-
Notifications
You must be signed in to change notification settings - Fork 2
/
draft-ietf-emu-rfc5448bis-from--07.diff.html
857 lines (856 loc) · 187 KB
/
draft-ietf-emu-rfc5448bis-from--07.diff.html
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<!-- Generated by rfcdiff 1.42: rfcdiff -->
<!-- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional" > -->
<!-- System: Linux router1 4.4.0-186-generic #216-Ubuntu SMP Wed Jul 1 05:34:05 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux -->
<!-- Using awk: /usr/bin/gawk: GNU Awk 4.1.3, API: 1.1 (GNU MPFR 3.1.4, GNU MP 6.1.0) -->
<!-- Using diff: /usr/bin/diff: diff (GNU diffutils) 3.3 -->
<!-- Using wdiff: /usr/bin/wdiff: wdiff (GNU wdiff) 1.2.2 -->
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<meta http-equiv="Content-Style-Type" content="text/css" />
<title>Diff: draft-ietf-emu-rfc5448bis-07.txt - draft-ietf-emu-rfc5448bis.txt</title>
<style type="text/css">
body { margin: 0.4ex; margin-right: auto; }
tr { }
td { white-space: pre; font-family: monospace; vertical-align: top; font-size: 0.86em;}
th { font-size: 0.86em; }
.small { font-size: 0.6em; font-style: italic; font-family: Verdana, Helvetica, sans-serif; }
.left { background-color: #EEE; }
.right { background-color: #FFF; }
.diff { background-color: #CCF; }
.lblock { background-color: #BFB; }
.rblock { background-color: #FF8; }
.insert { background-color: #8FF; }
.delete { background-color: #ACF; }
.void { background-color: #FFB; }
.cont { background-color: #EEE; }
.linebr { background-color: #AAA; }
.lineno { color: red; background-color: #FFF; font-size: 0.7em; text-align: right; padding: 0 2px; }
.elipsis{ background-color: #AAA; }
.left .cont { background-color: #DDD; }
.right .cont { background-color: #EEE; }
.lblock .cont { background-color: #9D9; }
.rblock .cont { background-color: #DD6; }
.insert .cont { background-color: #0DD; }
.delete .cont { background-color: #8AD; }
.stats, .stats td, .stats th { background-color: #EEE; padding: 2px 0; }
</style>
</head>
<body >
<table border="0" cellpadding="0" cellspacing="0">
<tr bgcolor="orange"><th></th><th> draft-ietf-emu-rfc5448bis-07.txt </th><th> </th><th> draft-ietf-emu-rfc5448bis.txt </th><th></th></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Network Working Group J. Arkko</td><td> </td><td class="right">Network Working Group J. Arkko</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Internet-Draft V. Lehtovirta</td><td> </td><td class="right">Internet-Draft V. Lehtovirta</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0001" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Obsoletes: 5448</span> (if approved) V. Torvinen</td><td> </td><td class="rblock"><span class="insert">Updates: 5448,4187</span> (if approved) V. Torvinen</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Updates: 4187 (if approved) Ericsson</span></td><td> </td><td class="rblock">Intended status: Informational <span class="insert">Ericsson</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock">Intended status: Informational P. Eronen</td><td> </td><td class="rblock"><span class="insert">Expires: July 15, 2021</span> P. Eronen</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">Expires: September 10, 2020</span> Independent</td><td> </td><td class="rblock"> Independent</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">March 9, 2020</span></td><td> </td><td class="rblock"> <span class="insert">January 11, 2021</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Improved Extensible Authentication Protocol Method for 3GPP Mobile</td><td> </td><td class="right"> Improved Extensible Authentication Protocol Method for 3GPP Mobile</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Network Authentication and Key Agreement (EAP-AKA')</td><td> </td><td class="right"> Network Authentication and Key Agreement (EAP-AKA')</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0002" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> draft-ietf-emu-rfc5448bis-0<span class="delete">7</span></td><td> </td><td class="rblock"> draft-ietf-emu-rfc5448bis-0<span class="insert">9</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Abstract</td><td> </td><td class="right">Abstract</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0003" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> The 3GPP Mobile Network Authentication and Key Agreement (AKA) is <span class="delete">the</span></td><td> </td><td class="rblock"> The 3GPP Mobile Network Authentication and Key Agreement (AKA) is <span class="insert">an</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> primary</span> authentication mechanism for devices wishing to access mobile</td><td> </td><td class="rblock"> authentication mechanism for devices wishing to access mobile</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> networks. RFC 4187 (EAP-AKA) made the use of this mechanism possible</td><td> </td><td class="right"> networks. RFC 4187 (EAP-AKA) made the use of this mechanism possible</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> within the Extensible Authentication Protocol (EAP) framework. RFC</td><td> </td><td class="right"> within the Extensible Authentication Protocol (EAP) framework. RFC</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5448 (EAP-AKA') was an improved version of EAP-AKA.</td><td> </td><td class="right"> 5448 (EAP-AKA') was an improved version of EAP-AKA.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0004" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> This memo <span class="delete">replaces</span> the specification of <span class="delete">EAP-AKA'. EAP-AKA' was</span></td><td> </td><td class="rblock"> This memo <span class="insert">is</span> the <span class="insert">most recent</span> specification of <span class="insert">EAP-AKA', including,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> defined in RFC 5448 and updated EAP-AKA RFC 4187. As such this</span></td><td> </td><td class="rblock"><span class="insert"> for instance, details</span> and <span class="insert">references about related to operating EAP-</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> document obsoletes RFC 5448</span> and <span class="delete">updates RFC 4187.</span></td><td> </td><td class="rblock"><span class="insert"> AKA' in 5G networks.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' differs from EAP-AKA by providing a key derivation function</td><td> </td><td class="right"> EAP-AKA' differs from EAP-AKA by providing a key derivation function</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> that binds the keys derived within the method to the name of the</td><td> </td><td class="right"> that binds the keys derived within the method to the name of the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> access network. The key derivation function has been defined in the</td><td> </td><td class="right"> access network. The key derivation function has been defined in the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3rd Generation Partnership Project (3GPP). EAP-AKA' allows its use</td><td> </td><td class="right"> 3rd Generation Partnership Project (3GPP). EAP-AKA' allows its use</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> in EAP in an interoperable manner. EAP-AKA' also updates the</td><td> </td><td class="right"> in EAP in an interoperable manner. EAP-AKA' also updates the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> algorithm used in hash functions, as it employs SHA-256 / HMAC-</td><td> </td><td class="right"> algorithm used in hash functions, as it employs SHA-256 / HMAC-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> SHA-256 instead of SHA-1 / HMAC-SHA-1 as in EAP-AKA.</td><td> </td><td class="right"> SHA-256 instead of SHA-1 / HMAC-SHA-1 as in EAP-AKA.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This version of EAP-AKA' specification specifies the protocol</td><td> </td><td class="right"> This version of EAP-AKA' specification specifies the protocol</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l2" /><small>skipping to change at</small><em> page 2, line 10</em></th><th> </th><th><a name="part-r2" /><small>skipping to change at</small><em> page 2, line 10</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are working documents of the Internet Engineering</td><td> </td><td class="right"> Internet-Drafts are working documents of the Internet Engineering</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Task Force (IETF). Note that other groups may also distribute</td><td> </td><td class="right"> Task Force (IETF). Note that other groups may also distribute</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> working documents as Internet-Drafts. The list of current Internet-</td><td> </td><td class="right"> working documents as Internet-Drafts. The list of current Internet-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Drafts is at http://datatracker.ietf.org/drafts/current/.</td><td> </td><td class="right"> Drafts is at http://datatracker.ietf.org/drafts/current/.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Internet-Drafts are draft documents valid for a maximum of six months</td><td> </td><td class="right"> Internet-Drafts are draft documents valid for a maximum of six months</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and may be updated, replaced, or obsoleted by other documents at any</td><td> </td><td class="right"> and may be updated, replaced, or obsoleted by other documents at any</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> time. It is inappropriate to use Internet-Drafts as reference</td><td> </td><td class="right"> time. It is inappropriate to use Internet-Drafts as reference</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> material or to cite them other than as "work in progress."</td><td> </td><td class="right"> material or to cite them other than as "work in progress."</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0005" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> This Internet-Draft will expire on <span class="delete">September 10, 2020</span>.</td><td> </td><td class="rblock"> This Internet-Draft will expire on <span class="insert">July 15, 2021</span>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Copyright Notice</td><td> </td><td class="right">Copyright Notice</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0006" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Copyright (c) 202<span class="delete">0</span> IETF Trust and the persons identified as the</td><td> </td><td class="rblock"> Copyright (c) 202<span class="insert">1</span> IETF Trust and the persons identified as the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> document authors. All rights reserved.</td><td> </td><td class="right"> document authors. All rights reserved.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td> </td><td class="right"> This document is subject to BCP 78 and the IETF Trust's Legal</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Provisions Relating to IETF Documents</td><td> </td><td class="right"> Provisions Relating to IETF Documents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (http://trustee.ietf.org/license-info) in effect on the date of</td><td> </td><td class="right"> (http://trustee.ietf.org/license-info) in effect on the date of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> publication of this document. Please review these documents</td><td> </td><td class="right"> publication of this document. Please review these documents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> carefully, as they describe your rights and restrictions with respect</td><td> </td><td class="right"> carefully, as they describe your rights and restrictions with respect</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> to this document. Code Components extracted from this document must</td><td> </td><td class="right"> to this document. Code Components extracted from this document must</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> include Simplified BSD License text as described in Section 4.e of</td><td> </td><td class="right"> include Simplified BSD License text as described in Section 4.e of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the Trust Legal Provisions and are provided without warranty as</td><td> </td><td class="right"> the Trust Legal Provisions and are provided without warranty as</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> described in the Simplified BSD License.</td><td> </td><td class="right"> described in the Simplified BSD License.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Table of Contents</td><td> </td><td class="right">Table of Contents</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3</td><td> </td><td class="right"> 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5</td><td> </td><td class="right"> 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0007" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3. EAP-AKA' . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">6</span></td><td> </td><td class="rblock"> 3. EAP-AKA' . . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">5</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.1. AT_KDF_INPUT . . . . . . . . . . . . . . . . . . . . . . 8</td><td> </td><td class="right"> 3.1. AT_KDF_INPUT . . . . . . . . . . . . . . . . . . . . . . 8</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0008" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3.2. AT_KDF . . . . . . . . . . . . . . . . . . . . . . . . . 1<span class="delete">0</span></td><td> </td><td class="rblock"> 3.2. AT_KDF . . . . . . . . . . . . . . . . . . . . . . . . . 1<span class="insert">1</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.3. Key Derivation . . . . . . . . . . . . . . . . . . . . . 13</td><td> </td><td class="right"> 3.3. Key Derivation . . . . . . . . . . . . . . . . . . . . . 13</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.4. Hash Functions . . . . . . . . . . . . . . . . . . . . . 15</td><td> </td><td class="right"> 3.4. Hash Functions . . . . . . . . . . . . . . . . . . . . . 15</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.4.1. PRF' . . . . . . . . . . . . . . . . . . . . . . . . 15</td><td> </td><td class="right"> 3.4.1. PRF' . . . . . . . . . . . . . . . . . . . . . . . . 15</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.4.2. AT_MAC . . . . . . . . . . . . . . . . . . . . . . . 15</td><td> </td><td class="right"> 3.4.2. AT_MAC . . . . . . . . . . . . . . . . . . . . . . . 15</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.4.3. AT_CHECKCODE . . . . . . . . . . . . . . . . . . . . 15</td><td> </td><td class="right"> 3.4.3. AT_CHECKCODE . . . . . . . . . . . . . . . . . . . . 15</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3.5. Summary of Attributes for EAP-AKA' . . . . . . . . . . . 16</td><td> </td><td class="right"> 3.5. Summary of Attributes for EAP-AKA' . . . . . . . . . . . 16</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 4. Bidding Down Prevention for EAP-AKA . . . . . . . . . . . . . 18</td><td> </td><td class="right"> 4. Bidding Down Prevention for EAP-AKA . . . . . . . . . . . . . 18</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 4.1. Summary of Attributes for EAP-AKA . . . . . . . . . . . . 20</td><td> </td><td class="right"> 4.1. Summary of Attributes for EAP-AKA . . . . . . . . . . . . 20</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5. Peer Identities . . . . . . . . . . . . . . . . . . . . . . . 20</td><td> </td><td class="right"> 5. Peer Identities . . . . . . . . . . . . . . . . . . . . . . . 20</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5.1. Username Types in EAP-AKA' Identities . . . . . . . . . . 20</td><td> </td><td class="right"> 5.1. Username Types in EAP-AKA' Identities . . . . . . . . . . 20</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5.2. Generating Pseudonyms and Fast Re-Authentication</td><td> </td><td class="right"> 5.2. Generating Pseudonyms and Fast Re-Authentication</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Identities . . . . . . . . . . . . . . . . . . . . . . . 21</td><td> </td><td class="right"> Identities . . . . . . . . . . . . . . . . . . . . . . . 21</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5.3. Identifier Usage in 5G . . . . . . . . . . . . . . . . . 22</td><td> </td><td class="right"> 5.3. Identifier Usage in 5G . . . . . . . . . . . . . . . . . 22</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5.3.1. Key Derivation . . . . . . . . . . . . . . . . . . . 23</td><td> </td><td class="right"> 5.3.1. Key Derivation . . . . . . . . . . . . . . . . . . . 23</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 5.3.2. EAP Identity Response and EAP-AKA' AT_IDENTITY</td><td> </td><td class="right"> 5.3.2. EAP Identity Response and EAP-AKA' AT_IDENTITY</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Attribute . . . . . . . . . . . . . . . . . . . . . . 24</td><td> </td><td class="right"> Attribute . . . . . . . . . . . . . . . . . . . . . . 24</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0009" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 6. Exported Parameters . . . . . . . . . . . . . . . . . . . . . <span class="delete">26</span></td><td> </td><td class="rblock"> 6. Exported Parameters . . . . . . . . . . . . . . . . . . . . . <span class="insert">24</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7. Security Considerations . . . . . . . . . . . . . . . . . . . <span class="delete">26</span></td><td> </td><td class="rblock"> 7. Security Considerations . . . . . . . . . . . . . . . . . . . <span class="insert">25</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7.1. Privacy . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">29</span></td><td> </td><td class="rblock"> 7.1. Privacy . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">28</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7.2. Discovered Vulnerabilities . . . . . . . . . . . . . . . <span class="delete">31</span></td><td> </td><td class="rblock"> 7.2. Discovered Vulnerabilities . . . . . . . . . . . . . . . <span class="insert">30</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7.3. Pervasive Monitoring . . . . . . . . . . . . . . . . . . <span class="delete">33</span></td><td> </td><td class="rblock"> 7.3. Pervasive Monitoring . . . . . . . . . . . . . . . . . . <span class="insert">32</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 7.4. Security Properties of Binding Network Names . . . . . . <span class="delete">34</span></td><td> </td><td class="rblock"> 7.4. Security Properties of Binding Network Names . . . . . . <span class="insert">33</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . <span class="delete">35</span></td><td> </td><td class="rblock"> 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . <span class="insert">34</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 8.1. Type Value . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">35</span></td><td> </td><td class="rblock"> 8.1. Type Value . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">34</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 8.2. Attribute Type Values . . . . . . . . . . . . . . . . . . <span class="delete">35</span></td><td> </td><td class="rblock"> 8.2. Attribute Type Values . . . . . . . . . . . . . . . . . . <span class="insert">34</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 8.3. Key Derivation Function Namespace . . . . . . . . . . . . <span class="delete">35</span></td><td> </td><td class="rblock"> 8.3. Key Derivation Function Namespace . . . . . . . . . . . . <span class="insert">34</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 9. References . . . . . . . . . . . . . . . . . . . . . . . . . <span class="delete">36</span></td><td> </td><td class="rblock"> 9. References . . . . . . . . . . . . . . . . . . . . . . . . . <span class="insert">35</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 9.1. Normative References . . . . . . . . . . . . . . . . . . <span class="delete">36</span></td><td> </td><td class="rblock"> 9.1. Normative References . . . . . . . . . . . . . . . . . . <span class="insert">35</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 9.2. Informative References . . . . . . . . . . . . . . . . . <span class="delete">38</span></td><td> </td><td class="rblock"> 9.2. Informative References . . . . . . . . . . . . . . . . . <span class="insert">37</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Appendix A. Changes from RFC 5448 . . . . . . . . . . . . . . . <span class="delete">41</span></td><td> </td><td class="rblock"> Appendix A. Changes from RFC 5448 . . . . . . . . . . . . . . . <span class="insert">40</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Appendix B. Changes to RFC 4187 . . . . . . . . . . . . . . . . 41</td><td> </td><td class="right"> Appendix B. Changes to RFC 4187 . . . . . . . . . . . . . . . . 41</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0010" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Appendix C. Changes from Previous Version of This Draft . . . . 4<span class="delete">2</span></td><td> </td><td class="rblock"> Appendix C. Changes from Previous Version of This Draft . . . . 4<span class="insert">1</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Appendix D. Importance of Explicit Negotiation . . . . . . . . . 44</td><td> </td><td class="right"> Appendix D. Importance of Explicit Negotiation . . . . . . . . . 44</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Appendix E. Test Vectors . . . . . . . . . . . . . . . . . . . . 45</td><td> </td><td class="right"> Appendix E. Test Vectors . . . . . . . . . . . . . . . . . . . . 45</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 49</td><td> </td><td class="right"> Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 49</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 50</td><td> </td><td class="right"> Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 50</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 50</td><td> </td><td class="right"> Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 50</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">1. Introduction</td><td> </td><td class="right">1. Introduction</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0011" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> The 3GPP Mobile Network Authentication and Key Agreement (AKA) is <span class="delete">the</span></td><td> </td><td class="rblock"> The 3GPP Mobile Network Authentication and Key Agreement (AKA) is <span class="insert">an</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> primary</span> authentication mechanism for devices wishing to access mobile</td><td> </td><td class="rblock"> authentication mechanism for devices wishing to access mobile</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> networks. [RFC4187] (EAP-AKA) made the use of this mechanism</td><td> </td><td class="right"> networks. [RFC4187] (EAP-AKA) made the use of this mechanism</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> possible within the Extensible Authentication Protocol (EAP)</td><td> </td><td class="right"> possible within the Extensible Authentication Protocol (EAP)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> framework [RFC3748].</td><td> </td><td class="right"> framework [RFC3748].</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0012" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> [RFC5448] (EAP-AKA') was an improved version of EAP-AKA. <span class="delete">This memo</span></td><td> </td><td class="rblock"> [RFC5448] (EAP-AKA') was an improved version of EAP-AKA. EAP-AKA'</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> replaces the specification of EAP-AKA'.</span> EAP-AKA' was defined in RFC</td><td> </td><td class="rblock"> was defined in RFC 5448 and updated EAP-AKA RFC 4187.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 5448 and updated EAP-AKA RFC 4187. <span class="delete">As such this document obsoletes</span></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> RFC 5448 and <span class="delete">updates RFC 4187.</span></td><td> </td><td class="rblock"> <span class="insert">This memo is the most recent specification of EAP-AKA', including,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> for instance, details and references about related to operating EAP-</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> AKA' in 5G networks.</span> RFC 5448 <span class="insert">is not obsole, but the most recent</span> and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">fully backwards compatible specification is in this memo.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' is commonly implemented in mobile phones and network</td><td> </td><td class="right"> EAP-AKA' is commonly implemented in mobile phones and network</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> equipment. It can be used for authentication to gain network access</td><td> </td><td class="right"> equipment. It can be used for authentication to gain network access</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> via Wireless LAN networks and, with 5G, also directly to mobile</td><td> </td><td class="right"> via Wireless LAN networks and, with 5G, also directly to mobile</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> networks.</td><td> </td><td class="right"> networks.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' differs from EAP-AKA by providing a different key derivation</td><td> </td><td class="right"> EAP-AKA' differs from EAP-AKA by providing a different key derivation</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> function. This function binds the keys derived within the method to</td><td> </td><td class="right"> function. This function binds the keys derived within the method to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the name of the access network. This limits the effects of</td><td> </td><td class="right"> the name of the access network. This limits the effects of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> compromised access network nodes and keys. EAP-AKA' also updates the</td><td> </td><td class="right"> compromised access network nodes and keys. EAP-AKA' also updates the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l3" /><small>skipping to change at</small><em> page 5, line 32</em></th><th> </th><th><a name="part-r3" /><small>skipping to change at</small><em> page 5, line 37</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> requirements regarding the use of peer identities, including how EAP-</td><td> </td><td class="right"> requirements regarding the use of peer identities, including how EAP-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> AKA' identifiers are used in 5G context. Section 6 specifies what</td><td> </td><td class="right"> AKA' identifiers are used in 5G context. Section 6 specifies what</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> parameters EAP-AKA' exports out of the method. Section 7 explains</td><td> </td><td class="right"> parameters EAP-AKA' exports out of the method. Section 7 explains</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the security differences between EAP-AKA and EAP-AKA'. Section 8</td><td> </td><td class="right"> the security differences between EAP-AKA and EAP-AKA'. Section 8</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> describes the IANA considerations and Appendix A and Appendix B</td><td> </td><td class="right"> describes the IANA considerations and Appendix A and Appendix B</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> explains what updates to RFC 5448 EAP-AKA' and RFC 4187 EAP-AKA have</td><td> </td><td class="right"> explains what updates to RFC 5448 EAP-AKA' and RFC 4187 EAP-AKA have</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> been made in this specification. Appendix D explains some of the</td><td> </td><td class="right"> been made in this specification. Appendix D explains some of the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> design rationale for creating EAP-AKA'. Finally, Appendix E provides</td><td> </td><td class="right"> design rationale for creating EAP-AKA'. Finally, Appendix E provides</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> test vectors.</td><td> </td><td class="right"> test vectors.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0013" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Editor's Note: The publication of this RFC depends on its</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> normative references to 3GPP Technical Specifications reaching a</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> stable status for Release 15, as indicated by 3GPP. The RFC</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Editor should check with the 3GPP liaisons that a stable version</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> from Release 15 is available and refer to that version. RFC</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Editor: Please delete this note upon publication of this</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> specification as an RFC.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">2. Requirements Language</td><td> </td><td class="right">2. Requirements Language</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td> </td><td class="right"> The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and</td><td> </td><td class="right"> "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "OPTIONAL" in this document are to be interpreted as described in BCP</td><td> </td><td class="right"> "OPTIONAL" in this document are to be interpreted as described in BCP</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 14 [RFC2119] [RFC8174] when, and only when, they appear in all</td><td> </td><td class="right"> 14 [RFC2119] [RFC8174] when, and only when, they appear in all</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> capitals, as shown here.</td><td> </td><td class="right"> capitals, as shown here.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3. EAP-AKA'</td><td> </td><td class="right">3. EAP-AKA'</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l4" /><small>skipping to change at</small><em> page 8, line 9</em></th><th> </th><th><a name="part-r4" /><small>skipping to change at</small><em> page 8, line 9</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> | +--------------------------------------------------+</td><td> </td><td class="right"> | +--------------------------------------------------+</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> | EAP-Success |</td><td> </td><td class="right"> | EAP-Success |</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> |<-------------------------------------------------------|</td><td> </td><td class="right"> |<-------------------------------------------------------|</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Figure 1: EAP-AKA' Authentication Process</td><td> </td><td class="right"> Figure 1: EAP-AKA' Authentication Process</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' can operate on the same credentials as EAP-AKA and employ</td><td> </td><td class="right"> EAP-AKA' can operate on the same credentials as EAP-AKA and employ</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the same identities. However, EAP-AKA' employs different leading</td><td> </td><td class="right"> the same identities. However, EAP-AKA' employs different leading</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> characters than EAP-AKA for the conventions given in Section 4.1.1 of</td><td> </td><td class="right"> characters than EAP-AKA for the conventions given in Section 4.1.1 of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC4187] for International Mobile Subscriber Identifier (IMSI) based</td><td> </td><td class="right"> [RFC4187] for International Mobile Subscriber Identifier (IMSI) based</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0014" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> usernames. EAP-AKA' MUST use the leading character "6" (ASCII 36</td><td> </td><td class="rblock"> usernames. <span class="insert">For 4G networks,</span> EAP-AKA' MUST use the leading character</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> hexadecimal) instead of "0" for IMSI-based permanent <span class="delete">usernames, or</span></td><td> </td><td class="rblock"> "6" (ASCII 36 hexadecimal) instead of "0" for IMSI-based permanent</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 5G-specific identifiers in</span> 5G <span class="delete">networks.</span> Identifier usage in 5G is</td><td> </td><td class="rblock"> <span class="insert">usernames. For</span> 5G <span class="insert">networks, leading character "6" is not used for</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> specified in Section 5.3. All other usage and processing of the</td><td> </td><td class="rblock"><span class="insert"> IMSI-based permanent user names.</span> Identifier usage in 5G is specified</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> leading characters, usernames, and identities is as defined by <span class="delete">EAP-</span></td><td> </td><td class="rblock"> in Section 5.3. All other usage and processing of the leading</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> AKA</span> [RFC4187]. For instance, the pseudonym and fast <span class="delete">re-</span></td><td> </td><td class="rblock"> characters, usernames, and identities is as defined by <span class="insert">EAP-AKA</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> authentication</span> usernames need to be constructed so that the server</td><td> </td><td class="rblock"> [RFC4187]. For instance, the pseudonym and fast <span class="insert">re-authentication</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> can recognize them. As an example, a pseudonym could begin with a</td><td> </td><td class="rblock"> usernames need to be constructed so that the server can recognize</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> leading "7" character (ASCII 37 hexadecimal) and a fast <span class="delete">re-</span></td><td> </td><td class="rblock"> them. As an example, a pseudonym could begin with a leading "7"</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> authentication</span> username could begin with "8" (ASCII 38 hexadecimal).</td><td> </td><td class="rblock"> character (ASCII 37 hexadecimal) and a fast <span class="insert">re-authentication</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Note that a server that implements only EAP-AKA may not recognize</td><td> </td><td class="rblock"> username could begin with "8" (ASCII 38 hexadecimal). Note that a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> these leading characters. According to Section 4.1.4 of [RFC4187],</td><td> </td><td class="rblock"> server that implements only EAP-AKA may not recognize these leading</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> such a server will re-request the identity via the EAP- <span class="delete">Request/AKA-</span></td><td> </td><td class="rblock"> characters. According to Section 4.1.4 of [RFC4187], such a server</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Identity</span> message, making obvious to the peer that EAP-AKA and</td><td> </td><td class="rblock"> will re-request the identity via the EAP- <span class="insert">Request/AKA-Identity</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> associated identity are expected.</td><td> </td><td class="rblock"> message, making obvious to the peer that EAP-AKA and associated</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> identity are expected.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.1. AT_KDF_INPUT</td><td> </td><td class="right">3.1. AT_KDF_INPUT</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The format of the AT_KDF_INPUT attribute is shown below.</td><td> </td><td class="right"> The format of the AT_KDF_INPUT attribute is shown below.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 0 1 2 3</td><td> </td><td class="right"> 0 1 2 3</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1</td><td> </td><td class="right"> 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</td><td> </td><td class="right"> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> | AT_KDF_INPUT | Length | Actual Network Name Length |</td><td> </td><td class="right"> | AT_KDF_INPUT | Length | Actual Network Name Length |</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</td><td> </td><td class="right"> +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l5" /><small>skipping to change at</small><em> page 9, line 20</em></th><th> </th><th><a name="part-r5" /><small>skipping to change at</small><em> page 9, line 23</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This field contains the network name of the access network for</td><td> </td><td class="right"> This field contains the network name of the access network for</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> which the authentication is being performed. The name does not</td><td> </td><td class="right"> which the authentication is being performed. The name does not</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> include any terminating null characters. Because the length of</td><td> </td><td class="right"> include any terminating null characters. Because the length of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the entire attribute must be a multiple of 4 bytes, the sender</td><td> </td><td class="right"> the entire attribute must be a multiple of 4 bytes, the sender</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> pads the name with 1, 2, or 3 bytes of all zero bits when</td><td> </td><td class="right"> pads the name with 1, 2, or 3 bytes of all zero bits when</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> necessary.</td><td> </td><td class="right"> necessary.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Only the server sends the AT_KDF_INPUT attribute. The value is sent</td><td> </td><td class="right"> Only the server sends the AT_KDF_INPUT attribute. The value is sent</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> as specified in [TS-3GPP.24.302] for both non-3GPP access networks</td><td> </td><td class="right"> as specified in [TS-3GPP.24.302] for both non-3GPP access networks</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0015" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> for 5G access networks. Per [TS-3GPP.33.402], the server always</td><td> </td><td class="rblock"> <span class="insert">and </span>for 5G access networks. Per [TS-3GPP.33.402], the server always</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> verifies the authorization of a given access network to use a</td><td> </td><td class="right"> verifies the authorization of a given access network to use a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> particular name before sending it to the peer over EAP-AKA'. The</td><td> </td><td class="right"> particular name before sending it to the peer over EAP-AKA'. The</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> value of the AT_KDF_INPUT attribute from the server MUST be non-</td><td> </td><td class="right"> value of the AT_KDF_INPUT attribute from the server MUST be non-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> empty, with a greater than zero length in the Actual Network Name</td><td> </td><td class="right"> empty, with a greater than zero length in the Actual Network Name</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Length field. If AT_KDF_INPUT attribute is empty, the peer behaves</td><td> </td><td class="right"> Length field. If AT_KDF_INPUT attribute is empty, the peer behaves</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> as if AUTN had been incorrect and authentication fails. See</td><td> </td><td class="right"> as if AUTN had been incorrect and authentication fails. See</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Section 3 and Figure 3 of [RFC4187] for an overview of how</td><td> </td><td class="right"> Section 3 and Figure 3 of [RFC4187] for an overview of how</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> authentication failures are handled.</td><td> </td><td class="right"> authentication failures are handled.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> In addition, the peer MAY check the received value against its own</td><td> </td><td class="right"> In addition, the peer MAY check the received value against its own</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l6" /><small>skipping to change at</small><em> page 13, line 41</em></th><th> </th><th><a name="part-r6" /><small>skipping to change at</small><em> page 13, line 41</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> IK' and CK' are derived as specified in [TS-3GPP.33.402]. The</td><td> </td><td class="right"> IK' and CK' are derived as specified in [TS-3GPP.33.402]. The</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> functions that derive IK' and CK' take the following parameters:</td><td> </td><td class="right"> functions that derive IK' and CK' take the following parameters:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> CK and IK produced by the AKA algorithm, and value of the Network</td><td> </td><td class="right"> CK and IK produced by the AKA algorithm, and value of the Network</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Name field comes from the AT_KDF_INPUT attribute (without length</td><td> </td><td class="right"> Name field comes from the AT_KDF_INPUT attribute (without length</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> or padding).</td><td> </td><td class="right"> or padding).</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The value "EAP-AKA'" is an eight-characters-long ASCII string. It</td><td> </td><td class="right"> The value "EAP-AKA'" is an eight-characters-long ASCII string. It</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> is used as is, without any trailing NUL characters.</td><td> </td><td class="right"> is used as is, without any trailing NUL characters.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Identity is the peer identity as specified in Section 7 of</td><td> </td><td class="right"> Identity is the peer identity as specified in Section 7 of</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0016" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> [RFC4187].</td><td> </td><td class="rblock"> [RFC4187]<span class="insert">, and Section 5.3.2 in this memo for the 5G cases</span>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> When the server creates an AKA challenge and corresponding AUTN,</td><td> </td><td class="right"> When the server creates an AKA challenge and corresponding AUTN,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> CK, CK', IK, and IK' values, it MUST set the Authentication</td><td> </td><td class="right"> CK, CK', IK, and IK' values, it MUST set the Authentication</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Management Field (AMF) separation bit to 1 in the AKA algorithm</td><td> </td><td class="right"> Management Field (AMF) separation bit to 1 in the AKA algorithm</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.33.102]. Similarly, the peer MUST check that the AMF</td><td> </td><td class="right"> [TS-3GPP.33.102]. Similarly, the peer MUST check that the AMF</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> separation bit is set to 1. If the bit is not set to 1, the peer</td><td> </td><td class="right"> separation bit is set to 1. If the bit is not set to 1, the peer</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> behaves as if the AUTN had been incorrect and fails the</td><td> </td><td class="right"> behaves as if the AUTN had been incorrect and fails the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> authentication.</td><td> </td><td class="right"> authentication.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> On fast re-authentication, the following keys are calculated:</td><td> </td><td class="right"> On fast re-authentication, the following keys are calculated:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l7" /><small>skipping to change at</small><em> page 15, line 15</em></th><th> </th><th><a name="part-r7" /><small>skipping to change at</small><em> page 15, line 15</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.4. Hash Functions</td><td> </td><td class="right">3.4. Hash Functions</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' uses SHA-256 / HMAC-SHA-256, not SHA-1 / HMAC-SHA-1 (see</td><td> </td><td class="right"> EAP-AKA' uses SHA-256 / HMAC-SHA-256, not SHA-1 / HMAC-SHA-1 (see</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [FIPS.180-4] [RFC2104]) as in EAP-AKA. This requires a change to the</td><td> </td><td class="right"> [FIPS.180-4] [RFC2104]) as in EAP-AKA. This requires a change to the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> pseudo-random function (PRF) as well as the AT_MAC and AT_CHECKCODE</td><td> </td><td class="right"> pseudo-random function (PRF) as well as the AT_MAC and AT_CHECKCODE</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> attributes.</td><td> </td><td class="right"> attributes.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">3.4.1. PRF'</td><td> </td><td class="right">3.4.1. PRF'</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The PRF' construction is the same one IKEv2 uses (see Section 2.13 of</td><td> </td><td class="right"> The PRF' construction is the same one IKEv2 uses (see Section 2.13 of</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0017" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">[RFC7296]).</span> The function takes two arguments. K is a 256-bit value</td><td> </td><td class="rblock"> <span class="insert">[RFC7296]; this is the same function as was defined [RFC4306] that</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> and S is a byte string of arbitrary length. PRF' is defined as</td><td> </td><td class="rblock"><span class="insert"> RFC 5448 referred to).</span> The function takes two arguments. K is a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> follows:</td><td> </td><td class="rblock"> 256-bit value and S is a byte string of arbitrary length. PRF' is</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> defined as follows:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> PRF'(K,S) = T1 | T2 | T3 | T4 | ...</td><td> </td><td class="right"> PRF'(K,S) = T1 | T2 | T3 | T4 | ...</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> where:</td><td> </td><td class="right"> where:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> T1 = HMAC-SHA-256 (K, S | 0x01)</td><td> </td><td class="right"> T1 = HMAC-SHA-256 (K, S | 0x01)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> T2 = HMAC-SHA-256 (K, T1 | S | 0x02)</td><td> </td><td class="right"> T2 = HMAC-SHA-256 (K, T1 | S | 0x02)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> T3 = HMAC-SHA-256 (K, T2 | S | 0x03)</td><td> </td><td class="right"> T3 = HMAC-SHA-256 (K, T2 | S | 0x03)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> T4 = HMAC-SHA-256 (K, T3 | S | 0x04)</td><td> </td><td class="right"> T4 = HMAC-SHA-256 (K, T3 | S | 0x04)</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> ...</td><td> </td><td class="right"> ...</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l8" /><small>skipping to change at</small><em> page 20, line 41</em></th><th> </th><th><a name="part-r8" /><small>skipping to change at</small><em> page 20, line 41</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Temporary Mobile Subscriber Identities (TMSI) that are used on</td><td> </td><td class="right"> Temporary Mobile Subscriber Identities (TMSI) that are used on</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> cellular networks.</td><td> </td><td class="right"> cellular networks.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">5.1. Username Types in EAP-AKA' Identities</td><td> </td><td class="right">5.1. Username Types in EAP-AKA' Identities</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Section 4.1.1.3 of [RFC4187] specified that there are three types of</td><td> </td><td class="right"> Section 4.1.1.3 of [RFC4187] specified that there are three types of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> usernames: permanent, pseudonym, and fast re-authentication</td><td> </td><td class="right"> usernames: permanent, pseudonym, and fast re-authentication</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> usernames. This specification extends this definition as follows.</td><td> </td><td class="right"> usernames. This specification extends this definition as follows.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> There are four types of usernames:</td><td> </td><td class="right"> There are four types of usernames:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0018" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> (1) Regular usernames. These are external names given to <span class="delete">EAP-</span></td><td> </td><td class="rblock"> (1) Regular usernames. These are external names given to <span class="insert">EAP-AKA'</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> AKA'.</span> The regular usernames are further subdivided into to</td><td> </td><td class="rblock"><span class="insert"> peers.</span> The regular usernames are further subdivided into to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> categories:</td><td> </td><td class="right"> categories:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (a) Permanent usernames, for instance IMSI-based usernames.</td><td> </td><td class="right"> (a) Permanent usernames, for instance IMSI-based usernames.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0019" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> (b) Privacy-friendly temporary usernames, for instance 5G</td><td> </td><td class="rblock"> (b) Privacy-friendly temporary usernames, for instance 5G <span class="insert">GUTI</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> privacy identifiers (see Section <span class="delete">5.3.2 and Section 5.3.2.1.</span></td><td> </td><td class="rblock"><span class="insert"> or 5G</span> privacy identifiers (see Section <span class="insert">5.3.2).</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (2) EAP-AKA' pseudonym usernames. For example,</td><td> </td><td class="right"> (2) EAP-AKA' pseudonym usernames. For example,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [email protected] might be a valid pseudonym identity. In</td><td> </td><td class="right"> [email protected] might be a valid pseudonym identity. In</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> this example, 2s7ah6n9q is the pseudonym username.</td><td> </td><td class="right"> this example, 2s7ah6n9q is the pseudonym username.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (3) EAP-AKA' fast re-authentication usernames. For example,</td><td> </td><td class="right"> (3) EAP-AKA' fast re-authentication usernames. For example,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [email protected] might be a valid fast re-authentication</td><td> </td><td class="right"> [email protected] might be a valid fast re-authentication</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> identity and 43953754 the fast re-authentication username.</td><td> </td><td class="right"> identity and 43953754 the fast re-authentication username.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The permanent, privacy-friendly temporary, and pseudonym usernames</td><td> </td><td class="right"> The permanent, privacy-friendly temporary, and pseudonym usernames</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> are only used on full authentication, and fast re-authentication</td><td> </td><td class="right"> are only used on full authentication, and fast re-authentication</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> usernames only on fast re-authentication. Unlike permanent usernames</td><td> </td><td class="right"> usernames only on fast re-authentication. Unlike permanent usernames</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and pseudonym usernames, privacy friendly temporary usernames and</td><td> </td><td class="right"> and pseudonym usernames, privacy friendly temporary usernames and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> fast re-authentication usernames are one-time identifiers, which are</td><td> </td><td class="right"> fast re-authentication usernames are one-time identifiers, which are</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> not re-used across EAP exchanges.</td><td> </td><td class="right"> not re-used across EAP exchanges.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">5.2. Generating Pseudonyms and Fast Re-Authentication Identities</td><td> </td><td class="right">5.2. Generating Pseudonyms and Fast Re-Authentication Identities</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0020" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">This section provides some additional guidance for implementations</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> for producing secure pseudonyms and fast re-authentication</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> identities. It does not impact backwards compatibility, because each</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> server consumes only the identities it itself generates. However,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> adherence to the guidance will provide better security.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> As specified by [RFC4187] Section 4.1.1.7, pseudonym usernames and</td><td> </td><td class="right"> As specified by [RFC4187] Section 4.1.1.7, pseudonym usernames and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> fast re-authentication identities are generated by the EAP server, in</td><td> </td><td class="right"> fast re-authentication identities are generated by the EAP server, in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> an implementation-dependent manner. RFC 4187 provides some general</td><td> </td><td class="right"> an implementation-dependent manner. RFC 4187 provides some general</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> requirements on how these identities are transported, how they map to</td><td> </td><td class="right"> requirements on how these identities are transported, how they map to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the NAI syntax, how they are distinguished from each other, and so</td><td> </td><td class="right"> the NAI syntax, how they are distinguished from each other, and so</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> on.</td><td> </td><td class="right"> on.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> However, to enhance privacy some additional requirements need to be</td><td> </td><td class="right"> However, to enhance privacy some additional requirements need to be</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> applied.</td><td> </td><td class="right"> applied.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l9" /><small>skipping to change at</small><em> page 22, line 18</em></th><th> </th><th><a name="part-r9" /><small>skipping to change at</small><em> page 22, line 25</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> In EAP-AKA', the peer identity may be communicated to the server in</td><td> </td><td class="right"> In EAP-AKA', the peer identity may be communicated to the server in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> one of three ways:</td><td> </td><td class="right"> one of three ways:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> o As a part of link layer establishment procedures, externally to</td><td> </td><td class="right"> o As a part of link layer establishment procedures, externally to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP.</td><td> </td><td class="right"> EAP.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> o With the EAP-Response/Identity message in the beginning of the EAP</td><td> </td><td class="right"> o With the EAP-Response/Identity message in the beginning of the EAP</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> exchange, but before the selection of EAP-AKA'.</td><td> </td><td class="right"> exchange, but before the selection of EAP-AKA'.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0021" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> o Transmitted from the peer to the server using EAP-AKA messages</td><td> </td><td class="rblock"> o Transmitted from the peer to the server using EAP-AKA<span class="insert">'</span> messages</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> instead of EAP-Response/Identity. In this case, the server</td><td> </td><td class="right"> instead of EAP-Response/Identity. In this case, the server</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> includes an identity requesting attribute (AT_ANY_ID_REQ,</td><td> </td><td class="right"> includes an identity requesting attribute (AT_ANY_ID_REQ,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> AT_FULLAUTH_ID_REQ or AT_PERMANENT_ID_REQ) in the EAP-Request/AKA-</td><td> </td><td class="right"> AT_FULLAUTH_ID_REQ or AT_PERMANENT_ID_REQ) in the EAP-Request/AKA-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Identity message; and the peer includes the AT_IDENTITY attribute,</td><td> </td><td class="right"> Identity message; and the peer includes the AT_IDENTITY attribute,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> which contains the peer's identity, in the EAP-Response/AKA-</td><td> </td><td class="right"> which contains the peer's identity, in the EAP-Response/AKA-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Identity message.</td><td> </td><td class="right"> Identity message.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The identity carried above may be a permanent identity, privacy</td><td> </td><td class="right"> The identity carried above may be a permanent identity, privacy</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> friendly identity, pseudonym identity, or fast re-authentication</td><td> </td><td class="right"> friendly identity, pseudonym identity, or fast re-authentication</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> identity as defined in this RFC.</td><td> </td><td class="right"> identity as defined in this RFC.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l10" /><small>skipping to change at</small><em> page 23, line 19</em></th><th> </th><th><a name="part-r10" /><small>skipping to change at</small><em> page 23, line 27</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> to prepare for many different situations, including sometimes having</td><td> </td><td class="right"> to prepare for many different situations, including sometimes having</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> to communicate identities within EAP.</td><td> </td><td class="right"> to communicate identities within EAP.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The following sections clarify which identifiers are used and how.</td><td> </td><td class="right"> The following sections clarify which identifiers are used and how.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">5.3.1. Key Derivation</td><td> </td><td class="right">5.3.1. Key Derivation</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> In EAP-AKA', the peer identity is used in the Section 3.3 key</td><td> </td><td class="right"> In EAP-AKA', the peer identity is used in the Section 3.3 key</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> derivation formula.</td><td> </td><td class="right"> derivation formula.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0022" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">The identity needs to be represented in exact correct format for the</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> key derivation formula to produce correct results.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> If the AT_KDF_INPUT parameter contains the prefix "5G:", the AT_KDF</td><td> </td><td class="right"> If the AT_KDF_INPUT parameter contains the prefix "5G:", the AT_KDF</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> parameter has the value 1, and this authentication is not a fast re-</td><td> </td><td class="right"> parameter has the value 1, and this authentication is not a fast re-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> authentication, then the peer identity used in the key derivation</td><td> </td><td class="right"> authentication, then the peer identity used in the key derivation</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0023" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> MUST be <span class="delete">the 5G SUPI for the peer.</span> This <span class="delete">rule applies</span> to <span class="delete">all full EAP-</span></td><td> </td><td class="rblock"> MUST be <span class="insert">as specified in Annex F.3 of [TS-3GPP.33.501] and Clause 2.2</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> AKA' authentication processes, even if</span> the <span class="delete">peer sent some other</span></td><td> </td><td class="rblock"><span class="insert"> of [TS-3GPP.23.003].</span> This <span class="insert">is in contrast</span> to <span class="insert">[RFC5448], which used</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> identifier at a lower layer or</span> as a <span class="delete">response</span> to <span class="delete">an EAP Identity</span></td><td> </td><td class="rblock"> the <span class="insert">identity as communicated in EAP and represented</span> as a <span class="insert">NAI. Also,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Request</span> or <span class="delete">if no identity was sent.</span></td><td> </td><td class="rblock"><span class="insert"> in contrast</span> to <span class="insert">[RFC5448], in 5G EAP-AKA' does not use the "0"</span> or <span class="insert">"6"</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> prefix in front of the identifier.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0024" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">The identity MUST also be represented in</span> the <span class="delete">exact correct</span> format <span class="delete">for</span></td><td> </td><td class="rblock"> <span class="insert">For an example of</span> the format <span class="insert">of</span> the <span class="insert">identity, see Clause 2.2 of</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> the <span class="delete">key derivation formula to produce correct results. In 5G, this</span></td><td> </td><td class="rblock"><span class="insert"> [TS-3GPP.23.003].</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> identifier is the SUPI. The SUPI format is as defined</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Section 5.3.1.1.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> In all other cases, the following applies:</td><td> </td><td class="right"> In all other cases, the following applies:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The identity used in the key derivation formula MUST be exactly</td><td> </td><td class="right"> The identity used in the key derivation formula MUST be exactly</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the one sent in EAP-AKA' AT_IDENTITY attribute, if one was sent,</td><td> </td><td class="right"> the one sent in EAP-AKA' AT_IDENTITY attribute, if one was sent,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> regardless of the kind of identity that it may have been. If no</td><td> </td><td class="right"> regardless of the kind of identity that it may have been. If no</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> AT_IDENTITY was sent, the identity MUST be the exactly the one</td><td> </td><td class="right"> AT_IDENTITY was sent, the identity MUST be the exactly the one</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> sent in the generic EAP Identity exchange, if one was made.</td><td> </td><td class="right"> sent in the generic EAP Identity exchange, if one was made.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Again, the identity MUST be used exactly as sent.</td><td> </td><td class="right"> Again, the identity MUST be used exactly as sent.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> If no identity was communicated inside EAP, then the identity is</td><td> </td><td class="right"> If no identity was communicated inside EAP, then the identity is</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the one communicated outside EAP in link layer messaging.</td><td> </td><td class="right"> the one communicated outside EAP in link layer messaging.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> In this case, the used identity MUST be the identity most recently</td><td> </td><td class="right"> In this case, the used identity MUST be the identity most recently</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> communicated by the peer to the network, again regardless of what</td><td> </td><td class="right"> communicated by the peer to the network, again regardless of what</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> type of identity it may have been.</td><td> </td><td class="right"> type of identity it may have been.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0025" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5.3.1.1. Format of the SUPI</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> A SUPI is either an IMSI or a Network Access Identifier [RFC7542].</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> When used in EAP-AKA', the format of the SUPI MUST be as specified in</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> [TS-3GPP.23.003] Section 28.7.2, with the semantics defined in</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> [TS-3GPP.23.003] Section 2.2A. Also, in contrast to [RFC5448], in 5G</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> EAP-AKA' does not use the "0" or "6" prefix in front of the entire</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> IMSI.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> For instance, if the IMSI is 234150999999999 (MCC = 234, MNC = 15),</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> the NAI format for the SUPI takes the form:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> [email protected]</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> </td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">5.3.2. EAP Identity Response and EAP-AKA' AT_IDENTITY Attribute</td><td> </td><td class="right">5.3.2. EAP Identity Response and EAP-AKA' AT_IDENTITY Attribute</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The EAP authentication option is only available in 5G when the new 5G</td><td> </td><td class="right"> The EAP authentication option is only available in 5G when the new 5G</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> core network is also in use. However, in other networks an EAP-AKA'</td><td> </td><td class="right"> core network is also in use. However, in other networks an EAP-AKA'</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> peer may be connecting to other types of networks and existing</td><td> </td><td class="right"> peer may be connecting to other types of networks and existing</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> equipment.</td><td> </td><td class="right"> equipment.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0026" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> When the EAP <span class="delete">peer is connecting to a 5G access network and uses the</span></td><td> </td><td class="rblock"> When the EAP server is in a 5G <span class="insert">network,</span> the <span class="insert">5G procedures</span> for EAP-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 5G Non-Access Stratum (NAS) protocol [TS-3GPP.24.501], the EAP</span> server</td><td> </td><td class="rblock"> <span class="insert">AKA' apply. When EAP server is defined</span> to be in a <span class="insert">5G network is</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> is in a 5G <span class="delete">network. The EAP identity exchanges are generally not</span></td><td> </td><td class="rblock"> specified in <span class="insert">[TS-3GPP.33.501].</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> used in this case, as the identity is already made available on</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> previous link layer exchanges.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> In this situation, the EAP server SHOULD NOT request an additional</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> identity from the peer. If</span> the <span class="delete">peer</span> for <span class="delete">some reason receives</span> EAP-</td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Request/Identity or EAP-Request/AKA-Identity messages, the peer</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> behaves as follows.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Receive EAP-Request/Identity</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> In this case, the peer MUST respond with a EAP-Response/Identity</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> containing the privacy-friendly 5G identifier, the SUCI. The SUCI</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> MUST be represented as specified in Section 5.3.2.1.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> EAP-Request/AKA-Identity with AT_PERMANENT_REQ</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> For privacy reasons, the peer MUST follow a "conservative" policy</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> and terminate the authentication exchange rather than risk</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> revealing its permanent identity.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> The peer MUST respond with EAP-Response/AKA-Client-Error with the</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> client error code 0, "unable</span> to <span class="delete">process packet".</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> EAP-Request/AKA-Identity with AT_FULLAUTH_REQ</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> In this case, the peer MUST respond with a EAP-Response/AKA-</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Identity containing the SUCI. The SUCI MUST</span> be <span class="delete">represented as</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> specified</span> in <span class="delete">Section 5.3.2.1.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> EAP-Request/AKA-Identity with AT_ANY_ID_REQ</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> If the peer supports fast re-authentication and has a fast re-</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> authentication identity available, the peer SHOULD respond with</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> EAP-Response/AKA-Identity containing the fast re-authentication</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> identity. Otherwise the peer MUST respond with</span> a <span class="delete">EAP-Response/</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> AKA-Identity containing the SUCI, and MUST represent the SUCI as</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> specified in <span class="delete">Section 5.3.2.1.</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0027" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Similarly, if</span> the <span class="delete">peer is communicating over a non-3GPP network but</span></td><td> </td><td class="rblock"> <span class="insert">Note: Currently, the following conditions are specified: when</span> the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> carrying</span> EAP <span class="delete">inside</span> 5G <span class="delete">NAS protocol, it MUST assume that</span> the EAP</td><td> </td><td class="rblock"> EAP <span class="insert">peer uses the</span> 5G <span class="insert">Non-Access Stratum (NAS) protocol</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">server is in</span> a 5G <span class="delete">network, and again employ the SUCI within EAP.</span></td><td> </td><td class="rblock"><span class="insert"> [TS-3GPP.24.501] or when</span> the EAP <span class="insert">peer attaches to</span> a <span class="insert">network that</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> advertises</span> 5G <span class="insert">connectivity without NAS [TS-3GPP.23.501]. Possible</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> future conditions may also be specified by 3GPP.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0028" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">Otherwise,</span> the <span class="delete">peer SHOULD employ IMSI, SUPI, or a NAI</span> as <span class="delete">it</span> is</td><td> </td><td class="rblock"> <span class="insert">When</span> the <span class="insert">5G procedures for EAP-AKA' apply, EAP identity exchanges are</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">configured to use.</span></td><td> </td><td class="rblock"><span class="insert"> generally not used</span> as <span class="insert">the identity</span> is <span class="insert">already made available on</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> previous link layer exchanges.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0029" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete">5.3.2.1. Format of</span> the <span class="delete">SUCI</span></td><td> </td><td class="rblock"> <span class="insert">In this situation,</span> the <span class="insert">EAP Identity Response and EAP-AKA' AT_IDENTITY</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> attribute are handled as specified in Annex F.2 of [TS-3GPP.33.501].</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> When used in EAP-AKA', the format of the SUCI MUST be as specified in</td><td> </td><td class="right"> When used in EAP-AKA', the format of the SUCI MUST be as specified in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.23.003] Section 28.7.3, with the semantics defined in</td><td> </td><td class="right"> [TS-3GPP.23.003] Section 28.7.3, with the semantics defined in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.23.003] Section 2.2B. Also, in contrast to [RFC5448], in 5G</td><td> </td><td class="right"> [TS-3GPP.23.003] Section 2.2B. Also, in contrast to [RFC5448], in 5G</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' does not use the "0" or "6" prefix in front of the</td><td> </td><td class="right"> EAP-AKA' does not use the "0" or "6" prefix in front of the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> identifier.</td><td> </td><td class="right"> identifier.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0030" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> For <span class="delete">instance, assuming the IMSI 234150999999999, where MCC=234,</span></td><td> </td><td class="rblock"> For <span class="insert">an example</span> of <span class="insert">an IMSI in</span> NAI <span class="insert">format, see [TS-3GPP.23.003]</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> MNC=15 and MSISN=0999999999, the Routing Indicator 678, and a Home</span></td><td> </td><td class="rblock"><span class="insert"> Section 28.7.3.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> Network Public Key Identifier</span> of <span class="delete">27, the</span> NAI <span class="delete">format for the SUCI</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> takes the form:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> For the null-scheme:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> [email protected].</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> mcc234.3gppnetwork.org</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"></span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> For the Profile <A> protection scheme:</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0031" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">type0.rid678.schid1.hnkey27.ecckey<ECC ephemeral public key>.</span></td><td> </td><td class="rblock"> <span class="insert">Otherwise, the peer SHOULD employ IMSI, SUPI, or a NAI as it is</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> cip<encryption of 0999999999>.mac<MAC tag value>@nai.5gc.</span></td><td> </td><td class="rblock"><span class="insert"> configured to use.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> mnc015.mcc234.3gppnetwork.org</span></td><td> </td><td class="rblock"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">6. Exported Parameters</td><td> </td><td class="right">6. Exported Parameters</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The EAP-AKA' Session-Id is the concatenation of the EAP Type Code</td><td> </td><td class="right"> The EAP-AKA' Session-Id is the concatenation of the EAP Type Code</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (0x32, one byte) with the contents of the RAND field from the AT_RAND</td><td> </td><td class="right"> (0x32, one byte) with the contents of the RAND field from the AT_RAND</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> attribute, followed by the contents of the AUTN field in the AT_AUTN</td><td> </td><td class="right"> attribute, followed by the contents of the AUTN field in the AT_AUTN</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> attribute:</td><td> </td><td class="right"> attribute:</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Session-Id = 0x32 || RAND || AUTN</td><td> </td><td class="right"> Session-Id = 0x32 || RAND || AUTN</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l11" /><small>skipping to change at</small><em> page 29, line 51</em></th><th> </th><th><a name="part-r11" /><small>skipping to change at</small><em> page 28, line 43</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> EAP-AKA' uses several different types of identifiers to identify the</td><td> </td><td class="right"> EAP-AKA' uses several different types of identifiers to identify the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> authenticating peer. It is strongly RECOMMENDED to use the privacy-</td><td> </td><td class="right"> authenticating peer. It is strongly RECOMMENDED to use the privacy-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> friendly temporary or hidden identifiers, i.e., the 5G SUCI,</td><td> </td><td class="right"> friendly temporary or hidden identifiers, i.e., the 5G SUCI,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> pseudonym usernames, and fast re-authentication usernames. The use</td><td> </td><td class="right"> pseudonym usernames, and fast re-authentication usernames. The use</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> of permanent identifiers such as the IMSI or SUPI may lead to an</td><td> </td><td class="right"> of permanent identifiers such as the IMSI or SUPI may lead to an</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> ability to track the peer and/or user associated with the peer. The</td><td> </td><td class="right"> ability to track the peer and/or user associated with the peer. The</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> use of permanent identifiers such as the IMSI or SUPI is strongly NOT</td><td> </td><td class="right"> use of permanent identifiers such as the IMSI or SUPI is strongly NOT</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> RECOMMENDED.</td><td> </td><td class="right"> RECOMMENDED.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> As discussed in Section 5.3, when authenticating to a 5G network,</td><td> </td><td class="right"> As discussed in Section 5.3, when authenticating to a 5G network,</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0032" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> only the 5G SUCI identifier <span class="delete">should be</span> used. The use of EAP-AKA'</td><td> </td><td class="rblock"> only the 5G SUCI identifier <span class="insert">is normally</span> used. The use of EAP-AKA'</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> pseudonyms in this situation is at best limited, because the 5G SUCI</td><td> </td><td class="right"> pseudonyms in this situation is at best limited, because the 5G SUCI</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> already provides a stronger mechanism. In fact, the re-use of the</td><td> </td><td class="right"> already provides a stronger mechanism. In fact, the re-use of the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> same pseudonym multiple times will result in a tracking opportunity</td><td> </td><td class="right"> same pseudonym multiple times will result in a tracking opportunity</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> for observers that see the pseudonym pass by. To avoid this, the</td><td> </td><td class="right"> for observers that see the pseudonym pass by. To avoid this, the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> peer and server need to follow the guidelines given in Section 5.2.</td><td> </td><td class="right"> peer and server need to follow the guidelines given in Section 5.2.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> When authenticating to a 5G network, per Section 5.3.1, both the EAP-</td><td> </td><td class="right"> When authenticating to a 5G network, per Section 5.3.1, both the EAP-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> AKA' peer and server need to employ the permanent identifier, SUPI,</td><td> </td><td class="right"> AKA' peer and server need to employ the permanent identifier, SUPI,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> as an input to key derivation. However, this use of the SUPI is only</td><td> </td><td class="right"> as an input to key derivation. However, this use of the SUPI is only</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> internal. As such, the SUPI need not be communicated in EAP</td><td> </td><td class="right"> internal. As such, the SUPI need not be communicated in EAP</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l12" /><small>skipping to change at</small><em> page 31, line 46</em></th><th> </th><th><a name="part-r12" /><small>skipping to change at</small><em> page 30, line 37</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> authenticated user's behalf. This particular attack is not different</td><td> </td><td class="right"> authenticated user's behalf. This particular attack is not different</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> from any on-path entity (such as a router) pretending to send</td><td> </td><td class="right"> from any on-path entity (such as a router) pretending to send</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> traffic, but the general issue of insider attacks can be a problem,</td><td> </td><td class="right"> traffic, but the general issue of insider attacks can be a problem,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> particularly in a large group of collaborating operators.</td><td> </td><td class="right"> particularly in a large group of collaborating operators.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Another class of attacks is the use of tunneling of traffic from one</td><td> </td><td class="right"> Another class of attacks is the use of tunneling of traffic from one</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> place to another, e.g., as done by Zhang and Fang in [ZF2005] to</td><td> </td><td class="right"> place to another, e.g., as done by Zhang and Fang in [ZF2005] to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> leverage security policy differences between different operator</td><td> </td><td class="right"> leverage security policy differences between different operator</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> networks, for instance. To gain something in such an attack, the</td><td> </td><td class="right"> networks, for instance. To gain something in such an attack, the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> attacker needs to trick the user into believing it is in another</td><td> </td><td class="right"> attacker needs to trick the user into believing it is in another</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0033" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">location where,</span> for instance, it is not required to encrypt all</td><td> </td><td class="rblock"> <span class="insert">location. If policies between different locations differ,</span> for</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> payload <span class="delete">traffic after encryption.</span> As an authentication mechanism,</td><td> </td><td class="rblock"> instance, <span class="insert">in some location</span> it is not required to encrypt all payload</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> EAP-AKA' is not directly affected by most such attacks. EAP-AKA'</td><td> </td><td class="rblock"> <span class="insert">traffic, the attacker may trick the user into opening a</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> network name binding can also help alleviate some of the attacks. In</td><td> </td><td class="rblock"><span class="insert"> vulnerability.</span> As an authentication mechanism, EAP-AKA' is not</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> any case, it is recommended that EAP-AKA' configuration not be</td><td> </td><td class="rblock"> directly affected by most such attacks. EAP-AKA' network name</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> dependent on the location of where a request comes from, unless the</td><td> </td><td class="rblock"> binding can also help alleviate some of the attacks. In any case, it</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> location information can be cryptographically confirmed, e.g., with</td><td> </td><td class="rblock"> is recommended that EAP-AKA' configuration not be dependent on the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> the network name binding.</td><td> </td><td class="rblock"> location of where a request comes from, unless the location</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> information can be cryptographically confirmed, e.g., with the</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> network name binding.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Zhang and Fang also looked at Denial-of-Service attacks [ZF2005]. A</td><td> </td><td class="right"> Zhang and Fang also looked at Denial-of-Service attacks [ZF2005]. A</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> serving network may request large numbers of authentication runs for</td><td> </td><td class="right"> serving network may request large numbers of authentication runs for</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> a particular subscriber from a home network. While resynchronization</td><td> </td><td class="right"> a particular subscriber from a home network. While resynchronization</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> process can help recover from this, eventually it is possible to</td><td> </td><td class="right"> process can help recover from this, eventually it is possible to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> exhaust the sequence number space and render the subscriber's card</td><td> </td><td class="right"> exhaust the sequence number space and render the subscriber's card</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> unusable. This attack is possible for both native AKA and EAP-AKA'.</td><td> </td><td class="right"> unusable. This attack is possible for both native AKA and EAP-AKA'.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> However, it requires the collaboration of a serving network in an</td><td> </td><td class="right"> However, it requires the collaboration of a serving network in an</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> attack. It is recommended that EAP-AKA' implementations provide</td><td> </td><td class="right"> attack. It is recommended that EAP-AKA' implementations provide</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> means to track, detect, and limit excessive authentication attempts</td><td> </td><td class="right"> means to track, detect, and limit excessive authentication attempts</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l13" /><small>skipping to change at</small><em> page 36, line 20</em></th><th> </th><th><a name="part-r13" /><small>skipping to change at</small><em> page 35, line 18</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 1 EAP-AKA' with CK'/IK' [RFC Editor: Refer to this RFC]</td><td> </td><td class="right"> 1 EAP-AKA' with CK'/IK' [RFC Editor: Refer to this RFC]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 2-65535 Unassigned</td><td> </td><td class="right"> 2-65535 Unassigned</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">9. References</td><td> </td><td class="right">9. References</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">9.1. Normative References</td><td> </td><td class="right">9.1. Normative References</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.23.003]</td><td> </td><td class="right"> [TS-3GPP.23.003]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3rd Generation Partnership Project; Technical</td><td> </td><td class="right"> 3GPP, "3rd Generation Partnership Project; Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Specification Group Core Network and Terminals; Numbering,</td><td> </td><td class="right"> Specification Group Core Network and Terminals; Numbering,</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0034" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> addressing and identification (Release <span class="delete">15)",</span></td><td> </td><td class="rblock"> addressing and identification (Release <span class="insert">16)",</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3GPP Technical Specification 23.003 version <span class="delete">15.8.0,</span></td><td> </td><td class="rblock"> 3GPP Technical Specification 23.003 version <span class="insert">16.5.0,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> September 2019.</span></td><td> </td><td class="rblock"><span class="insert"> December 2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.23.501]</td><td> </td><td class="right"> [TS-3GPP.23.501]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3rd Generation Partnership Project; Technical</td><td> </td><td class="right"> 3GPP, "3rd Generation Partnership Project; Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Specification Group Services and System Aspects; 3G</td><td> </td><td class="right"> Specification Group Services and System Aspects; 3G</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Security; Security architecture and procedures for 5G</td><td> </td><td class="right"> Security; Security architecture and procedures for 5G</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0035" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> System; (Release <span class="delete">15)",</span> 3GPP Technical Specification 23.501</td><td> </td><td class="rblock"> System; (Release <span class="insert">16)",</span> 3GPP Technical Specification 23.501</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> version <span class="delete">15.8.0,</span> December <span class="delete">2019.</span></td><td> </td><td class="rblock"> version <span class="insert">16.7.0,</span> December <span class="insert">2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.24.302]</td><td> </td><td class="right"> [TS-3GPP.24.302]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3rd Generation Partnership Project; Technical</td><td> </td><td class="right"> 3GPP, "3rd Generation Partnership Project; Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Specification Group Core Network and Terminals; Access to</td><td> </td><td class="right"> Specification Group Core Network and Terminals; Access to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the 3GPP Evolved Packet Core (EPC) via non-3GPP access</td><td> </td><td class="right"> the 3GPP Evolved Packet Core (EPC) via non-3GPP access</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0036" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> networks; Stage 3; (Release <span class="delete">15)",</span> 3GPP Technical</td><td> </td><td class="rblock"> networks; Stage 3; (Release <span class="insert">16)",</span> 3GPP Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Specification 24.302 version <span class="delete">15.7.0, June 2019.</span></td><td> </td><td class="rblock"> Specification 24.302 version <span class="insert">16.4.0, July 2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.24.501]</td><td> </td><td class="right"> [TS-3GPP.24.501]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3rd Generation Partnership Project; Technical</td><td> </td><td class="right"> 3GPP, "3rd Generation Partnership Project; Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Specification Group Core Network and Terminals; Access to</td><td> </td><td class="right"> Specification Group Core Network and Terminals; Access to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> the 3GPP Evolved Packet Core (EPC) via non-3GPP access</td><td> </td><td class="right"> the 3GPP Evolved Packet Core (EPC) via non-3GPP access</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0037" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> networks; Stage 3; (Release <span class="delete">15)",</span> 3GPP Draft Technical</td><td> </td><td class="rblock"> networks; Stage 3; (Release <span class="insert">16)",</span> 3GPP Draft Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Specification 24.501 version <span class="delete">15.6.0,</span> December <span class="delete">2019.</span></td><td> </td><td class="rblock"> Specification 24.501 version <span class="insert">16.7.0,</span> December <span class="insert">2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.33.102]</td><td> </td><td class="right"> [TS-3GPP.33.102]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3rd Generation Partnership Project; Technical</td><td> </td><td class="right"> 3GPP, "3rd Generation Partnership Project; Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Specification Group Services and System Aspects; 3G</td><td> </td><td class="right"> Specification Group Services and System Aspects; 3G</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0038" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Security; Security architecture (Release <span class="delete">15)",</span></td><td> </td><td class="rblock"> Security; Security architecture (Release <span class="insert">16)",</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> 3GPP Technical Specification 33.102 version <span class="delete">15.1.0,</span></td><td> </td><td class="rblock"> 3GPP Technical Specification 33.102 version <span class="insert">16.0.0, July</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> December 2018.</span></td><td> </td><td class="rblock"><span class="insert"> 2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.33.402]</td><td> </td><td class="right"> [TS-3GPP.33.402]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3GPP System Architecture Evolution (SAE); Security</td><td> </td><td class="right"> 3GPP, "3GPP System Architecture Evolution (SAE); Security</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0039" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> aspects of non-3GPP accesses (Release <span class="delete">15)",</span> 3GPP Technical</td><td> </td><td class="rblock"> aspects of non-3GPP accesses (Release <span class="insert">16)",</span> 3GPP Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> Specification 33.402 version <span class="delete">15.1.0, June 2018.</span></td><td> </td><td class="rblock"> Specification 33.402 version <span class="insert">16.0.0, July 2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [TS-3GPP.33.501]</td><td> </td><td class="right"> [TS-3GPP.33.501]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 3GPP, "3rd Generation Partnership Project; Technical</td><td> </td><td class="right"> 3GPP, "3rd Generation Partnership Project; Technical</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Specification Group Services and System Aspects; 3G</td><td> </td><td class="right"> Specification Group Services and System Aspects; 3G</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Security; Security architecture and procedures for 5G</td><td> </td><td class="right"> Security; Security architecture and procedures for 5G</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0040" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> System (Release <span class="delete">15)",</span> 3GPP Technical Specification 33.501</td><td> </td><td class="rblock"> System (Release <span class="insert">16)",</span> 3GPP Technical Specification 33.501</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> version <span class="delete">15.7.0,</span> December <span class="delete">2019.</span></td><td> </td><td class="rblock"> version <span class="insert">16.5.0,</span> December <span class="insert">2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [FIPS.180-4]</td><td> </td><td class="right"> [FIPS.180-4]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> National Institute of Standards and Technology, "Secure</td><td> </td><td class="right"> National Institute of Standards and Technology, "Secure</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Hash Standard", FIPS PUB 180-4, August 2015,</td><td> </td><td class="right"> Hash Standard", FIPS PUB 180-4, August 2015,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> <https://nvlpubs.nist.gov/nistpubs/FIPS/</td><td> </td><td class="right"> <https://nvlpubs.nist.gov/nistpubs/FIPS/</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> NIST.FIPS.180-4.pdf>.</td><td> </td><td class="right"> NIST.FIPS.180-4.pdf>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-</td><td> </td><td class="right"> [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Hashing for Message Authentication", RFC 2104,</td><td> </td><td class="right"> Hashing for Message Authentication", RFC 2104,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DOI 10.17487/RFC2104, February 1997, <https://www.rfc-</td><td> </td><td class="right"> DOI 10.17487/RFC2104, February 1997, <https://www.rfc-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l14" /><small>skipping to change at</small><em> page 39, line 10</em></th><th> </th><th><a name="part-r14" /><small>skipping to change at</small><em> page 38, line 10</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Authentication Protocol Method for Global System for</td><td> </td><td class="right"> Authentication Protocol Method for Global System for</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Mobile Communications (GSM) Subscriber Identity Modules</td><td> </td><td class="right"> Mobile Communications (GSM) Subscriber Identity Modules</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (EAP-SIM)", RFC 4186, DOI 10.17487/RFC4186, January 2006,</td><td> </td><td class="right"> (EAP-SIM)", RFC 4186, DOI 10.17487/RFC4186, January 2006,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> <https://www.rfc-editor.org/info/rfc4186>.</td><td> </td><td class="right"> <https://www.rfc-editor.org/info/rfc4186>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC4284] Adrangi, F., Lortz, V., Bari, F., and P. Eronen, "Identity</td><td> </td><td class="right"> [RFC4284] Adrangi, F., Lortz, V., Bari, F., and P. Eronen, "Identity</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Selection Hints for the Extensible Authentication Protocol</td><td> </td><td class="right"> Selection Hints for the Extensible Authentication Protocol</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (EAP)", RFC 4284, DOI 10.17487/RFC4284, January 2006,</td><td> </td><td class="right"> (EAP)", RFC 4284, DOI 10.17487/RFC4284, January 2006,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> <https://www.rfc-editor.org/info/rfc4284>.</td><td> </td><td class="right"> <https://www.rfc-editor.org/info/rfc4284>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0041" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">[RFC4306] Kaufman, C., Ed., "Internet Key Exchange (IKEv2)</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> Protocol", RFC 4306, DOI 10.17487/RFC4306, December 2005,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> <https://www.rfc-editor.org/info/rfc4306>.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC5113] Arkko, J., Aboba, B., Korhonen, J., Ed., and F. Bari,</td><td> </td><td class="right"> [RFC5113] Arkko, J., Aboba, B., Korhonen, J., Ed., and F. Bari,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> "Network Discovery and Selection Problem", RFC 5113,</td><td> </td><td class="right"> "Network Discovery and Selection Problem", RFC 5113,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> DOI 10.17487/RFC5113, January 2008, <https://www.rfc-</td><td> </td><td class="right"> DOI 10.17487/RFC5113, January 2008, <https://www.rfc-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> editor.org/info/rfc5113>.</td><td> </td><td class="right"> editor.org/info/rfc5113>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC5247] Aboba, B., Simon, D., and P. Eronen, "Extensible</td><td> </td><td class="right"> [RFC5247] Aboba, B., Simon, D., and P. Eronen, "Extensible</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Authentication Protocol (EAP) Key Management Framework",</td><td> </td><td class="right"> Authentication Protocol (EAP) Key Management Framework",</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> RFC 5247, DOI 10.17487/RFC5247, August 2008,</td><td> </td><td class="right"> RFC 5247, DOI 10.17487/RFC5247, August 2008,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> <https://www.rfc-editor.org/info/rfc5247>.</td><td> </td><td class="right"> <https://www.rfc-editor.org/info/rfc5247>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l15" /><small>skipping to change at</small><em> page 39, line 50</em></th><th> </th><th><a name="part-r15" /><small>skipping to change at</small><em> page 39, line 9</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T.</td><td> </td><td class="right"> [RFC7296] Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Kivinen, "Internet Key Exchange Protocol Version 2</td><td> </td><td class="right"> Kivinen, "Internet Key Exchange Protocol Version 2</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October</td><td> </td><td class="right"> (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, October</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 2014, <https://www.rfc-editor.org/info/rfc7296>.</td><td> </td><td class="right"> 2014, <https://www.rfc-editor.org/info/rfc7296>.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [I-D.ietf-emu-aka-pfs]</td><td> </td><td class="right"> [I-D.ietf-emu-aka-pfs]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Arkko, J., Norrman, K., and V. Torvinen, "Perfect-Forward</td><td> </td><td class="right"> Arkko, J., Norrman, K., and V. Torvinen, "Perfect-Forward</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Secrecy for the Extensible Authentication Protocol Method</td><td> </td><td class="right"> Secrecy for the Extensible Authentication Protocol Method</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> for Authentication and Key Agreement (EAP-AKA' PFS)",</td><td> </td><td class="right"> for Authentication and Key Agreement (EAP-AKA' PFS)",</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0042" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> <span class="delete">draft-ietf-emu-aka-pfs-02</span> (work in progress), <span class="delete">November</span></td><td> </td><td class="rblock"> <span class="insert">draft-ietf-emu-aka-pfs-05</span> (work in progress), <span class="insert">October</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"><span class="delete"> 2019.</span></td><td> </td><td class="rblock"><span class="insert"> 2020.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [Heist2015]</td><td> </td><td class="right"> [Heist2015]</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Scahill, J. and J. Begley, "The great SIM heist", February</td><td> </td><td class="right"> Scahill, J. and J. Begley, "The great SIM heist", February</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> 2015, in https://firstlook.org/theintercept/2015/02/19/</td><td> </td><td class="right"> 2015, in https://firstlook.org/theintercept/2015/02/19/</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> great-sim-heist/ .</td><td> </td><td class="right"> great-sim-heist/ .</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [MT2012] Mjolsnes, S. and J-K. Tsay, "A vulnerability in the UMTS</td><td> </td><td class="right"> [MT2012] Mjolsnes, S. and J-K. Tsay, "A vulnerability in the UMTS</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> and LTE authentication and key agreement protocols",</td><td> </td><td class="right"> and LTE authentication and key agreement protocols",</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> October 2012, in Proceedings of the 6th international</td><td> </td><td class="right"> October 2012, in Proceedings of the 6th international</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> conference on Mathematical Methods, Models and</td><td> </td><td class="right"> conference on Mathematical Methods, Models and</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l16" /><small>skipping to change at</small><em> page 41, line 40</em></th><th> </th><th><a name="part-r16" /><small>skipping to change at</small><em> page 40, line 45</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Thirdly, exported parameters for EAP-AKA' have been defined in</td><td> </td><td class="right"> Thirdly, exported parameters for EAP-AKA' have been defined in</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Section 6, as required by [RFC5247], including the definition of</td><td> </td><td class="right"> Section 6, as required by [RFC5247], including the definition of</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> those parameters for both full authentication and fast re-</td><td> </td><td class="right"> those parameters for both full authentication and fast re-</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> authentication.</td><td> </td><td class="right"> authentication.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The security, privacy, and pervasive monitoring considerations have</td><td> </td><td class="right"> The security, privacy, and pervasive monitoring considerations have</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> been updated or added. See Section 7.</td><td> </td><td class="right"> been updated or added. See Section 7.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> The references to [RFC2119], [RFC7542], [RFC7296], [RFC8126],</td><td> </td><td class="right"> The references to [RFC2119], [RFC7542], [RFC7296], [RFC8126],</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> [FIPS.180-1] and [FIPS.180-2] have been updated to their most recent</td><td> </td><td class="right"> [FIPS.180-1] and [FIPS.180-2] have been updated to their most recent</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0043" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> versions and language in this document changed accordingly.</td><td> </td><td class="rblock"> versions and language in this document changed accordingly. <span class="insert">However,</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> this is merely an update to a newer RFC but the actual protocol</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> functions are the same as defined in the earlier RFCs.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Similarly, references to all 3GPP technical specifications have been</td><td> </td><td class="right"> Similarly, references to all 3GPP technical specifications have been</td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0044" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"> updated to their 5G (Release 1<span class="delete">5</span>) versions or otherwise most recent</td><td> </td><td class="rblock"> updated to their 5G (Release 1<span class="insert">6</span>) versions or otherwise most recent</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> version when there has not been a 5G-related update.</td><td> </td><td class="right"> version when there has not been a 5G-related update.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Finally, a number of clarifications have been made, including a</td><td> </td><td class="right"> Finally, a number of clarifications have been made, including a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> summary of where attributes may appear.</td><td> </td><td class="right"> summary of where attributes may appear.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Appendix B. Changes to RFC 4187</td><td> </td><td class="right">Appendix B. Changes to RFC 4187</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> In addition to specifying EAP-AKA', this document mandates also a</td><td> </td><td class="right"> In addition to specifying EAP-AKA', this document mandates also a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> change to another EAP method, EAP-AKA that was defined in RFC 4187.</td><td> </td><td class="right"> change to another EAP method, EAP-AKA that was defined in RFC 4187.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> This change was mandated already in RFC 5448 but repeated here to</td><td> </td><td class="right"> This change was mandated already in RFC 5448 but repeated here to</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno"></td></tr>
<tr bgcolor="gray" ><td></td><th><a name="part-l17" /><small>skipping to change at</small><em> page 44, line 46</em></th><th> </th><th><a name="part-r17" /><small>skipping to change at</small><em> page 44, line 5</em></th><td></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> specifications, such as key derivation for AKA, would affect this</td><td> </td><td class="right"> specifications, such as key derivation for AKA, would affect this</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> specification and implementations.</td><td> </td><td class="right"> specification and implementations.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> o References have been updated to the latest Release 15 versions,</td><td> </td><td class="right"> o References have been updated to the latest Release 15 versions,</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> that are now stable.</td><td> </td><td class="right"> that are now stable.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> o Tables have been numbered.</td><td> </td><td class="right"> o Tables have been numbered.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> o Adopted a number of other editorial corrections.</td><td> </td><td class="right"> o Adopted a number of other editorial corrections.</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td><a name="diff0045" /></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> <span class="insert">The version -08 includes the following changes:</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Alignment of the 3GPP TS Annex and this draft, so that each</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> individual part of the specification is stated in only one place.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> This has lead to this draft referring to bigger parts of the 3GPP</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> specification, instead of spelling out the details within this</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> document. Note that this alignment change is a proposal at this</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> stage, and will be discussed in the upcoming 3GPP meeting.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Relaxed the language on using only SUCI in 5G. While that is the</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> mode of operation expected to be used, [TS-3GPP.33.501] does not</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> prohibit other types of identifiers.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> The version -09 includes the following changes:</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Updated the language relating to obsoleting/updating RFC 5448;</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> there was an interest to ensure that RFC 5448 stays a valid</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> specification also in the future, owing to existing</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> implementations.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Clarified that the leading digit "6" is not used in 5G networks.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Updated the language relating to when 5G-specific procedures are</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> in effect, to support new use cases 3GPP has defined.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Updated the reference in Section 3.3, as the identities are</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> different in the 5G case.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Clarified that the use of the newer reference to IKEv2 RFC did not</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> change the actual PRF' function from RFC 5448.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Clarified that the Section 5.2 text does not impact backwards</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> compatibility.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Corrected the characterization of the attack from [ZF2005].</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Mentioned 5G GUTIs as one possible 5G-identifier in Section 5.1.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"></span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> o Updated the references to Release 16. These specifications are</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"><span class="insert"> stable in 3GPP.</span></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="lblock"></td><td> </td><td class="rblock"> </td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left">Appendix D. Importance of Explicit Negotiation</td><td> </td><td class="right">Appendix D. Importance of Explicit Negotiation</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"></td><td> </td><td class="right"></td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> Choosing between the traditional and revised AKA key derivation</td><td> </td><td class="right"> Choosing between the traditional and revised AKA key derivation</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> functions is easy when their use is unambiguously tied to a</td><td> </td><td class="right"> functions is easy when their use is unambiguously tied to a</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> particular radio access network, e.g., Long Term Evolution (LTE) as</td><td> </td><td class="right"> particular radio access network, e.g., Long Term Evolution (LTE) as</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> defined by 3GPP or evolved High Rate Packet Data (eHRPD) as defined</td><td> </td><td class="right"> defined by 3GPP or evolved High Rate Packet Data (eHRPD) as defined</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> by 3GPP2. There is no possibility for interoperability problems if</td><td> </td><td class="right"> by 3GPP2. There is no possibility for interoperability problems if</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> this radio access network is always used in conjunction with new</td><td> </td><td class="right"> this radio access network is always used in conjunction with new</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> protocols that cannot be mixed with the old ones; clients will always</td><td> </td><td class="right"> protocols that cannot be mixed with the old ones; clients will always</td><td class="lineno" valign="top"></td></tr>
<tr><td class="lineno" valign="top"></td><td class="left"> know whether they are connecting to the old or new system.</td><td> </td><td class="right"> know whether they are connecting to the old or new system.</td><td class="lineno" valign="top"></td></tr>
<tr><td></td><td class="left"></td><td> </td><td class="right"></td><td></td></tr>
<tr bgcolor="gray"><th colspan="5" align="center"><a name="end"> End of changes. 45 change blocks. </a></th></tr>
<tr class="stats"><td></td><th><i>180 lines changed or deleted</i></th><th><i> </i></th><th><i>178 lines changed or added</i></th><td></td></tr>
<tr><td colspan="5" align="center" class="small"><br/>This html diff was produced by rfcdiff 1.42. The latest version is available from <a href="http://www.tools.ietf.org/tools/rfcdiff/" >http://tools.ietf.org/tools/rfcdiff/</a> </td></tr>
</table>
</body>
</html>