FORM 2
THE PATENTS ACT, 1970 (39 OF 1970) & THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
“METHOD AND SYSTEM FOR AUTHENTICATING A USER
EQUIPMENT (UE)”
We, Jio Platforms Limited, an Indian National, of Office - 101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad - 380006, Gujarat, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

METHOD AND SYSTEM FOR AUTHENTICATING A USER
EQUIPMENT (UE)
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is related to the co-pending Indian Patent Application No. 202321045216 filed on 5 July 2023. The contents of this application may be read in conjunction with the specification of the afore-mentioned co-pending application.
FIELD OF INVENTION
[0002] Embodiments of the present disclosure relate generally to the field of wireless communication systems. More particularly, embodiments of the present disclosure relate to methods and systems for authenticating a User Equipment (UE).
BACKGROUND
[0003] The following description of the related art is intended to provide background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section is used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of the prior art.
[0004] Wireless communication technology has rapidly evolved over the past few decades, with each generation bringing significant improvements and advancements. The first generation of wireless communication technology was based on analog technology and offered only voice services. However, with the advent of the second generation (2G) technology, digital communication and data services became possible, and text messaging was introduced. The third generation

(3G) technology marked the introduction of high-speed internet access, mobile video calling, and location-based services. The fourth generation (4G) technology revolutionized wireless communication with faster data speeds, better network coverage, and improved security. Currently, the fifth generation (5G) technology is being deployed, promising even faster data speeds, low latency, and the ability to connect multiple devices simultaneously. With each generation, wireless communication technology has become more advanced, sophisticated, and capable of delivering more services to its users.
[0005] When a device is switched ON, or when any periodic authentication of a User Equipment is performed by network servers such as unified data management (UDM) server, etc., authentication keys are generated by the system. These authentication keys may be based on any of the existing techniques, for example, the pseudo-random number keys. However, standard pseudo-random number generators in many cases are not able to withstand cryptographic attacks as pseudo¬random numbers are generated by a deterministic computer algorithm.
[0006] The unified data management (UDM)/ home subscriber server (HSS)/ home location register (HLR) servers require a high level of data authentication as they store data credentials for authentication of subscribers. Further, a lot of keys are also generated for further communication and other authentication purposes. These authentication keys are generated for protecting the confidential data.
[0007] The authentication keys generated for protecting confidential data are generated using random numbers, more specifically, pseudo-random numbers. The pseudo-random numbers can be predicted by using quantum computers in a very short time. Further, over a period of time, various solutions have been developed to generate random numbers which have a high degree of randomness, for example, true pseudo-random number generators. However, there are certain challenges with existing solutions. The existing techniques have a drawback that they can still be

predicted by computers, or by some or the other means, especially by the high-performance quantum computing systems.
[0008] Thus, there exists an imperative need in the art to provide methods and systems that are able to generate authentication keys using some random number generators in a unified data management (UDM)/ home subscriber server (HSS)/ home location register (HLR) server, where the random numbers do not follow a predictable pattern and therefore are not vulnerable to cryptographic attacks, which the present disclosure aims to address.
SUMMARY
[0009] This section is provided to introduce certain aspects of the present disclosure in a simplified form that are further described below in the detailed description. This summary is not intended to identify the key features or the scope of the claimed subject matter.
[0010] An aspect of the present disclosure may relate to a method for a User Equipment, the method comprising receiving, by a transceiver unit, a request for performing an authentication procedure from the User Equipment. The method further comprises retrieving, by a collection unit, a quantum random number from the QRNG module. The method furthermore comprises performing, by an authentication unit, the authentication of the User Equipment based at least on the quantum random number received from the QRNG module.
[0011] In an exemplary aspect of the present disclosure, the transceiver unit, the collection unit, and the authentication unit may be implemented in a network server. The network server may be one of a unified data management (UDM) server, a home subscriber server (HSS), and a home location register (HLR) server.

[0012] In an exemplary aspect of the present disclosure, post the retrieving, by the collection unit, the quantum random number from the QRNG module, the method comprises storing, by the collection unit, in a storage unit, the quantum random number received from the QRNG module.
[0013] Another aspect of the present disclosure may relate to a system for authenticating a User Equipment, the system comprising a transceiver unit configured to receive a request for performing an authentication procedure from the User Equipment. The system further comprises a collection unit connected to at least the transceiver unit, the collection unit configured to retrieve a quantum random number from the QRNG module. The system furthermore comprises an authentication unit connected at least to the collection unit, the authentication unit configured to perform the authentication of the User Equipment based at least on the quantum random number received from the QRNG module.
[0014] Another aspect of the present disclosure may relate to a User Equipment (UE) comprising a memory and a processor coupled to the memory. The processor may be configured to transmit, to a network server, a request to perform an authentication procedure. The authentication procedure may be performed by the network server based on: receiving the request, from UE, retrieving a quantum number from a Quantum Random Number Generation (QRNG) module; and performing the authentication of the UE based at least on the quantum random number received from the QRNG module.
[0015] Yet another aspect of the present disclosure may relate to a non-transitory computer readable storage medium, storing instructions for authenticating a User Equipment. The instructions include executable code which, when executed by one or more units of a system, causes: a transceiver unit of the system to receive a request for performing an authentication procedure from the User Equipment; a collection unit of the system to retrieve a quantum random number from the QRNG module; and an authentication unit of the system to perform the authentication of

the User Equipment based at least on the quantum random number received from the QRNG module.
OBJECTS OF THE DISCLOSURE
[0016] Some of the objects of the present disclosure, which at least one embodiment disclosed herein satisfies are listed herein below.
[0017] It is an object of the present disclosure to provide a system and a method for authenticating a User Equipment.
[0018] It is an object of the present disclosure to provide a system for generating authentication keys using quantum random number generator (QRNG) module in a unified data management (UDM)/ home subscriber server (HSS)/ home location register (HLR) server.
[0019] It is another object of the present disclosure to provide a solution in which the authentication of User Equipment, and the authentication pertaining to confidential data related to subscribers of communication networks is performed using random numbers that do not follow a predictable pattern and therefore, are not vulnerable to cryptographic attacks.
[0020] It is yet another object of the present disclosure to provide a solution in which the authentication of confidential data related to subscribers of communication networks is performed using random numbers that are generated using quantum random number generators.
BRIEF DESCRIPTION OF THE DRAWINGS
[0021] The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods

and systems in which like reference numerals refer to the same parts throughout the
different drawings. Components in the drawings are not necessarily to scale,
emphasis instead being placed upon clearly illustrating the principles of the present
disclosure. Also, the embodiments shown in the figures are not to be construed as
5 limiting the disclosure, but the possible variants of the method and system
according to the disclosure are illustrated herein to highlight the advantages of the disclosure. It will be appreciated by those skilled in the art that disclosure of such drawings includes disclosure of electrical components or circuitry commonly used to implement such components. 10
[0022] FIG. 1 illustrates an exemplary block diagram representation of 5th generation core (5GC) network architecture.
[0023] FIG. 2 illustrates an exemplary block diagram of a computing device upon
15 which the features of the present disclosure may be implemented in accordance with
exemplary implementation of the present disclosure.
[0024] FIG. 3 illustrates an exemplary block diagram of a system for authenticating
a User Equipment in accordance with exemplary implementations of the present
20 disclosure.
[0025] FIG. 4 illustrates a method flow diagram for authenticating a User Equipment, in accordance with exemplary implementations of the present disclosure. 25
[0026] FIG. 5 illustrates a high-level network architecture [600] of an exemplary system for authenticating a User Equipment, in accordance with exemplary embodiments of the present disclosure. 30
7

[0027] The foregoing shall be more apparent from the following detailed description of the disclosure.
DETAILED DESCRIPTION
5
[0028] In the following description, for the purposes of explanation, various
specific details are set forth in order to provide a thorough understanding of
embodiments of the present disclosure. It will be apparent, however, that
embodiments of the present disclosure may be practiced without these specific
10 details. Several features described hereafter may each be used independently of one
another or with any combination of other features. An individual feature may not address any of the problems discussed above or might address only some of the problems discussed above.
15 [0029] The ensuing description provides exemplary embodiments only, and is not
intended to limit the scope, applicability, or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiments will provide those skilled in the art with an enabling description for implementing an exemplary embodiment. It should be understood that various changes may be made in the function and
20 arrangement of elements without departing from the spirit and scope of the
disclosure as set forth.
[0030] Specific details are given in the following description to provide a thorough
understanding of the embodiments. However, it will be understood by one of
25 ordinary skill in the art that the embodiments may be practiced without these
specific details. For example, circuits, systems, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail.
30 [0031] Also, it is to be noted that individual embodiments may be described as a
process which is depicted as a flowchart, a flow diagram, a data flow diagram, a
8

structure diagram, or a block diagram. Although a flowchart may describe the
operations as a sequential process, many of the operations may be performed in
parallel or concurrently. In addition, the order of the operations may be re-arranged.
A process is terminated when its operations are completed but could have additional
5 steps not included in a figure.
[0032] The word “exemplary” and/or “demonstrative” is used herein to mean serving as an example, instance, or illustration. For the avoidance of doubt, the subject matter disclosed herein is not limited by such examples. In addition, any
10 aspect or design described herein as “exemplary” and/or “demonstrative” is not
necessarily to be construed as preferred or advantageous over other aspects or designs, nor is it meant to preclude equivalent exemplary structures and techniques known to those of ordinary skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,” and other similar words are used in either the detailed
15 description or the claims, such terms are intended to be inclusive—in a manner
similar to the term “comprising” as an open transition word—without precluding any additional or other elements.
[0033] As used herein, a “processing unit” or “processor” or “operating processor”
20 includes one or more processors, wherein processor refers to any logic circuitry for
processing instructions. A processor may be a general-purpose processor, a special
purpose processor, a conventional processor, a digital signal processor, a plurality
of microprocessors, one or more microprocessors in association with a Digital
Signal Processing (DSP) core, a controller, a microcontroller, Application Specific
25 Integrated Circuits, Field Programmable Gate Array circuits, any other type of
integrated circuits, etc. The processor may perform signal coding data processing,
input/output processing, and/or any other functionality that enables the working of
the system according to the present disclosure. More specifically, the processor or
processing unit is a hardware processor.
30
9

[0034] As used herein, “a user equipment”, “a user equipment ”, “a smart-user-
device”, “a smart-device”, “an electronic device”, “a mobile device”, “a handheld
device”, “a wireless communication device”, “a mobile communication device”, “a
communication device” may be any electrical, electronic and/or computing device
5 or equipment, capable of implementing the features of the present disclosure. The
user equipment/device may include, but is not limited to, a mobile phone, smart
phone, laptop, a general-purpose computer, desktop, personal digital assistant,
tablet computer, wearable device or any other computing device which is capable
of implementing the features of the present disclosure. Also, the User Equipment
10 may contain at least one input means configured to receive an input from unit(s)
which are required to implement the features of the present disclosure.
[0035] As used herein, “storage unit” or “memory unit” refers to a machine or computer-readable medium including any mechanism for storing information in a
15 form readable by a computer or similar machine. For example, a computer-readable
medium includes read-only memory (“ROM”), random access memory (“RAM”), magnetic disk storage media, optical storage media, flash memory devices or other types of machine-accessible storage media. The storage unit stores at least the data that may be required by one or more units of the system to perform their respective
20 functions.
[0036] As used herein “interface” or “user interface refers to a shared boundary
across which two or more separate components of a system exchange information
or data. The interface may also be referred to a set of rules or protocols that define
25 communication or interaction of one or more modules or one or more units with
each other, which also includes the methods, functions, or procedures that may be called.
[0037] All modules, units, components used herein, unless explicitly excluded
30 herein, may be software modules or hardware processors, the processors being a
general-purpose processor, a special purpose processor, a conventional processor, a
10

digital signal processor (DSP), a plurality of microprocessors, one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASIC), Field Programmable Gate Array circuits (FPGA), any other type of integrated circuits, etc. 5
[0038] As used herein the transceiver unit includes at least one receiver and at least one transmitter configured respectively for receiving and transmitting data, signals, information or a combination thereof between units/components within the system and/or connected with the system.
10
[0039] As discussed in the background section, the current known solutions have several shortcomings. The present disclosure aims to overcome the above-mentioned and other existing problems in this field of technology by providing method and system of authenticating a User Equipment.
15
[0040] FIG. 1 illustrates an exemplary block diagram representation of 5th generation core (5GC) network architecture, in accordance with exemplary implementation of the present disclosure. As shown in FIG. 1, the 5GC network architecture [100] includes a user equipment (UE) [102], a radio access network
20 (RAN) [104], an access and mobility management function (AMF) [106], a Session
Management Function (SMF) [108], a Service Communication Proxy (SCP) [110], an Authentication Server Function (AUSF) [112], a Network Slice Specific Authentication and Authorization Function (NSSAAF) [114], a Network Slice Selection Function (NSSF) [116], a Network Exposure Function (NEF) [118], a
25 Network Repository Function (NRF) [120], a Policy Control Function (PCF) [122],
a Unified Data Management (UDM) [124], an application function (AF) [126], a User Plane Function (UPF) [128], a data network (DN) [130], wherein all the components are assumed to be connected to each other in a manner as obvious to the person skilled in the art for implementing features of the present disclosure.
30
11

[0041] Radio Access Network (RAN) [104] is the part of a mobile
telecommunications system that connects user equipment (UE) [102] to the core
network (CN) and provides access to different types of networks (e.g., 5G network).
It consists of radio base stations and the radio access technologies that enable
5 wireless communication.
[0042] Access and Mobility Management Function (AMF) [106] is a 5G core
network function responsible for managing access and mobility aspects, such as UE
registration, connection, and reachability. It also handles mobility management
10 procedures like handovers and paging.
[0043] Session Management Function (SMF) [108] is a 5G core network function
responsible for managing session-related aspects, such as establishing, modifying,
and releasing sessions. It coordinates with the User Plane Function (UPF) for data
15 forwarding and handles IP address allocation and QoS enforcement.
[0044] Service Communication Proxy (SCP) [110] is a network function in the 5G
core network that facilitates communication between other network functions by
providing a secure and efficient messaging service. It acts as a mediator for service-
20 based interfaces.
[0045] Authentication Server Function (AUSF) [112] is a network function in the 5G core responsible for authenticating UEs during registration and providing security services. It generates and verifies authentication vectors and tokens.
25
[0046] Network Slice Specific Authentication and Authorization Function (NSSAAF) [114] is a network function that provides authentication and authorization services specific to network slices. It ensures that UEs can access only the slices for which they are authorized.
30
12

[0047] Network Slice Selection Function (NSSF) [116] is a network function responsible for selecting the appropriate network slice for a UE based on factors such as subscription, requested services, and network policies.
5 [0048] Network Exposure Function (NEF) [118] is a network function that exposes
capabilities and services of the 5G network to external applications, enabling integration with third-party services and applications.
[0049] Network Repository Function (NRF) [120] is a network function that acts
10 as a central repository for information about available network functions and
services. It facilitates the discovery and dynamic registration of network functions.
[0050] Policy Control Function (PCF) [122] is a network function responsible for
policy control decisions, such as QoS, charging, and access control, based on
15 subscriber information and network policies.
[0051] Unified Data Management (UDM) [124] is a network function that centralizes the management of subscriber data, including authentication, authorization, and subscription information. 20
[0052] Application Function (AF) [126] is a network function that represents external applications interfacing with the 5G core network to access network capabilities and services.
25 [0053] User Plane Function (UPF) [128] is a network function responsible for
handling user data traffic, including packet routing, forwarding, and QoS enforcement.
[0054] Data Network (DN) [130] refers to a network that provides data services to
30 user equipment (UE) in a telecommunications system. The data services may
include but are not limited to Internet services, private data network related services.
13

[0055] FIG. 2 illustrates an exemplary block diagram of a computing device [200]
upon which the features of the present disclosure may be implemented in
accordance with exemplary implementation of the present disclosure. In an
5 implementation, the computing device [200] may also implement a method for
authenticating a User Equipment utilising the computing device [200]. In another
implementation, the computing device [200] itself implements the method for
authenticating a User Equipment using one or more units configured within the
computing device [200], wherein said one or more units are capable of
10 implementing the features as disclosed in the present disclosure.
[0056] The computing device [200] may include a bus [202] or other communication mechanism for communicating information, and a hardware processor [204] coupled with bus [202] for processing information. The hardware
15 processor [204] may be, for example, a general-purpose microprocessor. The
computing device [200] may also include a main memory [206], such as a random-access memory (RAM), or other dynamic storage device, coupled to the bus [202] for storing information and instructions to be executed by the processor [204]. The main memory [206] also may be used for storing temporary variables or other
20 intermediate information during execution of the instructions to be executed by the
processor [204]. Such instructions, when stored in non-transitory storage medium accessible to the processor [204], render the computing device [200] into a special-purpose machine that is customized to perform the operations specified in the instructions. The computing device [200] further includes a read only memory
25 (ROM) [208] or other static storage device coupled to the bus [202] for storing static
information and instructions for the processor [204].
[0057] A storage device [210], such as a magnetic disk, optical disk, or solid-state
drive is provided and coupled to the bus [202] for storing information and
30 instructions. The computing device [200] may be coupled via the bus [202] to a
display [212], such as a cathode ray tube (CRT), Liquid crystal Display (LCD),
14

Light Emitting Diode (LED) display, Organic LED (OLED) display, etc. for
displaying information to a computer user. An input device [214], including
alphanumeric and other keys, touch screen input means, etc. may be coupled to the
bus [202] for communicating information and command selections to the processor
5 [204]. Another type of user input device may be a cursor controller [216], such as a
mouse, a trackball, or cursor direction keys, for communicating direction
information and command selections to the processor [204], and for controlling
cursor movement on the display [212]. This input device typically has two degrees
of freedom in two axes, a first axis (e.g., x) and a second axis (e.g., y), that allow
10 the device to specify positions in a plane.
[0058] The computing device [200] may implement the techniques described herein using customized hard-wired logic, one or more ASICs or FPGAs, firmware and/or program logic which in combination with the computing device [200] causes
15 or programs the computing device [200] to be a special-purpose machine.
According to one implementation, the techniques herein are performed by the computing device [200] in response to the processor [204] executing one or more sequences of one or more instructions contained in the main memory [206]. Such instructions may be read into the main memory [206] from another storage medium,
20 such as the storage device [210]. Execution of the sequences of instructions
contained in the main memory [206] causes the processor [204] to perform the process steps described herein. In alternative implementations of the present disclosure, hard-wired circuitry may be used in place of or in combination with software instructions.
25
[0059] The computing device [200] also may include a communication interface [218] coupled to the bus [202]. The communication interface [218] provides a two-way data communication coupling to a network link [220] that is connected to a local network [222]. For example, the communication interface [218] may be an
30 integrated services digital network (ISDN) card, cable modem, satellite modem, or
a modem to provide a data communication connection to a corresponding type of
15

telephone line. As another example, the communication interface [218] may be a
local area network (LAN) card to provide a data communication connection to a
compatible LAN. Wireless links may also be implemented. In any such
implementation, the communication interface [218] sends and receives electrical,
5 electromagnetic or optical signals that carry digital data streams representing
various types of information.
[0060] The computing device [200] can send messages and receive data, including program code, through the network(s), the network link [220] and the
10 communication interface [218]. In the Internet example, a server [230] might
transmit a requested code for an application program through the Internet [228], the ISP [226], the local network [222], the host [224] and the communication interface [218]. The received code may be executed by the processor [204] as it is received, and/or stored in the storage device [210], or other non-volatile storage for later
15 execution.
[0061] Referring to FIG. 3, an exemplary block diagram of a system [300] for authenticating a User Equipment [102] is shown, in accordance with the exemplary implementations of the present disclosure. In one example, the system [300] may
20 be implemented in a network server. In another example, such network server may
be one of a unified data management (UDM) server, a home subscriber server (HSS), and a home location register (HLR) server. As would be understood by a person skilled in the art, the Unified Data Management (UDM) Server manages user data and profiles within the network, ensuring efficient data handling and
25 authentication. Further, the Home Subscriber Server (HSS) maintains a database of
user information, including subscription details, authentication data, and service profiles. Furthermore, the Home Location Register (HLR) Server stores information about subscribers, such as their location and services they are entitled to use.
30
16

[0062] As depicted in FIG. 3, the system [300] comprises at least one transceiver
unit [302], at least one collection unit [304], at least one authentication unit [306],
at least one storage unit [310], and at least one QRNG module [308]. Also, all of
the components/ units of the system [300] are assumed to be connected to each
5 other unless otherwise indicated below. As shown in the figures all units shown
within the system [300] should also be assumed to be connected to each other. Also, in FIG. 3 only a few units are shown, however, the system [300] may comprise multiple such units or the system [300] may comprise any such numbers of said units, as required to implement the features of the present disclosure. Further, in an
10 implementation, the system [300] may be present in a user equipment [102] to
implement the features of the present disclosure. The system [300] may be a part of the user equipment [102] or may be independent of but in communication with the user equipment [102] (may also referred herein as a UE [102]). In another implementation, the system [300] may reside in a server or a network entity. In yet
15 another implementation, the system [300] may reside partly in the server/ network
entity and partly in the user equipment [102].
[0063] The system [300] is configured for authenticating a User Equipment [102],
with the help of the interconnection between the components/units of the system
20 [300].
[0064] The transceiver unit [302] is configured to receive a request for performing
an authentication procedure, from the User Equipment [102]. The present
disclosure encompasses that the system [300] is responsible for managing the
25 authentication process. The term “transceiver unit” [302] refers herein includes a
transmitter/ receiver that receives requests from User Equipment [102] and acts as the communication gateway between the User Equipment [102] and the system [300], ensuring the request is properly received and processed.
30 [0065] The present disclosure encompasses that the User Equipment [102] may
transmit the request to a network or a network element to initiate the authentication
17

procedure. Further, the request may be issued by the User Equipment [102], when
access to one or more network services is required from the network. For example,
in an event when the User Equipment [102] requires an access to a network service
from the network, the User Equipment [102] transmits the request to perform the
5 authentication procedure, for ensuring a secured and authorized connection.
[0066] The system [300] further comprises a collection unit [304] connected to at least the transceiver unit [302], wherein the collection unit [304] is configured to
10 retrieve a quantum random number from the QRNG module [308]. The present
disclosure encompasses the term “collection unit” [304] refers to any unit that is used to retrieve a quantum random number from the Quantum Random Number Generator (QRNG) module [308]. The collection unit [304] is for obtaining the quantum random number, which is essential for the authentication process. The
15 Quantum random numbers are inherently unpredictable, providing a high level of
security. By retrieving a quantum random number from the QRNG module [308], the collection unit [304] ensures that the authentication process is based on a truly random and secure value. The system [300] further comprises an authentication unit [306] connected at least to the collection unit [304], wherein the authentication unit
20 [306] is configured to perform the authentication of the User Equipment [102],
based at least on the quantum random number received from the QRNG module [308]. The present disclosure encompasses the authentication unit [306] ensures that the authentication unit [306] can receive data, specifically the quantum random number, from the collection unit [304]. The authentication process relies at least in
25 part on the quantum random number that is received from the Quantum Random
Number Generator (QRNG) module [308]. The present disclosure encompasses that the authentication unit [306] may utilize one or more authentication protocols to authenticate the User Equipment [102]. In an exemplary scenario, the authentication unit [306] may match or compare the quantum random number
30 received from the QRNG module [308] with a pre-stored number in a storage unit.
Further, in case the pre-stored number matches or aligns completely with the
18

quantum random number received from the QRNG module [308], then the User
Equipment [102] successfully authenticated or else the User Equipment [102] may
be considered as an unauthorized device. In another exemplary scenario, the
authentication unit [306] may utilize the quantum random number as decryption
5 key to decrypt the pre-stored number in the storage unit. Further, in an event if the
pre-stored number is completely decrypted, then the User Equipment [102]
successfully authenticated or else the User Equipment [102] may be considered as
an unauthorized device. Additionally, in the event when the User Equipment [102]
may be considered as an unauthorized device, the authentication unit [306] may
10 deny an access to one or more network services requested by the User Equipment
[102].
[0067] The system further comprises a storage unit [310] configured to store the
quantum random number received from the QRNG module [308], post the
15 retrieving, by the collection unit [304], of the quantum random number from the
QRNG module [308].
[0068] The present disclosure encompasses that the storage unit [310] is configured to store the quantum random number received from the QRNG module [308]. The
20 storage occurs after the collection unit [304] retrieves the quantum random number
from the QRNG module [308]. The function of the storage unit [310] is to securely store the quantum random number after it has been retrieved by the collection unit [304]. After the collection unit [304] retrieves the quantum random number from the QRNG module [308], the quantum random number is transferred to the storage
25 unit [310] for safekeeping. Storing the quantum random number helps in
maintaining a record of the authentication data used, which can be useful for auditing, logging, or resolving any disputes related to the authentication process.
[0069] Referring to FIG. 4, an exemplary method flow diagram [400] for
30 authenticating a User Equipment [102], in accordance with exemplary
implementations of the present disclosure is shown. In an implementation, the
19

method [400] may be implemented by the system [300]. As described previously, in another example, the system [300] may be present in a server device to implement the features of the present disclosure. Also, as shown in FIG. 4, the method [400] starts at step [402]. 5
[0070] At step 404, the method comprises, receiving, by a transceiver unit [302], a request for performing an authentication procedure from the User Equipment [102]. The present disclosure encompasses that the system [300] is responsible for managing the authentication process. In one example, the system [300] may be
10 implemented in a network server. The network server may be one of a unified data
management (UDM) server, a home subscriber server (HSS), and a home location register (HLR) server. The present disclosure also specifies that the network server can be one of the following types of servers. The Unified Data Management (UDM) Server manages user data and profiles within the network, ensuring efficient data
15 handling and authentication. The Home Subscriber Server (HSS) maintains a
database of user information, including subscription details, authentication data, and service profiles. The Home Location Register (HLR) Server stores information about subscribers, such as their location and services they are entitled to use.
20 [0071] The term “transceiver unit” [302] refers herein to a transmit/ receive unit
that receives requests from User Equipment [102] and acts as the communication gateway between the User Equipment [102] and the system [300], ensuring the request is properly received and processed.
25 [0072] At step 406, the method comprises, retrieving, by a collection unit [304], a
quantum random number from the QRNG module [308]. The present disclosure encompasses the term “collection unit” [304] refers to any unit that is used to retrieve a quantum random number from the Quantum Random Number Generator (QRNG) module [308]. The collection unit [304] is for obtaining the quantum
30 random number, which is essential for the authentication process. The Quantum
random numbers are inherently unpredictable, providing a high level of security.
20

By retrieving a quantum random number from the QRNG module [308], the collection unit [304] ensures that the authentication process is based on a truly random and secure value.
5 [0073] At step 408, the method comprises, performing, by an authentication unit
[306], the authentication of the User Equipment, based at least on the quantum
random number received from the QRNG module [308]. The present disclosure
encompasses the authentication unit [306] ensures that the authentication unit [306]
can receive data, specifically the quantum random number, from the collection unit
10 [304]. The authentication process relies at least in part on the quantum random
number that is received from the Quantum Random Number Generator (QRNG) module [308].
[0074] Further, after the retrieving, by the collection unit [304], of the quantum
15 random number from the QRNG module [308], the method [400] comprises storing,
by the collection unit [304] in a storage unit [310], the quantum random number
received from the QRNG module [308]. The present disclosure encompasses that
the storage unit [310] is configured to store the quantum random number received
from the QRNG module [308]. The storage occurs after the collection unit [304]
20 retrieves the quantum random number from the QRNG module [308]. The function
of the storage unit [310] is to securely store the quantum random number after it
has been retrieved by the collection unit [304]. After the collection unit [304]
retrieves the quantum random number from the QRNG module [308], the number
is transferred to the storage unit [310] for safekeeping. Storing the quantum random
25 number helps in maintaining a record of the authentication data used, which can be
useful for auditing, logging, or resolving any disputes related to the authentication
process.
[0075] Thereafter, the method terminates at step [410]. 30
21

[0076] Referring to FIG. 5, a high-level network architecture [500] of an exemplary system for authenticating a User Equipment [102], in accordance with exemplary embodiments of the present disclosure, is disclosed. The high -level architecture [500] comprises a UDM [124]. The UDM [124] further comprises a User Equipment and Authentication Unit (UEAU) [502] and a Quantum Random Number Generator (QRNG) module [308]. However, it may be noted that the use of UDM is only exemplary, and other network entities such as HSS, HLR, etc. may also be used for encompassing the UEAU and QRNG module. Such examples would also lie within the scope of the present subject matter.
[0077] The UEAU [502] is the consumer of the random numbers. The UEAU [502] sends a request to the QRNG module [308] when the UEAU [502] requires a random number. The QRNG module [308] responds to this request by providing a quantum random number.
[0078] The QRNG module [308] generates a plurality of Quantum Random Numbers (QRNs) through one or more live streams.
[0079] As depicted in FIG. 5, when the UEAU [502] requires a random number, it sends a request to the QRNG module [308]. The QRNG module [308] responds with a random number, i.e., sends the random number to UEAU [502] in response to the request.
[0080] The present disclosure further discloses a User Equipment (UE) [102] comprising a memory and a processor coupled to the memory. The processor may be configured to transmit, to a network server, a request to perform an authentication procedure. The authentication procedure may be performed by the network server/ system [300]: upon receiving the request, from UE, retrieving a quantum number from a Quantum Random Number Generation (QRNG) module [308]; and performing the authentication of the UE [102] based at least on the quantum random number received from the QRNG module [308].

[0081] The present disclosure furthermore discloses a non-transitory computer readable storage medium storing instructions for authenticating a User Equipment [102], the instructions include executable code which, when executed by one or more units of a system, causes: a transceiver unit [302] of the system [300] to receive a request for performing an authentication procedure from the User Equipment [102]; a collection unit of the system [300] to retrieve a quantum random number from the QRNG module [308]; and an authentication unit [306] of the system [300] to perform the authentication of the User Equipment [102] based at least on the quantum random number received from the QRNG module [308].
[0082] As is evident from the above, the present disclosure provides a technically advanced solution for authenticating a User Equipment [102], using quantum random number generator (QRNG) module [308] in a unified data management (UDM)/ home subscriber server (HSS)/ home location register (HLR) server. By implementing the features of the present invention, authentication of the User Equipment [102] can be performed (such as the authentication pertaining to confidential data related to subscribers of communication networks) using quantum random numbers that do not follow a predictable pattern and therefore are not vulnerable to cryptographic attacks.
[0083] While considerable emphasis has been placed herein on the disclosed implementations, it will be appreciated that many implementations can be made and that many changes can be made to the implementations without departing from the principles of the present disclosure. These and other changes in the implementations of the present disclosure will be apparent to those skilled in the art, whereby it is to be understood that the foregoing descriptive matter to be implemented is illustrative and non-limiting.
[0084] Further, in accordance with the present disclosure, it is to be acknowledged that the functionality described for the various components/units can be

implemented interchangeably. While specific embodiments may disclose a particular functionality of these units for clarity, it is recognized that various configurations and combinations thereof are within the scope of the disclosure. The functionality of specific units as disclosed in the disclosure should not be construed as limiting the scope of the present disclosure. Consequently, alternative arrangements and substitutions of units, provided they achieve the intended functionality described herein, are considered to be encompassed within the scope of the present disclosure.

We Claim:
1. A method [400] for authenticating a User Equipment (UE), the method
[400] comprising:
- receiving, by a transceiver unit [302], a request for performing an authentication procedure from the User Equipment [102];
- retrieving, by a collection unit [304], a quantum random number from a Quantum Random Number Generation (QRNG) module [308]; and
- performing, by an authentication unit [306], the authentication of the User Equipment [102] based at least on the quantum random number received from the QRNG module [308].

2. The method [400] as claimed in claim 1, wherein the transceiver unit [302], the collection unit [304], and the authentication unit [306] are implemented in a network server, and wherein the network server is one of a unified data management (UDM) server, a home subscriber server (HSS), and a home location register (HLR) server.
3. The method [400] as claimed in claim 1, wherein post the retrieving, by the collection unit [304], the quantum random number from the QRNG module [308], the method [400] comprises:
- storing, by the collection unit [304] in a storage unit [310], the quantum
random number received from the QRNG module [308].
4. A system [300] for authenticating a User Equipment (UE), the system
comprising:
- a transceiver unit [302] configured to receive a request for performing an authentication procedure from the User Equipment [102];
- a collection unit [304] connected to at least the transceiver unit [302], the collection unit [304] configured to retrieve a quantum random

number from a Quantum Random Number Generation (QRNG) module [308]; and - an authentication unit [306] connected at least to the collection unit [304], the authentication unit [306] configured to perform the authentication of the User Equipment [102] based at least on the quantum random number received from the QRNG module [308].
5. The system [300] as claimed in claim 4, wherein the system [300] is one of a unified data management (UDM) server, a home subscriber server (HSS), and a home location register (HLR) server.
6. The system [300] as claimed in claim 4, the system further comprising a storage unit [310] configured to store the quantum random number received from the QRNG module [308], post the retrieving, by the collection unit [304], the quantum random number from the QRNG module [308].
7. A User Equipment (UE) comprising a:
a memory; and
a processor coupled to the memory, wherein the processor is to:
transmit, to a network server, a request to perform an authentication procedure by the network server, wherein the authentication procedure is performed by the network server based on:
on receiving the request, from UE, retrieving a quantum random number from a Quantum Random Number Generation (QRNG) module [308]; and
performing the authentication of the UE based at least on the quantum random number received from the QRNG module.