KAKMA

AKMA Anchor Key

Security →
Introduced in Rel-16

KAKMA is the root symmetric key in the AKMA framework, generated from 5G authentication, which serves as the master secret for deriving application-specific keys and anchors application security to the subscriber's network credential.

Category
Security
Introduced
Rel-16
Where
Core Network › 5G Core
Specifications
2 specs
KAKMA Description Purpose Related Classification Detected Changes Specifications

Description

The KAKMA (AKMA Anchor Key) is the foundational cryptographic key within the Authentication and Key Management for Applications (AKMA) system. It is a symmetric key established as a byproduct of a successful primary authentication procedure between the User Equipment (UE) and the 5G Core Network, specifically using 5G AKA or EAP-AKA' protocols. During this authentication, the Authentication Server Function (AUSF) generates the KAKMA. It is then securely stored and managed by a dedicated network function called the AKMA Anchor Function (AAnF) within the subscriber's home network. A corresponding KAKMA is also derived independently by the UE using its stored subscription credentials and the authentication parameters received from the network.

The KAKMA is not used directly to secure any traffic. Instead, its sole purpose is to serve as a root key for deriving other keys, primarily the AKMA Application Keys (KAFs). The derivation of a KAF from the KAKMA uses a Key Derivation Function (KDF) with specific input parameters, including the target Application Function's identity. This ensures cryptographic separation: each application gets a unique key derived from the same root, preventing compromise of one application from affecting others. The AAnF acts as the custodian of the KAKMA for the network side, using it to generate KAFs on-demand for authorized Application Functions.

Architecturally, the KAKMA sits at the heart of the AKMA trust model. It bridges the world of network access security (handled by the AMF, AUSF, and UDM) and application-level security. Its lifecycle is managed by the network and is typically valid for the duration of the UE's registration state or a configured time period. When the UE deregisters or the key expires, the KAKMA is deleted, invalidating all KAFs derived from it, thereby providing centralized security control. The security of the entire AKMA framework hinges on the confidentiality and integrity of the KAKMA, which is protected within the secure environments of the UE's tamper-resistant element and the home network's trusted functions.

Purpose & Motivation

The KAKMA was created to provide a persistent, network-derived cryptographic anchor that extends the trust from 3GPP primary authentication into the application layer. Prior to AKMA, there was no standardized mechanism for applications to leverage the strong, SIM-based authentication of the cellular network. Applications had to establish their own security context from scratch, often with weaker methods. The KAKMA solves this by creating a reusable security asset post-network authentication.

Its existence addresses the problem of authentication silos. Without it, each service provider (Application Function) would need to implement its own authentication and key agreement with the user, leading to a fragmented user experience and complex key management. The KAKMA provides a common root of trust within the home operator's domain, allowing multiple, potentially unrelated, Application Functions to obtain secure, user-specific keys without ever interacting with the user's long-term credential directly.

The motivation is rooted in enabling new service paradigms like secure IoT onboarding, seamless media service access, and identity federation, where the mobile network identity is a valuable asset. By establishing the KAKMA, 3GPP defined a standardized way to bootstrap a wide array of application security sessions, simplifying development for service providers and enhancing security and usability for end-users. It transforms the network from a pure connectivity provider into a trusted security anchor for a digital ecosystem.

Classification

Part ofAKMA
Related approachesKAF

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (44 CRs across 3 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Rel-16 8 changes

In Release 16, the AKMA (AKMA Anchor Key) function was introduced, defining the AAnF (AKMA Anchor Function) which receives the AKMA Anchor Key (K_AKMA) from the AUSF. This foundational framework enables the AAnF to derive application-specific keys (K_AF) for AFs, with key requests from external AFs being routed through the NEF. The release also included subsequent clarifications and corrections to AKMA procedures, key lifetimes, and SBA interfaces.

  • Clarifications on error response handling in AKMA process TS 33.535CR0009
  • Re-authentication in AKMA TS 33.535CR0013
  • Adding AKMA context description TS 33.535CR0020
  • Corrections to AKMA key lifetimes TS 33.535CR0024
  • Corrections and clarifications to AKMA procedures TS 33.535CR0025
  • AKMA SBA interface clarifications TS 33.535CR0032

+ 2 more changes

Rel-17 15 changes

In Release 17, the AKMA (AKMA Anchor Key) function was enhanced with new capabilities for Lawful Interception (LI) integration, specifying IRI events for anchor key registration and application key retrieval. The release introduced the AKMA Anchor Function (AAnF) to manage the AKMA context, including its removal, and to select and serve internal Application Functions (AFs) by providing the subscriber's GPSI. Furthermore, support for the TLS 1.3 protocol using AKMA-derived keys was added, alongside profiling of GBA TLS protocols for use with AKMA, and clarifications were made for UE procedures and the TLS specification.

  • CR adding LI for AKMA (stage 2) TS 33.127CR0140
  • AAnF checks AKMA service for UE and AF in clause 6.3 TS 33.535CR0055
  • Profiling the GBA TLS protocols for use with AKMA TS 33.535CR0066
  • Adding TLS 1.3 with AKMA keys TS 33.535CR0099
  • Changes to 5G core-anchored LI architecture figure TS 33.127CR0145
  • Adding details of AKMA application key generation in the UE TS 33.535CR0047

+ 9 more changes

Rel-18 21 changes

In Release 18, the KAKMA (AKMA Anchor Key) function was enhanced with new capabilities for re-keying linked to HONTRA and a refresh mechanism linking the KAF to the KAKMA refresh. The release also introduced policy control for AKMA roaming in the AAnF and added new Ua security protocol options, specifically DTLS and IETF OSCORE, as defined in TS 33.535. Furthermore, procedures for AKMA service disabling were updated, including notification via the NEF, and the AKMA context definition in the specification was refined.

  • AKMA phase 2 security enhancement TS 33.535CR0154
  • KAKMA re-keying relaed to HONTRA TS 33.535CR0155
  • Add AKMA Ua protocol based on DTLS to TS 33.535 TS 33.535CR0164
  • IETF OSCORE as AKMA Ua protocol TS 33.535CR0175
  • AKMA roaming policy control in AAnF TS 33.535CR0207
  • Link KAF refresh to KAKMA refresh TS 33.535CR0165

+ 15 more changes

Explore further

Broader topics and technologies where KAKMA plays a role.

Topics
Authentication (5G-AKA, EAP)Encryption & IntegrityMEC (Edge Computing)5G NR (New Radio)Lawful InterceptIoT & MTC
Technologies
5G

Defining Specifications

3GPP specifications that define or reference KAKMA, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 33.127 vj50 Lawful Interception Architecture and Functions Rel-19
TS 33.535 vj00 5G AKMA: Authentication and Key Management for Apps Rel-19