CPC H04W 12/041 (2021.01) [H04L 9/0618 (2013.01); H04L 9/0825 (2013.01); H04W 12/06 (2013.01)] | 9 Claims |
1. A method performed by an authentication server,
the method comprising:
receiving a first subscriber identity from a user equipment;
storing a core-network public key, a core-network private key associated with the core-network public key, and an expected payload;
in response to sending the first subscriber identity to a distributed-network cellular-identity management, DNCIM, server, receiving a user-equipment public key associated with the user equipment;
generating a first cipher key based on both the user-equipment public key and the core-network private key;
in response to sending, to the user equipment, a message encrypted using the user-equipment public key and including the core-network public key, receiving a first encrypted message from the user equipment, the first encrypted message including a first payload encrypted with a second cipher key that is based on a user-equipment private key and the core-network public key;
decrypting the first encrypted message using the first cipher key to obtain the first payload; and
upon verifying the first cipher key and the second cipher key based on a determination that the first payload of the first encrypted message is equal to the expected payload, authenticating the user equipment based on communicating with the DNCIM server.
|