The patent badge is an abbreviated version of the USPTO patent document. The patent badge does contain a link to the full patent document.
The patent badge is an abbreviated version of the USPTO patent document. The patent badge covers the following: Patent number, Date patent was issued, Date patent was filed, Title of the patent, Applicant, Inventor, Assignee, Attorney firm, Primary examiner, Assistant examiner, CPCs, and Abstract. The patent badge does contain a link to the full patent document (in Adobe Acrobat format, aka pdf). To download or print any patent click here.
Patent No.:
Date of Patent:
Jan. 02, 2024
Filed:
Mar. 20, 2018
Telefonaktiebolaget Lm Ericsson (Publ), Stockholm, SE;
Per Ståhl, Klagshamn, SE;
TELEFONAKTIEBOLAGET LM ERICSSON (PUBL), Stockholm, SE;
Abstract
There is provided mechanisms for initial network authentication between a communications device and a network. A method is performed by the communications device. The communications device comprises an identity module supporting remote subscription profile download. The identity module comprises credentials for remote subscription profile download. The method comprises performing a first message exchange with an authentication server. The first message exchange comprises an identity module challenge obtained from the identity module being transmitted to the authentication server from the communications device. The method comprises receiving a second message from the authentication server. The second message comprises an ephemeral public key of the authentication server, an authentication server challenge and an authentication server signature. The authentication server signature is based on the ephemeral public key of the authentication server, the authentication server challenge, and the identity module challenge and follows a format used for handling remote subscription profile download to the identity module. The method comprises transmitting a third message towards the authentication server. The third message comprises an ephemeral public key of the communications device and an identity module signature. The identity module signature is based on the identity module credentials used for remote subscription profile download and is based on the ephemeral public key of the communications device and the authentication server challenge and follows the format used for remote subscription profile download to the identity module. The method comprises generating a master session key (MSK) from a shared secret established using the ephemeral public key of the authentication server and a private key corresponding to the ephemeral public key of the communications device. The MSK is for use when establishing secure communication between the communications device and the network.