5g device compatibility with legacy sim
US-2020204985-A1 · Jun 25, 2020 · US
User equipment authentication preventing sequence number leakage
US11659387B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-11659387-B2 |
| Application number | US-202016943869-A |
| Country | US |
| Kind code | B2 |
| Filing date | Jul 30, 2020 |
| Priority date | Jul 30, 2020 |
| Publication date | May 23, 2023 |
| Grant date | May 23, 2023 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Techniques for preventing sequence number leakage during user equipment authentication in a communication network are provided. For example, a method comprises obtaining a permanent identifier and an authentication sequence value that are unique to user equipment, concealing the permanent identifier and the authentication sequence value, and sending the concealed permanent identifier and the authentication sequence value in a registration message from the user equipment to a communication network. Then, advantageously, in response to receipt of an authentication failure message from the communication network, the user equipment can send a response message to the communication network containing a failure cause indication without a re-synchronization token.
First claim
Opening claim text (preview).
What is claimed is: 1. An apparatus comprising: at least one processor; at least one memory including computer program code; the at least one memory and the computer program code being configured to, with the at least one processor, cause the apparatus at least to: obtain a permanent identifier and an authentication sequence value that are unique to the apparatus; conceal the permanent identifier and the authentication sequence value; and send the concealed permanent identifier and the authentication sequence value in a registration message to a communication network. 2. The apparatus of claim 1 , wherein the at least one memory and the computer program code being configured to, with the at least one processor, further cause the apparatus to: combine the permanent identifier and the authentication sequence value prior to concealment. 3. The apparatus of claim 1 , wherein the at least one memory and the computer program code being configured to, with the at least one processor, further cause the apparatus to: in response to receipt of an authentication request message from the communication network, send a response message to the communication network containing a failure cause indication without a re-synchronization token. 4. The apparatus of claim 1 , wherein the at least one memory and the computer program code being configured to, with the at least one processor, further cause the apparatus to: in response to receipt of an authentication request message from the communication network, send a response message to the communication network containing a failure cause indication without a re-synchronization token, wherein the failure cause indication indicates that the authentication sequence value had been sent earlier. 5. The apparatus of claim 1 , wherein the apparatus is part of user equipment configured for 5G authentication operations and the communication network is part of a 5G core network. 6. The apparatus of claim 5 , wherein the permanent identifier comprises a subscriber permanent identifier (SUPI) and the authentication sequence value comprises a sequence number (SQN) that are concatenated and encrypted as part of a subscriber concealed identifier (SUCI) and sent in the registration message. 7. The apparatus of claim 1 , wherein concealing the permanent identifier and the authentication sequence value comprises utilizing a combination of the permanent identifier and the authentication sequence value as an input to an encryption algorithm. 8. The apparatus of claim 7 , wherein the encryption algorithm comprises an elliptic curve integrated encryption scheme. 9. The apparatus of claim 7 , wherein the combination of the permanent identifier and the authentication sequence value comprises a concatenation of the permanent identifier and the authentication sequence value. 10. An apparatus comprising: at least one processor; at least one memory including computer program code; the at least one memory and the computer program code being configured to, with the at least one processor, cause the apparatus at least to: obtain a permanent identifier and an authentication sequence value that are unique to the apparatus; conceal the permanent identifier and the authentication sequence value; send the concealed permanent identifier and the authentication sequence value in a registration message to a communication network; and combine the permanent identifier and the authentication sequence value prior to concealment; wherein combining the permanent identifier and the authentication sequence value prior to concealment further comprises concatenating the permanent identifier and the authentication sequence value to generate a single plain text block that is concealed and sent in the registration message. 11. A method comprising: obtaining a permanent identifier and an authentication sequence value that are unique to user equipment; concealing the permanent identifier and the authentication sequence value; and sending the concealed permanent identifier and the authentication sequence value in a registration message from the user equipment to a communication network. 12. The method of claim 11 , further comprising combining the permanent identifier and the authentication sequence value prior to concealment. 13. The method of claim 11 , further comprising, in response to receipt of an authentication request message from the communication network, sending a response message to the communication network containing a failure cause indication without a re-synchronization token. 14. The method of claim 11 , further comprising, in response to receipt of an authentication request message from the communication network, sending a response message to the communication network containing a failure cause indication without a re-synchronization token, wherein the failure cause indication indicates that the authentication sequence value had been sent earlier. 15. The method of claim 11 , wherein the user equipment is configured for 5G authentication operations and the communication network is part of a 5G core network. 16. The method of claim 15 , wherein the permanent identifier comprises a subscriber permanent identifier (SUPI) and the authentication sequence value comprises a sequence number (SQN) that are concatenated and encrypted as part of a subscriber concealed identifier (SUCI) and sent in the registration message. 17. The method of claim 11 , wherein concealing the permanent identifier and the authentication sequence value comprises utilizing a combination of the permanent identifier and the authentication sequence value as an input to an encryption algorithm. 18. The method of claim 17 , wherein the encryption algorithm comprises an elliptic curve integrated encryption scheme. 19. The method of claim 17 , wherein the combination of the permanent identifier and the authentication sequence value comprises a concatenation of the permanent identifier and the authentication sequence value. 20. A method comprising: obtaining a permanent identifier and an authentication sequence value that are unique to user equipment; concealing the permanent identifier and the authentication sequence value; sending the concealed permanent identifier and the authentication sequence value in a registration message from the user equipment to a communication network; and combining the permanent identifier and the authentication sequence value prior to concealment; wherein combining the permanent identifier and the authentication sequence value prior to concealment further comprises concatenating the permanent identifier and the authentication sequence value to generate a single plain text block that is concealed and sent in the registration message. 21. An article of manufacture comprising a non-transitory computer-readable storage medium having embodied therein executable program code that when executed by a processor causes the processor to perform the steps of: obtaining a permanent identifier and an authentication sequence value that are unique to user equipment; concealing the permanent identifier and the authentication sequence value; and sending the concealed permanent identifier and the authentication sequence value in a registration message from the user equipment to a communication network. 22. The article of claim 21 , further comprising the step of combining the permanent identifier and the authentication sequence value prior to concealment. 23.
Assignees
Inventors
Classifications
Integrity · CPC title
- H04W12/02Primary
Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII] · CPC title
Protecting confidentiality, e.g. by encryption · CPC title
Subscriber identity · CPC title
Security arrangements using identity modules · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US11659387B2 cover?
- Techniques for preventing sequence number leakage during user equipment authentication in a communication network are provided. For example, a method comprises obtaining a permanent identifier and an authentication sequence value that are unique to user equipment, concealing the permanent identifier and the authentication sequence value, and sending the concealed permanent identifier and the au…
- Who is the assignee on this patent?
- Nokia Technologies Oy
- What technology area does this patent fall under?
- Primary CPC classification H04W12/02. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue May 23 2023 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).