098 A1 WO2019063098 A1 WO 2019063098A1 EP 2017074839 W EP2017074839 W EP 2017074839W WO 2019063098 A1 WO2019063098 A1 WO 2019063098A1
Authority
WO
WIPO (PCT)
Prior art keywords
tag
integrity protection
communications device
node
target node
Prior art date
Application number
PCT/EP2017/074839
Other languages
French (fr)
Inventor
Noamen BEN HENDA
Karl Norrman
Original Assignee
Telefonaktiebolaget Lm Ericsson (Publ)
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Telefonaktiebolaget Lm Ericsson (Publ) filed Critical Telefonaktiebolaget Lm Ericsson (Publ)
Priority to PCT/EP2017/074839 priority Critical patent/WO2019063098A1/en
Publication of WO2019063098A1 publication Critical patent/WO2019063098A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/10Integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W36/00Hand-off or reselection arrangements
    • H04W36/0005Control or signalling for completing the hand-off
    • H04W36/0011Control or signalling for completing the hand-off for data sessions of end-to-end connection
    • H04W36/0033Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information
    • H04W36/0038Control or signalling for completing the hand-off for data sessions of end-to-end connection with transfer of context information of security context information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W60/00Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration
    • H04W60/04Affiliation to network, e.g. registration; Terminating affiliation with the network, e.g. de-registration using triggered events

Definitions

  • the technology disclosed herein relates generally to interworking between
  • the 3 rd Generation Partnership Project (3GPP) is currently developing standards for 5 th generation wireless systems (5G), also known as Next Generation (NG) Systems. It is expected that 5G will support many new scenarios and use cases and will be an enabler for the Internet of Things (IoT).
  • the NG systems are further expected to provide connectivity to a wide range of new devices such as sensors, smart wearables, vehicles, machines, etc.
  • a key property in NG Systems will therefore be flexibility, which is reflected in, for instance, that security requirements for network access are mandating the support of alternative authentication methods and different types of credentials than the currently conventional Authentication and Key Agreement (AKA) credentials pre-provisioned by the operator and securely stored in the universal integrated-circuit card (UICC) of user equipment (UE).
  • AKA Authentication and Key Agreement
  • interworking support is needed for e.g. idle mobility between the systems and for handovers.
  • the interworking may, for instance, involve network entities and data objects belonging to systems of different generations.
  • the general principle is to adapt to the older generation in order to minimize impact on legacy infrastructure and to ensure a smooth deployment of the new system.
  • the security mechanisms for interworking should minimize impact on current system (e.g.) 4G), if is not possible to entirely avoid such impact.
  • interworking with 4G should not prevent the independent evolution of 5G security, such as e.g. introducing new cryptographic algorithms, increasing the size of the (Message Authentication Code) MAC fields, etc.
  • the security mechanisms for interworking should not prevent the independent evolution of security in new generations (e.g. 5G).
  • One of the basic security requirements when introducing new features is that they should not break or weaken the security of the overall system. In fact, across generations, the trend has been that the security level improves. Therefore, the security mechanisms for interworking should maintain at least the same level of security compared to the previous system(s) (e.g. 4G).
  • An objective of the present disclosure is to enable efficient interworking between different generations of communications systems.
  • a particular objective is to enable interworking between the different generations of communications systems for initial communication during mobility of communications devices between the
  • the objective is according to an aspect achieved by a method of registering a communications device during mobility.
  • the method is performed by a target node and comprises: receiving, from the communications device, a registration request message comprising a first integrity protection tag, sending a context request to a source node, attaching to the context request the received first integrity protection tag.
  • the method further comprises receiving, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device, calculating a second integrity protection tag using the received security key or derivative thereof and the received registration request message, and verifying integrity of the received registration request for the case that the second integrity protection tag is equal to the first integrity protection tag.
  • the method provides a number of advantages. For instance, the method provides a mechanism for the integrity protection of the initial NAS message (Registration Request) during mobility from a source communications system of a first generation to a target communications system of a second generation (e.g. from 5G to next- coming generation). Further, the method does not require a preliminary negotiation and selection of cryptographic algorithms for the ongoing session. The predetermined algorithm may be hard-coded in the specification or configured out of band. Still further, the method decouples the protection mechanism of the NAS message from the security mechanism for the release of the UE context from the target core network node (e.g. AMF), in contrast to how mobility in current communications system (e.g. between Mobility Management Entity, MMEs, in 4G). Further, the method leaves out completely the security of the NAS communication between the UE and the target system in the remit of the target system. In other terms, it guarantees independency between the 5G NAS security and the legacy NAS security.
  • AMF target core network node
  • MMEs Mobility Management
  • the objective is according to an aspect achieved by a computer program for a target node for registration of a communications device during mobility.
  • the computer program comprises computer program code, which, when run on at processing circuitry of the target node causes the target node to perform the method as above.
  • the objective is according to an aspect achieved by a computer program product comprising a computer program as above and a computer readable means on which the computer program is stored.
  • the objective is according to an aspect achieved by a target node for registering a communications device during mobility.
  • the target node is configured to:
  • the objective is according to an aspect achieved by a method of registering a communications device during mobility.
  • the method is performed by a source node and comprises receiving, from a target node, a context request for the
  • the context request comprising a first integrity protection tag
  • calculating a second integrity protection tag using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device, and sending, to the target node, the security key or derivative thereof for the case that the second integrity protection tag, is equal to the first integrity protection tag.
  • the objective is according to an aspect achieved by a computer program for a source node for registration of a communications device during mobility.
  • the computer program comprises computer program code, which, when run on at processing circuitry of the source node causes the source node to perform the method as above.
  • the objective is according to an aspect achieved by a computer program product comprising a computer program as above and a computer readable means on which the computer program is stored.
  • the objective is according to an aspect achieved by a source node for registering a communications device during mobility.
  • the source node is configured to:
  • the objective is according to an aspect achieved by a method of registration to a target node during mobility.
  • the method is performed by a communications device and comprises determining a first integrity protection tag using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node, and transmitting, to the target node, the registration message to which the determined first integrity protection tag is attached.
  • the objective is according to an aspect achieved by a computer program for a communications device for registration to a target node during mobility.
  • the computer program comprises computer program code, which, when run on at processing circuitry of the communications device causes the communications device to perform the method as above.
  • the objective is according to an aspect achieved by a computer program product comprising a computer program as above and a computer readable means on which the computer program is stored.
  • the objective is according to an aspect achieved by a communications device for registration to a target node during mobility.
  • the communications device is configured to:
  • Figure l illustrates transfer of a user equipment (UE) context between
  • UE user equipment
  • Figure 2 illustrates an exemplary environment in which embodiments of the present teachings may be implemented.
  • FIG. 3 is a signaling diagram of embodiments of the present teachings.
  • Figure 4 illustrates a flow chart over steps of a method in a target node in accordance with the present teachings.
  • Figure 5 illustrates schematically a target node and means for implementing methods of the present teachings.
  • Figure 6 illustrates a target node comprising function modules/software modules for implementing methods of the present teachings.
  • Figure 7 illustrates a flow chart over steps of a method in a source node in accordance with the present teachings.
  • Figure 8 illustrates schematically a source node and means for implementing methods of the present teachings.
  • Figure 9 illustrates a source node comprising function modules/software modules for implementing methods of the present teachings.
  • Figure 10 illustrates a flow chart over steps of a method in a communications device in accordance with the present teachings.
  • Figure 11 illustrates schematically a communications device and means for
  • Figure 12 illustrates a communications device comprising function modules/software modules for implementing methods of the present teachings.
  • Figure l illustrates transfer of a communications device l context, in the following exemplified by a user equipment (UE) context, between communications system of different generations.
  • UE user equipment
  • NAS Non-Access Stratum
  • CN Core Network
  • AMF Active mode mobility
  • RAN Radio Access Network
  • MME Mobility Management Entity
  • a “generation” of a mobile network may refer to a release of new specifications that introduce new functions taking over functionality from the ones in the previous generations.
  • “generations” should be interpreted liberally; for example the shift from GSM to UMTS in the 3GPP specifications is considered as a shift in generations.
  • the trigger mechanisms for both idle and active mode could be maliciously activated by misbehaving entities sending fake Registration Request messages in 5G areas (i.e. in areas of target system 200) causing the release of the UE context for idle UEs potentially still in 4G areas (i.e. in areas of source system 100). Affected UEs would need to re-register and potentially re-authenticate again to regain access to services. In fact, this is a form of a Denial-of-Service (DoS) attack. Therefore, there is a need to authenticate the trigger for the UE 1 context transfer procedure. The threat here is more apparent in the idle mode mobility since the transfer request is issued by the AMF 2 (located in the target system 200) to the MME 2 (located in the source system 100).
  • DoS Denial-of-Service
  • the transfer is issued by an entity (AMF 3) external to the source system.
  • AMF 3 entity
  • the transfer is initiated by the source system 100 itself. Therefore, it is important that there is a mechanism to authenticate the trigger message leading to the transfer of the UE context for enabling safe and transparent interworking mechanism.
  • the UE 1 uses the current 4G security context (stored in an entity of Evolved Packet System, EPS) to integrity protect a Tracking Area Update (TAU) message.
  • a target MME 4 forwards the message as is, delegating the integrity verification to the source MME 3.
  • the source MME 3 sends the UE context including the security parameters only when the integrity protection succeeds.
  • the integrity protection is provided via the non-access stratum Medium Access Control (NAS- MAC) Information Element (IE) in the NAS protocol. So basically, for idle mode mobility within E-UTRA, the MAC IE on the TAU messages serves two purposes:
  • NAS non-access stratum
  • the optimization lies in that the NAS MAC is used to both integrity protect the initial NAS message and to ensure that the UE context is only released from the source MME 3 to the target MME 4 if the UE 1 has actually requested to move to a new MME.
  • the UE 1 and the source MME 3 must agree on an integrity algorithm (in this example, EPS integrity algorithms EIAi or EIA2 or EIA3).
  • an integrity algorithm in this example, EPS integrity algorithms EIAi or EIA2 or EIA3
  • SMC Security Mode Command
  • the target MME 4 can either choose to continue using the selected algorithm, as indicated in the received security context, or select new ones and for that the target MME 4 will have to run a new SMC procedure. It is noted that the first case is not problematic since the source and target entities (MMEs 3, 4) are of the same type and belong to the same generation system, i.e. the same
  • a mechanism for integrity protecting the initial Registration Request message to a CN node (e.g. AMF) in idle mode mobility from a first generation communications system (e.g. 5G) to a second, newer generation of communications system before algorithm selection has taken placed.
  • the integrity protection may, for instance, be based on using a predetermined integrity protection function (e.g. a generic hash function).
  • a predetermined integrity protection function e.g. a generic hash function
  • the Registration Request message may comprise a NAS HASH that is computed using the message, a predetermined integrity protection function, taking at least part of the Registration message and possibly other parameters as input.
  • the system Key Derivation Function is taken as the predetermined integrity protection function since it is anyway mandatory to support it both in the AMF and the UE for other purposes.
  • FIG. 2 illustrates an exemplary environment in which embodiments of the present teachings may be implemented.
  • a source CN node 13 belongs to a first communications system 10 and a target CN node 14 belongs to a second communications system 20, wherein the first and second communications systems
  • a 5G system (and the notations related to it) is used as a single exemplary communications system for explaining the various embodiments according to the present teachings, and how, for instance, the independency between a NAS security of a first communications system (e.g. 5G) and a second communications system (next-coming generation) is accomplished according to various embodiments.
  • a first communications system e.g. 5G
  • a second communications system next-coming generation
  • the 5G communications system 15 comprises a source AMF 13 and a target AMF14, which are interconnected over a 5G AMF-AMF interface.
  • the UE 11 again exemplified by a UE 11, is in idle state towards the source AMF 13 (arrow Ai) and located in a tracking area served by the source AMF 13.
  • the UE 11 and the source AMF 13 have the same key, as they have previously performed mutual registration and authentication procedures.
  • the UE 11 comes into an area (in this case tracking area, as both target AMF and source AMF belong to same communications system) served by the target AMF 14 it sends (arrow A2) an initial NAS message, i.e. the registration request, to the target AMF 14.
  • the registration request (illustrated in figure 2) has, according to the present teachings, appended thereto an integrity protection tag, denoted TAG (or NAS TAG).
  • the TAG is a function of the 5G key (source system key), a predetermined integrity protection function (e.g. the 5G KDF) and the registration request. Examples on how to obtain the TAG are given later.
  • the target AMF 14 receives the registration request and sends (arrow A3) in response a context request to the source AMF 13.
  • the context request comprises the TAG.
  • the source AMF 13 receives the context request and verifies (arrow A4) the TAG. This verification comprises calculating the received TAG using the registration request and the source key, the result of which is denoted TAG' .
  • the calculated TAG' is compared to the received TAG and if they are equal or otherwise determined to match, then the source AMF 13 releases the UE context, i.e. sends (arrow A5) it to the target AMF 14.
  • the target AMF 14 Upon receiving the UE context, the target AMF 14 obtains the source key or derivative thereof and is then able to verify (arrow A6) the TAG in the same way as the source AMF did: using the registration request and the source key (or derivative thereof). The target AMF 14 has now verified the integrity of the
  • FIG. 3 is a signaling diagram describing embodiments of the present teachings.
  • the UE 11 uses a hash function that does not require any prior negotiation for the computation of the integrity protection tag TAG and appends it to the initial NAS message. It is noted that regardless of the particular names of the message, what is relevant is that the procedure will be always initiated by a Registration Request (step 1) message and terminated by a Registration Accept (step 2) message (possible followed by a Registration Complete confirmation from the UE) with a context transfer procedure (steps 4) somewhere in between.
  • box 1 it is assumed that the UE 11 is able to derive a 5G security context from the EPS security context currently used in the 5G system and shared with the source AMF 13 ⁇
  • the UE 11 uses the Registration Request message and the newly derived 5G security key to compute an integrity protection tag TAG.
  • predetermined integrity protection function used in the computation of the TAG, may, in some embodiments, be formed the same way that they would be for the computation of the usual standard NAS MAC.
  • the UE 11 sends the Registration Request including the TAG towards the target AMF 14.
  • the target AMF14 receiving the request defers the verification of the TAG and runs a context transfer procedure (e.g. as described with reference to figure 2) with the source AMF 13 that when being successful leads to transfer of the EPS security context that is shared between the source AMF 13 and the UE 11, from the source AMF 13 to the target AMF 14.
  • a context transfer procedure e.g. as described with reference to figure 2
  • the target AMF 14 derives a 5G security context from the received EPS security context in a manner similar to how the UE 11 did.
  • the target AMF 14 uses the received Registration Request message
  • the target AMF 14 is then able to check whether the received TAG is equal to the expected one. If that is the case, the target AMF 14 can draw conclusions not only on the integrity of the Registration Request Message but also that the target AMF 14 is sharing the same 5G key with the UE 11 (key confirmation). In box 7, the target AMF 14 sends a Registration Accept to the UE 11 possibly after further exchange of messages. In order to properly protect this message (with standard crypto algorithms), the target AMF 14 would have to run an SMC procedure (somewhere between steps 6 and 7) for algorithm selection.
  • the TAG may be computed using the same inputs as when currently computing a NAS MAC except for the described integrity key denoted KEY (i.e. the source key, e.g. 5G key, as described earlier e.g. in relation to figures 2 and 3).
  • KEY the integrity key denoted KEY (i.e. the source key, e.g. 5G key, as described earlier e.g. in relation to figures 2 and 3).
  • TS 33.401 In TS 33.401 computation of NAS_MAC and XNAS_MAC for integrity protection is described. It is assumed that the same type of inputs will be used in the 5G NAS.
  • TS 33.401 [2] (Annex A.9) specifies the computation of NAS token (Annex A.9). It is noted that the NAS specified token therein does not protect the message in which it is delivered from the UE to the communications system. This is a distinguishing and important difference compared to the teachings presented herein. In particular, while the current standard does not protect the registration request (i.e. the initial NAS message), various embodiments disclosed herein do indeed provide a mechanism for integrity protection of the initial NAS message (Registration Request) during mobility between communications systems of different generations, e.g. from a
  • the predetermined integrity protection function (which could potentially be the KDF) is used in a similar manner. More specifically, in some embodiments at least the following inputs are used to form the S input (required for the KDF):
  • FC potentially a new value dedicated for this purpose
  • P2 DIRECTION as in the inputs to the integrity algorithm or the 5G- equivalent and this should always be set to whatever indicates uplink, possibly padded to fill up a complete number of bytes
  • L2 Length of DIRECTION input (rounded up in byte numbers)
  • P3 BEARER as in the input to the integrity algorithm or the 5G equivalent possibly padded to fill up a complete number of bytes
  • Pi is a required input, while the other may be optional.
  • the KEY parameter used for the integrity protection is a key that is derived from the higher-level key using the identifier of the selected algorithm. Since there has been no selection of algorithms yet, two scenarios are possible.
  • This may then be used as the key input to the predetermined integrity protection function.
  • Figure 4 illustrates a flow chart over steps of a method in a target node in accordance with the present teachings.
  • the method 30 may be performed by a node or entity handling mobility functions, e.g. an AMF 14.
  • a method 30 is provided of registering a communications device 11 during mobility.
  • the method 30 is performed by a target node 14.
  • the communications device 11 may be a user device such as a user equipment (UE) and the communications device 11 mobility may comprise the communications device 11 entering an area handled by a different node (a target node) than the node (source node) currently handling mobility functions of the communications device 11.
  • the source node and the target node may belong to the same generation or to different generations of
  • the source node may also be denoted as the "old node” and the target node as the "new node”.
  • the method 30 comprises receiving 31, from the communications device 11, a registration request message comprising a first integrity protection tag, TAG.
  • TAG first integrity protection tag
  • the method 30 comprises sending 32 a context request to a source node 13, attaching to the context request the received first integrity protection tag, TAG. That is, the TAG is made a part of the context request.
  • the source node 13 will be able to verify that the registration request is from a legitimate communications device, upon which the source node 13 releases the context to the requesting target node 14.
  • the method 30 comprises receiving 33, from the source node 13, a security key or a derivative thereof used in communication between the source node 13 and the communications device 11.
  • a derivative of the security key has the advantage of preventing the target node 14 from being able to decrypt earlier communication between the source node 13 and the communications device 11.
  • the method 30 comprises calculating 34 a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message.
  • the method 30 comprises verifying 35 integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG. It is noted that the second integrity protection tag TAG' may be considered equal to the first integrity protection tag TAG e.g. when the number of bits possibly differing are less than a predetermined number.
  • the method 30 provides a mechanism for the integrity protection of the initial NAS message (Registration Request) during mobility from a source
  • the method does not require a preliminary negotiation and selection of cryptographic algorithms for the ongoing session.
  • the predetermined algorithm may be hard-coded in the specification or configured out of band.
  • the method decouples the protection mechanism of the NAS message from the security mechanism for the release of the UE context from the target core network node (e.g. AMF), in contrast to how mobility in current communications system (e.g. between MMEs in 4G).
  • the method leaves out completely the security of the NAS communication between the UE and the target system in the remit of the target system. In other terms, it guarantees independency between the 5G NAS security and the legacy NAS security.
  • the method 30 comprises running a security mode command procedure with the communications device 11 for synchronizing integrity protection function to be used in their communication.
  • a particular example of such security mode command procedure comprises following the structure of the 4G security mode command procedure where the MME sends an integrity protected Security Mode Command to the UE.
  • the Security Mode Command includes the indication of the integrity protection algorithm and the encryption algorithm that the MME wishes to use for communication with the UE for the following communication.
  • the UE configures the use of the indicated security algorithms and activates their use.
  • the UE then responds with a Security Mode Complete message to the MME to conclude the security mode command procedure.
  • the source node 13 is a node of a first communications system 13 and the target node 14 is a node of a second communications system 14, and the first and second communications systems 13, 14 may be of different generations.
  • the method 30 comprises sending, to the communications device 11, a registration accept upon the verifying 35 being successful.
  • the method 30 comprises rejecting the registration request from the communications device 11 upon the verifying 35 failing.
  • Figure 5 illustrates schematically a target node and means for implementing methods of the present teachings.
  • the target node 14 comprises processing circuitry 40, which may be any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 41, e.g. in the form of a storage medium 41.
  • the processing circuitry 40 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processing circuitry 40 is configured to cause the target node 14 to perform a set of operations, or steps, e.g. as described in relation to figure 4.
  • the storage medium 41 may store the set of operations
  • the processing circuitry 40 may be configured to retrieve the set of operations from the storage medium 41 to cause the target node 14 to perform the set of operations.
  • the set of operations may be provided as a set of executable instructions.
  • the processing circuitry 40 is thereby arranged to execute methods as disclosed herein.
  • the target node 14 also comprises input/output means 43 (denoted I/O) for communicating wirelessly and/or in a wired manned with other entities and devices.
  • the input/output means 43 may, for instance, comprise a protocol stack, for communication with network nodes in a wired manner and/or with communication devices in a wireless manner.
  • the input/output means 43 may be used for receiving data input and for outputting data, e.g. conveying IP packets and/or NAS messages.
  • the target node 14 is enabled to communicate with the source node 13, and may also have a communication connection (typically wired) to a radio access node (not shown), which is in wireless communication with the communications device 11. That is, the target node 14 receives e.g. the registration request message from the communications device 11 via such radio access node (and any intermediary nodes such as e.g. gateways).
  • a target node 14 configured to registering a communications device 11 during mobility is provided.
  • the target node 14 is configured to:
  • the target node 14 may be configured to perform the above steps, and implement any of the described embodiments of e.g. the method 30, e.g. by comprising one or more processors 40 (or processing circuitry) and memory 41, the memory 41 containing instructions executable by the processor 40, whereby the target node 14 is operative to perform the steps.
  • a target node 14 is provided, for registering a
  • the target node comprises one or more processors and memory, the memory containing instructions executable by the processor, whereby the target node is operative to: receive, from the communications device, a registration request message comprising a first integrity protection tag, send a context request to a source node, attaching to the context request the received first integrity protection tag, receive, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device, calculate a second integrity protection tag, using the received security key or derivative thereof and the received registration request message, and verify integrity of the received registration request for the case that the second integrity protection tag, is equal to the first integrity protection tag,
  • the target node 14 is configured to run a security mode command procedure with the communications device 11 for synchronizing integrity protection function to be used in their communication.
  • the source node 13 is a node of a first communications system 13 and the target node 14 is a node of a second communications system 14 and wherein the first and second communications systems 13, 14 are of different generations.
  • the source node 13 is configured to send, to the
  • the source node 13 is configured to reject the registration request from the communications device 11 upon the verifying failing.
  • Figure 6 illustrates a target node comprising function modules/software modules for implementing methods of the present teachings.
  • the function modules can be implemented using software instructions such as computer program executing in a processor and/or using hardware, such as application specific integrated circuits (ASICs), field programmable gate arrays, discrete logical components etc., and any combination thereof.
  • ASICs application specific integrated circuits
  • Processing circuitry may be provided, which may be adaptable and in particular adapted to perform any of the steps of the method 30 that has been described in various embodiments.
  • a target node 14 is provided for registering a communications device during mobility.
  • the target node 14 comprises a first module 51 for receiving, from the
  • Such first module 51 may, for instance, comprise receiving circuitry or an input device for receiving communication (e.g. registration request messages) from the communications device. It is noted that the communication from the communications device may be conveyed via other nodes, e.g. a radio access node.
  • the target node 14 comprises a second module 52 for sending a context request to a source node, attaching to the context request the received first integrity protection tag, TAG.
  • Such second module 52 may, for instance, comprise transmitting circuitry or an output device for transmitting communication to the communications device.
  • the second module 52 may also comprise processing circuitry and/or a protocol adapted to attach the first integrity protection tag TAG to the received context request.
  • the target node 14 comprises a third module 53 for receiving, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device.
  • Such third module 53 may, for instance, comprise receiving circuitry or an input device for receiving communication (e.g. registration request messages) from the source node.
  • the target node 14 comprises a fourth module 54 for calculating a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message.
  • fourth module 54 may, for instance, comprise processing circuitry adapted to calculate integrity protection tags, e.g.
  • processing circuitry implementing a predetermined integrity protection function.
  • the target node 14 comprises a fifth module 55 for verifying integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
  • Such fifth module 55 may, for instance, comprise processing circuitry adapted to perform such integrity
  • modules 51, 52, 53, 54 and 55 may be replaced by units.
  • Figure 7 illustrates a flow chart over steps of a method in a source node in accordance with the present teachings.
  • a method 60 of registering a communications device 11 during mobility is provided.
  • the method 60 may be performed by a source node 13.
  • the source node is the node currently handling the mobility functions of the
  • the method 60 comprises receiving 61, from a target node 14, a context request for the communications device 1, the context request comprising a first integrity protection tag, TAG.
  • the method 60 comprises calculating 62 a second integrity protection tag, TAG' , using the received context request (e.g. a registration request message thereof) and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device 11.
  • the method 60 comprises sending 63, to the target node 14, the security key or derivative thereof for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
  • the method 60, the calculating 62 comprises using a
  • FIG. 8 illustrates schematically a source node and means for implementing methods of the present teachings.
  • the source node 13 comprises processing circuitry 70, which may be any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 71, e.g. in the form of a storage medium 71.
  • the processing circuitry 70 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processing circuitry 70 is configured to cause the source node 13 to perform a set of operations, or steps, e.g. as described in relation to figure 7.
  • the storage medium 71 may store the set of operations
  • the processing circuitry 70 may be configured to retrieve the set of operations from the storage medium 71 to cause the source node 13 to perform the set of operations.
  • the set of operations may be provided as a set of executable instructions.
  • the processing circuitry 70 is thereby arranged to execute methods as disclosed herein.
  • the source node 13 also comprises input/output means 73 (denoted I/O) for communicating wirelessly and/or in a wired manned with other entities and devices.
  • the input/output means 73 may, for instance, comprise a protocol stack, for communication with network nodes (e.g. with the target node 14) in a wired manner and/or with communication devices in a wireless manner.
  • the input/output means 73 may be used for receiving data input and for outputting data, e.g. conveying IP packets.
  • the source node 13 is enabled to communicate with the target node 14, and may also have a communication connection (typically wired) to a radio access node (not shown), which is in wireless communication with the communications device 11.
  • a source node 13 for registering a communications device 11 during mobility is provided.
  • the source node 13 is configured to:
  • TAG' calculates a second integrity protection tag, TAG' , using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device 1, and
  • the source node 13 may be configured to perform the above steps, and implement any of the described embodiments of e.g. the method 60, e.g. by comprising one or more processors 70 (or processing circuitry) and memory 71, the memory 71 containing instructions executable by the processor 70, whereby the source node 13 is operative to perform the steps.
  • a source node for registering a communications device during mobility.
  • the source node comprises one or more processors and memory, the memory containing instructions executable by the processor, whereby the source node is operative to: receive, from a target node, a context request for the communications device, the context request comprising a first integrity protection tag, calculate a second integrity protection tag using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device, and send, to the target node, the security key or derivative thereof for the case that the second integrity protection tag is equal to the first integrity protection tag.
  • the source node 13 is configured to calculate by using a
  • Figure 9 illustrates a source node comprising function modules/software modules for implementing methods of the present teachings.
  • the function modules can be implemented using software instructions such as computer program executing in a processor and/or using hardware, such as application specific integrated circuits (ASICs), field programmable gate arrays, discrete logical components etc., and any combination thereof.
  • ASICs application specific integrated circuits
  • Processing circuitry may be provided, which may be adaptable and in particular adapted to perform any of the steps of the method 60 that has been described in various embodiments.
  • a source node 13 is provided for registering a communications device during mobility.
  • the source node 13 comprises a first module 81 for receiving, from a target node, a context request for the communications device, the context request comprising a first integrity protection tag.
  • Such first module 81 may, for instance, comprise receiving circuitry or an input device for receiving from the target node.
  • the source node 13 comprises a second module 82 for calculating a second integrity protection tag using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device.
  • Such second module 82 may, for instance, comprise processing circuitry adapted to calculate integrity protection tags, e.g. processing circuitry implementing a predetermined integrity protection function.
  • the source node 13 comprises a third module 83 for sending, to the target nod, the security key or derivative thereof for the case that the second integrity protection tag, is equal to the first integrity protection tag.
  • Such third module 83 may, for instance, comprise transmitting circuitry or an output device for transmitting communication to the target node.
  • modules 81, 82 and 83 may be replaced by units.
  • Figure 10 illustrates a flow chart over steps of a method in a communications device in accordance with the present teachings.
  • the communications device 11 may, for instance, be a user device such as a smartphone or other device for which mobility functionality needs to be handled.
  • a method 90 of registration to a target node 14 during mobility is provided.
  • the method 90 is performed by a communications device 11 and comprises: - determining 91 a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node 13, and
  • Figure 11 illustrates schematically a communications device and means for
  • the communications device 11 comprises processing circuitry 110, which may be any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 111, e.g. in the form of a storage medium 111.
  • the processing circuitry 110 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • the processing circuitry 110 is configured to cause the communications device 11 to perform a set of operations, or steps, e.g. as described in relation to figure 10.
  • the storage medium 111 may store the set of operations
  • the processing circuitry 110 may be configured to retrieve the set of operations from the storage medium 111 to cause the communications device 11 to perform the set of operations.
  • the set of operations may be provided as a set of executable instructions.
  • the processing circuitry 110 is thereby arranged to execute methods as disclosed herein.
  • the communications device 11 also comprises input/output means 113 (denoted I/O) for communicating wirelessly (and possibly in a wired manned) with other entities and devices.
  • the input/output means 113 may, for instance, comprise a protocol stack, for communication with network nodes (e.g. with the source node 13 and with the target node 14).
  • the input/output means 113 may be used for receiving data input and for outputting data, e.g. conveying IP packets.
  • the communications device 11 is enabled to communicate with the source node 13 and the target node 14, for instance over a node (e.g. eNB) of a radio access node (not shown), which is in wireless communication with the communications device 11.
  • a node e.g. eNB
  • a communications device 11 for registration to a target node 14 during mobility is provided.
  • the communications device 11 is configured to: - determine a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node 13, and
  • the communications device 11 may be configured to perform the above steps, and implement any of the described embodiments of e.g. the method 90, e.g. by comprising one or more processors 110 (or processing circuitry) and memory 111, the memory 111 containing instructions executable by the processor 100, whereby the communications device 11 is operative to perform the steps.
  • a communications device for registering to a target node during mobility.
  • the communications device comprises one or more processors and memory, the memory containing instructions executable by the processor, whereby the communications device is operative to: determine a first integrity protection tag using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node, and transmit, to the target node, the registration message to which the determined first integrity protection tag is attached.
  • Figure 12 illustrates a communications device comprising function modules/software modules for implementing methods of the present teachings.
  • the function modules can be implemented using software instructions such as computer program executing in a processor and/or using hardware, such as application specific integrated circuits (ASICs), field programmable gate arrays, discrete logical components etc., and any combination thereof.
  • ASICs application specific integrated circuits
  • Processing circuitry may be provided, which may be adaptable and in particular adapted to perform any of the steps of the method 90 that has been described in various embodiments.
  • a communications device for registering to a target node during mobility.
  • the communications device comprises a first module 121 for determining a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node.
  • Such first module 121 may, for instance, comprise processing circuitry adapted to determine integrity protection tags, e.g. processing circuitry implementing a predetermined integrity protection function.
  • the communications device comprises a second module 121 for transmitting, to the target node, the registration message to which the determined first integrity protection tag is attached.
  • Such second module 122 may, for instance, comprise transmitting circuitry or an output device for transmitting communication to the target node.
  • modules 121 and 122 may be replaced by units.

Abstract

A method (30) of registering a communications device (11) during mobility is disclosed. The method (30) is performed by a target node (14) and comprises receiving (31), from the communications device (11), a registration request message comprising a first integrity protection tag, TAG, sending (32) a context request to a source node (13), attaching to the context request the received first integrity protection tag, TAG, receiving (33), from the source node (13), a security key or a derivative thereof used in communication between the source node (13) and the communications device (11), calculating (34) a second integrity protection tag, TAG´, using the received security key or derivative thereof and the received registration request message, and verifying (35) integrity of the received registration request for the case that the second integrity protection tag, TAG´, is equal to the first integrity protection tag, TAG. Also disclosed are methods in a source node (13) and communications device (11), and corresponding nodes, devices, computer programs and computer program products.

Description

Methods and nodes for registration during mobility
Technical field
The technology disclosed herein relates generally to interworking between
communications systems of different generations, and in particular to methods of registration during mobility to a target node, nodes, communications device, computer programs and computer program products.
Background
The 3rd Generation Partnership Project (3GPP) is currently developing standards for 5th generation wireless systems (5G), also known as Next Generation (NG) Systems. It is expected that 5G will support many new scenarios and use cases and will be an enabler for the Internet of Things (IoT). The NG systems are further expected to provide connectivity to a wide range of new devices such as sensors, smart wearables, vehicles, machines, etc. A key property in NG Systems will therefore be flexibility, which is reflected in, for instance, that security requirements for network access are mandating the support of alternative authentication methods and different types of credentials than the currently conventional Authentication and Key Agreement (AKA) credentials pre-provisioned by the operator and securely stored in the universal integrated-circuit card (UICC) of user equipment (UE). This flexibility would, for instance, allow factory owners or enterprises to leverage their own identity and credential management systems for authentication and access network security.
In order to guarantee a smooth deployment between a legacy system and a current or next-coming generation interworking support is needed for e.g. idle mobility between the systems and for handovers. The interworking may, for instance, involve network entities and data objects belonging to systems of different generations. The general principle is to adapt to the older generation in order to minimize impact on legacy infrastructure and to ensure a smooth deployment of the new system. The security mechanisms for interworking should minimize impact on current system (e.g.) 4G), if is not possible to entirely avoid such impact.
The fact that the newer generation must adapt to the older generation, should however not incur restrictions or constraints on the future (e.g. 5G) security mechanisms outside of the interworking. For instance, interworking with 4G should not prevent the independent evolution of 5G security, such as e.g. introducing new cryptographic algorithms, increasing the size of the (Message Authentication Code) MAC fields, etc. In other terms, the security mechanisms for interworking should not prevent the independent evolution of security in new generations (e.g. 5G). One of the basic security requirements when introducing new features is that they should not break or weaken the security of the overall system. In fact, across generations, the trend has been that the security level improves. Therefore, the security mechanisms for interworking should maintain at least the same level of security compared to the previous system(s) (e.g. 4G).
From the above, it is realized that the interworking between different generations of communications systems is required e.g. in view of and for security mechanisms. It would be desirable to enable such security functions to be implemented and improved without restrictions being posed thereon by interworking.
Summary
An objective of the present disclosure is to enable efficient interworking between different generations of communications systems. A particular objective is to enable interworking between the different generations of communications systems for initial communication during mobility of communications devices between the
communications systems. These objectives and others are achieved by the methods, nodes, communications device, computer programs and computer program products according to the appended independent claims, and by the embodiments according to the dependent claims.
The objective is according to an aspect achieved by a method of registering a communications device during mobility. The method is performed by a target node and comprises: receiving, from the communications device, a registration request message comprising a first integrity protection tag, sending a context request to a source node, attaching to the context request the received first integrity protection tag. The method further comprises receiving, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device, calculating a second integrity protection tag using the received security key or derivative thereof and the received registration request message, and verifying integrity of the received registration request for the case that the second integrity protection tag is equal to the first integrity protection tag.
The method provides a number of advantages. For instance, the method provides a mechanism for the integrity protection of the initial NAS message (Registration Request) during mobility from a source communications system of a first generation to a target communications system of a second generation (e.g. from 5G to next- coming generation). Further, the method does not require a preliminary negotiation and selection of cryptographic algorithms for the ongoing session. The predetermined algorithm may be hard-coded in the specification or configured out of band. Still further, the method decouples the protection mechanism of the NAS message from the security mechanism for the release of the UE context from the target core network node (e.g. AMF), in contrast to how mobility in current communications system (e.g. between Mobility Management Entity, MMEs, in 4G). Further, the method leaves out completely the security of the NAS communication between the UE and the target system in the remit of the target system. In other terms, it guarantees independency between the 5G NAS security and the legacy NAS security.
The objective is according to an aspect achieved by a computer program for a target node for registration of a communications device during mobility. The computer program comprises computer program code, which, when run on at processing circuitry of the target node causes the target node to perform the method as above.
The objective is according to an aspect achieved by a computer program product comprising a computer program as above and a computer readable means on which the computer program is stored.
The objective is according to an aspect achieved by a target node for registering a communications device during mobility. The target node is configured to:
- receive, from the communications device, a registration request message
comprising a first integrity protection tag,
- send a context request to a source node, attaching to the context request the received first integrity protection tag, - receive, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device,
- calculate a second integrity protection tag, using the received security key or derivative thereof and the received registration request message, and
- verify integrity of the received registration request for the case that the second integrity protection tag, is equal to the first integrity protection tag.
The objective is according to an aspect achieved by a method of registering a communications device during mobility. The method is performed by a source node and comprises receiving, from a target node, a context request for the
communications device, the context request comprising a first integrity protection tag, calculating a second integrity protection tag, using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device, and sending, to the target node, the security key or derivative thereof for the case that the second integrity protection tag, is equal to the first integrity protection tag.
The objective is according to an aspect achieved by a computer program for a source node for registration of a communications device during mobility. The computer program comprises computer program code, which, when run on at processing circuitry of the source node causes the source node to perform the method as above.
The objective is according to an aspect achieved by a computer program product comprising a computer program as above and a computer readable means on which the computer program is stored.
The objective is according to an aspect achieved by a source node for registering a communications device during mobility. The source node is configured to:
- receive, from a target node, a context request for the communications device, the context request comprising a first integrity protection tag,
- calculate a second integrity protection tag, using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device, and - send, to the target node, the security key or derivative thereof for the case that the second integrity protection tag, is equal to the first integrity protection tag.
The objective is according to an aspect achieved by a method of registration to a target node during mobility. The method is performed by a communications device and comprises determining a first integrity protection tag using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node, and transmitting, to the target node, the registration message to which the determined first integrity protection tag is attached.
The objective is according to an aspect achieved by a computer program for a communications device for registration to a target node during mobility. The computer program comprises computer program code, which, when run on at processing circuitry of the communications device causes the communications device to perform the method as above.
The objective is according to an aspect achieved by a computer program product comprising a computer program as above and a computer readable means on which the computer program is stored.
The objective is according to an aspect achieved by a communications device for registration to a target node during mobility. The communications device is configured to:
- determine a first integrity protection tag using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node, and
- transmit, to the target node, the registration message to which the determined first integrity protection tag is attached.
Further features and advantages of the present teachings will become clear upon reading the following description and the accompanying drawings.
Brief description of the drawings Figure l illustrates transfer of a user equipment (UE) context between
communications system of different generations.
Figure 2 illustrates an exemplary environment in which embodiments of the present teachings may be implemented.
Figure 3 is a signaling diagram of embodiments of the present teachings.
Figure 4 illustrates a flow chart over steps of a method in a target node in accordance with the present teachings.
Figure 5 illustrates schematically a target node and means for implementing methods of the present teachings.
Figure 6 illustrates a target node comprising function modules/software modules for implementing methods of the present teachings.
Figure 7 illustrates a flow chart over steps of a method in a source node in accordance with the present teachings.
Figure 8 illustrates schematically a source node and means for implementing methods of the present teachings.
Figure 9 illustrates a source node comprising function modules/software modules for implementing methods of the present teachings.
Figure 10 illustrates a flow chart over steps of a method in a communications device in accordance with the present teachings.
Figure 11 illustrates schematically a communications device and means for
implementing methods of the present teachings.
Figure 12 illustrates a communications device comprising function modules/software modules for implementing methods of the present teachings.
Detailed description
In the following description, for purposes of explanation and not limitation, specific details are set forth such as particular architectures, interfaces, techniques, etc. in order to provide a thorough understanding. In other instances, detailed descriptions of well-known devices, circuits, and methods are omitted so as not to obscure the description with unnecessary detail. Same reference numerals refer to same or similar elements throughout the description.
Figure l illustrates transfer of a communications device l context, in the following exemplified by a user equipment (UE) context, between communications system of different generations. From the background section it is clear that the security mechanisms for interworking should not prevent the independent evolution of security in new generations, and this security is also of concern during mobility issues. For instance, a particular issue on the security mechanisms for interworking is that it should provide the means to protect the transfer of the UE context from a source system 100, which may be exemplified by a 4G system, to a target system 200, exemplified by a 5G system. That is, the source system 100 and the target system 200 are of different generations, wherein the newer is typically a technical evolution of the older. How this transfer is triggered depends on whether the UE 1 is idle or active. In idle mode mobility, the transfer is triggered by a Non-Access Stratum (NAS) message from the UE 1 to a serving Core Network (CN) entity 3 in the target system 200. In figure 1, this serving CN entity 3 is exemplified by a Core Access and Mobility
Management Function (AMF). In active mode mobility (handovers), the transfer is triggered by a message (handover required) from a node (e.g. eNB) of a Radio Access Network (RAN) to the serving CN entity 3 within the source system 100. In figure 1, this serving CN entity 3 is exemplified by Mobility Management Entity (MME). So basically, the source system 100 initiates the transfer. In the following 4G and 5G systems are used as specific examples in order to highlight a difficulty, noted by the inventors, to easily introduce security improvements. 5G is thus a "new generation" and 4G is an "old generation" (legacy system). In this context it is noted that a "generation" of a mobile network may refer to a release of new specifications that introduce new functions taking over functionality from the ones in the previous generations. However, "generations" should be interpreted liberally; for example the shift from GSM to UMTS in the 3GPP specifications is considered as a shift in generations.
The trigger mechanisms for both idle and active mode could be maliciously activated by misbehaving entities sending fake Registration Request messages in 5G areas (i.e. in areas of target system 200) causing the release of the UE context for idle UEs potentially still in 4G areas (i.e. in areas of source system 100). Affected UEs would need to re-register and potentially re-authenticate again to regain access to services. In fact, this is a form of a Denial-of-Service (DoS) attack. Therefore, there is a need to authenticate the trigger for the UE 1 context transfer procedure. The threat here is more apparent in the idle mode mobility since the transfer request is issued by the AMF 2 (located in the target system 200) to the MME 2 (located in the source system 100). That is, the transfer is issued by an entity (AMF 3) external to the source system. However, for the active mode mobility (handover), the transfer is initiated by the source system 100 itself. Therefore, it is important that there is a mechanism to authenticate the trigger message leading to the transfer of the UE context for enabling safe and transparent interworking mechanism.
As a particular example, the UE 1 uses the current 4G security context (stored in an entity of Evolved Packet System, EPS) to integrity protect a Tracking Area Update (TAU) message. A target MME 4 forwards the message as is, delegating the integrity verification to the source MME 3. The source MME 3 sends the UE context including the security parameters only when the integrity protection succeeds. For clarification here, the integrity protection is provided via the non-access stratum Medium Access Control (NAS- MAC) Information Element (IE) in the NAS protocol. So basically, for idle mode mobility within E-UTRA, the MAC IE on the TAU messages serves two purposes:
1. It provides the source MME 3 with the means to check the authenticity of the trigger message, and
2. it provides integrity protection of the initial non-access stratum (NAS) message between the UE 1 and the target MME 4, i.e. of the TAU message.
This is an optimization that relies on the assumption of mutual trust between the MMEs 3, 4. The optimization lies in that the NAS MAC is used to both integrity protect the initial NAS message and to ensure that the UE context is only released from the source MME 3 to the target MME 4 if the UE 1 has actually requested to move to a new MME.
To be able to compute and verify the MACs in the NAS protocol, the UE 1 and the source MME 3 must agree on an integrity algorithm (in this example, EPS integrity algorithms EIAi or EIA2 or EIA3). This can be achieved by a Security Mode Command (SMC) procedure which is used both for the selection of the crypto algorithms and for the activation of the security mode for the NAS protocol. For an EPS security context that is currently being used, it is always the case that crypto algorithms have been negotiated and selected. When this is the case, the selected algorithms would then be indicated in the EPS security context.
For mobility within 4G, the target MME 4 can either choose to continue using the selected algorithm, as indicated in the received security context, or select new ones and for that the target MME 4 will have to run a new SMC procedure. It is noted that the first case is not problematic since the source and target entities (MMEs 3, 4) are of the same type and belong to the same generation system, i.e. the same
requirements on the supported crypto algorithms apply. However, when moving across generations, this is not necessarily the case. It is possible that the target system 200 would support new algorithms, protocols etc. that are completely unknown in the source system 100. Therefore, the selection of algorithms for the protection of the initial NAS message cannot be simply based on whatever was selected by the source system 100.
Briefly, the present teachings disclose methods and entities for improved
interworking between different generations of communications systems. More specifically, a mechanism is provided for integrity protecting the initial Registration Request message to a CN node (e.g. AMF) in idle mode mobility from a first generation communications system (e.g. 5G) to a second, newer generation of communications system before algorithm selection has taken placed. The integrity protection may, for instance, be based on using a predetermined integrity protection function (e.g. a generic hash function). Instead of a NAS MAC the Registration Request message may comprise a NAS HASH that is computed using the message, a predetermined integrity protection function, taking at least part of the Registration message and possibly other parameters as input. The system Key Derivation Function is taken as the predetermined integrity protection function since it is anyway mandatory to support it both in the AMF and the UE for other purposes.
Figure 2 illustrates an exemplary environment in which embodiments of the present teachings may be implemented. In a general case, a source CN node 13 belongs to a first communications system 10 and a target CN node 14 belongs to a second communications system 20, wherein the first and second communications systems
10, 20 are of different generations. However, in the following and without loss of generality, a 5G system (and the notations related to it) is used as a single exemplary communications system for explaining the various embodiments according to the present teachings, and how, for instance, the independency between a NAS security of a first communications system (e.g. 5G) and a second communications system (next-coming generation) is accomplished according to various embodiments.
The 5G communications system 15 comprises a source AMF 13 and a target AMF14, which are interconnected over a 5G AMF-AMF interface. A communications device
11, again exemplified by a UE 11, is in idle state towards the source AMF 13 (arrow Ai) and located in a tracking area served by the source AMF 13. The UE 11 and the source AMF 13 have the same key, as they have previously performed mutual registration and authentication procedures. When the UE 11 comes into an area (in this case tracking area, as both target AMF and source AMF belong to same communications system) served by the target AMF 14 it sends (arrow A2) an initial NAS message, i.e. the registration request, to the target AMF 14. The registration request (illustrated in figure 2) has, according to the present teachings, appended thereto an integrity protection tag, denoted TAG (or NAS TAG). The TAG is a function of the 5G key (source system key), a predetermined integrity protection function (e.g. the 5G KDF) and the registration request. Examples on how to obtain the TAG are given later.
The target AMF 14 receives the registration request and sends (arrow A3) in response a context request to the source AMF 13. The context request comprises the TAG. The source AMF 13 receives the context request and verifies (arrow A4) the TAG. This verification comprises calculating the received TAG using the registration request and the source key, the result of which is denoted TAG' . The calculated TAG' is compared to the received TAG and if they are equal or otherwise determined to match, then the source AMF 13 releases the UE context, i.e. sends (arrow A5) it to the target AMF 14. Upon receiving the UE context, the target AMF 14 obtains the source key or derivative thereof and is then able to verify (arrow A6) the TAG in the same way as the source AMF did: using the registration request and the source key (or derivative thereof). The target AMF 14 has now verified the integrity of the
registration request from the UE 11 and may proceed to setting up communication to the UE 11. Figure 3 is a signaling diagram describing embodiments of the present teachings. As an exemplary embodiment, the UE 11 uses a hash function that does not require any prior negotiation for the computation of the integrity protection tag TAG and appends it to the initial NAS message. It is noted that regardless of the particular names of the message, what is relevant is that the procedure will be always initiated by a Registration Request (step 1) message and terminated by a Registration Accept (step 2) message (possible followed by a Registration Complete confirmation from the UE) with a context transfer procedure (steps 4) somewhere in between.
In box 1, it is assumed that the UE 11 is able to derive a 5G security context from the EPS security context currently used in the 5G system and shared with the source AMF 13·
In box 2, the UE 11 uses the Registration Request message and the newly derived 5G security key to compute an integrity protection tag TAG. The inputs to the
predetermined integrity protection function, used in the computation of the TAG, may, in some embodiments, be formed the same way that they would be for the computation of the usual standard NAS MAC.
At arrow 3, the UE 11 sends the Registration Request including the TAG towards the target AMF 14.
At arrows 4a, 4b, the target AMF14 receiving the request defers the verification of the TAG and runs a context transfer procedure (e.g. as described with reference to figure 2) with the source AMF 13 that when being successful leads to transfer of the EPS security context that is shared between the source AMF 13 and the UE 11, from the source AMF 13 to the target AMF 14.
In box 5, the target AMF 14 derives a 5G security context from the received EPS security context in a manner similar to how the UE 11 did.
In box 6, the target AMF 14 uses the received Registration Request message
(excluding the TAG) and the newly derived 5G security key to compute an expected TAG denoted TAG' . The target AMF 14 is then able to check whether the received TAG is equal to the expected one. If that is the case, the target AMF 14 can draw conclusions not only on the integrity of the Registration Request Message but also that the target AMF 14 is sharing the same 5G key with the UE 11 (key confirmation). In box 7, the target AMF 14 sends a Registration Accept to the UE 11 possibly after further exchange of messages. In order to properly protect this message (with standard crypto algorithms), the target AMF 14 would have to run an SMC procedure (somewhere between steps 6 and 7) for algorithm selection.
Next, some examples on computation of the TAG are given. In order to achieve the same level of security as when using an integrity algorithm, the TAG may be computed using the same inputs as when currently computing a NAS MAC except for the described integrity key denoted KEY (i.e. the source key, e.g. 5G key, as described earlier e.g. in relation to figures 2 and 3).
In TS 33.401 computation of NAS_MAC and XNAS_MAC for integrity protection is described. It is assumed that the same type of inputs will be used in the 5G NAS. TS 33.401 [2] (Annex A.9) specifies the computation of NAS token (Annex A.9). It is noted that the NAS specified token therein does not protect the message in which it is delivered from the UE to the communications system. This is a distinguishing and important difference compared to the teachings presented herein. In particular, while the current standard does not protect the registration request (i.e. the initial NAS message), various embodiments disclosed herein do indeed provide a mechanism for integrity protection of the initial NAS message (Registration Request) during mobility between communications systems of different generations, e.g. from a
communications system implementing the present teachings and generations of communications systems following it.
According to various embodiments thus, the predetermined integrity protection function (which could potentially be the KDF) is used in a similar manner. More specifically, in some embodiments at least the following inputs are used to form the S input (required for the KDF):
Pi = MESSAGE as in the input to the integrity algorithm or the 5G equivalent
FC = potentially a new value dedicated for this purpose
Po = Uplink NAS COUNT (this should be the one from the newly derived 5G security context and should be set to the initial value) Lo = Length of uplink NAS COUNT (potentially the same as in 4G) Li = Length of MESSAGE
P2 = DIRECTION as in the inputs to the integrity algorithm or the 5G- equivalent and this should always be set to whatever indicates uplink, possibly padded to fill up a complete number of bytes
L2 = Length of DIRECTION input (rounded up in byte numbers)
P3 = BEARER as in the input to the integrity algorithm or the 5G equivalent possibly padded to fill up a complete number of bytes
L3 Length of the BEARER input (rounded up in byte numbers)
From the above examples, Pi is a required input, while the other may be optional.
The KEY parameter used for the integrity protection is a key that is derived from the higher-level key using the identifier of the selected algorithm. Since there has been no selection of algorithms yet, two scenarios are possible.
1. Use directly the actual anchor key (KAMF or KASME-equivalent) from the newly derived 5G security context
2. Use an intermediary key derived from the anchor key (KAMF or KASME equivalent) dedicated and dedicated solely to this purpose, i.e. computation of TAG/integrity protection of NAS messages before algorithm selection.
This may then be used as the key input to the predetermined integrity protection function.
The various features and embodiments that have been described can be combined in many different ways, examples of which are given next.
Figure 4 illustrates a flow chart over steps of a method in a target node in accordance with the present teachings. The method 30 may be performed by a node or entity handling mobility functions, e.g. an AMF 14.
A method 30 is provided of registering a communications device 11 during mobility. The method 30 is performed by a target node 14. The communications device 11 may be a user device such as a user equipment (UE) and the communications device 11 mobility may comprise the communications device 11 entering an area handled by a different node (a target node) than the node (source node) currently handling mobility functions of the communications device 11. The source node and the target node may belong to the same generation or to different generations of
communications system. It is noted that the source node may also be denoted as the "old node" and the target node as the "new node".
The method 30 comprises receiving 31, from the communications device 11, a registration request message comprising a first integrity protection tag, TAG. When the communications device 11 enters an area handled by the target node 14 it sends the registration request message to the target node 14.
The method 30 comprises sending 32 a context request to a source node 13, attaching to the context request the received first integrity protection tag, TAG. That is, the TAG is made a part of the context request. By including the first integrity protection tag TAG in the context request, the source node 13 will be able to verify that the registration request is from a legitimate communications device, upon which the source node 13 releases the context to the requesting target node 14.
The method 30 comprises receiving 33, from the source node 13, a security key or a derivative thereof used in communication between the source node 13 and the communications device 11. Using a derivative of the security key has the advantage of preventing the target node 14 from being able to decrypt earlier communication between the source node 13 and the communications device 11.
The method 30 comprises calculating 34 a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message.
The method 30 comprises verifying 35 integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG. It is noted that the second integrity protection tag TAG' may be considered equal to the first integrity protection tag TAG e.g. when the number of bits possibly differing are less than a predetermined number. The method 30 the method provides a mechanism for the integrity protection of the initial NAS message (Registration Request) during mobility from a source
communications system of a first generation to a target communications system of a second generation (e.g. from 5G to next-coming generation). Further, the method does not require a preliminary negotiation and selection of cryptographic algorithms for the ongoing session. The predetermined algorithm may be hard-coded in the specification or configured out of band. Still further, the method decouples the protection mechanism of the NAS message from the security mechanism for the release of the UE context from the target core network node (e.g. AMF), in contrast to how mobility in current communications system (e.g. between MMEs in 4G).
Further, the method leaves out completely the security of the NAS communication between the UE and the target system in the remit of the target system. In other terms, it guarantees independency between the 5G NAS security and the legacy NAS security.
In an embodiment, the method 30 comprises running a security mode command procedure with the communications device 11 for synchronizing integrity protection function to be used in their communication. A particular example of such security mode command procedure comprises following the structure of the 4G security mode command procedure where the MME sends an integrity protected Security Mode Command to the UE. The Security Mode Command includes the indication of the integrity protection algorithm and the encryption algorithm that the MME wishes to use for communication with the UE for the following communication. The UE configures the use of the indicated security algorithms and activates their use. The UE then responds with a Security Mode Complete message to the MME to conclude the security mode command procedure.
In some embodiments, the source node 13 is a node of a first communications system 13 and the target node 14 is a node of a second communications system 14, and the first and second communications systems 13, 14 may be of different generations.
In some embodiments, the method 30 comprises sending, to the communications device 11, a registration accept upon the verifying 35 being successful.
In some embodiments, the method 30 comprises rejecting the registration request from the communications device 11 upon the verifying 35 failing. Figure 5 illustrates schematically a target node and means for implementing methods of the present teachings. The target node 14 comprises processing circuitry 40, which may be any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 41, e.g. in the form of a storage medium 41. The processing circuitry 40 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
The processing circuitry 40 is configured to cause the target node 14 to perform a set of operations, or steps, e.g. as described in relation to figure 4. For example, the storage medium 41 may store the set of operations, and the processing circuitry 40 may be configured to retrieve the set of operations from the storage medium 41 to cause the target node 14 to perform the set of operations. The set of operations may be provided as a set of executable instructions. The processing circuitry 40 is thereby arranged to execute methods as disclosed herein.
The target node 14 also comprises input/output means 43 (denoted I/O) for communicating wirelessly and/or in a wired manned with other entities and devices. The input/output means 43 may, for instance, comprise a protocol stack, for communication with network nodes in a wired manner and/or with communication devices in a wireless manner. The input/output means 43 may be used for receiving data input and for outputting data, e.g. conveying IP packets and/or NAS messages. As a particular example, the target node 14 is enabled to communicate with the source node 13, and may also have a communication connection (typically wired) to a radio access node (not shown), which is in wireless communication with the communications device 11. That is, the target node 14 receives e.g. the registration request message from the communications device 11 via such radio access node (and any intermediary nodes such as e.g. gateways).
A target node 14 configured to registering a communications device 11 during mobility is provided. The target node 14 is configured to:
- receive, from the communications device 11, a registration request message comprising a first integrity protection tag, TAG, - send a context request to a source node 13, attaching to the context request the received first integrity protection tag, TAG,
- receive, from the source node 13, a security key or a derivative thereof used in communication between the source node 13 and the communications device 11,
- calculate a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message, and
- verify integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
The target node 14 may be configured to perform the above steps, and implement any of the described embodiments of e.g. the method 30, e.g. by comprising one or more processors 40 (or processing circuitry) and memory 41, the memory 41 containing instructions executable by the processor 40, whereby the target node 14 is operative to perform the steps.
In an embodiment thus, a target node 14 is provided, for registering a
communications device during mobility. The target node comprises one or more processors and memory, the memory containing instructions executable by the processor, whereby the target node is operative to: receive, from the communications device, a registration request message comprising a first integrity protection tag, send a context request to a source node, attaching to the context request the received first integrity protection tag, receive, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device, calculate a second integrity protection tag, using the received security key or derivative thereof and the received registration request message, and verify integrity of the received registration request for the case that the second integrity protection tag, is equal to the first integrity protection tag,
In an embodiment, the target node 14 is configured to run a security mode command procedure with the communications device 11 for synchronizing integrity protection function to be used in their communication.
In some embodiments, the source node 13 is a node of a first communications system 13 and the target node 14 is a node of a second communications system 14 and wherein the first and second communications systems 13, 14 are of different generations.
In some embodiments, the source node 13 is configured to send, to the
communications device 1, a registration accept upon the verifying being successful.
In some embodiments, the source node 13 is configured to reject the registration request from the communications device 11 upon the verifying failing.
Figure 6 illustrates a target node comprising function modules/software modules for implementing methods of the present teachings. The function modules can be implemented using software instructions such as computer program executing in a processor and/or using hardware, such as application specific integrated circuits (ASICs), field programmable gate arrays, discrete logical components etc., and any combination thereof. Processing circuitry may be provided, which may be adaptable and in particular adapted to perform any of the steps of the method 30 that has been described in various embodiments.
A target node 14 is provided for registering a communications device during mobility. The target node 14 comprises a first module 51 for receiving, from the
communications device, a registration request message comprising a first integrity protection tag, TAG. Such first module 51 may, for instance, comprise receiving circuitry or an input device for receiving communication (e.g. registration request messages) from the communications device. It is noted that the communication from the communications device may be conveyed via other nodes, e.g. a radio access node.
The target node 14 comprises a second module 52 for sending a context request to a source node, attaching to the context request the received first integrity protection tag, TAG. Such second module 52 may, for instance, comprise transmitting circuitry or an output device for transmitting communication to the communications device. The second module 52 may also comprise processing circuitry and/or a protocol adapted to attach the first integrity protection tag TAG to the received context request.
The target node 14 comprises a third module 53 for receiving, from the source node, a security key or a derivative thereof used in communication between the source node and the communications device. Such third module 53 may, for instance, comprise receiving circuitry or an input device for receiving communication (e.g. registration request messages) from the source node.
The target node 14 comprises a fourth module 54 for calculating a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message. Such fourth module 54 may, for instance, comprise processing circuitry adapted to calculate integrity protection tags, e.g.
processing circuitry implementing a predetermined integrity protection function.
The target node 14 comprises a fifth module 55 for verifying integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG. Such fifth module 55 may, for instance, comprise processing circuitry adapted to perform such integrity
verification.
It is noted that one or more of the modules 51, 52, 53, 54 and 55 may be replaced by units.
Figure 7 illustrates a flow chart over steps of a method in a source node in accordance with the present teachings.
A method 60 of registering a communications device 11 during mobility is provided. The method 60 may be performed by a source node 13. As described earlier, the source node is the node currently handling the mobility functions of the
communications device 1.
The method 60 comprises receiving 61, from a target node 14, a context request for the communications device 1, the context request comprising a first integrity protection tag, TAG.
The method 60 comprises calculating 62 a second integrity protection tag, TAG' , using the received context request (e.g. a registration request message thereof) and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device 11. The method 60 comprises sending 63, to the target node 14, the security key or derivative thereof for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
In an embodiment, the method 60, the calculating 62 comprises using a
predetermined integrity protection function.
Figure 8 illustrates schematically a source node and means for implementing methods of the present teachings. The source node 13 comprises processing circuitry 70, which may be any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 71, e.g. in the form of a storage medium 71. The processing circuitry 70 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
The processing circuitry 70 is configured to cause the source node 13 to perform a set of operations, or steps, e.g. as described in relation to figure 7. For example, the storage medium 71 may store the set of operations, and the processing circuitry 70 may be configured to retrieve the set of operations from the storage medium 71 to cause the source node 13 to perform the set of operations. The set of operations may be provided as a set of executable instructions. The processing circuitry 70 is thereby arranged to execute methods as disclosed herein.
The source node 13 also comprises input/output means 73 (denoted I/O) for communicating wirelessly and/or in a wired manned with other entities and devices. The input/output means 73 may, for instance, comprise a protocol stack, for communication with network nodes (e.g. with the target node 14) in a wired manner and/or with communication devices in a wireless manner. The input/output means 73 may be used for receiving data input and for outputting data, e.g. conveying IP packets. As a particular example, the source node 13 is enabled to communicate with the target node 14, and may also have a communication connection (typically wired) to a radio access node (not shown), which is in wireless communication with the communications device 11. A source node 13 for registering a communications device 11 during mobility is provided. The source node 13 is configured to:
- receive, from a target node 14, a context request for the communications device 1, the context request comprising a first integrity protection tag, TAG,
- calculate a second integrity protection tag, TAG' , using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device 1, and
- send, to the target node 14, the security key or derivative thereof for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
The source node 13 may be configured to perform the above steps, and implement any of the described embodiments of e.g. the method 60, e.g. by comprising one or more processors 70 (or processing circuitry) and memory 71, the memory 71 containing instructions executable by the processor 70, whereby the source node 13 is operative to perform the steps.
In an embodiment thus, a source node is provided, for registering a communications device during mobility. The source node comprises one or more processors and memory, the memory containing instructions executable by the processor, whereby the source node is operative to: receive, from a target node, a context request for the communications device, the context request comprising a first integrity protection tag, calculate a second integrity protection tag using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device, and send, to the target node, the security key or derivative thereof for the case that the second integrity protection tag is equal to the first integrity protection tag.
In an embodiment, the source node 13 is configured to calculate by using a
predetermined integrity protection function.
Figure 9 illustrates a source node comprising function modules/software modules for implementing methods of the present teachings. The function modules can be implemented using software instructions such as computer program executing in a processor and/or using hardware, such as application specific integrated circuits (ASICs), field programmable gate arrays, discrete logical components etc., and any combination thereof. Processing circuitry may be provided, which may be adaptable and in particular adapted to perform any of the steps of the method 60 that has been described in various embodiments.
A source node 13 is provided for registering a communications device during mobility. The source node 13 comprises a first module 81 for receiving, from a target node, a context request for the communications device, the context request comprising a first integrity protection tag. Such first module 81 may, for instance, comprise receiving circuitry or an input device for receiving from the target node.
The source node 13 comprises a second module 82 for calculating a second integrity protection tag using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device. Such second module 82 may, for instance, comprise processing circuitry adapted to calculate integrity protection tags, e.g. processing circuitry implementing a predetermined integrity protection function.
The source node 13 comprises a third module 83 for sending, to the target nod, the security key or derivative thereof for the case that the second integrity protection tag, is equal to the first integrity protection tag. Such third module 83 may, for instance, comprise transmitting circuitry or an output device for transmitting communication to the target node.
It is noted that one or more of the modules 81, 82 and 83 may be replaced by units.
Figure 10 illustrates a flow chart over steps of a method in a communications device in accordance with the present teachings. As described earlier, the communications device 11 may, for instance, be a user device such as a smartphone or other device for which mobility functionality needs to be handled.
A method 90 of registration to a target node 14 during mobility is provided. The method 90 is performed by a communications device 11 and comprises: - determining 91 a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node 13, and
- transmitting 92, to the target node 14, the registration message to which the determined first integrity protection tag, TAG, is attached.
Figure 11 illustrates schematically a communications device and means for
implementing methods of the present teachings. The communications device 11 comprises processing circuitry 110, which may be any combination of one or more of a suitable central processing unit (CPU), multiprocessor, microcontroller, digital signal processor (DSP), etc., capable of executing software instructions stored in a computer program product 111, e.g. in the form of a storage medium 111. The processing circuitry 110 may further be provided as at least one application specific integrated circuit (ASIC), or field programmable gate array (FPGA).
The processing circuitry 110 is configured to cause the communications device 11 to perform a set of operations, or steps, e.g. as described in relation to figure 10. For example, the storage medium 111 may store the set of operations, and the processing circuitry 110 may be configured to retrieve the set of operations from the storage medium 111 to cause the communications device 11 to perform the set of operations. The set of operations may be provided as a set of executable instructions. The processing circuitry 110 is thereby arranged to execute methods as disclosed herein.
The communications device 11 also comprises input/output means 113 (denoted I/O) for communicating wirelessly (and possibly in a wired manned) with other entities and devices. The input/output means 113 may, for instance, comprise a protocol stack, for communication with network nodes (e.g. with the source node 13 and with the target node 14). The input/output means 113 may be used for receiving data input and for outputting data, e.g. conveying IP packets. As a particular example, the communications device 11 is enabled to communicate with the source node 13 and the target node 14, for instance over a node (e.g. eNB) of a radio access node (not shown), which is in wireless communication with the communications device 11.
A communications device 11 for registration to a target node 14 during mobility is provided. The communications device 11 is configured to: - determine a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node 13, and
- transmit, to the target node 14, the registration message to which the determined first integrity protection tag, TAG, is attached.
The communications device 11 may be configured to perform the above steps, and implement any of the described embodiments of e.g. the method 90, e.g. by comprising one or more processors 110 (or processing circuitry) and memory 111, the memory 111 containing instructions executable by the processor 100, whereby the communications device 11 is operative to perform the steps.
In an embodiment thus, a communications device is provided, for registering to a target node during mobility. The communications device comprises one or more processors and memory, the memory containing instructions executable by the processor, whereby the communications device is operative to: determine a first integrity protection tag using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node, and transmit, to the target node, the registration message to which the determined first integrity protection tag is attached.
Figure 12 illustrates a communications device comprising function modules/software modules for implementing methods of the present teachings. The function modules can be implemented using software instructions such as computer program executing in a processor and/or using hardware, such as application specific integrated circuits (ASICs), field programmable gate arrays, discrete logical components etc., and any combination thereof. Processing circuitry may be provided, which may be adaptable and in particular adapted to perform any of the steps of the method 90 that has been described in various embodiments.
A communications device is provided for registering to a target node during mobility. The communications device comprises a first module 121 for determining a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node. Such first module 121 may, for instance, comprise processing circuitry adapted to determine integrity protection tags, e.g. processing circuitry implementing a predetermined integrity protection function.
The communications device comprises a second module 121 for transmitting, to the target node, the registration message to which the determined first integrity protection tag is attached. Such second module 122 may, for instance, comprise transmitting circuitry or an output device for transmitting communication to the target node.
It is noted that one or both of the modules 121 and 122 may be replaced by units.
The invention has mainly been described herein with reference to a few
embodiments. However, as is appreciated by a person skilled in the art, other embodiments than the particular ones disclosed herein are equally possible within the scope of the invention, as defined by the appended patent claims.

Claims

Claims
1. A method (30) of registering a communications device (11) during mobility, the method (30) being performed by a target node (14) and comprising:
- receiving (31), from the communications device (11), a registration request message comprising a first integrity protection tag, TAG,
- sending (32) a context request to a source node (13), attaching to the context request the received first integrity protection tag, TAG,
- receiving (33), from the source node (13), a security key or a derivative thereof used in communication between the source node (13) and the communications device (11),
- calculating (34) a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message, and
- verifying (35) integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
2. The method (30) as claimed in claim 1, comprising running a security mode command procedure with the communications device (11) for synchronizing integrity protection function to be used in their communication.
3. The method (30) as claimed in claim 1 or 2, wherein the source node (13) is a node of a first communications system (13) and the target node (14) is a node of a second communications system (14) and wherein the first and second communications systems (13, 14) are of different generations.
4. The method (30) as claimed in any of claims 1-3, comprising sending, to the communications device (11), a registration accept upon the verifying (35) being successful.
5. The method (30) as claimed in any of the preceding claims, comprising rejecting the registration request from the communications device (11) upon the verifying (35) failing.
6. A computer program (42) for a target node (14) for registration of a communications device (11) during mobility, the computer program (42) comprising computer program code, which, when run on at processing circuitry of the target node (14) causes the target node (14) to perform the method (30) according to any of claims 1-5.
7. A computer program product (41) comprising a computer program (42) as claimed in claim 6 and a computer readable means on which the computer program (42) is stored.
8. A target node (14) for registering a communications device (11) during mobility, the target node (14) being configured to:
- receive, from the communications device (11), a registration request message comprising a first integrity protection tag, TAG,
- send a context request to a source node (13), attaching to the context request the received first integrity protection tag, TAG,
- receive, from the source node (13), a security key or a derivative thereof used in communication between the source node (13) and the communications device (11),
- calculate a second integrity protection tag, TAG' , using the received security key or derivative thereof and the received registration request message, and
- verify integrity of the received registration request for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
9. The target node (14) as claimed in claim 8, configured to run a security mode command procedure with the communications device (11) for synchronizing integrity protection function to be used in their communication.
10. The target node (14) as claimed in claim 8 or 9, wherein the source node (13) is a node of a first communications system (13) and the target node (14) is a node of a second communications system (14) and wherein the first and second
communications systems (13, 14) are of different generations.
11. The target node (14) as claimed in any of claims 8-10, configured to send, to the communications device (11), a registration accept upon the verifying being successful.
12. The target node (14) as claimed in any of claims 8-11, configured to reject the registration request from the communications device (11) upon the verifying failing.
13. A method (60) of registering a communications device (11) during mobility, the method (60) being performed by a source node (13) and comprising:
- receiving (61), from a target node (14), a context request for the communications device (11), the context request comprising a first integrity protection tag, TAG,
- calculating (62) a second integrity protection tag, TAG' , using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device (11), and
- sending (63), to the target node (14), the security key or derivative thereof for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
14. The method (60) as claimed in claim 13, wherein the calculating (62) comprises using a predetermined integrity protection function.
15. A computer program (72) for a source node (13) for registration of a
communications device (11) during mobility, the computer program (72) comprising computer program code, which, when run on at processing circuitry of the source node (13) causes the source node (13) to perform the method (70) according to any of claims 13 or 14.
16. A computer program product (71) comprising a computer program (72) as claimed in claim 15 and a computer readable means on which the computer program (72) is stored.
17. A source node (13) for registering a communications device (11) during mobility, the source node (13) being configured to:
- receive, from a target node (14), a context request for the communications device (11), the context request comprising a first integrity protection tag, TAG, - calculate a second integrity protection tag, TAG' , using the received context request and a security key or derivative thereof, the security key or derivative thereof being used in communication with the communications device (11), and
- send, to the target node (14), the security key or derivative thereof for the case that the second integrity protection tag, TAG' , is equal to the first integrity protection tag, TAG.
18. The source node (13) as claimed in claim 17, configured to calculate by using a predetermined integrity protection function.
19. A method (90) of registration to a target node (14) during mobility, the method (90) being performed by a communications device (11) and comprising:
- determining (91) a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node (13), and
- transmitting (92), to the target node (14), the registration message to which the determined first integrity protection tag, TAG, is attached.
20. A computer program (112) for a communications device (11) for registration to a target node (14) during mobility, the computer program (112) comprising computer program code, which, when run on at processing circuitry of the communications device (11) causes the communications device (11) to perform the method (90) as claimed in claim 19.
21. A computer program product (111) comprising a computer program (112) as claimed in claim 20 and a computer readable means on which the computer program (112) is stored.
22. A communications device (11) for registration to a target node (14) during mobility, the communications device (11) being configured to:
- determine a first integrity protection tag, TAG, using a predetermined integrity protection function, the input to which comprises at least a registration request message and a security key used in communication with a source node (13), and - transmit, to the target node (14), the registration message to which the determined first integrity protection tag, TAG, is attached.
PCT/EP2017/074839 2017-09-29 2017-09-29 Methods and nodes for registration during mobility WO2019063098A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/074839 WO2019063098A1 (en) 2017-09-29 2017-09-29 Methods and nodes for registration during mobility

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2017/074839 WO2019063098A1 (en) 2017-09-29 2017-09-29 Methods and nodes for registration during mobility

Publications (1)

Publication Number Publication Date
WO2019063098A1 true WO2019063098A1 (en) 2019-04-04

Family

ID=60043168

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2017/074839 WO2019063098A1 (en) 2017-09-29 2017-09-29 Methods and nodes for registration during mobility

Country Status (1)

Country Link
WO (1) WO2019063098A1 (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115103416A (en) * 2022-07-25 2022-09-23 北京小米移动软件有限公司 Network switching method, device, equipment and storage medium
WO2022251993A1 (en) * 2021-05-31 2022-12-08 华为技术有限公司 Tag management method and related apparatus

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012100199A2 (en) * 2011-01-21 2012-07-26 Research In Motion Limted Network apparatus and process to determine the connection context for connections used for (local) offloading

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012100199A2 (en) * 2011-01-21 2012-07-26 Research In Motion Limted Network apparatus and process to determine the connection context for connections used for (local) offloading

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022251993A1 (en) * 2021-05-31 2022-12-08 华为技术有限公司 Tag management method and related apparatus
CN115103416A (en) * 2022-07-25 2022-09-23 北京小米移动软件有限公司 Network switching method, device, equipment and storage medium
CN115103416B (en) * 2022-07-25 2023-10-13 北京小米移动软件有限公司 Network switching method, device, equipment and storage medium

Similar Documents

Publication Publication Date Title
US11824643B2 (en) Security lifecycle management of devices in a communications network
US10601594B2 (en) End-to-end service layer authentication
CN110049492B (en) Communication method, core network element, terminal device and storage medium
CN112514436B (en) Secure authenticated communication between initiator and responder
EP3146741B1 (en) Cellular network authentication control
JP7445038B2 (en) Cryptographic security and integrity protection
CN110351725B (en) Communication method and device
US11689922B2 (en) Re-establishing a radio resource control connection
US20200323011A1 (en) Re-establishing a radio resource control connection
US8705734B2 (en) Method and system for authenticating a mobile terminal in a wireless communication system
US20180176230A1 (en) Data packet transmission method, apparatus, and system, and node device
WO2015180399A1 (en) Authentication method, device, and system
WO2019063098A1 (en) Methods and nodes for registration during mobility
CN111836260B (en) Authentication information processing method, terminal and network equipment
US11363455B2 (en) Near field communication forum data exchange format (NDEF) messages with authenticated encryption
EP3146742B1 (en) Exception handling in cellular authentication
WO2023178689A1 (en) Security implementation method and apparatus, device, and network element
WO2017132906A1 (en) Method and device for acquiring and sending user equipment identifier
WO2022109940A1 (en) Security authentication method and apparatus applied to wi-fi
CN111212424B (en) Method and system for authenticating UE during interoperation from EPS to 5GS
JP2019016841A (en) Base station device, communication system, and communication method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 17781056

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 17781056

Country of ref document: EP

Kind code of ref document: A1