Authentication credential Repository and Processing Function

Description

The Authentication credential Repository and Processing Function (ARPF) is a fundamental security component within the 5G Core Network's Authentication Server Function (AUSF) and Unified Data Management (UDM) architecture. It serves as the secure repository for subscriber authentication credentials, primarily the long-term secret key (K) and associated subscription identifier (SUPI). The ARPF's primary role is to execute the cryptographic algorithms required for the 5G Authentication and Key Agreement (5G-AKA) and EAP-AKA' procedures. When an authentication request is initiated, the AUSF/UDM invokes the ARPF to generate authentication vectors, which include random challenges (RAND), network authentication tokens (AUTN), expected responses (XRES*), and the anchor key (K_AUSF) from which all subsequent session keys are derived.

Architecturally, the ARPF is not a standalone Network Function (NF) but is logically integrated within the UDM for credential storage and within the AUSF for authentication vector processing, as defined in 3GPP TS 33.501. This separation aligns with the service-based architecture principle, where the UDM manages subscription data and the AUSF handles authentication procedures. The ARPF interfaces internally with these functions via service-based interfaces. It stores credentials per subscription, typically indexed by the Subscription Permanent Identifier (SUPI), and supports the home network's authentication policies. Its processing includes executing the Milenage or TUAK algorithm sets to generate the quintuplet (RAND, XRES*, AUTN, K_AUSF) for 5G-AKA.

The ARPF's operation is triggered during initial registration or re-authentication. Upon receiving a request from the AUSF (for 5G-AKA) or directly from the UDM (for EAP-AKA'), the ARPF retrieves the subscriber's long-term key (K) and SUPI. It then generates a random challenge (RAND) and computes the AUTN, which includes a sequence number (SQN) and a message authentication code (MAC) to authenticate the network to the UE. Simultaneously, it computes the expected response (XRES*) and the anchor key K_AUSF. These outputs form the authentication vector sent to the AUSF, which forwards relevant parts to the UE via the serving network. The UE performs identical computations; if its response (RES*) matches XRES*, authentication succeeds, and both sides derive the same K_AUSF for subsequent key hierarchy derivation.

Key components of the ARPF functionality include the credential database (storing K and SUPI), the cryptographic algorithm engine (Milenage/TUAK), and the policy enforcement module for authentication method selection. Its role extends beyond mere storage—it ensures the long-term key never leaves the secure boundary, mitigating key exposure risks. The ARPF also supports subscription de-synchronization detection by managing SQN synchronization, preventing replay attacks. In roaming scenarios, the ARPF resides in the home network, allowing the home operator to retain control over authentication credentials while the serving network handles access procedures, enhancing security and privacy compared to previous generations.

The ARPF is central to 5G's enhanced security framework, enabling features like subscription privacy (SUCI concealment), service-based architecture security, and network slicing isolation. By centralizing credential processing, it provides a consistent authentication mechanism across access technologies (3GPP and non-3GPP). Its design supports regulatory requirements for secure credential handling and facilitates future authentication method upgrades without impacting other network functions, ensuring longevity and adaptability in evolving threat landscapes.

Purpose & Motivation

The ARPF was introduced in 5G (Release 15) to address critical security shortcomings in previous cellular generations, particularly the vulnerabilities in 3G and 4G authentication systems. In 2G/3G/4G, authentication credentials were often stored in the Home Subscriber Server (HSS) with less granular cryptographic processing, and key derivation was sometimes distributed across network elements, increasing exposure risks. The lack of a dedicated, function-specific credential processor made it harder to implement robust key separation and privacy enhancements. 5G's requirement for stronger subscriber identity protection (via SUCI), support for network slicing (requiring isolated authentication contexts), and integration with non-3GPP access (e.g., Wi-Fi) necessitated a more sophisticated and centralized credential management approach.

The primary problem the ARPF solves is the secure isolation and processing of long-term authentication keys. By encapsulating credential storage and cryptographic operations within a defined logical function, it prevents key leakage across network interfaces and reduces the attack surface. This is especially important in 5G's service-based architecture, where network functions communicate via HTTP/2-based APIs—centralizing sensitive operations in the ARPF minimizes the risk of credential exposure during authentication signaling. Additionally, the ARPF enables the 5G security anchor, K_AUSF, to be derived within a controlled environment, ensuring that the long-term key (K) is never transmitted or used directly for session protection, thereby enhancing forward secrecy and key hierarchy robustness.

Historically, authentication in 4G LTE involved the HSS generating authentication vectors (AVs) containing multiple keys, some of which were sent to the MME and eNodeB, creating potential interception points. The ARPF's creation was motivated by the need to streamline this process while improving security. It supports 5G's home-controlled authentication model, where the home network (via ARPF) always generates the authentication vectors, even in roaming scenarios, ensuring consistent security policies. This addresses limitations like the lack of home network authentication in some 4G roaming setups. The ARPF also facilitates the introduction of new authentication methods (e.g., EAP-TLS for IoT) by providing a modular framework for credential processing, future-proofing the network against evolving threats and regulatory demands for enhanced privacy and data protection.

Key Features

• Secure storage of long-term subscriber authentication key (K) and SUPI
• Cryptographic generation of authentication vectors for 5G-AKA and EAP-AKA' procedures
• Execution of Milenage or TUAK algorithm sets for authentication and key derivation
• Home network control over authentication credentials in roaming scenarios
• Support for subscription privacy through SUCI-based authentication initiation
• Management of sequence number (SQN) synchronization to prevent replay attacks

Evolution Across Releases

Defining Specifications