Method for Enabling a Secure Provisioning of a Credential, and Related Wireless Devices and Servers

1 - 45 . (canceled) 46 . A method, performed in a wireless device, for enabling a secure provisioning of a credential from a server, the wireless device storing a device public key and a device private key, the server storing the device public key, the method comprising: receiving an authentication request from the server; generating a device authentication and integrity (DAI) indicator; transmitting an authentication response to the server, the authentication response comprising the DAI indicator; receiving a credential message from the server, the credential message comprising a server authentication and integrity (SAI) indicator; wherein the SAI indicator provides a proof of the server's possession of the device public key; and verifying the received credential message using the device public key. 47 . The method of claim 46 : wherein the credential message comprises a server credential; and wherein the method further comprises storing the received server credential upon successful verification. 48 . The method of claim 46 , wherein the DAI indicator comprises a digital signature computed based on the device private key, and/or a Message Authentication Code computed based on the device public key. 49 . The method of claim 46 : wherein the credential message comprises a cipher-text computed by the server using the device public key; and wherein verifying the credential message comprises decrypting the cipher-text using the device private key to obtain a plain-text. 50 . The method of claim 46 : wherein the authentication request comprises a server nonce; and wherein generating the DAI indicator comprises generating a digital signature over the server nonce using the device private key and/or a Message Authentication Code over the server nonce using the device public key. 51 . The method of claim 46 : wherein the authentication request comprises a server nonce encrypted using the device public key or a key derived from the device public key; wherein generating the DAI indicator comprises decrypting the encrypted server nonce using the device private key or a key derived from the device public key; and returning the server nonce in the authentication response. 52 . The method of claim 46 : wherein the SAI indicator comprises a digital signature; and wherein verifying the received credential message comprises verifying the digital signature. 53 . The method of claim 46 : further comprising generating a device nonce; and wherein the authentication response comprises the device nonce. 54 . The method of claim 46 , wherein the credential message comprises a validation confirmation, or a validation error. 55 . The method of claim 47 : wherein the server credential is a server public key, a server certificate, a certificate authority, CA, certificate, and/or a device certificate; wherein the SAI indicator comprises the digital signature; and wherein verifying the received credential message comprises: computing a hash value of at least one of a server nonce, a device nonce, plain-text, the device public key, and the received server public key; and verifying the received digital signature using the computed hash value and the received server public key. 56 . The method of claim 55 , wherein the plain-text comprises a random number, a device certificate, and/or a hash of a concatenation of the device nonce, the server nonce, and the server credential. 57 . The method of claim 46 : wherein the SAI indicator comprises a Message Authentication Code (MAC); wherein verifying the received credential message comprises verifying the MAC using the device public key. 58 . The method of claim 47 : wherein the SAI indicator comprises a Message Authentication Code (MAC); wherein verifying the received credential message comprises: computing a hash value of at least one of a server nonce, a device nonce, plain-text, the device public key, and the received server credential; and verifying the received MAC using the computed hash value and the device public key. 59 . The method of claim 46 : further comprising transmitting a device identifier to the server in a credential request or in the authentication response; wherein the credential message is a credential response to the credential request. 60 . The method of claim 59 , wherein the device identifier comprises a hash value computed based on the device public key. 61 . The method of claim 46 , wherein the authentication request comprises server key exchange parameters configured to enable a derivation of a shared key. 62 . The method of claim 61 , wherein generating the DAI indicator comprises: generating the shared key based on the device public key, the server key exchange parameters, and/or device key exchange parameters; computing the DAI indicator based on the shared key; and transmitting the device key exchange parameters to the server in the authentication response. 63 . The method of claim 61 , the method further comprising: receiving, from the server, a subsequent message comprising a server credential; verifying the received subsequent message using the shared key. 64 . The method of claim 63 : wherein the subsequent message is encrypted and/or integrity protected; wherein verifying the received subsequent message based on the shared key comprises decrypting the subsequent message using the shared key, and/or verifying an integrity protection indicator of the subsequent message based on the shared key. 65 . The method of claim 47 , wherein the server credential comprises a server public key, a server certificate, a certificate authority (CA) certificate for one or more servers configured to communicate with the device, a device certificate, a symmetric key, and/or an identifier. 66 . The method of claim 47 , wherein the credential message comprises an encrypted version of the device certificate as server credential. 67 . A method, performed in a server, for securely providing a credential to a wireless device; the server storing a device public key for the wireless device, a server public key, and a server private key; the method comprising: transmitting an authentication request to the wireless device; receiving an authentication response from the wireless device, the authentication response comprising a device authentication and integrity (DAI) indicator; verifying the received authentication response using the DAI indicator and the device public key; and upon successful verification of the authentication response: generating a server authentication and integrity (SAI) indicator based on the device public key; wherein the SAI indicator provides a proof of the server's possession of the device public key; and transmitting a credential message to the wireless device, the credential message comprising the generated SAI indicator. 68 . The method of claim 67 , wherein at least one of: the credential message comprises a server credential; the method further comprises transmitting a subsequent message to the wireless device, the subsequent message comprising the server credential and/or an encrypted version of the server credential. 69 . The method of claim 67 : further comprising receiving a credential request from the wireless device, the credential request comprising a device identifier; wherein the verifying the received authentication response comprises ide