WO2022069056A1 - Protection of sensitive user data in communication networks - Google Patents

Protection of sensitive user data in communication networks Download PDF

Info

Publication number
WO2022069056A1
WO2022069056A1 PCT/EP2020/077614 EP2020077614W WO2022069056A1 WO 2022069056 A1 WO2022069056 A1 WO 2022069056A1 EP 2020077614 W EP2020077614 W EP 2020077614W WO 2022069056 A1 WO2022069056 A1 WO 2022069056A1
Authority
WO
WIPO (PCT)
Prior art keywords
untrusted
equipment node
node
authentication
key
Prior art date
Application number
PCT/EP2020/077614
Other languages
French (fr)
Inventor
Yong Li
Original Assignee
Huawei Technologies Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co., Ltd. filed Critical Huawei Technologies Co., Ltd.
Priority to CN202080105415.9A priority Critical patent/CN116325656A/en
Priority to PCT/EP2020/077614 priority patent/WO2022069056A1/en
Publication of WO2022069056A1 publication Critical patent/WO2022069056A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0414Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden during transmission, i.e. party's identity is protected against eavesdropping, e.g. by using temporary identifiers, but is known to the other party or parties involved in the communication

Definitions

  • the disclosure relates generally to security in communication networks; more specifically, the disclosure relates to methods for operating nodes in a communication network to protect sensitive user data or metadata of a user. Moreover, the disclosure relates to nodes that are configured to operate pursuant to the methods.
  • security features in data processing, information systems, and communication networks contributes to privacy, fairness, accuracy, confidentiality, amongst other desired criteria.
  • security features use encryption or cryptography as techniques; moreover, such security features are used in electronic commerce, wireless communications, and broadcasting. Encryption is also used to prevent hacking, to protect web pages, and to prevent access to sensitive data of a given user.
  • a network element is an equipment that operates as part of the communication network and may also be referred to as a processing module node.
  • Sensitive user data or metadata associated with a user of the communication network may be exposed due to compatibility requirements. For example, sensitive user data or metadata associated with the user such as a unique identifier or a subscription identifier may be used without encryption and as plain text during communication between the trusted and untrusted network elements in the communication network. This creates a privacy problem for the user of the communication network, as the sensitive user data in plain text may be exposed to untrusted network elements.
  • a fifth-generation (5G) core network includes both trusted network elements and untrusted network elements as well as a user equipment node that is uniquely identified in the 5G core network using a subscriber permanent identifier (SUPI).
  • SUPI subscriber permanent identifier
  • SUPI subscriber permanent identifier
  • a method for operating a trusted processing module node of a communication network includes, at the trusted processing module node, generating a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the method includes transmitting an authentication response from the trusted processing module node via the first untrusted equipment node (AUSF) of the communication network to the second untrusted network equipment node (AMF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the metadata (SUPI) is protected against brute force attacks from a potential attacker including the first untrusted equipment node (AUSF) and the second untrusted network equipment node (AMF).
  • the confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
  • the method further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF) to the user equipment node (UE) connected to the communication network.
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the method further includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF).
  • the authentication keys (KA F) ensures that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (K sea f).
  • the method includes arranging for the trusted processing module node to communicate wirelessly to at least a part of the communication network.
  • the method includes arranging for trusted processing module node (10) to communicate wirelessly by conforming to a 5G network specification.
  • a computer program product comprising a non- transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method of the first aspect.
  • a method for operating a user equipment node (UE) of a communication network The user equipment node (UE) is configured to be coupled in communication with a first untrusted equipment node (AUSF), a second untrusted equipment node (AMF) and a trusted processing module node.
  • the method includes receiving an authentication request derived from an authentication response, at the user equipment node (UE) from the second untrusted network equipment node (AMF).
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • AUSF untrusted equipment node
  • AMF untrusted equipment node
  • HMAC key derivation function
  • the method further includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF).
  • AMF authentication key
  • SUPI metadata
  • AUSF AUSF
  • AMF authentication key
  • the authentication keys (KAMF) ensures that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (K sea f).
  • the method further includes generating a home environment authentication vector at the trusted processing module node of the communication network by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the method further includes transmitting an authentication response from the trusted processing module node via the first untrusted equipment node (AUSF) of the communication network to the second untrusted network equipment node (AMF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • a method for operating a first untrusted equipment node (AUSF) of a communication network The first untrusted equipment node (AUSF) is configured to be coupled in communication with a second untrusted equipment node (AMF), a user equipment node (UE) and a trusted processing module node.
  • the method includes receiving an authentication response from the trusted processing module node.
  • the authentication response is derived from data of a home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the method includes transmitting the authentication response to the second untrusted network equipment node (AMF) of the communication network.
  • the method further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF) to the user equipment node (UE) connected to the communication network.
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the method further includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF).
  • the authentication keys (KA F) ensure that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (K sea f).
  • the authentication keys (KAMF) ensure that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (K sea f).
  • the method further includes generating the home environment authentication vector at the trusted processing module node of the communication network by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the method includes arranging for the first untrusted equipment node (AUSF) to be an authentication server function.
  • AUSF untrusted equipment node
  • the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the first untrusted equipment node (AUSF). More optionally, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
  • PPT probabilistic polynomial-time turing
  • the method includes arranging for the first untrusted equipment node (AUSF) to communicate wirelessly to at least a part of the communication network. More optionally, the method includes arranging for the first untrusted equipment node (AUSF) to communicated wirelessly by conforming to a 5G network specification.
  • a computer program product comprising a non- transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method of the fourth aspect.
  • a method for operating a second untrusted equipment node (AMF) of a communication network is configured to be coupled in communication with a first untrusted equipment node (AUSF), a user equipment node (UE) and a trusted processing module node.
  • the method includes receiving an authentication response the second untrusted network equipment node (AMF) from the first untrusted network equipment node (AUSF).
  • the method includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF) to the user equipment node (UE) connected to the communication network.
  • the user equipment node is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the method includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF).
  • Metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF.
  • the confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
  • the method further includes generating a home environment authentication vector at the trusted processing module node of the communication network by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the method further includes transmitting an authentication response from the trusted processing module node to the first untrusted equipment node (AUSF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the method includes arranging for the first untrusted equipment node (AUSF) to be an authentication server function, and the second untrusted equipment node (AMF) to be an access and mobility management function.
  • AUSF untrusted equipment node
  • AMF access and mobility management function
  • the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the first and second untrusted equipment nodes (AUSF, AMF).
  • SUPI* anonymous metadata
  • Ki second key
  • the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
  • a potential attacker may have the AUSF and the AMF.
  • the cryptographic hash function prevents the potential attacker from compromising confidentiality and from extracting the original SUPI data.
  • the method includes arranging for at least a part of the communication network to be a wireless communication network.
  • the method includes arranging for the wireless communication network to conform to a 5G network specification.
  • the method further includes arranging for the second untrusted equipment node (AMF) to be an access and mobility management function.
  • AMF untrusted equipment node
  • the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the second untrusted equipment node (AMF). More optionally, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
  • PPT probabilistic polynomial-time turing
  • the method includes arranging for second untrusted equipment node (AMF) to communicate wirelessly to at least a part of the communication network. More optionally, the method includes arranging for the second untrusted equipment node (AMF) to communicate wirelessly by conforming to a 5G network specification.
  • AMF second untrusted equipment node
  • a computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method of the sixth aspect.
  • a trusted processing module node that is configured to communicate with a communication network that is configured to communicate sensitive user data.
  • the communication network includes first and second untrusted equipment nodes (AUSF; AMF).
  • the communication network is coupled to the trusted processing module node and to a user equipment node (UE).
  • the trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network.
  • the second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network.
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication therebetween based on the authentication key (KAMF).
  • a user equipment node that is configured to communicate with a communication network that is configured to communicate sensitive user data.
  • the communication network includes first and second untrusted equipment nodes (AUSF; AMF).
  • the communication network is coupled to a trusted processing module node.
  • the trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network.
  • the second untrusted network equipment node is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network.
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication there between based on the authentication key (KAMF). Since the home environment authentication vector does not include the first key (K sea f), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a cipher text of the metadata (SUPI) from the communication network.
  • a first untrusted equipment node that is configured to communicate with a communication network that is configured to communicate sensitive user data.
  • the communication network includes a second untrusted equipment node (AMF) and a user equipment node (UE).
  • the communication network is coupled to a trusted processing module node.
  • the trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network.
  • the second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network.
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication therebetween based on the authentication key (KAMF).
  • Metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF.
  • the confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
  • a second untrusted equipment node that is configured to communicate with a communication network that is configured to communicate sensitive user data.
  • the communication network includes a first untrusted equipment node (AUSF) and a user equipment node (UE).
  • the communication network is coupled to a trusted processing module node.
  • the trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network.
  • the second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network.
  • the user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication there between based on the authentication key (KAMF).
  • Metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF.
  • the confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
  • the first untrusted equipment node is arranged to be an authentication server function
  • the second untrusted equipment node is arranged to be an access and mobility management function.
  • the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first and second untrusted equipment nodes (AUSF; AMF).
  • the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomialtime turing (PPT).
  • PPT probabilistic polynomialtime turing
  • the at least a part of the communication network is arranged to be a wireless communication network.
  • the wireless communication network is arranged to conform to a 5G network specification.
  • a computer program product including a non- transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device including processing hardware to execute any of the methods of any of the first, second, third or fourth aspects and their implementation forms.
  • a technical problem in the prior art is resolved, wherein the technical problem concerns preventing confidentiality and anonymity of the sensitive user data or metadata of the user from the untrusted network elements in a communication network without using plain text for communication between trusted and untrusted network elements of the communication network.
  • the trusted and untrusted processing module node and the user equipment node of the communication network and the method of operating the trusted and untrusted processing module node and the user equipment node provided in the disclosure data owners are enabled to have control over confidentiality and anonymity of the sensitive user data (e.g., personal information). Even though the untrusted processing module nodes may process the encrypted sensitive user data or metadata, they may not be able to obtain the metadata in plaintext. Hence, leakage of sensitive information or metadata is prevented from a potential attacker. Furthermore, the disclosure improves data security, i.e., the confidentiality of sensitive user data (e.g. subscription permanent identifier (SUPI)) which is achieved through encryption.
  • SUPI subscription permanent identifier
  • FIG. 1 is a schematic diagram depicting a communication network, in accordance with an example of the disclosure
  • FIG. 2 is an interaction diagram depicting a method of operating a trusted processing module node of the communication network to provide confidentiality and anonymity of sensitive user data or metadata of a user of the communication network, in accordance with an example of the disclosure
  • FIG. 3 is a schematic diagram depicting a fifth-generation communication network that includes a fifth-generation core network in communication with a user equipment, in accordance with an example of the disclosure
  • FIG. 4 is a flow diagram including steps of a method for operating the trusted processing module node of the communication network of FIG. 1 in accordance with an example of the disclosure
  • FIG. 5 is a flow diagram including steps of a method for operating a user equipment node of the communication network of FIG. 1 in accordance with an example of the disclosure
  • FIG. 6 is a flow diagram including steps of a method for operating a first untrusted equipment node of the communication network of FIG. 1 in accordance with an example of the disclosure.
  • FIG. 7 is a flow diagram including steps of a method for operating a second untrusted equipment node of the communication network of FIG. 1 in accordance with an example of the disclosure.
  • Embodiments of the disclosure provide a method of operating a trusted processing module node in a communication network that provides confidentiality and anonymity of sensitive user data or metadata of a user of the communication network.
  • a process, a method, a system, a product, or a device that includes a series of steps or units is not necessarily limited to expressly listed steps or units, but may include other steps or units that are not expressly listed or that are inherent to such process, method, product, or device.
  • FIG. 1 is a schematic illustration diagram of a communication network 15, in accordance with an embodiment of the disclosure.
  • the communication network 15 includes a trusted processing module node 10.
  • the trusted processing module node 10 is configured to be coupled in communication with a first untrusted equipment node 20 (AUSF), a second untrusted equipment node 30 (AMF) and a user equipment node 40 (UE).
  • the trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • the second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication therebetween based on the authentication key (KAMF).
  • An authentication server function may be used to facilitate security processes in the communication network 15.
  • a core access and mobility management function may be used for registration management, connection management, reachability management, mobility management, and various function relating to security and access management and authorization of the user equipment node 40 (UE).
  • the user equipment node 40 may be any device used directly by a user to communicate.
  • the user equipment node 40 may include, but not be limited to, a hand-held telephone, a laptop computer equipped with a mobile broadband adapter.
  • SUPI subscriber permanent identifier
  • SUPI formats may include and international mobile subscriber identity (IMSI) and Network Access Identifier (NAI).
  • a security anchor function SEAF is used in the communication network 15 as a middleman during an authentication process between the user equipment node 40 (UE) and a home network of the user equipment node 40 (UE). Based on the SEAF, an authentication from the user equipment node 40 (UE) may be rejected or accepted.
  • K sea f is referred to as a key that may be generated using a security anchor function.
  • a hash-based message authentication code may be a code used for authentication of a message.
  • the HMAC may involve a cryptographic hash function and a secret cryptographic key.
  • the user equipment node 40 that is configured to communicate with the communication network 15 that is configured to communicate sensitive user data.
  • the communication network 15 includes first and second untrusted equipment nodes (AUSF, 20; AMF, 30).
  • the communication network 15 is coupled to the trusted processing module node 10.
  • the trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • the second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment node 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication therebetween based on the authentication key (KAMF).
  • the first untrusted equipment node 20 is configured to communicate with the communication network 15 that is configured to communicate sensitive user data.
  • the communication network 15 includes the second untrusted equipment node 30 (AMF) and the user equipment node 40 (UE).
  • the communication network 15 is coupled to the trusted processing module node 10.
  • the trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • the second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 (UE) is configured to compute an authentication key (KA F) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment node 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
  • the second untrusted equipment node 30 is configured to communicate with the communication network 15 that is configured to communicate sensitive user data.
  • the communication network 15 includes first untrusted equipment node 20 (AUSF) and the user equipment node 40 (UE).
  • the communication network 15 is coupled to the trusted processing module node 10.
  • the trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • the second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the second untrusted network equipment node 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
  • the first untrusted equipment node 20 is arranged to be an authentication server function
  • the second untrusted equipment node 30 is arranged to be an access and mobility management function.
  • the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first and second untrusted equipment nodes 20, 30 (AUSF, AMF).
  • the anonymous metadata (SUPI*) and the second key (Ki) may be protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
  • PPT probabilistic polynomial-time turing
  • the at least a part of the communication network 15 is arranged to be a wireless communication network 15.
  • the wireless communication network 15 may be arranged to conform to a 5G network specification.
  • FIG. 2 is an interaction diagram illustration of steps of a method of operating the trusted processing module node 10 of the communication network 15 to provide confidentiality and anonymity of sensitive user data or metadata of a user of the communication network 15, in accordance with an embodiment of the disclosure.
  • a home environment authentication vector at the trusted processing module node 10 is generated by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • AUSF untrusted equipment node 20
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the authentication response is transmitted from the first untrusted network equipment node 20 (AUSF) to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • an authentication request derived from the authentication response is transmitted from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15.
  • an authentication key (KAMF) is computed from the authentication request using a key derivation function (HMAC) at the user equipment node 40 (UE).
  • HMAC key derivation function
  • a mutual authentication is performed between the second untrusted network equipment 30 (AMF) and the user equipment 40 (UE) based on the authentication key (KAMF).
  • FIG. 3 is a schematic diagram illustration of a fifth-generation communication network 300 that includes a fifth-generation core network 302 in communication with a user equipment node 310, in accordance with an embodiment of the disclosure.
  • the fifth-generation core network 302 includes a trusted network equipment node 304 coupled in communication with an AUSF node 306 and an AMF node 308.
  • the AMF module 308 is coupled in communication with the user equipment node 310.
  • the AUSF node 306 may also be a Unified Data Management (UDM) node or an authentication credential repository and processing function (ARPF) node as per 5G standard.
  • UDM Unified Data Management
  • ARPF authentication credential repository and processing function
  • the trusted network equipment node 304 includes an anonymous SUPI processing module 312 that generates a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • An authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki) at the trusted network equipment node 304.
  • the authentication response is transmitted from the trusted network equipment node 304 to the AUSF node 306 of the fifth-generation core network 302.
  • the authentication response is then transmitted from the AUSF node 306 to the AMF node 308.
  • the authentication response is used to derive an authentication request that is transmitted from the AMF node 308 to the user equipment node 310.
  • the user equipment node 310 computes an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • F2 takes KI and C computed by Fl as inputs and computes an authentication key (KAMF).
  • (KAMF) is used for performing a mutual authentication.
  • a mutual authentication is performed between the AMF node 308 and the user equipment node 310 based on the authentication key (KAMF).
  • KAMF authentication key
  • an original key derivation function as described in 5G standard, is used as the key derivation function.
  • FIG. 4 is a flow diagram illustrating steps of a method for operating the trusted processing module node 10 of the communication network 15 of FIG. 1 in accordance with an embodiment of the disclosure.
  • the trusted processing module node 10 is configured to be coupled in communication with the first untrusted equipment node 20 (AUSF), the second untrusted equipment node 30 (AMF) and the user equipment node 40 (UE).
  • AUSF untrusted equipment node 20
  • AMF untrusted equipment node 30
  • UE user equipment node 40
  • a home environment authentication vector is generated at the trusted processing module node 10, by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • an authentication response is transmitted from the trusted processing module node 10 via the first untrusted equipment node 20 (AUSF) of the communication network 15 to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the method for operating the trusted processing module node 10 of the communication network 15 further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the method for operating the trusted processing module node 10 of the communication network 15 includes performing a mutual authentication between the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) based on the authentication key (KAMF).
  • FIG. 5 is a flow diagram illustrating steps of a method for operating the user equipment node 40 (UE) of the communication network 15 of FIG. 1 in accordance with an embodiment of the disclosure.
  • the user equipment node 40 (UE) is configured to be coupled in communication with the first untrusted equipment node 20 (AUSF), the second untrusted equipment node 30 (AMF) and the trusted processing module node 10.
  • AUSF first untrusted equipment node 20
  • AMF second untrusted equipment node 30
  • a step 502 an authentication request derived from an authentication response is received at the user equipment node 40 (UE) from the second untrusted network equipment node 30 (AMF).
  • the user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • KAMF authentication key
  • HMAC key derivation function
  • a mutual authentication is performed between the second untrusted network equipment node 30 (AMF) and the user
  • the method for operating the user equipment node 40 (UE) of the communication network 15 includes generating a home environment authentication vector at the trusted processing module node 10 of the communication network 15 by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the method for operating the user equipment node 40 (UE) of the communication network 15 includes transmitting an authentication response from the trusted processing module node 10 via the first untrusted equipment node 20 (AUSF) of the communication network 15 to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • FIG. 6 is a flow diagram illustrating steps of a method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 of FIG.1 in accordance with an embodiment of the disclosure.
  • the first untrusted equipment node 20 (AUSF) is configured to be coupled in communication with the second untrusted equipment node 30 (AMF), the user equipment node 40 (UE) and the trusted processing module node 10.
  • AMF second untrusted equipment node 30
  • UE user equipment node 40
  • the trusted processing module node 10 At a step 602, an authentication response is received from the trusted processing module node 10.
  • the authentication response is derived from data of a home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the authentication response is transmitted to the second untrusted network equipment node 30 (AMF) of the communication network 15.
  • AMF anonymous metadata
  • the method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC).
  • the method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 includes performing a mutual authentication between the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) based on the authentication key (KAMF).
  • the method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 further includes, at the trusted processing module node 10 of the communication network 15, generating the home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • FIG. 7 is a flow diagram illustrating steps of a method for operating the second untrusted equipment node 30 (AMF) of the communication network 15 of FIG. 1 in accordance with an embodiment of the disclosure.
  • the second untrusted equipment node 30 (AMF) is configured to be coupled in communication with the first untrusted equipment node 20 (AUSF), the user equipment node 40 (UE) and the trusted processing module node 10.
  • AUSF first untrusted equipment node 20
  • UE user equipment node 40
  • the trusted processing module node 10 At a step 702, an authentication response is received at the second untrusted network equipment node 30 (AMF) from the first untrusted network equipment node 20 (AUSF).
  • an authentication request derived from the authentication response is transmitted from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15.
  • the user equipment node 40 is configured to compute an authentication key (KA F) from the authentication request using a key derivation function (HMAC).
  • KA F authentication key
  • HMAC key derivation function
  • the method for operating the second untrusted equipment node 30 (AMF) of the communication network 15 includes generating a home environment authentication vector at the trusted processing module node 10 of the communication network 15 by applying a first key derivation function to metadata (SUPI) and to a first key (K sea f).
  • the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
  • the method for operating the second untrusted equipment node 30 (AMF) of the communication network 15 includes transmitting an authentication response from the trusted processing module node 10 to the first untrusted equipment node 20 (AUSF) of the communication network 15.
  • the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
  • the first untrusted equipment node 20 is arranged to be an authentication server function
  • the second untrusted equipment node 30 is arranged to be an access and mobility management function.
  • the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first and second untrusted equipment nodes 20, 30 (AUSF, AMF).
  • the anonymous metadata (SUPI*) and the second key (Ki) may be protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
  • PPT probabilistic polynomial-time turing
  • the communication network 15 is arranged to be a wireless communication network.
  • the wireless communication network may be arranged to conform to a 5G network specification.
  • a computer program product including a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device including processing hardware to execute any of the preceding methods as such or one or more steps of the preceding methods.
  • An authentication between the user equipment node 40 (UE) and the second untrusted network equipment node 30 (AMF) for an access to 5G network includes: 1. For each Authenticate Get Request, the UDM/ARPF may create a 5G HE AV;
  • UDM/ARPF sends the Authentication Response [5G HE AV, AV, SUPI] to the first untrusted network equipment node 20 (AUSF). Note: including the SUPI plaintext, SUPI Information Leakage;
  • UDM/ARPF sends the Authentication Response [5G HE AV, AV, SUPI] to the second untrusted network equipment node 30 (AMF). Note: including the SUPI plaintext, SUPI Information Leakage;
  • the second untrusted network equipment node 30 sends the Authentication Request to the user equipment node 40 (UE);
  • the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) use K se af and (SUPI, metadata) to derivate the key KAMF:
  • KA F HMAC(K sea f,SUPI
  • the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) use the same KAMF to perform mutual authentication process.
  • Anonymity of SUPI and Kseaf for 5G core network includes:
  • the trusted processing module 10 sends the Authentication Response [5G HE AV, AV, SUPI*] to the first untrusted equipment node 20 (AUSF) (UDM/ARPF /AUSF). Note: including the SUPI* and KI, no Information Leakage;
  • UDM/ARPF/AUSF sends the Authentication Response [5G HE AV, AV, SUPI] to the second untrusted equipment node 30 (AMF). Note: including the SUPI* and KI, no Information Leakage;
  • the second untrusted network equipment node 30 sends the Authentication Request () to the user equipment node 40 (UE); 5.
  • the user equipment node 40 (UE) uses K sea f and (SUPI, metadata) to derivate the key
  • KAMF HMAC(K sea f,SUPI
  • MateData); and AMF use KI and (SUPI*) to derivate the same key KAMF: KA F F2(K1, SUPI*);
  • the second untrusted equipment node 30 (AMF) and the user equipment node 40 (UE) use the same KAMF to perform a mutual authentication process.
  • functions Fl and F2 are implemented as follows:
  • F2 HASH((K’ sea f XOR opad

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The disclosure provides for operating network nodes in a communication network to protect sensitive information or metadata (SUPI) of a user of the communication network from untrusted processing module nodes. A trusted processing module node is configured to generate a home environment authentication vector (HEAV). The HEAV includes anonymous metadata (SUPI*) derived from the metadata (SUPI) and a second key (K1). A first untrusted equipment node (AUSF) is configured to transmit an authentication response derived from the HEAV is to a second untrusted network equipment node (AMF). An authentication request derived from the authentication response is transmitted to a user equipment node (UE). The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request based on which a mutual authentication is performed between the second untrusted network equipment node (AMF) and the user equipment node (UE).

Description

PROTECTION OF SENSITIVE USER DATA IN COMMUNICATION NETWORKS
TECHNICAL FIELD
The disclosure relates generally to security in communication networks; more specifically, the disclosure relates to methods for operating nodes in a communication network to protect sensitive user data or metadata of a user. Moreover, the disclosure relates to nodes that are configured to operate pursuant to the methods.
BACKGROUND
Using security features in data processing, information systems, and communication networks contributes to privacy, fairness, accuracy, confidentiality, amongst other desired criteria. Such security features use encryption or cryptography as techniques; moreover, such security features are used in electronic commerce, wireless communications, and broadcasting. Encryption is also used to prevent hacking, to protect web pages, and to prevent access to sensitive data of a given user.
In a case of a communication network that may include both trusted and untrusted network elements, a drawback arises when seeking to maintain compatibility of communication between the trusted and untrusted network elements, wherein security potentially may be compromised. A network element is an equipment that operates as part of the communication network and may also be referred to as a processing module node. Sensitive user data or metadata associated with a user of the communication network may be exposed due to compatibility requirements. For example, sensitive user data or metadata associated with the user such as a unique identifier or a subscription identifier may be used without encryption and as plain text during communication between the trusted and untrusted network elements in the communication network. This creates a privacy problem for the user of the communication network, as the sensitive user data in plain text may be exposed to untrusted network elements.
Similarly, a fifth-generation (5G) core network includes both trusted network elements and untrusted network elements as well as a user equipment node that is uniquely identified in the 5G core network using a subscriber permanent identifier (SUPI). Due to compatibility requirements between the trusted and untrusted network elements, sensitive user data or metadata of the user, including but not limited to, the SUPI is used in plain text without encryption. This creates a security problem in the 5G core network as the sensitive user data or metadata is exposed to the untrusted network elements. Furthermore, this creates a confidentiality and anonymity problem for the user associated with the user equipment node as this happens without the consent of the user. Currently, there are no practical solutions available to address this problem.
Therefore, in light of the foregoing drawbacks associated with known security features, there exists a need to address the aforementioned drawbacks in existing technologies to ensure confidentiality and anonymity of the sensitive user data or metadata, to prevent leakage of the sensitive user date to untrusted network elements.
SUMMARY
It is an object of the disclosure to provide an improved approach to ensure confidentiality and anonymity of sensitive user data or metadata of a user, to prevent leakage of the sensitive user data to untrusted network elements in a communication network.
This object is achieved by features of the independent claims. Further implementation forms are apparent from the dependent claims, the description, and the figures.
According to a first aspect, there is provided a method for operating a trusted processing module node of a communication network. The trusted processing module node is configured to be coupled in communication with a first untrusted equipment node (AUSF), a second untrusted equipment node (AMF), and a user equipment node (UE). The method includes, at the trusted processing module node, generating a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The method includes transmitting an authentication response from the trusted processing module node via the first untrusted equipment node (AUSF) of the communication network to the second untrusted network equipment node (AMF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
Since the home environment authentication vector does not include the first key (Kseaf), the metadata (SUPI) is protected against brute force attacks from a potential attacker including the first untrusted equipment node (AUSF) and the second untrusted network equipment node (AMF). The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
In a first possible implementation form of the method for operating a trusted processing module node of the first aspect, the method further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF) to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The method further includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF). The authentication keys (KA F) ensures that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (Kseaf).
In an implementation, the method includes arranging for the trusted processing module node to communicate wirelessly to at least a part of the communication network. Optionally, the method includes arranging for trusted processing module node (10) to communicate wirelessly by conforming to a 5G network specification.
According to a second aspect, there is provided a computer program product comprising a non- transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method of the first aspect.
According to a third aspect, there is provided a method for operating a user equipment node (UE) of a communication network. The user equipment node (UE) is configured to be coupled in communication with a first untrusted equipment node (AUSF), a second untrusted equipment node (AMF) and a trusted processing module node. The method includes receiving an authentication request derived from an authentication response, at the user equipment node (UE) from the second untrusted network equipment node (AMF). The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The method further includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF). Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network. The authentication keys (KAMF) ensures that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (Kseaf).
In a first possible implementation form of the method for operating the user equipment node (UE) of the second aspect, the method further includes generating a home environment authentication vector at the trusted processing module node of the communication network by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The method further includes transmitting an authentication response from the trusted processing module node via the first untrusted equipment node (AUSF) of the communication network to the second untrusted network equipment node (AMF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
According to a fourth aspect, there is provided a method for operating a first untrusted equipment node (AUSF) of a communication network. The first untrusted equipment node (AUSF) is configured to be coupled in communication with a second untrusted equipment node (AMF), a user equipment node (UE) and a trusted processing module node. The method includes receiving an authentication response from the trusted processing module node. The authentication response is derived from data of a home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The method includes transmitting the authentication response to the second untrusted network equipment node (AMF) of the communication network.
Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network. In a first possible implementation form of the method for operating the first untrusted equipment node (AUSF) of the third aspect, the method further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF) to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The method further includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF).
The authentication keys (KA F) ensure that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (Kseaf). The authentication keys (KAMF) ensure that the mutual authentication process described above works with anonymized metadata (SUPI*) and the first key (Kseaf).
In a second possible implementation form of the method for operating the first untrusted equipment node (AUSF) of the third aspect as such or the first implementation form of the third aspect, the method further includes generating the home environment authentication vector at the trusted processing module node of the communication network by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
Optionally, the method includes arranging for the first untrusted equipment node (AUSF) to be an authentication server function.
Optionally, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the first untrusted equipment node (AUSF). More optionally, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
Optionally, the method includes arranging for the first untrusted equipment node (AUSF) to communicate wirelessly to at least a part of the communication network. More optionally, the method includes arranging for the first untrusted equipment node (AUSF) to communicated wirelessly by conforming to a 5G network specification. According to a fifth aspect, there is provided a computer program product comprising a non- transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method of the fourth aspect.
According to a sixth aspect, there is provided a method for operating a second untrusted equipment node (AMF) of a communication network. The second untrusted equipment node (AMF) is configured to be coupled in communication with a first untrusted equipment node (AUSF), a user equipment node (UE) and a trusted processing module node. The method includes receiving an authentication response the second untrusted network equipment node (AMF) from the first untrusted network equipment node (AUSF). The method includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF) to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The method includes performing a mutual authentication between the second untrusted network equipment node (AMF) and the user equipment node (UE) based on the authentication key (KAMF).
Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
In a first possible implementation form of the method for operating the second untrusted equipment node (AMF) of the fourth aspect, the method further includes generating a home environment authentication vector at the trusted processing module node of the communication network by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The method further includes transmitting an authentication response from the trusted processing module node to the first untrusted equipment node (AUSF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). In a first possible implementation form of any of the preceding aspects as such or their implementation forms, the method includes arranging for the first untrusted equipment node (AUSF) to be an authentication server function, and the second untrusted equipment node (AMF) to be an access and mobility management function.
In a second possible implementation form of any of the preceding aspects as such or their implementation forms, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the first and second untrusted equipment nodes (AUSF, AMF).
In a third possible implementation form of the second possible implementation form, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT). A potential attacker may have the AUSF and the AMF. The cryptographic hash function prevents the potential attacker from compromising confidentiality and from extracting the original SUPI data.
In a fourth possible implementation form of any of the preceding aspects as such or their implementation forms, the method includes arranging for at least a part of the communication network to be a wireless communication network.
In a fifth possible implementation form of the fourth possible implementation form, the method includes arranging for the wireless communication network to conform to a 5G network specification.
Optionally, the method further includes arranging for the second untrusted equipment node (AMF) to be an access and mobility management function.
Optionally, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the second untrusted equipment node (AMF). More optionally, the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
Optionally, the method includes arranging for second untrusted equipment node (AMF) to communicate wirelessly to at least a part of the communication network. More optionally, the method includes arranging for the second untrusted equipment node (AMF) to communicate wirelessly by conforming to a 5G network specification.
According to a seventh aspect, there is provided a computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method of the sixth aspect.
According to a eighth aspect, there is provided a trusted processing module node that is configured to communicate with a communication network that is configured to communicate sensitive user data. The communication network includes first and second untrusted equipment nodes (AUSF; AMF). The communication network is coupled to the trusted processing module node and to a user equipment node (UE). The trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network. The second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication therebetween based on the authentication key (KAMF).
Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network. According to a ninth aspect, there is provided a user equipment node (UE) that is configured to communicate with a communication network that is configured to communicate sensitive user data. The communication network includes first and second untrusted equipment nodes (AUSF; AMF). The communication network is coupled to a trusted processing module node. The trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network. The second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication there between based on the authentication key (KAMF). Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a cipher text of the metadata (SUPI) from the communication network.
According to a tenth aspect, there is provided a first untrusted equipment node (AUSF) that is configured to communicate with a communication network that is configured to communicate sensitive user data. The communication network includes a second untrusted equipment node (AMF) and a user equipment node (UE). The communication network is coupled to a trusted processing module node. The trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network. The second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication therebetween based on the authentication key (KAMF).
Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
According to an eleventh aspect, there is provided a second untrusted equipment node (AMF) that is configured to communicate with a communication network that is configured to communicate sensitive user data. The communication network includes a first untrusted equipment node (AUSF) and a user equipment node (UE). The communication network is coupled to a trusted processing module node. The trusted processing module node is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node is configured to transmit an authentication response to the first untrusted equipment node (AUSF) of the communication network. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF) of the communication network. The second untrusted network equipment node (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE) connected to the communication network. The user equipment node (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment (AMF) and the user equipment (UE) perform a mutual authentication there between based on the authentication key (KAMF).
Since the home environment authentication vector does not include the first key (Kseaf), metadata (SUPI) is protected against brute force attacks from a potential attacker including AUSF and AMF. The confidentiality of the metadata (SUPI) is protected as a potential attacker may only be able to obtain a ciphertext of the metadata (SUPI) from the communication network.
In a first possible implementation form of the node of any of the fifth, sixth, seventh, and eight aspects as such or their preceding implementation forms, the first untrusted equipment node (AUSF) is arranged to be an authentication server function, and the second untrusted equipment node (AMF) is arranged to be an access and mobility management function.
In a second possible implementation of the node of any of the fifth, sixth, seventh, and eight aspects as such or their preceding implementation forms, the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first and second untrusted equipment nodes (AUSF; AMF).
In a third possible implementation form of the node of the second possible implementation form of the node of any of the fifth, sixth, seventh, and eight aspects as such or their preceding implementation forms, the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomialtime turing (PPT). A potential attacker, including AUSF and AMF, cannot break the confidentiality property and extract the original SUPI data.
In a fourth possible implementation form of the node of any of the fifth, sixth, seventh, and eight aspects as such or their preceding implementation forms, the at least a part of the communication network is arranged to be a wireless communication network.
In a fifth possible implementation form of the node of the fourth possible implementation form of the node of any of the fifth, sixth, seventh, and eight aspects as such or their preceding implementation forms, the wireless communication network is arranged to conform to a 5G network specification. According to a twelfth aspect, there is provided a computer program product including a non- transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device including processing hardware to execute any of the methods of any of the first, second, third or fourth aspects and their implementation forms.
A technical problem in the prior art is resolved, wherein the technical problem concerns preventing confidentiality and anonymity of the sensitive user data or metadata of the user from the untrusted network elements in a communication network without using plain text for communication between trusted and untrusted network elements of the communication network.
Therefore, in contradistinction to prior art, according to the trusted and untrusted processing module node and the user equipment node of the communication network and the method of operating the trusted and untrusted processing module node and the user equipment node provided in the disclosure, data owners are enabled to have control over confidentiality and anonymity of the sensitive user data (e.g., personal information). Even though the untrusted processing module nodes may process the encrypted sensitive user data or metadata, they may not be able to obtain the metadata in plaintext. Hence, leakage of sensitive information or metadata is prevented from a potential attacker. Furthermore, the disclosure improves data security, i.e., the confidentiality of sensitive user data (e.g. subscription permanent identifier (SUPI)) which is achieved through encryption.
These and other aspects of the disclosure will be apparent from and the embodiment(s) described below.
BRIEF DESCRIPTION OF THE DRAWINGS
To illustrate the technical solutions in the embodiments of the disclosure or the prior art more clearly, the following briefly introduces the accompanying drawings. Moreover, the accompanying drawings in the following description show merely some embodiments of the disclosure, and a person of ordinary skill in the art may still derive other drawings from these accompanying drawings without creative efforts.
FIG. 1 is a schematic diagram depicting a communication network, in accordance with an example of the disclosure; FIG. 2 is an interaction diagram depicting a method of operating a trusted processing module node of the communication network to provide confidentiality and anonymity of sensitive user data or metadata of a user of the communication network, in accordance with an example of the disclosure;
FIG. 3 is a schematic diagram depicting a fifth-generation communication network that includes a fifth-generation core network in communication with a user equipment, in accordance with an example of the disclosure;
FIG. 4 is a flow diagram including steps of a method for operating the trusted processing module node of the communication network of FIG. 1 in accordance with an example of the disclosure;
FIG. 5 is a flow diagram including steps of a method for operating a user equipment node of the communication network of FIG. 1 in accordance with an example of the disclosure;
FIG. 6 is a flow diagram including steps of a method for operating a first untrusted equipment node of the communication network of FIG. 1 in accordance with an example of the disclosure; and
FIG. 7 is a flow diagram including steps of a method for operating a second untrusted equipment node of the communication network of FIG. 1 in accordance with an example of the disclosure.
DETAILED DESCRIPTION OF THE DRAWINGS
Embodiments of the disclosure provide a method of operating a trusted processing module node in a communication network that provides confidentiality and anonymity of sensitive user data or metadata of a user of the communication network.
To make solutions of the disclosure more comprehensible for a person skilled in the art, the following embodiments of the disclosure are described with reference to the accompanying drawings.
Terms such as "a first", "a second", "a third", and "a fourth" (if any) in the summary, claims, and foregoing accompanying drawings of the disclosure are used to distinguish between similar objects and are not necessarily used to describe a specific sequence or order. It should be understood that the terms so used are interchangeable under appropriate circumstances, so that the embodiments of the disclosure described herein are, for example, capable of being implemented in sequences other than the sequences illustrated or described herein. Furthermore, the terms "include" and "have" and any variations thereof, are intended to cover a non-exclusive inclusion. For example, a process, a method, a system, a product, or a device that includes a series of steps or units, is not necessarily limited to expressly listed steps or units, but may include other steps or units that are not expressly listed or that are inherent to such process, method, product, or device.
FIG. 1 is a schematic illustration diagram of a communication network 15, in accordance with an embodiment of the disclosure. The communication network 15 includes a trusted processing module node 10. The trusted processing module node 10 is configured to be coupled in communication with a first untrusted equipment node 20 (AUSF), a second untrusted equipment node 30 (AMF) and a user equipment node 40 (UE). The trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15. The second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication therebetween based on the authentication key (KAMF).
An authentication server function (AUSF) may be used to facilitate security processes in the communication network 15. A core access and mobility management function (AMF) may be used for registration management, connection management, reachability management, mobility management, and various function relating to security and access management and authorization of the user equipment node 40 (UE). The user equipment node 40 (UE) may be any device used directly by a user to communicate. The user equipment node 40 (UE) may include, but not be limited to, a hand-held telephone, a laptop computer equipped with a mobile broadband adapter. In the communication network 15, each user is allocated a subscriber permanent identifier (SUPI) which is globally unique.
Examples of SUPI formats may include and international mobile subscriber identity (IMSI) and Network Access Identifier (NAI). A security anchor function (SEAF) is used in the communication network 15 as a middleman during an authentication process between the user equipment node 40 (UE) and a home network of the user equipment node 40 (UE). Based on the SEAF, an authentication from the user equipment node 40 (UE) may be rejected or accepted. “Kseaf” is referred to as a key that may be generated using a security anchor function.
A hash-based message authentication code (HMAC) may be a code used for authentication of a message. The HMAC may involve a cryptographic hash function and a secret cryptographic key.
The user equipment node 40 (UE) that is configured to communicate with the communication network 15 that is configured to communicate sensitive user data. The communication network 15 includes first and second untrusted equipment nodes (AUSF, 20; AMF, 30). The communication network 15 is coupled to the trusted processing module node 10. The trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15. The second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment node 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication therebetween based on the authentication key (KAMF).
The first untrusted equipment node 20 (AUSF) is configured to communicate with the communication network 15 that is configured to communicate sensitive user data. The communication network 15 includes the second untrusted equipment node 30 (AMF) and the user equipment node 40 (UE). The communication network 15 is coupled to the trusted processing module node 10. The trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15. The second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KA F) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment node 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
The second untrusted equipment node 30 (AMF) is configured to communicate with the communication network 15 that is configured to communicate sensitive user data. The communication network 15 includes first untrusted equipment node 20 (AUSF) and the user equipment node 40 (UE). The communication network 15 is coupled to the trusted processing module node 10. The trusted processing module node 10 is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The trusted processing module node 10 is configured to transmit an authentication response to the first untrusted equipment node 20 (AUSF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). The first untrusted network equipment node 20 (AUSF) is configured to transmit the authentication response therefrom to the second untrusted network equipment node 30 (AMF) of the communication network 15. The second untrusted network equipment node 30 (AMF) is configured to transmit an authentication request derived from the authentication response to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The second untrusted network equipment node 30 (AMF) and the user equipment 40 (UE) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
In an embodiment, the first untrusted equipment node 20 (AUSF) is arranged to be an authentication server function, and the second untrusted equipment node 30 (AMF) is arranged to be an access and mobility management function.
In an embodiment, the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first and second untrusted equipment nodes 20, 30 (AUSF, AMF). The anonymous metadata (SUPI*) and the second key (Ki) may be protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
In an embodiment, the at least a part of the communication network 15 is arranged to be a wireless communication network 15. The wireless communication network 15 may be arranged to conform to a 5G network specification.
FIG. 2 is an interaction diagram illustration of steps of a method of operating the trusted processing module node 10 of the communication network 15 to provide confidentiality and anonymity of sensitive user data or metadata of a user of the communication network 15, in accordance with an embodiment of the disclosure. At a step 202, a home environment authentication vector at the trusted processing module node 10 is generated by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). At a step 204, an authentication response is transmitted to the first untrusted equipment node 20 (AUSF) of the communication network 15 via the trusted processing module node 10. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). At a step 206, the authentication response is transmitted from the first untrusted network equipment node 20 (AUSF) to the second untrusted network equipment node 30 (AMF) of the communication network 15. At a step 208, an authentication request derived from the authentication response is transmitted from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15. At a step 210, an authentication key (KAMF) is computed from the authentication request using a key derivation function (HMAC) at the user equipment node 40 (UE). At a step 212, a mutual authentication is performed between the second untrusted network equipment 30 (AMF) and the user equipment 40 (UE) based on the authentication key (KAMF).
FIG. 3 is a schematic diagram illustration of a fifth-generation communication network 300 that includes a fifth-generation core network 302 in communication with a user equipment node 310, in accordance with an embodiment of the disclosure. The fifth-generation core network 302 includes a trusted network equipment node 304 coupled in communication with an AUSF node 306 and an AMF node 308. The AMF module 308 is coupled in communication with the user equipment node 310. The AUSF node 306 may also be a Unified Data Management (UDM) node or an authentication credential repository and processing function (ARPF) node as per 5G standard.
The trusted network equipment node 304 includes an anonymous SUPI processing module 312 that generates a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The anonymous metadata and the second key may be derived as (KI, C) = F1(K, m), where the first key is “K” and metadata (SUPI) is “m”. “K” and “m” are provided to function “Fl” as inputs and “Fl” computes an anonymity value the metadata or anonymous metadata “C” and the second key “KI” as outputs.
An authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki) at the trusted network equipment node 304. The authentication response is transmitted from the trusted network equipment node 304 to the AUSF node 306 of the fifth-generation core network 302. The authentication response is then transmitted from the AUSF node 306 to the AMF node 308. The authentication response is used to derive an authentication request that is transmitted from the AMF node 308 to the user equipment node 310. The user equipment node 310 computes an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). An authentication key derivation function F2 [KAMF = F2(K1, C)] may be used to compute the authentication key (KA F). F2 takes KI and C computed by Fl as inputs and computes an authentication key (KAMF). (KAMF) is used for performing a mutual authentication.
A mutual authentication is performed between the AMF node 308 and the user equipment node 310 based on the authentication key (KAMF). Optionally, an original key derivation function, as described in 5G standard, is used as the key derivation function.
FIG. 4 is a flow diagram illustrating steps of a method for operating the trusted processing module node 10 of the communication network 15 of FIG. 1 in accordance with an embodiment of the disclosure. The trusted processing module node 10 is configured to be coupled in communication with the first untrusted equipment node 20 (AUSF), the second untrusted equipment node 30 (AMF) and the user equipment node 40 (UE). At a step 402, a home environment authentication vector is generated at the trusted processing module node 10, by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). At a step 404, an authentication response is transmitted from the trusted processing module node 10 via the first untrusted equipment node 20 (AUSF) of the communication network 15 to the second untrusted network equipment node 30 (AMF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
According to a first embodiment, the method for operating the trusted processing module node 10 of the communication network 15 further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The method for operating the trusted processing module node 10 of the communication network 15 includes performing a mutual authentication between the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) based on the authentication key (KAMF).
FIG. 5 is a flow diagram illustrating steps of a method for operating the user equipment node 40 (UE) of the communication network 15 of FIG. 1 in accordance with an embodiment of the disclosure. The user equipment node 40 (UE) is configured to be coupled in communication with the first untrusted equipment node 20 (AUSF), the second untrusted equipment node 30 (AMF) and the trusted processing module node 10. At a step 502, an authentication request derived from an authentication response is received at the user equipment node 40 (UE) from the second untrusted network equipment node 30 (AMF). The user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). At a step 504, a mutual authentication is performed between the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) based on the authentication key (KA F).
According to a first embodiment, the method for operating the user equipment node 40 (UE) of the communication network 15 includes generating a home environment authentication vector at the trusted processing module node 10 of the communication network 15 by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The method for operating the user equipment node 40 (UE) of the communication network 15 includes transmitting an authentication response from the trusted processing module node 10 via the first untrusted equipment node 20 (AUSF) of the communication network 15 to the second untrusted network equipment node 30 (AMF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
FIG. 6 is a flow diagram illustrating steps of a method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 of FIG.1 in accordance with an embodiment of the disclosure. The first untrusted equipment node 20 (AUSF) is configured to be coupled in communication with the second untrusted equipment node 30 (AMF), the user equipment node 40 (UE) and the trusted processing module node 10. At a step 602, an authentication response is received from the trusted processing module node 10. The authentication response is derived from data of a home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki). At a step 604, the authentication response is transmitted to the second untrusted network equipment node 30 (AMF) of the communication network 15.
According to a first embodiment, the method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 further includes transmitting an authentication request derived from the authentication response from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC). The method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 includes performing a mutual authentication between the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) based on the authentication key (KAMF).
According to a second embodiment, the method for operating the first untrusted equipment node 20 (AUSF) of the communication network 15 further includes, at the trusted processing module node 10 of the communication network 15, generating the home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
FIG. 7 is a flow diagram illustrating steps of a method for operating the second untrusted equipment node 30 (AMF) of the communication network 15 of FIG. 1 in accordance with an embodiment of the disclosure. The second untrusted equipment node 30 (AMF) is configured to be coupled in communication with the first untrusted equipment node 20 (AUSF), the user equipment node 40 (UE) and the trusted processing module node 10. At a step 702, an authentication response is received at the second untrusted network equipment node 30 (AMF) from the first untrusted network equipment node 20 (AUSF). At a step 704, an authentication request derived from the authentication response is transmitted from the second untrusted network equipment node 30 (AMF) to the user equipment node 40 (UE) connected to the communication network 15. The user equipment node 40 (UE) is configured to compute an authentication key (KA F) from the authentication request using a key derivation function (HMAC). At a step 706, a mutual authentication is performed between the second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) based on the authentication key (KAMF).
According to a first embodiment, the method for operating the second untrusted equipment node 30 (AMF) of the communication network 15 includes generating a home environment authentication vector at the trusted processing module node 10 of the communication network 15 by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf). The home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki). The method for operating the second untrusted equipment node 30 (AMF) of the communication network 15 includes transmitting an authentication response from the trusted processing module node 10 to the first untrusted equipment node 20 (AUSF) of the communication network 15. The authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
In an embodiment, the first untrusted equipment node 20 (AUSF) is arranged to be an authentication server function, and the second untrusted equipment node 30 (AMF) is arranged to be an access and mobility management function.
In an embodiment, the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first and second untrusted equipment nodes 20, 30 (AUSF, AMF).
The anonymous metadata (SUPI*) and the second key (Ki) may be protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
In an embodiment, at least a part of the communication network 15 is arranged to be a wireless communication network. The wireless communication network may be arranged to conform to a 5G network specification.
There is provided a computer program product including a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device including processing hardware to execute any of the preceding methods as such or one or more steps of the preceding methods.
An authentication between the user equipment node 40 (UE) and the second untrusted network equipment node 30 (AMF) for an access to 5G network includes: 1. For each Authenticate Get Request, the UDM/ARPF may create a 5G HE AV;
2: UDM/ARPF sends the Authentication Response [5G HE AV, AV, SUPI] to the first untrusted network equipment node 20 (AUSF). Note: including the SUPI plaintext, SUPI Information Leakage;
3: UDM/ARPF sends the Authentication Response [5G HE AV, AV, SUPI] to the second untrusted network equipment node 30 (AMF). Note: including the SUPI plaintext, SUPI Information Leakage;
4: The second untrusted network equipment node 30 (AMF) sends the Authentication Request to the user equipment node 40 (UE);
5 : The second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) use Kseaf and (SUPI, metadata) to derivate the key KAMF:
KA F = HMAC(Kseaf,SUPI || MateData);
6: The second untrusted network equipment node 30 (AMF) and the user equipment node 40 (UE) use the same KAMF to perform mutual authentication process.
Anonymity of SUPI and Kseaf for 5G core network includes:
1. For each Authenticate Get Request, the trusted processing module 10 for SUPI anonymity may create a 5G HE AV, and computes the anonymous SUPI: (KI , SUPI* ) = Fl (Kseaf, SUPI || MateData);
2. The trusted processing module 10 sends the Authentication Response [5G HE AV, AV, SUPI*] to the first untrusted equipment node 20 (AUSF) (UDM/ARPF /AUSF). Note: including the SUPI* and KI, no Information Leakage;
3. UDM/ARPF/AUSF sends the Authentication Response [5G HE AV, AV, SUPI] to the second untrusted equipment node 30 (AMF). Note: including the SUPI* and KI, no Information Leakage;
4. The second untrusted network equipment node 30 (AMF) sends the Authentication Request () to the user equipment node 40 (UE); 5. The user equipment node 40 (UE) uses Kseaf and (SUPI, metadata) to derivate the key
KA MF:
KAMF = HMAC(Kseaf,SUPI || MateData); and AMF use KI and (SUPI*) to derivate the same key KAMF: KA F = F2(K1, SUPI*);
6. The second untrusted equipment node 30 (AMF) and the user equipment node 40 (UE) use the same KAMF to perform a mutual authentication process.
In an embodiment, functions Fl and F2 are implemented as follows:
F : Hash based-HMAC; Fl: HASH((K’seaf XOR ipad||IV)||M), where M: SUPI | (Metadata; K’seaf = HASH(Kseaf), if Kseaf is larger than the hash block length; K’seaf = Kseaf, otherwise;
F2: HASH((K’seaf XOR opad||IV)||M*), where M*: the output of Fl; K’seaf = HASH(Kseaf), if Kseaf is larger than the hash block length; K’seaf = Kseaf, otherwise;
Although the invention and its advantages have been described in detail, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.

Claims

1. A method for operating a trusted processing module node (10) of a communication network (15), wherein the trusted processing module node (10) is configured to be coupled in communication with a first untrusted equipment node (AUSF, 20), a second untrusted equipment node (AMF, 30) and a user equipment node (UE, 40), wherein the method includes:
(a) at the trusted processing module node (10), generating a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki); and
(b) transmitting an authentication response from the trusted processing module node (10) via the first untrusted equipment node (AUSF, 20) of the communication network (15) to the second untrusted network equipment node (AMF, 30) of the communication network (15), wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
2. A method of claim 1, wherein the method further includes:
(c) transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF, 30) to the user equipment node (UE, 40) connected to the communication network (15), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(d) performing a mutual authentication between the second untrusted network equipment node (AMF, 30) and the user equipment node (UE, 40) based on the authentication key (KAMF).
3. A method for operating a user equipment node (UE, 40) of a communication network (15), wherein the user equipment node (UE, 40) is configured to be coupled in communication with a first untrusted equipment node (AUSF, 20), a second untrusted equipment node (AMF, 30) and a trusted processing module node (10), wherein the method includes:
(a) at the user equipment node (UE, 40), receiving an authentication request derived from an authentication response from the second untrusted network equipment node (AMF,
25 30), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(b) performing a mutual authentication between the second untrusted network equipment node (AMF, 30) and the user equipment node (UE, 40) based on the authentication key (KAMF).
4. A method of claim 3, wherein the method further includes:
(c) at the trusted processing module node (10) of the communication network (15), generating a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki);
(d) transmitting an authentication response from the trusted processing module node (10) via the first untrusted equipment node (AUSF, 20) of the communication network (15) to the second untrusted network equipment node (AMF, 30) of the communication network, wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
5. A method of any one of claims 1 to 4, wherein the method includes arranging for the trusted processing module node (10) to communicate wirelessly to at least a part of the communication network.
6. A method of claim 5, wherein the method includes arranging for trusted processing module node (10) to communicate wirelessly by conforming to a 5G network specification.
7. A computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method as claimed in any one of claims 1 to 6.
8. A method for operating a first untrusted equipment node (AUSF, 20) of a communication network (15), wherein the first untrusted equipment node (AUSF, 20) is configured to be coupled in communication with a second untrusted equipment node (AMF, 30), a user equipment node (UE, 40) and a trusted processing module node (10), wherein the method includes: (a) receiving an authentication response from the trusted processing module node (10), wherein the authentication response is derived from data of a home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki); and
(b) transmitting the authentication response to the second untrusted network equipment node (AMF, 20) of the communication network (15).
9. A method of claim 8, wherein the method further comprises:
(c) transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF, 30) to the user equipment node (UE, 40) connected to the communication network, wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(d) performing a mutual authentication between the second untrusted network equipment node (AMF, 30) and the user equipment node (UE, 40) based on the authentication key (KAMF).
10. A method of claim 8 or 9, wherein the method further comprises:
(e) at the trusted processing module node of the communication network, generating the home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki).
11. A method of claim 8, 9 or 10, wherein the method includes arranging for the first untrusted equipment node (AUSF) to be an authentication server function.
12. A method of any one of claims 8 to 11, wherein the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the first untrusted equipment node (AUSF).
13. A method of claim 12, wherein the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
14. A method of any one of claims 8 to 13, wherein the method includes arranging for the first untrusted equipment node (AUSF, 20) to communicate wirelessly to at least a part of the communication network.
15. A method of claim 14, wherein the method includes arranging for the first untrusted equipment node (AUSF, 20) to communicated wirelessly by conforming to a 5G network specification.
16. A computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method as claimed in any one of claims 8 to 15.
17. A method for operating a second untrusted equipment node (AMF, 30) of a communication network (15), wherein second untrusted equipment node (AMF, 30) is configured to be coupled in communication with a first untrusted equipment node (AUSF, 20), a user equipment node (UE, 40) and a trusted processing module node (10), wherein the method includes:
(a) the second untrusted network equipment node (AMF, 30), receiving an authentication response from the first untrusted network equipment node (AUSF, 20);
(b) transmitting an authentication request derived from the authentication response from the second untrusted network equipment node (AMF, 30) to the user equipment node (UE, 40) connected to the communication network (15), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(c) performing a mutual authentication between the second untrusted network equipment node (AMF, 30) and the user equipment node (UE, 40) based on the authentication key (KAMF).
18. A method of claim 17, wherein the method further includes:
(d) at the trusted processing module node (10) of the communication network (15), generating a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment
28 authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki); and
(e) transmitting an authentication response from the trusted processing module node (10) to the first untrusted equipment node (AUSF, 20) of the communication network (15), wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki).
19. A method of claim 17 or 18, wherein the method further includes arranging for the second untrusted equipment node (AMF) to be an access and mobility management function.
20. A method of any one of claims 17 to 19, wherein the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping at the second untrusted equipment node (AMF).
21. The method of claim 20, wherein the method includes protecting the anonymous metadata (SUPI*) and the second key (Ki) from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
22. A method of any one of claims 17 to 21, wherein the method includes arranging for second untrusted equipment node (AMF, 30) to communicate wirelessly to at least a part of the communication network.
23. A method of claim 22, wherein the method includes arranging for the second untrusted equipment node (AMF, 30) to communicate wirelessly by conforming to a 5G network specification.
24. A computer program product comprising a non-transitory computer-readable storage medium having computer-readable instructions stored thereon, the computer-readable instructions being executable by a computerized device comprising processing hardware to execute a method as claimed in any one of claims 17 to 23.
25. A trusted processing module node (10) that is configured to communicate with a communication network (15) that is configured to communicate sensitive user data, wherein the communication network (15) includes first and second untrusted equipment nodes (AUSF, 20; AMF, 30), and wherein the communication network (15) is coupled to the trusted processing module node (10) and to a user equipment node (UE, 40), characterized in that:
29 (a) the trusted processing module node (10) is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki);
(b) the trusted processing module node (10) is configured to transmit an authentication response to the first untrusted equipment node (AUSF, 20) of the communication network (15), wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki);
(c) the first untrusted network equipment node (AUSF, 20) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF, 30) of the communication network (15);
(d) the second untrusted network equipment node (AMF, 30) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE, 40) connected to the communication network (15), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(e) the second untrusted network equipment (AMF, 30) and the user equipment (UE, 40) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
26. A trusted processing module node (10) of claim 25, wherein the trusted processing module node (10) is configured to communicate wirelessly with at least a part of the communication network (15).
27. A trusted processing module node (10) of claim 26, wherein the trusted processing module node (10) is configured to conform to a 5G network specification.
28. A user equipment node (UE, 40) that is configured to communicate with a communication network (15) that is configured to communicate sensitive user data, wherein the communication network (15) includes first and second untrusted equipment nodes (AUSF,
30 20; AMF, 30), and wherein the communication network (15) is coupled to a trusted processing module node (10), characterized in that:
(a) the trusted processing module node (10) is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki);
(b) the trusted processing module node (10) is configured to transmit an authentication response to the first untrusted equipment node (AUSF, 20) of the communication network (15), wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki);
(c) the first untrusted network equipment node (AUSF, 20) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF, 30) of the communication network (15);
(d) the second untrusted network equipment node (AMF, 30) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE, 40) connected to the communication network (15), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(e) the second untrusted network equipment node (AMF, 30) and the user equipment (UE, 40) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
29. A first untrusted equipment node (AUSF, 20) that is configured to communicate with a communication network (15) that is configured to communicate sensitive user data, wherein the communication network (15) includes a second untrusted equipment node (AMF, 30) and a user equipment node (UE, 40), and wherein the communication network (15) is coupled to a trusted processing module node (10), characterized in that:
(a) the trusted processing module node (10) is configured to generate a home environment authentication vector by applying a first key derivation function to metadata
31 (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki);
(b) the trusted processing module node (10) is configured to transmit an authentication response to the first untrusted equipment node (AUSF, 20) of the communication network (15), wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki);
(c) the first untrusted network equipment node (AUSF, 20) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF, 30) of the communication network (15);
(d) the second untrusted network equipment node (AMF, 30) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE, 40) connected to the communication network (15), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(e) the second untrusted network equipment node (AMF, 30) and the user equipment node (UE, 40) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
30. A first untrusted equipment node (AUSF, 20) of claim 29, wherein the first untrusted equipment node (AUSF, 20) is arranged to be an authentication server function.
31. A first untrusted equipment node (AUSF, 20) of claim 29 or 30, wherein the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the first untrusted equipment nodes (AUSF, 20).
32. A first untrusted equipment node (AUSF, 20) of claim 31, wherein the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
33. A first untrusted equipment node (AUSF, 20) of any one of claims 29 to 32, wherein the first untrusted equipment node (AUSF, 20) is configured to communicate wirelessly to at least a part of the communication network (15).
32
34. A first untrusted equipment node (AUSF, 20) of claim 33, wherein first untrusted equipment node (AUSF, 20) is arranged to conform to a 5G network specification.
35. A second untrusted equipment node (AMF, 30) that is configured to communicate with a communication network (15) that is configured to communicate sensitive user data, wherein the communication network (15) includes a first untrusted equipment node (AUSF, 20) and a user equipment node (UE, 40), and wherein the communication network (15) is coupled to a trusted processing module node (10), characterized in that:
(a) the trusted processing module node (10) is configured to generate a home environment authentication vector by applying a first key derivation function to metadata (SUPI) and to a first key (Kseaf), wherein the home environment authentication vector includes anonymous metadata (SUPI*) derived from the metadata (SUPI), and also includes a second key (Ki);
(b) the trusted processing module node (10) is configured to transmit an authentication response to the first untrusted equipment node (AUSF, 20) of the communication network (15), wherein the authentication response is derived from data of the home environment authentication vector including the anonymous metadata (SUPI*) and the second key (Ki);
(c) the first untrusted network equipment node (AUSF, 20) is configured to transmit the authentication response therefrom to the second untrusted network equipment node (AMF, 30) of the communication network (15);
(d) the second untrusted network equipment node (AMF, 30) is configured to transmit an authentication request derived from the authentication response to the user equipment node (UE, 40) connected to the communication network (15), wherein the user equipment node (UE, 40) is configured to compute an authentication key (KAMF) from the authentication request using a key derivation function (HMAC); and
(e) the second untrusted network equipment (AMF, 30) and the user equipment (UE, 40) are configured to perform a mutual authentication there between based on the authentication key (KAMF).
33
36. A second untrusted equipment node (AMF, 30) of claims 35, wherein the second untrusted equipment node (AMF, 30) is arranged to be an access and mobility management function.
37. A second untrusted equipment node (AMF, 30) of claims 35 or 36, wherein the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping at the second untrusted equipment node (AMF, 30).
38. A second untrusted equipment node (AMF, 30) of claim 37, wherein the anonymous metadata (SUPI*) and the second key (Ki) are protected from eavesdropping by a cryptographic hash function configured for probabilistic polynomial-time turing (PPT).
39. A second untrusted equipment node (AMF, 30) of claims 35 to 38, wherein the second untrusted equipment node (AMF, 30) is configured to communicate wirelessly to at least a part of the communication network (15).
40. A second untrusted equipment node (AMF, 30) of claim 39, wherein the second untrusted equipment node (AMF, 30) is configured to conform to a 5G network specification.
34
PCT/EP2020/077614 2020-10-02 2020-10-02 Protection of sensitive user data in communication networks WO2022069056A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN202080105415.9A CN116325656A (en) 2020-10-02 2020-10-02 Protection of sensitive user data in a communication network
PCT/EP2020/077614 WO2022069056A1 (en) 2020-10-02 2020-10-02 Protection of sensitive user data in communication networks

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2020/077614 WO2022069056A1 (en) 2020-10-02 2020-10-02 Protection of sensitive user data in communication networks

Publications (1)

Publication Number Publication Date
WO2022069056A1 true WO2022069056A1 (en) 2022-04-07

Family

ID=72811803

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2020/077614 WO2022069056A1 (en) 2020-10-02 2020-10-02 Protection of sensitive user data in communication networks

Country Status (2)

Country Link
CN (1) CN116325656A (en)
WO (1) WO2022069056A1 (en)

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016048575A1 (en) * 2014-09-26 2016-03-31 Qualcomm Incorporated On-demand serving network authentication
WO2016114842A1 (en) * 2014-10-31 2016-07-21 Convida Wireless, Llc End-to-end service layer authentication
US20170250974A1 (en) * 2016-02-26 2017-08-31 Symantec Corporation System and method for service assisted mobile pairing of password-less computer login
US20190394184A1 (en) * 2015-02-27 2019-12-26 Telefonaktiebolaget L M Ericsson (Publ) Communication between a communication device and a network device
US20190394031A1 (en) * 2018-01-11 2019-12-26 Beijing Guodian Tong Network Technology Co., Ltd Method and device for quantum key fusion-based virtual power plant security communication and medium
WO2020133543A1 (en) * 2018-12-29 2020-07-02 华为技术有限公司 Communication method and related product
EP3684088A1 (en) * 2019-01-18 2020-07-22 Thales Dis France SA A method for authentication a secure element cooperating with a mobile equipment within a terminal in a telecommunication network
EP3691317A1 (en) * 2017-09-27 2020-08-05 Nec Corporation Communication terminal, core network device, core network node, network node and key deriving method

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2016048575A1 (en) * 2014-09-26 2016-03-31 Qualcomm Incorporated On-demand serving network authentication
WO2016114842A1 (en) * 2014-10-31 2016-07-21 Convida Wireless, Llc End-to-end service layer authentication
US20190394184A1 (en) * 2015-02-27 2019-12-26 Telefonaktiebolaget L M Ericsson (Publ) Communication between a communication device and a network device
US20170250974A1 (en) * 2016-02-26 2017-08-31 Symantec Corporation System and method for service assisted mobile pairing of password-less computer login
EP3691317A1 (en) * 2017-09-27 2020-08-05 Nec Corporation Communication terminal, core network device, core network node, network node and key deriving method
US20190394031A1 (en) * 2018-01-11 2019-12-26 Beijing Guodian Tong Network Technology Co., Ltd Method and device for quantum key fusion-based virtual power plant security communication and medium
WO2020133543A1 (en) * 2018-12-29 2020-07-02 华为技术有限公司 Communication method and related product
EP3684088A1 (en) * 2019-01-18 2020-07-22 Thales Dis France SA A method for authentication a secure element cooperating with a mobile equipment within a terminal in a telecommunication network

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
"3 Generation Partnership Project; Technical Specification Group Services and System Aspects; Security architecture and procedures for 5G system (Release 15)", 3GPP STANDARD; TECHNICAL SPECIFICATION; 3GPP TS 33.501, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, no. V15.3.1, 31 December 2018 (2018-12-31), pages 1 - 181, XP051591577 *
"3 Generation Partnership Project; Technical Specification Group Services and System Aspects; Security architecture and procedures for 5G system (Release 16)", vol. SA WG3, no. V16.3.0, 10 July 2020 (2020-07-10), pages 1 - 248, XP051924931, Retrieved from the Internet <URL:ftp://ftp.3gpp.org/Specs/archive/33_series/33.501/33501-g30.zip 33501-g30.doc> [retrieved on 20200710] *
"3 Generation Partnership Project; Technical Specification Group Services and System Aspects; Security architecture and procedures for 5G system (Release 16)", vol. SA WG3, no. V16.4.0, 25 September 2020 (2020-09-25), pages 1 - 250, XP051961165, Retrieved from the Internet <URL:ftp://ftp.3gpp.org/Specs/archive/33_series/33.501/33501-g40.zip 33501-g40.doc> [retrieved on 20200925] *
ANONYMOUS: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Study on the security aspects of the next generation system (Release 14)", 3GPP STANDARD; TECHNICAL REPORT; 3GPP TR 33.899, 3RD GENERATION PARTNERSHIP PROJECT (3GPP), MOBILE COMPETENCE CENTRE ; 650, ROUTE DES LUCIOLES ; F-06921 SOPHIA-ANTIPOLIS CEDEX ; FRANCE, no. V1.3.0, 31 August 2017 (2017-08-31), pages 1 - 605, XP051450230 *

Also Published As

Publication number Publication date
CN116325656A (en) 2023-06-23

Similar Documents

Publication Publication Date Title
JP6492115B2 (en) Encryption key generation
US8059818B2 (en) Accessing protected data on network storage from multiple devices
AU2003202511A1 (en) Methods for authenticating potential members invited to join a group
CN101822082A (en) The technology that is used for safe laneization between UICC and the terminal
CN102144371A (en) Method for selectively encrypting control signal
CN109347626B (en) Safety identity authentication method with anti-tracking characteristic
Munilla et al. An enhanced symmetric-key based 5G-AKA protocol
Alshahrani et al. Anonymous mutual IoT interdevice authentication and key agreement scheme based on the ZigBee technique
Noh et al. Secure authentication and four-way handshake scheme for protected individual communication in public wi-fi networks
Saeed et al. Preserving Privacy of User Identity Based on Pseudonym Variable in 5G.
İşler et al. Threshold single password authentication
Ouaissa et al. New security level of authentication and key agreement protocol for the IoT on LTE mobile networks
Madhusudhan et al. An efficient and secure user authentication scheme with anonymity in global mobility networks
Baskaran et al. Blind key distribution mechanism to secure wireless metropolitan area network
WO2022069056A1 (en) Protection of sensitive user data in communication networks
Sinha et al. A Secure Three-Party Authenticated Key Exchange Protocol for Social Networks.
You et al. 5G-AKA-FS: A 5G Authentication and Key Agreement Protocol for Forward Secrecy
Khalid et al. Advance strong authentication strong integrity (ASASI) protocol for low cost radio frequency identification
Yazdanpanah et al. Secure SMS Method Based on Social Networks
Lang et al. Research on the authentication scheme of WiMAX
KR100842014B1 (en) Accessing protected data on network storage from multiple devices
Patalbansi Secure Authentication and Security System for Mobile Devices in Mobile Cloud Computing
Choudhury et al. Security Extension for Relaxed Trust Requirement in Non3GPP Access to the EPS.
Rahnama et al. An ultra-lightweight RFID mutual authentication protocol
Køien Privacy enhanced device access

Legal Events

Date Code Title Description
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20789023

Country of ref document: EP

Kind code of ref document: A1