Abstract: A wireless communication method is provided. The wireless communication method includes: receiving an authentication indicator; utilizing the authentication indicator to access authentication information; and providing the authentication information for selecting an authentication method.

Abstract: Techniques are described to perform network relay security. Multiple methods and an apparatus are proposed to protect the sensitive communication information of users in network communication environment. This application proposes a mechanism for protecting roaming UE capability indication in UE initiated slice-based SoR from attacks such as bidding down attacks. An example communication method includes generating, by a communication device, a request information message that includes a request information to be encrypted by a key, wherein the key is selected from a plurality of key pairs known to the first network node and the communication device, wherein a portion of the request information is transparent to a second network node; and transmitting, from the communication device, the request message to a first network node through the second network node, wherein the request message comprises a key identifier and a user identifier.

Abstract: A wireless communication method for use in a first wireless device is disclosed. The method comprises receiving, from a second wireless device, update information of proximity service (ProSe) subscription data of at least one wireless terminal.

Abstract: Method, systems and devices for wireless communication. The method includes protecting privacy of a transmitted network slice selection assistance information (NSSAI) between a user equipment and a base station. The method includes receiving a temporary NSSAI (T-NSSAI) from an access and mobility management function (AMF) to the base station, the T-NSSAI comprising at least one temporary single NSSAI (T-S-NSSAI) and storing the T-NSSAI in the base station. The method also includes receiving a radio resource control (RRC) signaling message from the user equipment to the base station, the RRC signaling message comprising a T-S-NSSAI corresponding to an allowed single NSSAI (S-NSSAI); and selecting the AMF based on the T-S-NSSAI.

Abstract: The present disclosure describes methods, systems and devices for establishing secure communication between a user equipment and a service application in a wireless communication. One method includes receiving, by the user equipment, an authentication and key management for service applications identifier (AKMAID) from an authentication server function (AUSF) upon successful completion of an authentication process for registering the user equipment with the communication network.

Abstract: Methods, systems, and devices related to related to digital wireless communication, and more specifically, to techniques related to securing a user authentication procedure. In one exemplary aspect, a method for wireless communication includes transmitting an authentication message from a network node. The method also includes determining a failure value indicating a reason for failure of the authentication message. The method also includes encrypting the failure value and an identifier. The method also includes transmitting an encrypted response message to the network node. In another exemplary aspect, a method for wireless communication includes transmitting an authentication message to a terminal. The method also includes receiving an encrypted response message from the terminal. The method also includes decrypting the encrypted response message to determine the failure value and the indicator.

Abstract: A method for registration, a terminal device, a core network device, and a storage medium are disclosed. The method may include acquiring a first registration request message sent by a first terminal device, where the first registration request message may include a first identifier of the first terminal device; acquiring related information about a second terminal device associated with the first identifier; acquiring a second identifier of the first terminal device, in response to the related information about the second terminal device being in an active state; and performing a registration for the first terminal device according to the second identifier.

Abstract: Provided are a subscription data update method and apparatus, a node, and a storage medium, where the method includes: in a case where a first network function node determines that authentication and key management for applications (AKMA) subscription data of a user is updated, determining, by the first network function node, a second network function node storing an AKMA context of the user; sending, by the first network function node, a subscription data management notification message to the second network function node; and receiving, by the first network function node, a subscription data management notification response message sent by the second network function node; where the subscription data management notification response message is sent after the second network function node deletes the AKMA context of the user according to the subscription data management notification message.

Abstract: This disclosure generally relates to updating and synchronizing security configuration in communication networks. Performed by a wireless device in a wireless network, the method includes receiving, from a first network element hosting an application function, a first message comprising at least one of: an Authentication and Key Management for Applications (AKMA) anchor key identifier associated with the wireless device; an authentication method indicator indicating an authentication method; or a set of parameters associated with the authentication method.

Abstract: Provided are a method and device for reporting a capacity, a method and device for key agreement, a terminal and a communication device and system. The terminal sends anti-pseudo base station capacity indication information to the communication device, and the anti-pseudo base station capacity indication information can indicate an anti-pseudo base station capacity of the terminal to the communication device. The communication device can determine the anti-pseudo base station capacity of the terminal after acquiring the anti-pseudo base station capacity indication information sent by the terminal, and perform an authentication and key agreement process matching the anti-pseudo base station capacity of the terminal and an anti-pseudo base station capacity of a target base station.

Abstract: A key update method, a network element, user equipment, and a storage medium are disclosed. The method may include: sending an application key update request to a second network element according to a user identity in response to an application key corresponding to a key identifier carried in a session establishment request being invalid; and determining an updated application key according to a message associated with the application key update request.

Abstract: Method, device and computer program product for wireless communication are provided. A method includes: receiving, by a proximity service anchor function from a remote wireless communication terminal, a request for a key used for a communication between the remote wireless communication terminal and a relay wireless communication terminal, and the request comprising at least one of: a Proximity Remote User Key, PRUK, identifier, an identifier of the remote wireless communication terminal, a relay service code, or a first nonce; and transmitting, by the proximity service anchor function to the remote wireless communication terminal, a request for the identity of the remote wireless communication terminal or a reject message in response to the proximity service anchor node not being able to find a PRUK stored locally corresponding to the PURK identifier or the proximity service anchor node determining to authenticate the remote wireless communication terminal.

Abstract: Disclosed are techniques for refreshing and updating user keys and user key lifetimes in a wireless communication system. In one aspect, a method of wireless communication is disclosed. The method includes generating, by an authentication node, a remote user key and a remote user key lifetime. The method further includes sending, from the authentication node to an anchor function node, the remote user key and the remote user key lifetime, and sending the remote user key lifetime to a remote wireless device via a relay wireless device.

Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.

Abstract: Presented are systems, methods, apparatuses, or computer-readable media for authenticating remote wireless communication devices. An authentication server function (AUSF) may send, to a unified data management (UDM), a request for authentication vectors (AV) in association with a remote wireless communication device seeking authorization to access a network via a relay wireless communication device. The request may include an indicator to indicate to the UDM to bypass storing information related to the AUSF. The AUSF may receive, from the UDM, the AV in response to the request.

Abstract: This disclosure generally relates to re-allocating a UE from an initial AMF to a target AMF. The disclosed method may be performed by an initial AMF. The method may include receiving, from a first network element, a first message comprising a list of candidate core network elements; and transmitting, to a second network element, a second message comprising the target core network element selected from the list of candidate core network elements.

Abstract: A primary authentication procedure is triggered to derive an authentication key for a home network. The authentication key may be used for interworking between network types. For example, a home network primary authentication mechanism may be triggered for interworking from Evolved Packet System (EPS) to 5GS. When a user equipment (UE) moves between network types, the security context and authentication may be different or incompatible. For example, an authentication key may be missing, which may be needed for authentication in one of the network types. Authentication key support may be determined and registration/authentication may vary based on that support. When there is no support for the authentication key, a reauthentication process may be performed.

Abstract: An anti-pseudo base station method and apparatus, and a computer-readable storage medium are provided. The anti-pseudo base station method includes: sending, by a base station, first anti-pseudo base station capacity information to a mobile terminal, wherein the first anti-pseudo base station capacity information is used for identifying an anti-pseudo base station capacity of the base station.

Abstract: Presented are systems and methods for authorization of proximity based services. A first wireless communication device may send, to a second wireless communication device, a message to access a network via the second wireless communication device as a relay node, using at least one authentication and key management for applications (AKMA) service. The message may include an AKMA key identifier (A-KID) and a freshness parameter. The first wireless communication device may generate a validation token to validate against another validation token of the second wireless communication device. The first wireless communication device may generate the validation token using the freshness parameter and a proximity based service function (PBSF) key (KPBSF).

Abstract: Provided are an authentication processing method and device, a storage medium, and an electronic device. The method includes that: a terminal receives an authentication request message from an authentication function; and in cases where authentication on the authentication request message fails, the terminal feeds back an authentication failure message to the authentication function. In cases where the cause of the authentication failure is a Message Authentication Code (MAC) failure and in cases where a cause of authentication failure is a Synchronization (Sync) failure, the terminal feeds back authentication failure messages of the same type to the authentication function.