RADEXT WG S. Gundavelli
Internet-Draft S. Kishore
Intended status: Standards Track M. Grayson
Expires: 11 January 2024 O. Pekar
Cisco
10 July 2023
RADIUS Attributes for 3GPP 5G AKA Authentication Method
draft-gundavelli-radext-5g-auth-00
Abstract
This document proposes extensions to the Remote Authentication Dial-
In User Service (RADIUS) protocol to support the 3rd Generation
Partnership Project (3GPP) 5G Authentication and Key Agreement (5G-
AKA) authentication method.
The 5G-AKA protocol is a critical authentication method used in 5G
networks for mutual authentication and key derivation between user
devices and the network. By integrating 5G-AKA into RADIUS,
enterprises can leverage existing RADIUS-based authentication
infrastructure for authenticating 5G devices.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 11 January 2024.
Copyright Notice
Copyright (c) 2023 IETF Trust and the persons identified as the
document authors. All rights reserved.
Gundavelli, et al. Expires 11 January 2024 [Page 1]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions and Terminology . . . . . . . . . . . . . . . . . 3
2.1. Conventions . . . . . . . . . . . . . . . . . . . . . . . 3
2.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
3. Motivation . . . . . . . . . . . . . . . . . . . . . . . . . 4
4. Overview of 5G Security . . . . . . . . . . . . . . . . . . . 5
5. RADIUS Support for 5G-AKA Authentication Method . . . . . . . 6
5.1. Call Flow . . . . . . . . . . . . . . . . . . . . . . . . 6
6. 5G-AKA RADIUS Attribute Definitions . . . . . . . . . . . . . 7
6.1. 5G-Auth-RAND . . . . . . . . . . . . . . . . . . . . . . 7
6.2. 5G-Auth-AUTN . . . . . . . . . . . . . . . . . . . . . . 8
6.3. 5G-Auth-HXRES-STAR . . . . . . . . . . . . . . . . . . . 8
6.4. 5G-Auth-KSEAF . . . . . . . . . . . . . . . . . . . . . . 8
6.5. 5G-DNN . . . . . . . . . . . . . . . . . . . . . . . . . 8
6.6. 5G-SN-NAME . . . . . . . . . . . . . . . . . . . . . . . 8
6.7. User-Name . . . . . . . . . . . . . . . . . . . . . . . . 8
6.8. THREEGENPP_IMEISV . . . . . . . . . . . . . . . . . . . . 8
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9
8. Security Considerations . . . . . . . . . . . . . . . . . . . 9
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
10.1. Normative References . . . . . . . . . . . . . . . . . . 9
10.2. Informative References . . . . . . . . . . . . . . . . . 9
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction
Authentication and key management are critical for ensuring secure
communication within the access network. These mechanisms enable
mutual authentication between the device and the access network,
verifying identities and establishing trust. By validating the
identities of both parties, these procedures ensure that only
authorized devices can access the network. Additionally, these
procedures derive cryptographic keys that safeguard both signaling
and user plane data. By doing so, they protect the integrity and
confidentiality of the transmitted information, preventing
unauthorized access and maintaining a secure communication
Gundavelli, et al. Expires 11 January 2024 [Page 2]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
environment within cellular networks.
3GPP 5G System architecture has defined support for different
authentication methods - 5G AKA, EAP AKA' and EAP TLS and EAP TTLS.
The currently supported authentication interfaces require the new
network elements (e.g., AUSF, UDM) for supporting these
authentication methods.
Integrating this authentication method into RADIUS allows network
operators to leverage existing RADIUS infrastructure for user
authentication and authorization in 5G deployments. This document
defines new RADIUS attributes to support the 5G-AKA procedure,
enabling interoperability between RADIUS servers and 5G network
elements.
2. Conventions and Terminology
2.1. Conventions
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
2.2. Terminology
All the mobility terms used in this document are to be interpreted as
defined in the IETF and 3GPP specifications. For convenience, the
definitions for some of the terms are provided below.
Subscription Permanent Identifier (SUPI))
A globally unique 5G Subscription Permanent Identifier (SUPI) is
allocated to each subscriber in the 5G System. The SUPI value is
provisioned in USIM and UDM/UDR function in 5G Core. The
structure of SUPI and its privacy is specified [TS23501]
Subscription Concealed Identifier (SUCI)
The Subscription Concealed Identifier (SUCI) is a privacy
preserving identifier containing the concealed SUPI. The UE
generates a SUCI using the public key of the Home Network
provisioned to the USIM. The structure of SUCI is specified in
3GPP specification [TS33501].
Permanent Equipment Identifier (PEI)
In 5G System, the Permanent Equipment Identifier (PEI) is a unique
Gundavelli, et al. Expires 11 January 2024 [Page 3]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
identifier of a UE accessing the private 5G System. The structure
of the PEI is specified in 3GPP specification [TS23003].
International Mobile Station Equipment Identifier (IMEI)
IMEI is a number that uniquely identifies a mobile device in
Global System for Mobile Communications (GSM) The structure of the
IMEI is specified in 3GPP specification [TS33102].
Sequence Number (SQN)
SQN MS The highest sequence number the USIM has accepted.
3. Motivation
Enterprises now have the opportunity to expand and enhance their
wireless coverage density by complementing their existing IEEE
802.11-based wireless architectures with 3GPP-based 5G access
networks.
There are multiple deployment options available for implementing an
enterprise 5G system. It can be deployed through a System Integrator
(SI), a mobile operator, a Wi-Fi operator in collaboration with a
cellular provider, potentially a cloud provider, or by the enterprise
IT themselves if they possess their own licensed spectrum. While
these options provide a strong foundation for enabling basic 5G
access connectivity, there is considerable value in achieving
convergence across these diverse access architectures and leveraging
the already deployed network elements. It is highly desirable for
enterprise IT to possess the capability to correlate identities
across different access technologies and enforce consistent
enterprise policies.
Gundavelli, et al. Expires 11 January 2024 [Page 4]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
_------_
_( )_ +---+
-(Enterprise)--------|AAA|
-( Network)- +---+
'-----' (RADIUS)
|
|
+---------------+
| |
+-----+ +-----+
|Wi-Fi| | P5G |
+-----+ +-----+
. .
. .
. +------+ .
. . |Device| . .
+------+
Figure 1: Enterprise Architecture
Enterprise network architectures have undergone extensive evolution
over an extended period, resulting in intricate structures. These
architectures are designed to be technology-agnostic, accommodating
both Ethernet and Wi-Fi-based connections seamlessly. RADIUS-based
infrastructure is widely employed for authentication and policy
management purposes. As 5G-based private networks become integrated
into enterprise environments, it is a natural progression to consider
private 5G as another access technology, allowing the utilization of
the existing RADIUS infrastructure to authenticate 5G devices. The
adoption of a unified authentication and policy infrastructure across
different access technologies enables the realization of identity
correlation and ensures consistent policy enforcement.
Based on this motivation, we put forward proposals for extending the
RADIUS protocol to support the 5G-AKA authentication method.
4. Overview of 5G Security
The 5G security architecture is given below.
+----+ +-------+ +------+ +-----------------+
| UE | | AMF | |AUSF | | UDM |
| | |(SEAF) | | | | (SIDF, ARPF) |
+----+ +-------+ +------+ +-----------------+
Figure 2: Enterprise Architecture
ARPF (Authentication credential Repository for Procession Function)
Gundavelli, et al. Expires 11 January 2024 [Page 5]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
ARPF is part of UDM as per the standard. ARPF contains subscriber
credentials, i.e long term keys and Subscriber Identifier (SUPI).
Subscriber credentials may alternatively be stored in UDR
[TS23003].
SIDF (Subscriber Identifier De-concealing Function)
SIDF is a service offered by UDM in home network. It is
responsible for resolving the SUPI from the SUCI.
AUSF (Authentication Server Function)
It is standalone NF located in subscriber's home network. It is
handling authentication in home network based on information
received from UE and UDM/ARPF
SEAF (Security Anchor Function)
SEAF is functionality provided by the AMF It is handling
authentication in serving network based on information received
from UE and AUSF.
In 5G UE is authenticated by home network(AUSF) and serving
network(SEAF).
5. RADIUS Support for 5G-AKA Authentication Method
In the proposed approach the RADIUS server will implement the 5G-AKA
algorithm. Furthermore, it is assumed there will be no support for
interoperator roaming.
+----+ +-------+ +---------------------+
| UE | | AMF | | RADIUS |
| | |(SEAF) | | SERVER |
+----+ +-------+ +---------------------+
Figure 3: Enterprise Architecture
5.1. Call Flow
In the proposed approach, the RADIUS server will be the primary
authentication function. Following are the interactions between the
5G system and the RADIUS Server.
Gundavelli, et al. Expires 11 January 2024 [Page 6]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
+----+ +-----+ +---------+
| UE | | AMF | | RADIUS |
+----+ +-----+ +---------+
| 1 | |
| --------> | |
| | 2 |
| | ---------->|
| | |
| | 3 |
| | <----------|
Figure 4: 5G-AKA Authentication Flow
* Step-1: UE Sends NAS message to AMF which includes SUCI or 5G-
GUTI.
* Step-2: AMF creates an "Access Request" containing RADIUS
attributes User-Name that contains 5G subscriber identifier in
format SUCI or SUPI and 5G-SN-NAME that identifies the serving
network name.
* Step-3: Once the RADIUS server receives the request it converts
the SUCI to SUPI using SIDF function. RADIUS server consult the
database of users to find the user whose name matches with SUPI in
the request. This is equivalent to ARPF function in UDM. RADIUS
server geneartes Authenticaion Vector using the 5G-AKA algorithm.
This vector consists of RAND, AUTN, HXRES*, KAUSF. The AUSF
function takes KAUSF and generates KSEAF. RADIUS creates Access
Accept containing authentication vector attributes 5G-Auth_RAND,
5G-Auth-AUTN, 5G-Auth-HXRES-STAR, 5G-Auth-KSEAF, 3GPP-IMSI,
5G-DNN, 3GPP-IMEISV. All key derivations for 5G-AKA shall be
performed using the key derivation function (KDF) specified in
Annex B.2.0 of TS 33.220.
* On successful lookup of 5G subscriber identity in the database
and successful calculation of resulting 5G-AKA authentication
vector RADIUS server sends Access-Accept message that contains the
resulting authentication vector in 5G authentication RADIUS
attributes specified in section 6 of this document.
* If RADIUS server fails to execute one or more operations it sends
RADIUS Access-Reject message indicating that 5G-AKA authentication
failed.
* Note-1: RADIUS server must be provided with 128-bit long K and
128-bit long OPC 5G-AKA parameters per subscriber identity SUPI
to perform authentication vector calculations according to 5G-AKA
algorithm.
* Note-2: RADIUS server must be provided with the manaale SQN
parameter that represents a 48-bits long sequence number. The
initial value of SQN for 5G subscriber should be 1. The SQL
parameter is increased on every 5G-AKA authentication for the
specific 5G subscriber and when it reaches 0x7FFFFFFFFFFF it is
rolled over to 1 as specified in TS 33.102 section C.3.2
* SQN sync flow <TBD>
Gundavelli, et al. Expires 11 January 2024 [Page 7]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
6. 5G-AKA RADIUS Attribute Definitions
Following are the attributes that are required for supporting 5G-AKA
Authentication Method.
In addition to the new 5G-AKA specific attributes, the standard
vendor specific attributes 3GPP-IMSI and 3GPP-IMEISV are used for
identity exchange between RADIUS client and RADIUS server.
6.1. 5G-Auth-RAND
Description
The 5G-Auth-RAND is of type binary and contains the random number
which is part of the authentication vector generated by 5G-AKA
algorithm. The size of this value is 128 bits.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
<TBD>
Length
18
String
A random value.
Gundavelli, et al. Expires 11 January 2024 [Page 8]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
6.2. 5G-Auth-AUTN
Description
The 5G-Auth-AUTN is of type binary and contains the authentication
token which is part of the authentication vector generated by
5G-AKA algorithm. The size of this value is 160 bits. AUTN is
generated using this formula (SQN ^ AK) || AMF || MAC_A. AMF is
set to 0x8000.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
<TBD>
Length
22
String
The value of Authentication Token parameter of 5G-AKA algorithm.
6.3. 5G-Auth-HXRES-STAR
Description
The 5G-Auth-HXRES-STAR is of type binary and contains the 5G hash
expected response which is part of the authentication vector
generated by 5G-AKA algorithm. Refer TS33.501 Annex A.5 to
generate this value. The maximum size of this value is 128 bits.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
<TBD>
Length
>=18
String
The value of Hash Expected Response parameter of 5G-AKA algorithm.
Gundavelli, et al. Expires 11 January 2024 [Page 9]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
6.4. 5G-Auth-KSEAF
Description
The 5G-Auth-KSEAF is of type binary and contains the 128 bit long
5G security anchor key used to derive KAMF key. This is part of
the authentication vector generated by 5G-AKA algorithm. Refer
to: TS33.501 Annex A.6 to generate this value.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
<TBD>
Length
18
String
The value of security anchor key of 5G-AKA algorithm.
6.5. 5G-DNN
Description
The 5G-DNN is of type string and contains the 5G data network name
which is basically a address pool name. This is part of
authorization attribute.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
<TBD>
Length
>= 3
String
The string that contains the 5G data network name.
6.6. 5G-SN-NAME
Description
The 5G-SN-NAME is of type string and contains the serving network
name.
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
<TBD>
Length
>= 3
String
The string that represents serving network name in the following
format:
o If NID is not present:
"5G:mnc<ddd>.mcc<ddd>>.3gppnetwork.org", where 'd' is single
decimal digit
o If NID is present:
"5G:mnc123.mcc456.3gppnetwork.org:CAFECAFECAFE", where 'd' is
single decimal digit and 'X' is single capitalized hexadecimal
digit
Gundavelli, et al. Expires 11 January 2024 [Page 10]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
6.7. User-Name
Description
A standard RADIUS User-Name attribute is used to represet the UE
Identifier
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Length | String...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type
1
Length
>= 3
String
The User-Name is of type string and contains the UE identifier
SUPI or SUCI. The format of SUPI identifier is given below.
SUPI-xxxxxxxxxxxxxxx (15 digits) eg: SUPI-123456789012345. The
format of SUCI identifier is given below. SUCI-SUCI Type - Home
Network Identifier - Routing Indicator - Protection Scheme - HN
Public key ID - Protection Scheme Output eg.:
SUCI-0-123-456-0-0-0-150000100
6.8 Table of Attributes
The following table provides a guide to which attributes may be found
in which kinds of packets, and in what quantity.
Request Accept Reject Challenge # Attribute
1 0-1 0 0 1 User-Name
0 0-1 0 0 TBD 5G-Auth-RAND
0 0-1 0 0 TBD 5G-Auth-HXRES-STAR
0 0-1 0 0 TBD 5G-Auth-KSEAF
0 0-1 0 0 TBD 5G-Auth-DNN
0-1 0 0 0 TBD 5G-Auth-SN-NAME
0 0-1 0 0 TBD 3GPP-IMEISV
0 0-1 0 0 TBD 3GPP-IMSI
Gundavelli, et al. Expires 11 January 2024 [Page 11]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
7. IANA Considerations
IANA is requested to assign the following values for the new RADIUS
attributes defined in this document: TBD
8. Security Considerations
The security of the 5G-AKA authentication method relies on the
integrity and confidentiality of the exchanged authentication
vectors, security algorithms, and cryptographic keys. Appropriate
measures must be taken to protect these sensitive attributes during
transmission between the RADIUS client and server.
9. Acknowledgements
TBD
10. References
10.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
10.2. Informative References
[TS23003] 23.003, 3. T., "Numbering, addressing and identification",
2021.
[TS23501] 23.501, 3. T., "Numbering, addressing and identification",
2021.
[TS33102] 33.102, 3. T., "3GPP Security Architecture", 2021.
[TS33501] 33.501, 3. T., "Architecture enhancements for non-3GPP
accesses", 2021.
Gundavelli, et al. Expires 11 January 2024 [Page 12]
�
Internet-Draft 3GPP 5G AKA Authentication Method July 2023
Authors' Addresses
Sri Gundavelli
Cisco
170 West Tasman Drive
San Jose, CA 95134
United States of America
Email: sgundave@cisco.com
Sangram L Kishore
Cisco
Bangalore
India
Email: sanl@cisco.com
Mark Grayson
Cisco
11 New Square Park
Bedfont Lakes
United Kingdom
Email: mgrayson@cisco.com
Oleg Pekar
Cisco
1st Floor, EE5-6
South Netanya
Israel
Email: olpekar@cisco.com
Gundavelli, et al. Expires 11 January 2024 [Page 13]