top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

What is the use of sequence number in Authentication Token?

+3 votes
810 views
What is the use of sequence number in Authentication Token?
posted Sep 20, 2016 by Bhagyashree R

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

2 Answers

+4 votes
 
Best answer

To understand let see first where the Sequence Number (SQN is used)
Input to AKA algorithm at HSS and UE side while generating AUTN(UE/HSS), RES(UE)/XRES(HSS), KAsmi(UE/HSS).

At both HSS and UE side KAsme is generated and it is never shared between them. It is one important key parameter. So instead of KASME, UE and MME share KSI Asme which is key vector number so that based on this UE/MME can know which KASME is currently used.

As the range of KSIASME is also 3 bit (0-7), so guessing it's like an intercepted authentication vector which acts as fake authentication.

So an additional number HSS generated sequence number which is increased both at UE and network each time they authenticate successfully. Even this HSS generated SQN number is concealed in AUTN-HSS and it is shared with UE during authentication request message. So that UE can extract it first time and use it to generate AUTN-UE and from increases each time when authenticates.

As a conclusion this extra sequence number makes secure while generating keys at though someone used fake authentication vector.

Hope it is clear.
Source :- From GSM to LTE: An Introduction to Mobile Networks and Mobile Broadband

answer Sep 20, 2016 by Sachidananda Sahu
Well explained and informative.
Thank you Sahu
0 votes

Well explained

answer May 1, 2019 by Dependra Dev
Similar Questions
+1 vote

Section 5.3/29.274
" The GTPv2-C message header for the Echo Request, Echo Response and Version Not Supported Indication messages
shall not contain the TEID field, but shall contain the Sequence Number fields, followed by one spare octet as depicted
in figure 5.3-1"

Now my question - Is there any possibility of sending echo request with the sequence number as zero?

+1 vote

How many symbols are present in RACH sequence and what about its length?

+3 votes

According to the spec 29.172 (For Location services). Upon reception of PROVIDE SUBSCRIBER LOCATION REQUEST message, the MME shall perform authentication privacy verification on the location request.What is the use of performing authentication privacy verification when authentication has already been performed?

...