Method for protecting SUPI through utilization of 5G-AKA

A 5G-AKA and authentication vector technology, applied in the field of SUPI protection using 5G-AKA, can solve the problem of not being able to hide user identity, location, business, etc. The effect of low cost of renovation

Active Publication Date: 2018-11-20
XINGTANG TELECOMM TECH CO LTD +1
View PDF2 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] In view of the above analysis, the present invention aims to provide a method for protecting SUPI using 5G-AKA to solve the problem that various important and sensitive information such as user's identity, location, business, etc. cannot be well hidden in 5G communication

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for protecting SUPI through utilization of 5G-AKA
  • Method for protecting SUPI through utilization of 5G-AKA
  • Method for protecting SUPI through utilization of 5G-AKA

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0066] A method for protecting SUPI using 5G AKA is disclosed. This method is applied to the network side (including network elements AMF (Access and Mobility Management Function) and UDM / ARPF), such as Figure 5 shown, including the following steps:

[0067] Step S101, the core network receives the authentication request initiated by the terminal, decrypts the SUCI reported by the terminal, and obtains the SUPI;

[0068] Step S102, determine whether the identity information needs to be replaced; when it is determined that the identity information does not need to be replaced, use SUPI for authentication; when it is determined that the identity information needs to be replaced, randomly select a SUPI from the alternative SUPI resource pool as the new "in-use" of the terminal. "Identity ID SUPI';

[0069] Step S103, encrypt the above-mentioned "in use" identity, put the encrypted "in use" identity into the authentication vector AV', and send the authentication parameters in t...

Embodiment 2

[0098] A method for protecting SUPI using 5G AKA is disclosed. Applied to the user terminal side, such as Figure 6 shown, including the following steps:

[0099] Step S201, sending an authentication request to the core network, encrypting SUPI to obtain SUCI, and reporting SUCI and the temporary public key to the core network;

[0100] Step S202, receiving and verifying the authentication response information issued by the core network, when the verification is successful, performing a normal authentication process; when the verification fails, performing SUPI' replacement;

[0101] Step S203, initiate a second authentication, and obtain a second authentication response for verification.

[0102] Compared with the prior art, this embodiment provides a method for protecting SUPI by using the 5G-AKA protocol. The cost of network transformation is low, users are indifferent, high in efficiency, and the original security of network authentication is maintained; on the premise ...

Embodiment 3

[0116] A method for protecting SUPI by using 5G-AKA is disclosed, which is implemented interactively by the user terminal side and the network side, including the following steps:

[0117] Step S301, the terminal sends an authentication request to the core network, encrypts SUPI to obtain SUCI, and reports SUCI and the temporary public key to the core network; the core network receives the authentication request initiated by the terminal, decrypts the SUCI reported by the terminal, and obtains SUPI;

[0118] Step S302, the core network judges whether identity information needs to be replaced according to the level and sensitivity of the terminal; when it is determined that the identity information does not need to be replaced, use SUPI for authentication; when it is determined that the identity information needs to be replaced, randomly select from the alternative SUPI resource pool SUPI' serves as the new "in use" identity of the terminal;

[0119] Step S303, the core networ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a method for protecting a subscription permanent identifier (SUPI) through utilization of 5G-AKA and belongs to the technical field of 5G communication. The method solves theproblem that in the prior art, various important sensitive information such as an identity, a location and business of a subscriber cannot be concealed well. The method comprises the following steps:a terminal initiates an authentication request, and a core network judges whether to replace identity information or not through a level and sensitive degree of the terminal; selecting an SUPI' as a new in-use identity of the terminal when it is determined that the identity information needs to be replaced; the encrypted SUPI' is sent to the terminal; and the terminal verifies authentication response, after the in-use identity of the terminal is replaced, the terminal initiates a secondary authentication request, and the authentication is carried out through utilization of the new in-use identity. According to the method, the network modification cost is low; the subscriber is not affected; the efficiency is high; the original network authentication security is maintained; and on the premise that a current core network protocol system is not changed, the subscriber sensitive information is protected through utilization of an authentication channel from the terminal subscriber to a mobile communication network.

Description

technical field [0001] The invention relates to the technical field of 5G communication, in particular to a method for protecting SUPI by using 5G-AKA. Background technique [0002] According to the 2 / 3 / 4G (2nd, 3rd, 4th generation) mobile core network standard specification system, any user must belong to a certain Home Location Register (HLR, Home Location Register) and only belong to the HLR, the number of the mobile user and its International Mobile Subscriber Identity (IMSI, International Mobile Subscriber Identity), as a resource, has attribution attributes and is important data supporting the realization of mobile subscriber services. If a user's International Mobile Subscriber Identity is leaked, the attacking system can obtain a variety of important and sensitive information such as the identity, location, and business of the mobile communication network user through the mobile communication network, and then realize the attack on the specific user. [0003] In the...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04W12/02H04W12/04H04W12/06H04W8/26H04W12/041H04W12/0431
CPCH04W12/02H04W12/04H04W12/06H04W8/26
Inventor 贾云鹤叶琅刘畅徐彦吏
Owner XINGTANG TELECOMM TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap