Method to authenticate a user at a service provider
US12081654B2 · kind B2 · utility
Assignee
Inventors
Key dates
| Filing date | Apr 7, 2020 |
| Grant date | Sep 3, 2024 |
| Priority date | — |
| Expiry date | Apr 7, 2040 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04W12/041
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
Provided is a method to authenticate a user equipment (UE) at a service provider (SP), when the UE is compliant with either Generic Bootstrap Architecture (GBA) or Authentication and Key Agreement for Applications (AKMA). The user authentication is performed by way of the GBA or AKMA protocol The method relies on the Mobile Network Operator's (MNO) GBA or AKMA authentication framework. It can employ a Diffie-Hellman exchange between the user equipment (UE) and the service provider (SP), leading to a Diffie-Hellman session key (gxy), while establishing the GBA or AKMA protocol. The method calculates a final Network Application Function (NAF) or AKMA Application Function key (iNAF_key or iAApF_key) to maintain confidentiality of the communication between the user equipment (UE) and the service provider (SP). It derives this key from the Diffie-Hellman session key (gxy) and from the respective protocol's service provider key (Ks_ext/int_NAF or KAF).
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.