WO2021115614A1 - Network node and method for anonymization of user sensitive data in a communication network - Google Patents

Network node and method for anonymization of user sensitive data in a communication network Download PDF

Info

Publication number
WO2021115614A1
WO2021115614A1 PCT/EP2019/085069 EP2019085069W WO2021115614A1 WO 2021115614 A1 WO2021115614 A1 WO 2021115614A1 EP 2019085069 W EP2019085069 W EP 2019085069W WO 2021115614 A1 WO2021115614 A1 WO 2021115614A1
Authority
WO
WIPO (PCT)
Prior art keywords
network node
subscriber identifier
function
key derivation
anonymous
Prior art date
Application number
PCT/EP2019/085069
Other languages
French (fr)
Inventor
Yong Li
Chengdong He
Original Assignee
Huawei Technologies Duesseldorf Gmbh
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Duesseldorf Gmbh filed Critical Huawei Technologies Duesseldorf Gmbh
Priority to PCT/EP2019/085069 priority Critical patent/WO2021115614A1/en
Publication of WO2021115614A1 publication Critical patent/WO2021115614A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • H04W12/041Key generation or derivation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/60Context-dependent security
    • H04W12/69Identity-dependent
    • H04W12/75Temporary identity

Abstract

A network node for anonymizing sensitive subscriber data in a communication network is described. The network node generates an anonymous subscriber identifier based on a subscriber identifier and an anchor key by a first stage of an iterative key derivation function comprising two stages. The network node transmits the anonymous subscriber identifier to a second network node. A further network node for applying the anonymized sensitive subscriber data to generate an authentication key is provided. The further network node receives an anonymous subscriber identifier generated by a first network node, and generates an authentication key based at least on the anonymous subscriber identifier and the anchor key by a second stage of the iterative key derivation function.

Description

NETWORK NODE AND METHOD FOR ANONYMIZATION OF USER SENSITIVE DATA IN A COMMUNICATION NETWORK
TECHNICAL FIELD
The disclosure relates to a field of radio communications. Furthermore, the disclosure relates to methods, network nodes and computer programs for wireless communication between network nodes.
BACKGROUND
When authentication procedures are performed in wireless communication networks, for example, in a 5G communication network, one or more network nodes may have access to sensitive data relating to subscribers. Some of these network nodes may be nodes that, in a security point of view, should not have access to the sensitive data relating to subscribers. For example, in a 5G communication network sensitive subscribers associated information may be exposed to at least one untrusted network node or element in plain text.
A problem with such solutions is that the sensitive data relating to subscribers may be vulnerable for access to unwanted parties.
SUMMARY
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
It is an objective to provide devices and methods, which improve the prior art solution. For example, an objective is to provide a solution for ensuring confidentiality and anonymity of sensitive subscriber identity information. The objective is achieved by the features of the independent claims. Further implementation forms are provided in the dependent claims, the description and the figures.
According to a first aspect, a first network node comprises at least one processing unit configured to generate an anonymous subscriber identifier based at least on a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages; and transmit the anonymous subscriber identifier to a second network node. The solution may improve security among network elements. The solution may also ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. The solution may also prevent the use of a static analysis attack.
In an implementation form of the first aspect, the iterative key derivation function comprises a hash-based message authentication code function, HMAC. The solution may ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes.
In an implementation form of the first aspect, the at least one processing unit is configured to transmit the anonymous subscriber identifier to the second network node together with an authentication vector.
In an implementation form of the first aspect, the subscriber identifier comprises a subscriber permanent identifier, SUPI.
In an implementation form of the first aspect, the first network node comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node comprises an access and mobility management function, AMF.
According to a second aspect, a second network node comprises at least one processing unit configured to receive an anonymous subscriber identifier generated by a first network node, the anonymous subscriber identifier being generated based on at least a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages, and generate an authentication key based at least on the anonymous subscriber identifier and the anchor key by a second stage of the iterative key derivation function. The solution may improve security among network elements. The solution may also ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. The solution may also prevent the use of a static analysis attack.
In an implementation form of the second aspect, the iterative key derivation function comprises the hash-based message authentication code function, HMAC. The solution may ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. In an implementation form of the second aspect, the at least one processing unit is configured to receive the anonymous subscriber identifier generated by the first network node together with an authentication vector.
In an implementation form of the second aspect, the subscriber identifier comprises a subscriber permanent identifier, SUPI.
In an implementation form of the second aspect, the first network node comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node comprises an access and mobility management function, AMF.
According to a third aspect, there is provided a method comprising generating, by a first network node, an anonymous subscriber identifier based at least on a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages, and transmitting, by the first network node, the anonymous subscriber identifier to a second network node. The solution may improve security among network elements. The solution may also ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. The solution may also prevent the use of a static analysis attack.
In an implementation form of the third aspect, the iterative key derivation function comprises the hash-based message authentication code function, HMAC. The solution may ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes.
In an implementation form of the third aspect, the transmitting comprises transmitting the anonymous subscriber identifier to the second network node together with an authentication vector.
In an implementation form of the third aspect, the subscriber identifier comprises a subscriber permanent identifier, SUPI.
In an implementation form of the third aspect, the first network node comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node comprises an access and mobility management function, AMF.
According to a fourth aspect, there is provided a method comprising receiving, by a second network node, an anonymous subscriber identifier generated by a first network node, the anonymous subscriber identifier being generated based on at least a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages, and generating, by the second network node, an authentication key based at least on the anonymous subscriber identifier and the anchor key by a second stage of the iterative key derivation function. The solution may improve security among network elements. The solution may also ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. The solution may also prevent the use of a static analysis attack.
In an implementation form of the fourth aspect, the iterative key derivation function comprises the hash-based message authentication code function, HMAC. The solution may ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes.
In an implementation form of the fourth aspect, the receiving comprises receiving the anonymous subscriber identifier generated by the first network node together with an authentication vector.
In an implementation form of the fourth aspect, the subscriber identifier comprises a subscriber permanent identifier, SUPI.
In an implementation form of the fourth aspect, the first network node comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node comprises an access and mobility management function, AMF.
According to a fifth aspect, there is provided a computer program comprising program code configured to perform the method of the third aspect.
According to a sixth aspect, there is provided a computer program comprising program code configured to perform the method of the fourth aspect.
According to a seventh aspect, there is provided a computer-readable medium comprising a computer program comprising program code configured to perform the method of the third aspect.
According to an eighth aspect, there is provided a computer-readable medium comprising a computer program comprising program code configured to perform the method of the fourth aspect.
Many of the attendant features will be more readily appreciated as they become better understood by reference to the following detailed description considered in connection with the accompanying drawings. DESCRIPTION OF THE DRAWINGS
The present description will be better understood from the following detailed description read in light of the accompanying drawings, wherein:
FIG. 1A illustrates a first network node configured to anonymize sensitive subscriber data according to an embodiment;
FIG. IB illustrates a second network node configured to apply anonymized sensitive data to generate an authentication key according to an embodiment.
FIG. 2 illustrates a method for anonymizing sensitive data according to an embodiment.
FIG. 3A illustrates an example for generating an anonymous subscriber identifier and applying the anonymous identifier to generate an authentication key according to an example embodiment.
FIG. 3B illustrates another example for generating an anonymous subscriber identifier and applying the anonymous identifier to generate an authentication key according to an example embodiment.
FIG. 4 illustrates a signalling diagram for enabling authentication without a leakage of sensitive subscriber identifier to one or more untrusted network elements according to an example embodiment.
Like references are used to designate like parts in the accompanying drawings.
DETAILED DESCRIPTION
The detailed description provided below in connection with the appended drawings is intended as a description of the embodiments and is not intended to represent the only forms in which the embodiment may be constructed or utilized. However, the same or equivalent functions and structures may be accomplished by different embodiments.
FIG. 1A illustrates a first network node 100 configured to anonymize sensitive subscriber data according to an embodiment. The first network node 100 comprises at least one processor 102. The first network node 100 may comprise also at least one memory 104. The first network node 100 may be configured to perform the functionalities and operations relating to it as described in the embodiments. The first network node 100 may further comprise other components that are not illustrated in FIG. 1A. The first network node 100 may further comprise, for example, a transceiver and/or a network interface, and the first network node 100 may be configured to communicate with other devices in the communication network using the transceiver and/or the network interface. The first network node 100 may communicate with other devices using, for example, an Ethernet or any other wired, wireless, or fibre optic connection. Further, the first network node 100 may be a network node of a network that provides access to wireless communication devices, for example, for a user equipment.
The first network node 100 may be any device that can process information, for example, using the processor 102. The first network node 100 may be, for example, a server, or the first network node 100 may be implemented on a server. The first network node 100 may be implemented, for example, using a computer or a plurality of computers, such as a data centre. Alternatively, a computer or a plurality of computers may implement a plurality of first network nodes 100 using, for example, virtualisation, wherein the first network node 100 may be implemented in software. A single physical device, such as a computer, may implement a plurality of network nodes.
In an example embodiment, the first network node 100 comprises a unified data management (UDM) or an authentication credential repository and processing function (ARPF). In another example embodiment, the first network node may be any network node that may be allowed to possess sensitive subscriber data, for example, a subscriber identifier. Thus, the first network node 100 can be regarded as a trusted network node.
According to an embodiment, the at least processor 102 is configured to generate an anonymous subscriber identifier based at least on a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages, and transmit the anonymous subscriber identifier to a second network node. The solution may improve security among network elements. The solution may also ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. The solution may also prevent the use of a static analysis attack. According to an embodiment, the iterative key derivation function comprises the hash-based message authentication code function (HMAC).
According to an embodiment, the at least processor 102 is configured to transmit the anonymous subscriber identifier to a second network node together with an authentication vector.
According to an embodiment, the subscriber identifier comprises a subscriber permanent identifier (SUPI).
According to an embodiment, the second network node comprises an access and mobility management function (AMF).
FIG. IB illustrates a second network node 106 configured to apply anonymized sensitive data to generate an authentication key according to an embodiment. The second network node 106 comprises at least one processor 108. The second network node 106 may comprises also at least one memory 110. The second network node 106 may be configured to perform the functionalities and operations relating to it as described in the embodiments.
The second network node 106 may further comprise other components that are not illustrated in FIG. IB. The second network node 106 may further comprise, for example, a transceiver and/or a network interface, and the second network node 106 may be configured to communicate with other devices in the communication network using the transceiver and/or the network interface. The second network node 106 may communicate with other devices using, for example, an Ethernet or any other wired, wireless, or fibre optic connection. Further, the second network node 106 may be a network node of a network that provides access to wireless communication devices, for example, for a user equipment.
The second network node 106 may be any device that can process information, for example, using the processor 108. The second network node 106 may be, for example, a server, or the second network node 106 may be implemented on a server. The second network node 106 may be implemented, for example, using a computer or a plurality of computers, such as a data centre. Alternatively, a computer or a plurality of computers may implement a plurality of second network nodes 106 using, for example, virtualisation, wherein the second network node 106 may be implemented in software. A single physical device, such as a computer, may implement a plurality of network nodes. In an example embodiment, the second network node 106 comprises an access and mobility management function (AMF). In another example embodiment, the second network node 106 may be any network node that should not be allowed to possess sensitive subscriber data in plain text, for example, a subscriber identifier. Thus, the second network node 106 can be regarded as an untrusted network node.
According to an embodiment, the at least one processor 108 is configured to receive an anonymous subscriber identifier generated by a first network node, the anonymous subscriber identifier being generated based on at least a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages, and generate an authentication key based at least on the anonymous subscriber identifier and the anchor key by a second stage of the iterative key derivation function. The solution may improve security among network elements. The solution may also ensure the confidentiality and/or anonymity of the subscriber identifier without leaking sensitive data to untrusted network nodes. The solution may also prevent the use of a static analysis attack.
According to an embodiment, the iterative key derivation function comprises the hash-based message authentication code function (HMAC).
According to an embodiment, the at least one processor 108 is configured to receive the anonymous subscriber identifier generated by the first network node together with an authentication vector.
According to an embodiment, the subscriber identifier comprises a subscriber permanent identifier (SUPI).
According to an embodiment, the first network node comprises a unified data management (UDM), or an authentication credential repository and processing function (ARPF).
FIG. 2 illustrates a method for anonymizing sensitive data according to an embodiment. FIG. 2 also illustrates a method for applying anonymized sensitive data to generate an authentication key.
A first network node is configured to obtain a subscriber identifier 200. The first network node may refer to a trusted network node that comprises a unified data management (UDM) or an authentication credential repository and processing function (ARPF) associated with a 5G communication network. The subscriber identifier may refer to an identifier that is sensitive and should not be transmitted between network elements or nodes as plain text. In an example embodiment, the subscriber identifier may comprise, for example, a subscriber permanent identifier (SUPI) applied in 5G communication networks.
In order to mask the subscriber identifier 200, the first network node is configured to apply a first stage 204 of an iterative key derivation function, the key derivation function comprising two stages. The purpose of the first stage of the iterative key derivation function is to anonymize the subscriber identifier. In an example embodiment, the key derivation function comprises the hash-based message authentication code function (HMAC). In other example embodiments, other hash functions or iterative key derivation functions may be used. The first network node is configured to generate an anonymous subscriber identifier 206 based at least on the subscriber identifier 200 and an anchor key 202 by the first stage 204 of the iterative key derivation function. The iterative key derivation function outputs the anonymous subscriber identifier 206, and the first network node is configured to transmit the anonymous subscriber identifier to a second network node.
The second network node may be configured to receive the anonymous subscriber identifier 206 generated by the first network node, and generate an authentication key 210 based at least on the anonymous subscriber identifier 206 and the anchor key 202 by a second stage 208 of the iterative key derivation function. The purpose of the second stage of the iterative key derivation function is to act as an authentication key derivation computation function.
The second network node may be an untrusted network node to which the subscriber identifier should not be exposed in plain text. The second network node may comprise, for example, comprises an access and mobility management function (AMF). In an example embodiment, the key derivation function comprises the hash-based message authentication code function (HMAC). In an example embodiment, the authentication key comprises, for example, an authentication key KAMF.
FIG. 3A illustrates an example for generating an anonymous subscriber identifier and applying the anonymous identifier to generate an authentication key according to an example embodiment. A first network node, for example, a unified data management (UDM) or an authentication credential repository and processing function (ARPF) 300 is configured to apply a first stage of an iterative key derivation function 304 to generate an anonymous subscriber identifier 306. The purpose of the first stage of the iterative key derivation function is to anonymize the subscriber identifier. The iterative key derivation function may comprise, for example, the hash-based message authentication code function, HMAC. In other example embodiments, other hash functions or iterative key derivation functions may be used. The first stage of the iterative key derivation function 304 may take a subscriber permanent identifier (SUPI) 302 and an anchor key, for example, Kseaf as inputs. The resulting anonymous subscriber identifier SUPI* 306 may then be transmitted to a network node, for example, an authentication server function (AUSF) 308. The AUSF 308 may be configured to forward the SUPI* 306 further to another network node, for example, an access and mobility management function (AMF) 310. A reference 218 indicates that the UDM/ ARPF 300, AUSF 308 and AMF 310 may be arranged in a core network, for example, a 5G core network.
The AMF 310 is configured to apply a second stage of the iterative key derivation function 312 to generate an authentication key, for example, KAMF based on the anchor key and SUPI* 306. The purpose of the second stage of the iterative key derivation function is to act as an authentication key derivation computation function. The AMF 310 may then use the authentication key to perform a mutual authentication process with a user equipment 314. The user equipment 314 may generate the same authentication key by the iterative key derivation function 316 based on the anchor key and the SUPI 302.
FIG. 3B illustrates another example for generating an anonymous subscriber identifier and applying the anonymous identifier to generate an authentication key according to an example embodiment.
A unified data management (UDM) or an authentication credential repository and processing function (ARPF) 300 is configured to apply a first stage 322 of an iterative key derivation function to generate an anonymous subscriber identifier SUPI* 306. The purpose of the first stage of the iterative key derivation function is to anonymize the subscriber identifier. The iterative key derivation function may comprise, for example, the hash-based message authentication code function, HMAC. In other example embodiments, other hash functions or iterative key derivation functions may be used. The first stage of the iterative key derivation function may take a subscriber permanent identifier (SUPI) 302 and an anchor key 326, for example, Kseaf as inputs. K’seaf may first be calculated by K’seaf = HASH(Kseaf) if Kseaf is larger than the hash block length. Otherwise K’seaf = Kseaf. K’seaf is then used to derive an inner key iKey|pad = K’seaf XOR ipad, where ipad is the block-sized inner padding, consisting of repeated bytes valued 0x36. Thus, the SUPI* 306 may then be calculated as SUPI* = HASH((K’Seaf XOR ipad || IV) II M), where M = SUPI || metadata and IV is an initial value, for example, a constant value. The UDM/ARPF 300 may then send the SUPI* 306 to the AUSF 308. The AUSF 308 may the send the SUPI* further to the AMF 310.
The AMF 310 is configured to apply a second stage 324 of the iterative key derivation function 304 to generate an authentication key 326. The purpose of the second stage of the iterative key derivation function is to act as an authentication key derivation computation function. K’seaf may first be calculated by K’seaf = HASH(Kseaf) if Kseaf is larger than the hash block length. Otherwise K’seaf = Kseaf. K’seaf is then used to derive an outer key oKey|pad = K’seaf XOR opad, where opad is the block-sized outer padding, consisting of repeated bytes valued 0x5c. Thus, the authentication key KAMF 326 may then be calculated as KAMF = HASH((K’Seaf XOR opad II IV) || SUPI*), wherein IV is an initial value, for example, a constant value. The AMF 310 may then use the generated authentication key KAMF 326 in the authentication process 328 with the UE 314.
At the UE 314 side, the authentication key KAMF 326 may be generated by KAMF = HMAC (Kseaf, SUPI || metadata), i.e. by performing both the first stage and the second stage of the iterative key derivation function.
FIG. 4 illustrates a signalling diagram for enabling authentication without a leakage of a sensitive subscriber identifier to one or more untrusted network elements according to an example embodiment.
The illustrated system comprises three network nodes 402, 404, 406. The network nodes 402, 402 can be untrusted network nodes which should not have access to the sensitive subscriber identifier. The untrusted network nodes have been discussed in more detail in relation to FIG. IB, and therefore, the discussion is not repeated here. The network node 406 is a trusted network node that has access to the sensitive subscriber identifier. The trusted network node have been discussed in more detail in relation to FIG. 1 A, and therefore, the discussion is not repeated here. In an example embodiment, the untrusted network node 402 may comprise an authentication server function (AUSF) and the untrusted network node 404 may comprise an access and mobility management function (AMF). The trusted network node 406 may comprise a unified data management (UDM) or an authentication credential repository and processing function (ARPF). The network nodes 402, 404, 406 may be arranged in a core network, for example, a 5G core network. A user node 400 may comprise for example, a user equipment configured to access the 5G core network.
At 408 the trusted network node 406 creates a 5G home environment authentication vector (5G HE AV) and computes an anonymous subscriber identifier SUPI* by SUPI* = FI (Kseaf, SUPI || metadata). FI refers to a first stage of an iterative key derivation function, and FI and the calculation of the SUPI* has been discussed in more detail in FIG. 3B and its description, and thus the discussion is not repeated here.
At 410 the trusted network node 406 sends an authentication response including 5G HE AV and SUPI* to the untrusted network node 404, which at 412 sends the authentication response further to the untrusted network node NE 402. At 414 the untrusted network node 402 sends an authentication request to the user node 400. The user node 400 uses Kseaf and (SUPI, metadata) to derivate an authentication key KAMF 416 by KAMF = F(Kseaf, SUPI || metadata). The untrusted network node 402 uses Kseaf and SUPI* to derivate the same key KAMF 418 by KAMF = F2 (Kseaf, SUPI*). F2 refers to a second stage of an iterative key derivation function, and F2 and the calculation of the KAMF has been discussed in more detail in FIG. 3B and its description, and thus the discussion is not repeated here.
Finally, the untrusted network node 402 and the user node 400 are configured to use the same authentication key KAMF to perform a mutual authentication process 420.
Although the above examples and embodiment may have used a 5G wireless communication network and its network elements or nodes as example, the illustrated solution is applicable in any existing or future communication network or a wireless communication network where subscriber identifiers are used.
The functionality described herein can be performed, at least in part, by one or more computer program product components such as software components. According to an embodiment, the illustrated network nodes may comprise at least one configured by the program code when executed to execute the embodiments of the operations and functionality described. Alternatively, or in addition, the functionality described herein can be performed, at least in part, by one or more hardware logic components. For example, and without limitation, illustrative types of hardware logic components that can be used include Field-programmable Gate Arrays (FPGAs), Program-specific Integrated Circuits (ASICs), Program-specific Standard Products (ASSPs), System-on-a-chip systems (SOCs), Complex Programmable Logic Devices (CPLDs), Graphics Processing Units (GPUs).
Although the subject maher has been described in language specific to structural features and/or acts, it is to be understood that the subject maher defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as embodiments of implementing the claims and other equivalent features and acts are intended to be within the scope of the claims.
It will be understood that the benefits and advantages described above may relate to one embodiment or may relate to several embodiments. The embodiments are not limited to those that solve any or all of the stated problems or those that have any or all of the stated benefits and advantages. It will further be understood that reference to 'an' item may refer to one or more of those items. The term ‘and/or’ may be used to indicate that one or more of the cases it connects may occur. Both, or more, connected cases may occur, or only either one of the connected cases may occur.
The operations of the methods described herein may be carried out in any suitable order, or simultaneously where appropriate. Additionally, individual blocks may be deleted from any of the methods without departing from the spirit and scope of the subject maher described herein. Aspects of any of the embodiments described above may be combined with aspects of any of the other embodiments described to form further embodiments without losing the effect sought.
The term 'comprising' is used herein to mean including the method, blocks or elements identified, but that such blocks or elements do not comprise an exclusive list and a method or apparatus may contain additional blocks or elements.
It will be understood that the above description is given by way of example only and that various modifications may be made by those skilled in the art. The above specification, embodiments and data provide a complete description of the structure and use of exemplary embodiments. Although various embodiments have been described above with a certain degree of particularity, or with reference to one or more individual embodiments, those skilled in the art could make numerous alterations to the disclosed embodiments without departing from the spirit or scope of this specification.

Claims

1. A first network node (100, 406) comprising: at least one processing unit (102) configured to: generate an anonymous subscriber identifier based at least on a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages; and transmit the anonymous subscriber identifier to a second network node (106,
402).
2. The first network node (100, 406) of claim 1, wherein the iterative key derivation function comprises a hash-based message authentication code function, HMAC.
3. The first network node (100, 406) of claim 1 or 2, wherein the at least one processing unit (102) configured to transmit the anonymous subscriber identifier to the second network node (402) together with an authentication vector.
4. The first network node (100, 406) of any of claims 1 - 3, wherein the subscriber identifier comprises a subscriber permanent identifier, SUPI.
5. The first network node (100, 406) of any of claims 1 - 4, wherein the first network node (100, 406) comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node (402) comprises an access and mobility management function, AMF.
6. A second network node (106, 402) comprising: at least one processing unit (108) configured to: receive an anonymous subscriber identifier generated by a first network node (100, 406), the anonymous subscriber identifier being generated based on at least a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages; and generate an authentication key based at least on the anonymous subscriber identifier and the anchor key by a second stage of the iterative key derivation function.
7. The second network node (106, 402) of claim 6, wherein the iterative key derivation function comprises a hash-based message authentication code function, HMAC.
8. The second network node (106, 402) of claim 6 or 7, wherein the at least one processing unit (108) configured to receive the anonymous subscriber identifier generated by the first network node (100, 406) together with an authentication vector.
9. The second network node (106, 402) of any of claims 6 - 8, wherein the subscriber identifier comprises a subscriber permanent identifier, SUPI.
10. The second network node (106, 402) of any of claims 6 - 9, wherein the first network node (100, 406) comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node (106, 402) comprises an access and mobility management function, AMF.
1 l.A method, comprising: generating, by a first network node (100, 406), an anonymous subscriber identifier based at least on a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages; and transmitting, by the first network node (100, 406), the anonymous subscriber identifier to a second network node (106, 402).
12.The method of claim 11, wherein the iterative key derivation function comprises the hash-based message authentication code function, HMAC.
13. The method of claim 11 or 12, wherein the transmitting comprises transmitting the anonymous subscriber identifier to the second network node (106, 402) together with an authentication vector.
14. The method of any of claims 11 - 13, wherein the subscriber identifier comprises a subscriber permanent identifier, SUPI.
15. The method of any of claims 11 - 14, wherein the first network node (100, 406) comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node (106, 402) comprises an access and mobility management function, AMF.
16. A method, comprising: receiving, by a second network node (106, 402), an anonymous subscriber identifier generated by a first network node (100, 406), the anonymous subscriber identifier being generated based on at least a subscriber identifier and an anchor key by a first stage of an iterative key derivation function, the iterative key derivation function comprising two stages; and generating, by the second network node (106, 402), an authentication key based at least on the anonymous subscriber identifier and the anchor key by a second stage of the iterative key derivation function.
17. The method of claim 16, wherein the iterative key derivation function comprises the hash-based message authentication code function, HMAC.
18. The method of claim 16 or 17, wherein the receiving comprises receiving the anonymous subscriber identifier generated by the first network node (100, 406) together with an authentication vector.
19.The method of any of claims 16 - 18, wherein the subscriber identifier comprises a subscriber permanent identifier, SUPI.
20. The method of any of claims 16 - 19, wherein the first network node (100, 406) comprises a unified data management, UDM, or an authentication credential repository and processing function, ARPF, and the second network node (106, 402) comprises an access and mobility management function, AMF.
21.A computer program comprising program code configured to perform a method according to any of claims 11 - 15 or 16 - 19 when the computer program is executed on a computer.
PCT/EP2019/085069 2019-12-13 2019-12-13 Network node and method for anonymization of user sensitive data in a communication network WO2021115614A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2019/085069 WO2021115614A1 (en) 2019-12-13 2019-12-13 Network node and method for anonymization of user sensitive data in a communication network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2019/085069 WO2021115614A1 (en) 2019-12-13 2019-12-13 Network node and method for anonymization of user sensitive data in a communication network

Publications (1)

Publication Number Publication Date
WO2021115614A1 true WO2021115614A1 (en) 2021-06-17

Family

ID=69061315

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2019/085069 WO2021115614A1 (en) 2019-12-13 2019-12-13 Network node and method for anonymization of user sensitive data in a communication network

Country Status (1)

Country Link
WO (1) WO2021115614A1 (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019184728A1 (en) * 2018-03-27 2019-10-03 华为技术有限公司 Position determining method and device for terminal device

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2019184728A1 (en) * 2018-03-27 2019-10-03 华为技术有限公司 Position determining method and device for terminal device

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"5G; Security architecture and procedures for 5G System (3GPP TS 33.501 version 15.2.0 Release 15)", vol. 3GPP SA, no. V15.2.0, 11 October 2018 (2018-10-11), pages 1 - 172, XP014330247, Retrieved from the Internet <URL:http://www.etsi.org/deliver/etsi_ts/133500_133599/133501/15.02.00_60/ts_133501v150200p.pdf> [retrieved on 20181011] *
NOKIA: "LI conformity by combining verification hash method with key binding of UE info into the key hierarchy - integrated in 5G AKA", vol. SA WG3, no. San Diego (US); 20180226 - 20180302, 2 March 2018 (2018-03-02), XP051395456, Retrieved from the Internet <URL:http://www.3gpp.org/ftp/Meetings%5F3GPP%5FSYNC/SA3/Docs/> [retrieved on 20180302] *

Similar Documents

Publication Publication Date Title
Parmar et al. Large-scale encryption in the Hadoop environment: Challenges and solutions
US4919545A (en) Distributed security procedure for intelligent networks
CN113849847B (en) Method, apparatus and medium for encrypting and decrypting sensitive data
US9680649B2 (en) Policy-based key sharing
CN110880972A (en) Block chain key management system based on safe multiparty calculation
Shen et al. An efficient and privacy-preserving location sharing mechanism
Ahmadian et al. Recursive linear and differential cryptanalysis of ultralightweight authentication protocols
Guerbouj et al. A comprehensive survey on privacy and security issues in cloud computing, internet of things and cloud of things
US10929402B1 (en) Secure join protocol in encrypted databases
Zhang et al. Secure outsourced attribute-based sharing framework for lightweight devices in smart health systems
Salinas et al. A tutorial on secure outsourcing of large-scale computations for big data
Cui et al. Collusion defender: Preserving subscribers’ privacy in publish and subscribe systems
Fan et al. Structure-preserving subgraph query services
Ou et al. An efficient and privacy-preserving multiuser cloud-based lbs query scheme
CN105281901A (en) Encryption method for cloud tenant key information
WO2021115614A1 (en) Network node and method for anonymization of user sensitive data in a communication network
US9514326B1 (en) Serial interpolation for secure membership testing and matching in a secret-split archive
Yuan et al. Demonstration of blockchain-based IoT devices anonymous access network using zero-knowledge proof
CN104462939B (en) Encrypted message processing method and system between a kind of clustered node
Liu et al. Data authentication with privacy protection
Salmani et al. Don't fool yourself with Forward Privacy, Your queries STILL belong to us!
Safkhani et al. For an EPC-C1 G2 RFID compliant protocol, CRC with concatenation: No; PRNG with concatenation: Yes
Wang et al. T-DB: toward fully functional transparent encrypted databases in dbaas framework
Kanwal et al. A formal adversarial perspective: Secure and efficient electronic health records collection scheme for multi‐records datasets
KR101862722B1 (en) Cloud Data Management Method for Cloud Service

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19829053

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19829053

Country of ref document: EP

Kind code of ref document: A1