Abstract: Methods and apparatus for dynamic file system management of an embedded Universal Integrated Circuit Card (eUICC) in response to changes for electronic Subscriber Identity Modules (eSIMs) on the eUICC are disclosed herein. Hardware specific file information, e.g., hardware-based eUICC parameters, which may apply to multiple eSIMs and/or multiple Mobile Network Operators (MNOs), is included in a default eUICC file system. MNO specific information, e.g., MNO-specified parameters, is included in eSIMs. Customized eUICC level files are created, stored, modified and/or replaced based on a combination of default eUICC files and MNO specific information extracted from an eSIM at installation and/or in response to a change of state of the eSIM, such as when enabling, disabling, or updating the eSIM on the eUICC.

Abstract: This disclosure relates to techniques, base stations, and user equipment devices (UEs) for performing base station authentication through access stratum signaling transmissions. The UE may operate in idle mode and may receive an authentication message from a base station through the wireless interface while operating in idle mode. The UE may determine whether a signature comprised within the authentication message is valid, and the UE may continue a connection procedure with the base station based on a determination that the signature is valid. If it is determined that the signature is invalid, the UE may designate the base station as a barred base station and may perform cell re-selection. The authentication message may be one of a radio resource control (RRC) connection setup message, a special RRC message, a media access control (MAC) message, or a random access channel (RACH) message comprising a random access response (RAR) message.

Abstract: Apparatuses, systems, and methods for a wireless device to perform substantially concurrent communications with a next generation network node and a legacy network node. The wireless device may be configured to stablish a first wireless link with a first cell according to a RAT, where the first cell operates in a first system bandwidth and establish a second wireless link with a second cell according to a RAT, where the second cell operates in a second system bandwidth. Further, the wireless device may be configured to perform uplink activity for both the first RAT and the second RAT by TDM uplink data for the first RAT and uplink data for the second RAT if uplink activity is scheduled according to both the first RAT and the second RAT.

Abstract: Techniques are disclosed relating to authenticating a user with a mobile device. In various embodiments, a mobile device receives a request to provision the mobile device with identification information from an identification document issued by an authority to a user for establishing an identity of the user. In response to the received request, the mobile device issues a request for verification information signed by the authority and usable to verify the identification information. The issued request identifies multiple public keys of the mobile device, each having a respective corresponding private key for generating a signature usable to verify the identification information. The mobile device receives and stores the signed verification information, the signed verification information including the plurality of public keys. In some embodiments, the mobile device receives a request provide, at least, a portion of the identification information and selects one of the private keys to generate a signature.

Abstract: Embodiments provided herein identify a certificate issuer (CI) to be relied on as a trusted third party by an electronic subscriber identity module (eSIM) server in remote SIM provisioning (RSP) transactions with an embedded universal integrated circuit card (eUICC). In an RSP ecosystem, multiple CIs may exist. Parties rely on public key infrastructure (PKI) techniques for establishment of trust. Trust may be established based on a trusted third party such as a CI. Parties need to agree on the CI in order for some PKI techniques to be useful. Embodiments provided herein describe approaches for an eUICC and an eSIM server to arrive at an agreed-on CI. Candidate or negotiated CIs may be indicated on a public key identifier (PKID) list. A PKID list is distributed, in some embodiments, by means of a discovery server, via an activation code (AC) and/or during the establishment of a profile provisioning session.

Abstract: Techniques are disclosed relating to authenticating a user with a mobile device. In some embodiments, a computing device stores a first signed attestation indicating an ability of the computing device to securely perform a user authentication. The computing device receives a request to store credential information of an identification document issued by an issuing authority to a user for establishing an identity of the user. In response to the request, the computing device sends, to the issuing authority, a request to store the credential information, the sent request including the first signed attestation to indicate an ability to perform a user authentication prior to permitting access to the credential information. In response to an approval of the sent request based on the first signed attestation, the computing device stores the credential information in a secure element of the computing device.

Abstract: Apparatuses, systems, and methods for a wireless device to perform substantially concurrent communications with a next generation network node and a legacy network node. The wireless device may be configured to establish a first wireless link with a first cell according to a RAT, where the first cell operates in a first system bandwidth and establish a second wireless link with a second cell according to a RAT, where the second cell operates in a second system bandwidth. Further, the wireless device may be configured to perform uplink activity for both the first RAT and the second RAT by TDM uplink data for the first RAT and uplink data for the second RAT if uplink activity is scheduled according to both the first RAT and the second RAT.

Abstract: Techniques to protect a subscriber identity, by encrypting a subscription permanent identifier (SUPI) to form one-time use subscription concealed identifiers (SUCIs) using a set of one-time ephemeral asymmetric keys, generated by a user equipment (UE), and network provided keys are disclosed. Encryption of the SUPI to form the SUCIs can mitigate snooping by rogue network entities, such as fake base stations. The UE is restricted from providing the unencrypted SUPI over an unauthenticated connection to a network entity. In some instances, the UE uses a trusted symmetric fallback encryption key KFB or trusted asymmetric fallback public key PKFB to verify messages from an unauthenticated network entity and/or to encrypt the SUPI to form a fallback SUCIFB for communication of messages with the unauthenticated network entity.

Abstract: Embodiments are presented herein of apparatuses, systems, and methods for utilizing a flexible slot indicator in wireless communication. A base station (BS) may establish communication with a first user equipment device (UE). The BS may determine a transmission direction for each of a plurality of symbols included in one or more slots. The BS may transmit a slot format indicator (SFI) to the UE. The SFI may indicate the transmission direction for each of the plurality of symbols included in one or more slots. The BS and the UE may perform communication during the one or more slots according to the determined transmission direction.

Abstract: A device level lock policy, which applies to all smart secure platform (SSP) applications of a mobile device, is used to determine whether a particular SSP application can be activated. A tamper resistant hardware secure element (SE) includes a primary platform with a low level operating system (OS) and one or more SSP applications within one or more secondary platform bundles that include secondary platforms with high level OSs specific to the secondary platform bundles. The low level OS enforces the device level lock policy for all secondary platform bundles by verifying whether a lock policy for the SSP application is consistent with the device level lock policy. When verification succeeds, activation is allowed, and when verification fails, activation is disallowed. Subscription identifiers are not provided in unencrypted form to processing circuitry of the mobile device external to the tamper resistant hardware SE to provide subscriber identity privacy protection.

Abstract: Techniques to protect subscriber identity in messages communicated between a user equipment (UE) and a cellular wireless network entity by using multiple ephemeral asymmetric keys are disclosed. The UE determines multiple ephemeral UE public and secret key pairs, while the cellular wireless network entity provides a network public key to the UE. The network public key may be updated over time. Multiple encryption keys based on the multiple ephemeral UE secret keys and the public network key are derived and used to encrypt a subscription permanent identifier (SUPI) to generate multiple subscription concealed identifiers (SUCIs). Each SUCI is used only once for messages communicated to a cellular wireless network and discarded after use. New SUCI are generated when the network public key is updated.

Abstract: A digital letter of approval (DLOA) is used by a subscription manager (SM) server to determine whether a device is compliant with requirements for an application to be provisioned. If the device is compliant, the application is provisioned to the device or to an embedded universal integrated circuit card (eUICC) included in the device. To increase the security of the device DLOA, the device DLOA is linked to the eUICC, in some embodiments. The linkage may be based on one or more platform label fields in the device DLOA. A database is consulted, in some embodiments, to confirm a relationship between the device and the eUICC identified in the device DLOA. In some embodiments, the eUICC signs the device DLOA and the device DLOA with eUICC signature is sent to the SM server. In some embodiments, the device provides a device signature on the DLOA independent of the eUICC.

Abstract: Embodiments are presented herein of apparatuses, systems, and methods for utilizing a flexible slot indicator in wireless communication. A base station (BS) may establish communication with a first user equipment device (UE). The BS may determine a transmission direction for each of a plurality of symbols included in one or more slots. The BS may transmit a slot format indicator (SFI) to the UE. The SFI may indicate the transmission direction for each of the plurality of symbols included in one or more slots. The BS and the UE may perform communication during the one or more slots according to the determined transmission direction.

Abstract: This disclosure relates to techniques for a wireless device to perform radio resource control procedures with improved security. The wireless device may establish a radio resource control connection with a cellular base station. A capability enquiry may be received from the cellular base station. The wireless device may determine how much capability information to provide in response to the capability enquiry based at least in part on whether access stratum security has been established, either in the current radio resource connection, or in a previous radio resource connection, between the wireless device and the cellular base station when the capability enquiry is received.

Abstract: Methods and apparatus for user authentication and human intent verification of administrative operations for eSIMs of an eUICC included in a mobile device are disclosed. Certain administrative operations, such as import, modification, and/or export, of an eSIM and/or for an eUICCs firmware can require user authentication and/or human intent verification before execution of the administrative operations are performed or completed by the mobile device. A user of the mobile device provides information to link an external user account to an eSIM upon (or subsequent to) installation on the eUICC. User credentials, such as a user name and password, and/or information generated therefrom, can be used to authenticate the user with an external server. In response to successful user authentication, the administrative operations are performed. Human intent verification can also be performed in conjunction with user authentication to prevent malware from interfering with eSIM and/or eUICC functions of the mobile device.

Abstract: A device assists an embedded Universal Integrated Circuit Card (eUICC) resident in the device with verification of public key information or of security materials. The verification provided by the device can be configured by the user and/or by the eUICC. The verification includes checking for expiration of public key information or presence of an associated public key in a trusted list. The trusted list in some instances includes pinning hash values. The device can warn an end user and/or an infrastructure entity, of an issue if the verification fails. An extension of certificate revocation lists includes a logical indication of at least one new public key in a CRL list. A CRL data field may also indicate a previous CRL, where the previous CRL is the most recent CRL containing a public key listing with at least one new entry.

Abstract: Methods and apparatus for dynamic file system management of an embedded Universal Integrated Circuit Card (eUICC) in response to changes for electronic Subscriber Identity Modules (eSIMs) on the eUICC are disclosed herein. Hardware specific file information, e.g., hardware-based eUICC parameters, which may apply to multiple eSIMs and/or multiple Mobile Network Operators (MNOs), is included in a default eUICC file system. MNO specific information, e.g., MNO-specified parameters, is included in eSIMs. Customized eUICC level files are created, stored, modified and/or replaced based on a combination of default eUICC files and MNO specific information extracted from an eSIM at installation and/or in response to a change of state of the eSIM, such as when enabling, disabling, or updating the eSIM on the eUICC.

Abstract: Apparatuses, systems, and methods for a wireless device to perform substantially concurrent communications with a next generation network node and a legacy network node. The wireless device may be configured to stablish a first wireless link with a first cell according to a RAT, where the first cell operates in a first system bandwidth and establish a second wireless link with a second cell according to a RAT, where the second cell operates in a second system bandwidth. Further, the wireless device may be configured to perform uplink activity for both the first RAT and the second RAT by TDM uplink data for the first RAT and uplink data for the second RAT if uplink activity is scheduled according to both the first RAT and the second RAT.

Abstract: A digital letter of approval (DLOA) is used by a subscription manager (SM) server to determine whether a device is compliant with requirements for an application to be provisioned. If the device is compliant, the application is provisioned to the device or to an embedded universal integrated circuit card (eUICC) included in the device. To increase the security of the device DLOA, the device DLOA is linked to the eUICC, in some embodiments. The linkage may be based on one or more platform label fields in the device DLOA. A database is consulted, in some embodiments, to confirm a relationship between the device and the eUICC identified in the device DLOA. In some embodiments, the eUICC signs the device DLOA and the device DLOA with eUICC signature is sent to the SM server. In some embodiments, the device provides a device signature on the DLOA independent of the eUICC.

Abstract: Duplicate processing of events registered at a root server is avoided. An electronic subscriber identity module (eSIM) server pushes, to a root server, data in the form of notification data portions indicating that commands or events need to be processed by a device. The device includes an embedded universal integrated circuit card (eUICC). The device pulls a notification list from the root server. The notification list includes one or more notification data portions. The device checks a given notification data portion to see if it represents a duplicate before communicating with the eSIM server to perform further processing related to the event. The device bases the check for duplication on an event history and/or on a hash value where the hash value is based on one or more eSIMs installed in the eUICC. The device is able to prioritize notification data portions before processing them.