KAF

AKMA Application Key

Security
Introduced in Rel-16
A cryptographic key derived within the AKMA framework to secure application-level communication between a UE and an Application Function. It enables secure service access without requiring new authentication procedures for each application session, enhancing efficiency and security for 3GPP network-integrated services.

Description

The KAF (AKMA Application Key) is a crucial security element within the Authentication and Key Management for Applications (AKMA) framework standardized by 3GPP. It is a symmetric cryptographic key uniquely generated for a specific user equipment (UE) and a specific Application Function (AF). The KAF is not directly provisioned but is dynamically derived from a root key known as the KAKMA (AKMA Anchor Key), which itself is established during the primary 5G AKA or EAP-AKA' authentication procedure between the UE and the network. The derivation process involves input parameters such as the AF's identity (e.g., its FQDN), ensuring key separation so that each UE-AF pair has a distinct KAF.

The generation of the KAF is a distributed process. The UE and the AKMA Anchor Function (AAnF) in the home network independently compute the same KAF using the shared KAKMA and the agreed-upon derivation inputs. The AAnF then securely provides this KAF to the requesting AF over the Naf interface. This architecture ensures the AF never learns the root KAKMA, and the UE never exposes the KAF externally, maintaining a strong security chain. The KAF's primary role is to enable the establishment of a secure channel, typically using TLS-PSK (Pre-Shared Key) or similar mechanisms, between the UE and the AF.

Once established, the KAF is used to secure application-layer communications. It can directly serve as a pre-shared key for TLS or be used to derive further session keys for encryption and integrity protection of application data. This model offloads authentication and key management from the application server to the 3GPP security infrastructure, leveraging the robust, subscription-based network authentication. The KAF's lifecycle is tied to the underlying KAKMA; it remains valid as long as the KAKMA is valid, which is typically aligned with the UE's registration state, providing a balance between security and service continuity.

Purpose & Motivation

The KAF was introduced to solve the problem of repetitive and inefficient authentication for over-the-top (OTT) and operator-hosted applications accessing 3GPP networks. Before AKMA, applications often required their own authentication mechanisms (like usernames/passwords or API tokens), which were separate from the robust cellular network authentication. This created a poor user experience, increased credential management overhead, and could introduce security weaknesses if application-level credentials were weak or poorly managed.

AKMA, and specifically the KAF, was created to leverage the strong, primary authentication performed by the 3GPP core network (5GC) for securing application access. Its purpose is to enable seamless and secure bootstrapping of application security. By deriving the KAF from the already-established network authentication, it eliminates the need for the user to perform a separate log-in for trusted applications. This is particularly valuable for services that require a verified mobile subscriber identity and for IoT scenarios where manual intervention is impossible.

The motivation stems from the need for a standardized, network-centric authentication framework for applications, moving beyond basic network access security. It addresses the limitation of previous approaches where application security was siloed. KAF provides a standardized way for Application Functions to obtain cryptographically strong keys tied to a proven subscriber identity, enabling new business models like identity-as-a-service and secure IoT service enablement directly from the 3GPP network trust anchor.

Key Features

  • Derived from the root AKMA Anchor Key (KAKMA) ensuring a cryptographically strong chain of trust.
  • Uniquely bound to a specific UE and a specific Application Function (AF) identity for key separation.
  • Enables TLS-PSK and other secure application protocol sessions without user-intervened authentication.
  • Distributed generation: computed independently by the UE and the AAnF based on shared parameters.
  • Lifecycle managed by the network, typically aligned with the UE's registration state.
  • Allows AFs to verify the subscriber's identity and status based on network authentication.

Evolution Across Releases

Rel-16 Initial

Introduced as part of the initial AKMA framework. Defined the KAF derivation mechanism from the KAKMA, its provisioning to the AF via the AAnF (Naf interface), and its use for securing application sessions. Established the foundational architecture integrating application security with 5G core network authentication.

TS 29.522TS 33.127TS 33.535

Defining Specifications

SpecificationTitle
TS 29.522 3GPP TS 29.522
TS 33.127 3GPP TR 33.127
TS 33.535 3GPP TR 33.535