Abstract: Presented are systems and methods for acquiring channel state information. A wireless communicate node may transmit a channel state information reference signal (CSI-RS) to a wireless communication device via a first antenna port of a plurality of antenna ports of the wireless communication node. The wireless communication node may receive a channel state information (CSI) report from the wireless communication device.

Abstract: This disclosure generally relates to transferring encryption key to a VPLMN in wireless communication. Performed by first network element, the method includes: transmitting a query message to a second network element, to request an identification of a NF entity, wherein the query message comprises an identifier of a wireless device, and wherein the network function is an entity in the VPLMN for storing encryption keys; receiving, from the second network element, a response to the query message, the response comprising the identification of the NF entity; and transmitting, to the NF entity based on the identification of the NF entity, a first message comprising an encryption key, wherein the AF entity is located in the HPLMN or a DN external to the HPLMN and the VPLMN.

Abstract: This disclosure relates generally to a method, device, and system for ensuring security related to SCG and/or SN in a wireless network. One method performed by a wireless device is disclosed. The method may include: selecting a target PScell; the target PScell being associated with a target SN; determining whether the SW counter needs to be updated; in determination that the SW counter needs to be updated: incrementing the SW counter by a predefined value; and updating the security key based on the incremented SW counter and the base key; and transmitting, to a master node or the target SN, a first message requesting switching from a current PScell to the target PScell, the first message comprises at least one of: an indicator indicating that an update of the security key in the target SN is needed; or a value of the incremented SW counter.

Abstract: This document describes methods, apparatus, and systems that relate to enable Authentication and Key Management for Application service for roaming users. In one example aspect, a method for wireless communication includes receiving, by a network device in a first network from a network device in a second network, a signal indicative of an authentication result related to a wireless device, wherein the signal includes a first key and an indication in case that the first network is different from the second network; and generating, by the network device, a key related information based on the signal.

Abstract: This disclosure relates generally to a method, device, and system for ensuring security related to SCG in a wireless network. One method performed by a wireless device is disclosed. The method may include: selecting a target PScell, the target PScell being associated with a target SN, wherein the target SN is a member of a list of SNs, each SN in the list of SNs is associated with a SN counter; determining whether a SN counter associated with the target SN needs to be updated; in determination that the SN counter associated with the target SN needs to be updated, selecting a refreshed SN counter value and updating at least the SN counter associated with the target SN with the refreshed SN counter value; and transmitting, to the master node, a first message requesting switching from a current PScell to the target PScell.

Abstract: A wireless communication method is provided. The wireless communication method includes: receiving an authentication indicator; utilizing the authentication indicator to access authentication information; and providing the authentication information for selecting an authentication method.

Abstract: Techniques are described to perform network relay security. Multiple methods and an apparatus are proposed to protect the sensitive communication information of users in network communication environment. This application proposes a mechanism for protecting roaming UE capability indication in UE initiated slice-based SoR from attacks such as bidding down attacks. An example communication method includes generating, by a communication device, a request information message that includes a request information to be encrypted by a key, wherein the key is selected from a plurality of key pairs known to the first network node and the communication device, wherein a portion of the request information is transparent to a second network node; and transmitting, from the communication device, the request message to a first network node through the second network node, wherein the request message comprises a key identifier and a user identifier.

Abstract: A wireless communication method for use in a first wireless device is disclosed. The method comprises receiving, from a second wireless device, update information of proximity service (ProSe) subscription data of at least one wireless terminal.

Abstract: Method, systems and devices for wireless communication. The method includes protecting privacy of a transmitted network slice selection assistance information (NSSAI) between a user equipment and a base station. The method includes receiving a temporary NSSAI (T-NSSAI) from an access and mobility management function (AMF) to the base station, the T-NSSAI comprising at least one temporary single NSSAI (T-S-NSSAI) and storing the T-NSSAI in the base station. The method also includes receiving a radio resource control (RRC) signaling message from the user equipment to the base station, the RRC signaling message comprising a T-S-NSSAI corresponding to an allowed single NSSAI (S-NSSAI); and selecting the AMF based on the T-S-NSSAI.

Abstract: The present disclosure describes methods, systems and devices for establishing secure communication between a user equipment and a service application in a wireless communication. One method includes receiving, by the user equipment, an authentication and key management for service applications identifier (AKMAID) from an authentication server function (AUSF) upon successful completion of an authentication process for registering the user equipment with the communication network.

Abstract: Methods, systems, and devices related to related to digital wireless communication, and more specifically, to techniques related to securing a user authentication procedure. In one exemplary aspect, a method for wireless communication includes transmitting an authentication message from a network node. The method also includes determining a failure value indicating a reason for failure of the authentication message. The method also includes encrypting the failure value and an identifier. The method also includes transmitting an encrypted response message to the network node. In another exemplary aspect, a method for wireless communication includes transmitting an authentication message to a terminal. The method also includes receiving an encrypted response message from the terminal. The method also includes decrypting the encrypted response message to determine the failure value and the indicator.

Abstract: A method for registration, a terminal device, a core network device, and a storage medium are disclosed. The method may include acquiring a first registration request message sent by a first terminal device, where the first registration request message may include a first identifier of the first terminal device; acquiring related information about a second terminal device associated with the first identifier; acquiring a second identifier of the first terminal device, in response to the related information about the second terminal device being in an active state; and performing a registration for the first terminal device according to the second identifier.

Abstract: Provided are a subscription data update method and apparatus, a node, and a storage medium, where the method includes: in a case where a first network function node determines that authentication and key management for applications (AKMA) subscription data of a user is updated, determining, by the first network function node, a second network function node storing an AKMA context of the user; sending, by the first network function node, a subscription data management notification message to the second network function node; and receiving, by the first network function node, a subscription data management notification response message sent by the second network function node; where the subscription data management notification response message is sent after the second network function node deletes the AKMA context of the user according to the subscription data management notification message.

Abstract: This disclosure generally relates to updating and synchronizing security configuration in communication networks. Performed by a wireless device in a wireless network, the method includes receiving, from a first network element hosting an application function, a first message comprising at least one of: an Authentication and Key Management for Applications (AKMA) anchor key identifier associated with the wireless device; an authentication method indicator indicating an authentication method; or a set of parameters associated with the authentication method.

Abstract: Provided are a method and device for reporting a capacity, a method and device for key agreement, a terminal and a communication device and system. The terminal sends anti-pseudo base station capacity indication information to the communication device, and the anti-pseudo base station capacity indication information can indicate an anti-pseudo base station capacity of the terminal to the communication device. The communication device can determine the anti-pseudo base station capacity of the terminal after acquiring the anti-pseudo base station capacity indication information sent by the terminal, and perform an authentication and key agreement process matching the anti-pseudo base station capacity of the terminal and an anti-pseudo base station capacity of a target base station.

Abstract: A key update method, a network element, user equipment, and a storage medium are disclosed. The method may include: sending an application key update request to a second network element according to a user identity in response to an application key corresponding to a key identifier carried in a session establishment request being invalid; and determining an updated application key according to a message associated with the application key update request.

Abstract: Method, device and computer program product for wireless communication are provided. A method includes: receiving, by a proximity service anchor function from a remote wireless communication terminal, a request for a key used for a communication between the remote wireless communication terminal and a relay wireless communication terminal, and the request comprising at least one of: a Proximity Remote User Key, PRUK, identifier, an identifier of the remote wireless communication terminal, a relay service code, or a first nonce; and transmitting, by the proximity service anchor function to the remote wireless communication terminal, a request for the identity of the remote wireless communication terminal or a reject message in response to the proximity service anchor node not being able to find a PRUK stored locally corresponding to the PURK identifier or the proximity service anchor node determining to authenticate the remote wireless communication terminal.

Abstract: Disclosed are techniques for refreshing and updating user keys and user key lifetimes in a wireless communication system. In one aspect, a method of wireless communication is disclosed. The method includes generating, by an authentication node, a remote user key and a remote user key lifetime. The method further includes sending, from the authentication node to an anchor function node, the remote user key and the remote user key lifetime, and sending the remote user key lifetime to a remote wireless device via a relay wireless device.

Abstract: Embodiments of the prevent invention provide a network access authentication method and device. The method comprises: receiving an authentication request message sent by a first serving network, wherein the authentication request message carries a user equipment pseudonym identifier generated by a user equipment; determining whether a local user equipment pseudonym identifier is asynchronous with the user equipment pseudonym identifier generated by the user equipment; and obtaining, if the determination result is yes, an encrypted international mobile subscriber identity (IMSI) to carry out network access authentication on the user equipment. The embodiments of the present invention can solve the problem that a network access process in the related art does not provide a processing method for the case where the user equipment pseudonym identifier in the user equipment is asynchronous with the user equipment pseudonym identifier in a home network.

Abstract: Presented are systems, methods, apparatuses, or computer-readable media for authenticating remote wireless communication devices. An authentication server function (AUSF) may send, to a unified data management (UDM), a request for authentication vectors (AV) in association with a remote wireless communication device seeking authorization to access a network via a relay wireless communication device. The request may include an indicator to indicate to the UDM to bypass storing information related to the AUSF. The AUSF may receive, from the UDM, the AV in response to the request.