Communication with server during network device during extensible authentication protocol—authentication and key agreement prime procedure

Assignee

• Telefonaktiebolaget LM Ericsson (Publ) · SE

Inventors

• Jari Arkko · Kauniainen, FI
• Karl Norrman · Stockholm, SE
• Vesa Torvinen · Sauvo, FI

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L2463/082
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

A communication device for communication with a network device during EAP-AKA′. The communication device is operative to receive a first Perfect Forward Secrecy, PFS, parameter value and at least one attribute value indicating a choice of a Diffie-Hellman group from the network device. The communication device is also operative to receive a cipher key, CK, and an integrity key, IK. Generate a modified cipher key, CK′, and a modified integrity key, IK′ based on CK, IK and an access network identity. Operations include calculating a second PFS parameter value. Send the second PFS parameter value to the network device. Calculate a third PFS parameter value. Derive, using a Pseudo-random function, a key based on the third PFS parameter value, CK′, IK′ and an identity associated with the communication device. A network device, methods, further communication devices, a server, computer programs and a computer program product are also disclosed.