Abstract: This application sets forth techniques for authenticating a mobile device with a cellular wireless network without electronic Subscriber Identity Module (eSIM) credentials by using an Extensible Authentication Protocol Transport Layer Security (EAP-TLS) procedure. The mobile device authenticates with an Authentication Server Function (AUSF) of the cellular wireless network using an embedded Universal Integrated Circuit Card (eUICC) certificate. Processing circuitry of the mobile wireless device external to the eUICC implements the EAP-TLS procedure and authenticates validity of the AUSF. In some embodiments, the eUICC provides key generation and storage for a session key for communication between the mobile device and the cellular wireless network.

Abstract: Apparatuses, systems, and methods for application function (AF) key generation and AF key renewal. A user equipment device (UE) may communicate with an application function (AF) via a radio access network (RAN) using a first AF key and determine that the first AF key has expired. The UE may derive a second AF key based on at least an Architecture for Authentication and Key Management for Applications (AKMA) anchor key (KAKMA) and a counter parameter and communicate with the AF via the RAN using the second AF key. At least one of the UE, the AF, and/or an AKMA Anchor Function (AAnF) may be configured to monitor expiration of the first AF key based on an associated lifetime of the first AF key. The first and second AF keys may be derived using a key derivation function that includes at least one variable parameter.

Abstract: A device level lock policy, which applies to all smart secure platform (SSP) applications of a mobile device, is used to determine whether a particular SSP application can be activated. A tamper resistant hardware secure element (SE) includes a primary platform with a low level operating system (OS) and one or more SSP applications within one or more secondary platform bundles that include secondary platforms with high level OSs specific to the secondary platform bundles. The low level OS enforces the device level lock policy for all secondary platform bundles by verifying whether a lock policy for the SSP application is consistent with the device level lock policy. When verification succeeds, activation is allowed, and when verification fails, activation is disallowed. Subscription identifiers are not provided in unencrypted form to processing circuitry of the mobile device external to the tamper resistant hardware SE to provide subscriber identity privacy protection.

Abstract: Apparatuses, systems, and methods for generating and utilizing improved initialization vectors (IVs) when performing encryption and authentication in wireless communications. In some scenarios, a wireless communication device may generate one or more pseudorandom multi-bit values, e.g., using a respective plurality of key derivation functions (KDFs). A first portion of each value may be used as a respective key for encryption or authentication of traffic on the user plane or the control plane. A second portion of each value may be used as a nonce value in a respective IV for use with a respective key for encryption or authentication of traffic on the user plane or the control plane. In some scenarios, the nonce values may instead be generated as part of an additional pseudorandom value (e.g., by executing an additional KDF), from which all of the IVs may be drawn.

Abstract: TDD configuration may be dynamically and/or semi-statically signaled to user equipment devices by a base station. Semi-static TDD configuration may include: an initial portion for downlink transmission; a flexible portion; and a terminal portion for uplink transmission. TDD structure of the flexible portion may be determined later by transmission of dynamic physical layer configuration information such as downlink control information (DCI) and/or slot format indicator (SFI). (The SFI may be included in a group common PDCCH of a slot.) The downlink portion and/or the uplink portion may include subsets whose nominal transmit direction is subject to override by transmission of dynamic physical layer configuration information.

Abstract: Techniques to protect subscriber identity in messages communicated between a user equipment (UE) and a cellular wireless network entity by using multiple ephemeral asymmetric keys are disclosed. The UE determines multiple ephemeral UE public and secret key pairs, while the cellular wireless network entity provides a network public key to the UE. The network public key may be updated over time. Multiple encryption keys based on the multiple ephemeral UE secret keys and the public network key are derived and used to encrypt a subscription permanent identifier (SUPI) to generate multiple subscription concealed identifiers (SUCIs). Each SUCI is used only once for messages communicated to a cellular wireless network and discarded after use. New SUCI are generated when the network public key is updated.

Abstract: TDD configuration may be dynamically and/or semi-statically signaled to user equipment devices by a base station. Semi-static TDD configuration may include: an initial portion for downlink transmission; a flexible portion; and a terminal portion for uplink transmission. TDD structure of the flexible portion may be determined later by transmission of dynamic physical layer configuration information such as downlink control information (DCI) and/or slot format indicator (SFI). (The SFI may be included in a group common PDCCH of a slot.) The downlink portion and/or the uplink portion may include subsets whose nominal transmit direction is subject to override by transmission of dynamic physical layer configuration information.

Abstract: This application describes various embodiments to manage multiple security certificates in a wireless device, including switching between different security certificates to support different functions, including supporting connectivity for multiple industry sectors that use different certificate authorities, and/or supporting different operational modes that require different security certificates for performing administrative functions. The wireless device includes a smart secure platform (SSP) or an embedded Universal Integrated Circuit Card (eUICC) that stores multiple security certificates to use for different industry sectors and/or for different operational modes.

Abstract: A downlink control information (DCI), such as a blanking DCI (bDCI) message may be transmitted by a base station (e.g., eNB) and received by a mobile device (e.g., UE). The bDCI may indicate that the eNB will not transmit a subsequent DCI to the UE for a duration of time. The UE may be in continuous reception mode or connected discontinuous reception (C-DRX) mode. The UE may therefore determine to enter a sleep state or take other action. The bDCI may specify an explicit blanking duration, or an index indicating a blanking duration from a lookup table, and/or the blanking duration (and/or a blanking duration offset value) may be determined in advance, e.g., semi-statically. When the UE is in C-DRX mode, the UE may be configured such that either the sleep/wake period of the C-DRX mode or the blanking period of the bDCI may take precedence over the other.

Abstract: Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

Abstract: Apparatuses, systems, and methods for a wireless device to perform simultaneous uplink activity for multiple RATs in the same carrier using frequency division multiplexing. The wireless device may establish a first wireless link with a first base station according to a first radio access technology (RAT) and a second wireless link with a second base station according to a second RAT. The first base station may provide a first cell operating in a first system bandwidth and the second base station may provide a second cell operating in a second system bandwidth. The wireless device may determine whether the wireless device has uplink activity scheduled according to both the first RAT and the second RAT. If so, the wireless device may perform uplink activity for both the first RAT and the second RAT in the first system bandwidth using frequency division multiplexing.

Abstract: A downlink control information (DCI), such as a blanking DCI (bDCI) message may be transmitted by a base station (e.g., eNB) and received by a mobile device (e.g., UE). The bDCI may indicate that the eNB will not transmit a subsequent DCI to the UE for a duration of time. The UE may be in continuous reception mode or connected discontinuous reception (C-DRX) mode. The UE may therefore determine to enter a sleep state or take other action. The bDCI may specify an explicit blanking duration, or an index indicating a blanking duration from a lookup table, and/or the blanking duration (and/or a blanking duration offset value) may be determined in advance, e.g., semi-statically. When the UE is in C-DRX mode, the UE may be configured such that either the sleep/wake period of the C-DRX mode or the blanking period of the bDCI may take precedence over the other.

Abstract: Techniques are disclosed relating to downlink control information for wireless communications. In some embodiments, the downlink control information includes code block group information that indicates which code block groups are transmitted and soft buffer handling information that indicates whether to flush previously-determined soft bits that correspond to one or more code block groups.

Abstract: Techniques for identity-based message integrity protection and verification between a user equipment (UE) and a wireless network entity, include use of signatures derived from identity-based keys. To protect against attacks from rogue network entities before activation of a security context with a network entity, the UE verifies integrity of messages by checking a signature using an identity-based public key PKID derived by the UE based on (i) an identity value (ID) of the network entity and (ii) a separate public key PKPKG of a private key generator (PKG) server. The network entity generates signatures for messages using an identity-based private key SKID obtained from the PKG server, which generates the identity-based private key SKID using (i) the ID value of the network entity and (ii) a private key SKPKG that is known only by the PKG server and corresponds to the public key PKPKG.

Abstract: Embodiments described herein relate to credential wrapping for secure transfer of electronic SIMs (eSIMs) between wireless devices. Transfer of an eSIM from a source device to a target device includes re-encryption of sensitive eSIM data, e.g., eSIM encryption keys, financial transaction credentials, transit authority credentials, and the like, using new encryption keys that include ephemeral elements applicable to a single, particular transfer session between the source device and the target device. The sensitive eSIM data encrypted with a symmetric key (Ks) is re-wrapped with a new header that includes a version of Ks encrypted with a new key encryption key (KEK) and information to derive KEK by the target device. The re-encrypted sensitive SIM data is formatted with additional eSIM data into a new bound profile package (BPP) to transfer the eSIM from the source device to the target device.

Abstract: Apparatuses, systems, and methods for a wireless device to detect intermodulation issues and configure a transmission scheme to remedy detected intermodulation issues. The wireless device may perform measurements on a downlink carrier while one uplink carrier is scheduled for the wireless device. The wireless device may also perform measurements on the downlink carrier while two uplink carriers are scheduled for the wireless device. The wireless device may provide information based on those measurements to a serving base station. The base station may determine that an intermodulation issue is occurring at the wireless device based on the information provided, and may configure the wireless device to use a single uplink carrier at a time based at least in part on the intermodulation issue.

Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.

Abstract: Techniques are disclosed relating to preemption indicators in the context of multiplexing different services on wireless physical layer frames. In some embodiments, a preemption indication is transmitted to indicate resources used by a preempting transmission. The preemption indication may be used when preemption is enabled, e.g., as indicated by an RRC message. The preemption indication may be common to multiple UEs. The resources used by the preempting transmission may overlap with other transmissions. In various embodiments, the disclosed techniques may facilitate signal preemption, e.g., by a low-latency, high-reliability data service.

Abstract: This application sets forth techniques for provisioning electronic subscriber identity modules (eSIMs) to mobile wireless devices that do not include functional bootstrap provisioning profiles to obtain access to a cellular wireless network. Connectivity to a cellular wireless network can be allowed for provisioning one or more eSIMs to a mobile wireless device using hardware device identifiers for authentication and a limited purpose provisioning connection when the cellular wireless network supports provisioning connections without the use of a provisioning profile for access.

Abstract: Embodiments described herein relate to eligibility checking for transfer of one or more electronic subscriber identity modules (eSIMs) between two mobile wireless devices. Eligibility to transfer an eSIM to an eUICC of a target device can depend on whether the eUICC of the target device satisfies certain security requirements for the eSIMs to be transferred. The mobile wireless devices can obtain a transfer eligibility result based on communication with one or more network-based servers that can determine compatibility for eSIM transfer.