FORM 2
THE PATENTS ACT, 1970 (39 OF 1970) & THE PATENT RULES, 2003
COMPLETE SPECIFICATION
(See section 10 and rule 13)
“A NETWORK SERVER FOR AUTHENTICATING A USER DEVICE AND A
METHOD THEREOF”
We, Jio Platforms Limited, an Indian National, of Office - 101, Saffron, Nr. Centre Point, Panchwati 5 Rasta, Ambawadi, Ahmedabad - 380006, Gujarat, India.
The following specification particularly describes the invention and the manner in which it is to be performed.

A NETWORK SERVER FOR AUTHENTICATING A USER DEVICE AND A METHOD
THEREOF
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application is related to the co-pending Indian Patent Application No. 202321045215 filed on 5 July 2023. The contents of this application may be read in conjunction with the specification of the afore-mentioned co-pending application.
TECHNICAL FIELD
[0002] Embodiments of the present disclosure generally relate to a network server for authenticating a user device. More particularly, embodiments of the present disclosure relate to a network server for authenticating a user device using a pool of quantum random numbers and a method thereof.
BACKGROUND
[0003] The following description of the related art is intended to provide background information pertaining to the field of the disclosure. This section may include certain aspects of the art that may be related to various features of the present disclosure. However, it should be appreciated that this section is used only to enhance the understanding of the reader with respect to the present disclosure, and not as admissions of the prior art.
[0004] Wireless communication technology has rapidly evolved over the past few decades, with each generation bringing significant improvements and advancements. The first generation of wireless communication technology was based on analog technology and offered only voice services. However, with the advent of the second generation (2G) technology, digital communication and data services became possible, and text messaging was introduced. The third generation (3G) technology marked the introduction of high-speed internet access, mobile video calling, and location-based services. The fourth generation (4G) technology revolutionized wireless communication with faster data speeds, better network coverage, and improved security. Currently, the fifth generation (5G) technology is being deployed, promising even faster data speeds, low latency, and the ability to connect multiple devices simultaneously. With each generation, wireless communication technology has become more advanced, sophisticated, and capable of delivering more services to its users.
[0005] Further, when a device such as a user device (i.e. mobile phone) is switched ON, or when any periodic authentication of the user device is performed by one or more network servers such as a Unified

Data Management (UDM) server, etc., one or more authentication keys are generated by a system. The one or more authentication keys may be based on any of the existing techniques, for example, the pseudo random number keys, quantum random numbers, etc.
[0006] The pseudo random number keys are generated via a pseudo-random number generating technique which produces a plurality of sequences of numbers which are based on an initial known value, known as seed. Further, the quantum random numbers are generated using a quantum random number generating technique that produces true random numbers by using a quantum phenomenon. However, the prevailing challenge in the existing solutions are the long-standing faults such as one or more systematic errors in Quantum Random Number Generator (QRNG) modules. During long standing faults associated with the QRNG modules, an authentication service is no longer available to be provided by a Unified Data Management (UDM) or a Home Subscriber Server (HSS) or a Home Location Register (HLR). Further the unavailability of the QRNG module for the authentication service impacts a plurality of subscriber services and leads to service outages, such as disruption of communications, which is not desirable. Also, the issue of service outage may result in loss of customer trust and satisfaction.
[0007] Thus, there exists an imperative need in the art to provide an improved solution for authenticating the user device, which the present disclosure aims to address.
SUMMARY
[0008] This section is provided to introduce certain aspects of the present disclosure in a simplified form, which are further described below in the detailed description. This summary is not intended to identify the key features or the scope of the claimed subject matter.
[0009] An aspect of the present disclosure may relate to a method for authenticating a user device. The method comprises receiving, by a transceiver unit at a network server, a request for performing an authentication procedure, from the user device. The method further comprises retrieving, by a collection unit at the network server, a Quantum Random Number (QRN) from a QRN pool. The method further comprises performing, by an authentication unit at the network server, the authentication of the user device based at least on the QRN received from the QRN pool.
[0010] In an exemplary aspect of the present disclosure, the network server is one of a Unified Data Management (UDM) server, a Home Subscriber Server (HSS), and a Home Location Register (HLR) server.

[0011] In an exemplary aspect of the present disclosure, the QRN pool comprises one or more batches of QRNs, wherein each of the one or more batches has a pre-defined count of random numbers.
[0012] In an exemplary aspect of the present disclosure, the one or more batches of the QRNs in the QRN pool, is generated by a Quantum Random Number Generator (QRNG) module.
[0013] In an exemplary aspect of the present disclosure, the QRN is retrieved from a batch of the one or more batches in the QRN pool.
[0014] In an exemplary aspect of the present disclosure, the method further comprises generating, by the QRN module, a new batch of QRNs, for storing in the QRN pool, in an event where the pre-defined count of QRNs in the batch of the one or more batches in the QRN pool is below a threshold.
[0015] In an exemplary aspect of the present disclosure, the QRN pool is locally stored in a storage unit associated with the network server.
[0016] Another aspect of the present disclosure may relate to a network server for authenticating a user device. The network server comprises a transceiver unit that is configured to receive a request for performing an authentication procedure from the user device. The network server further comprises a collection unit connected to at least the transceiver unit, wherein the collection unit is configured to retrieve a Quantum Random Number (QRN) from a QRN pool. The network server further comprises an authentication unit connected to at least the collection unit, wherein the authentication unit is configured to perform the authentication of the user device based at least on the QRN received from the QRN pool.
[0017] Another aspect of the present disclosure may relate to a User Equipment (UE) comprising: a memory; and a processor connected to the memory, wherein the processor is configured to: transmit, to a network server, a request to perform an authentication procedure of the user equipment, and receive, from the network server, an authentication response associated with the request. This authentication response is received based on: retrieving, at the network server, a Quantum Random Number (QRN) from a QRN pool, and performing, at the network server, the authentication of the user equipment based at least on the QRN received from the QRN pool.
[0018] Another aspect of the present disclosure may relate to a non-transitory computer readable storage medium storing instructions for authenticating a user device, wherein the instructions include an executable code. The executable code, when executed by one or more units of a network server, causes: a transceiver unit of the network server to receive a request for performing an authentication

procedure from the user device; a collection unit of the network server to retrieve a Quantum Random Number (QRN) from a QRN pool; and an authentication unit of the network server to perform the authentication of the user device based at least on the QRN received from the QRN pool.
OBJECTS OF THE INVENTION
[0019] Some of the objects of the present disclosure, which at least one embodiment disclosed herein satisfies are listed herein below.
[0020] It is an object of the present disclosure to provide a network server for authenticating a user device using a pool of quantum random numbers.
[0021] It is another object of the present disclosure to provide a solution in which the authentication of user devices, is performed using quantum random numbers from a local pool, which results in network and performance optimization.
[0022] It is another object of the present disclosure to provide a solution in which the authentication of confidential data related to subscribers of communication networks is performed using quantum random numbers, even when the device/equipment of quantum random number generation may be intermittently faulty and/or malfunctioning.
[0023] It is yet another object of the present disclosure to provide a local configurable quantum random number generator pool that is implemented to handle one or more intermittent failures of one or more devices, so that one or more microservices such as Unified Data Management (UDM), Home Subscriber Server (HSS) and Home Location Register (HLR), can continue to use the quantum random numbers without any glitch.
DESCRIPTION OF THE DRAWINGS
[0024] The accompanying drawings, which are incorporated herein, and constitute a part of this disclosure, illustrate exemplary embodiments of the disclosed methods and systems in which like reference numerals refer to the same parts throughout the different drawings. Components in the drawings are not necessarily to scale, emphasis instead being placed upon clearly illustrating the principles of the present disclosure. Also, the embodiments shown in the figures are not to be construed as limiting the disclosure, but the possible variants of the method and system according to the disclosure are illustrated herein to highlight the advantages of the disclosure. It will be appreciated by those skilled

in the art that disclosure of such drawings includes disclosure of electrical components or circuitry commonly used to implement such components.
[0025] FIG. 1 illustrates an exemplary block diagram representation of 5th Generation Core (5GC) network architecture.
[0026] FIG. 2 illustrates an exemplary block diagram of a computing device upon which the features of the present disclosure may be implemented in accordance with exemplary implementation of the present disclosure.
[0027] FIG. 3 illustrates an exemplary block diagram of a network server for authenticating a user device, in accordance with exemplary implementations of the present disclosure.
[0028] FIG. 4 illustrates a method flow diagram for authenticating a user device, in accordance with exemplary implementations of the present disclosure.
[0029] FIG. 5 illustrates an exemplary method flow diagram for authenticating a user device, in accordance with exemplary implementations of the present disclosure.
[0030] FIG. 6 illustrates exemplary block diagram of a Unified Data Management (UDM) server for authenticating a user device, in accordance with exemplary implementations of the present disclosure.
[0031] The foregoing shall be more apparent from the following more detailed description of the disclosure.
DETAILED DESCRIPTION
[0032] In the following description, for the purposes of explanation, various specific details are set forth in order to provide a thorough understanding of embodiments of the present disclosure. It will be apparent, however, that embodiments of the present disclosure may be practiced without these specific details. Several features described hereafter may each be used independently of one another or with any combination of other features. An individual feature may not address any of the problems discussed above or might address only some of the problems discussed above.
[0033] The ensuing description provides exemplary embodiments only, and is not intended to limit the scope, applicability, or configuration of the disclosure. Rather, the ensuing description of the exemplary embodiments will provide those skilled in the art with an enabling description for implementing an

exemplary embodiment. It should be understood that various changes may be made in the function and arrangement of elements without departing from the spirit and scope of the disclosure as set forth.
[0034] Specific details are given in the following description to provide a thorough understanding of
5 the embodiments. However, it will be understood by one of ordinary skill in the art that the embodiments
may be practiced without these specific details. For example, circuits, systems, processes, and other components may be shown as components in block diagram form in order not to obscure the embodiments in unnecessary detail.
10 [0035] Also, it is noted that individual embodiments may be described as a process which is depicted
as a flowchart, a flow diagram, a data flow diagram, a structure diagram, or a block diagram. Although a flowchart may describe the operations as a sequential process, many of the operations may be performed in parallel or concurrently. In addition, the order of the operations may be re-arranged. A process is terminated when its operations are completed but could have additional steps not included in
15 a figure.
[0036] The word “exemplary” and/or “demonstrative” is used herein to mean serving as an example, instance, or illustration. For the avoidance of doubt, the subject matter disclosed herein is not limited by such examples. In addition, any aspect or design described herein as “exemplary” and/or
20 “demonstrative” is not necessarily to be construed as preferred or advantageous over other aspects or
designs, nor is it meant to preclude equivalent exemplary structures and techniques known to those of ordinary skill in the art. Furthermore, to the extent that the terms “includes,” “has,” “contains,” and other similar words are used in either the detailed description or the claims, such terms are intended to be inclusive—in a manner similar to the term “comprising” as an open transition word—without
25 precluding any additional or other elements.
[0037] As used herein, a “processing unit” or “processor” or “operating processor” includes one or more processors, wherein processor refers to any logic circuitry for processing instructions. A processor may be a general-purpose processor, a special purpose processor, a conventional processor, a digital
30 signal processor, a plurality of microprocessors, one or more microprocessors in association with a
(Digital Signal Processing) DSP core, a controller, a microcontroller, Application Specific Integrated Circuits, Field Programmable Gate Array circuits, any other type of integrated circuits, etc. The processor may perform signal coding data processing, input/output processing, and/or any other functionality that enables the working of the system according to the present disclosure. More
35 specifically, the processor or processing unit is a hardware processor.
7

[0038] As used herein, “a user equipment”, “a user device”, “a smart-user-device”, “a smart-device”,
“an electronic device”, “a mobile device”, “a handheld device”, “a wireless communication device”, “a
mobile communication device”, “a communication device” may be any electrical, electronic and/or
computing device or equipment, capable of implementing the features of the present disclosure. The
5 user equipment/device may include, but is not limited to, a mobile phone, smart phone, laptop, a
general-purpose computer, desktop, personal digital assistant, tablet computer, wearable device or any other computing device which is capable of implementing at least some of the features of the present disclosure.
10 [0039] As used herein, “storage unit” or “memory unit” refers to a machine or computer-readable
medium including any mechanism for storing information in a form readable by a computer or similar machine. For example, a computer-readable medium includes read-only memory (“ROM”), random access memory (“RAM”), magnetic disk storage media, optical storage media, flash memory devices or other types of machine-accessible storage media. The storage unit stores at least the data that may be
15 required by one or more units of the system to perform their respective functions.
[0040] As used herein “interface” or “user interface refers to a shared boundary across which two or
more separate components of a system exchange information or data. The interface may also be referred
to a set of rules or protocols that define communication or interaction of one or more modules or one
20 or more units with each other, which also includes the methods, functions, or procedures that may be
called.
[0041] All modules, units, components used herein, unless explicitly excluded herein, may be software
modules or hardware processors, the processors being a general-purpose processor, a special purpose
25 processor, a conventional processor, a digital signal processor (DSP), a plurality of microprocessors,
one or more microprocessors in association with a DSP core, a controller, a microcontroller, Application Specific Integrated Circuits (ASIC), Field Programmable Gate Array circuits (FPGA), any other type of integrated circuits, etc.
30 [0042] As used herein the transceiver unit includes at least one receiver and at least one transmitter
configured respectively for receiving and transmitting data, signals, information or a combination thereof between units/components within the system and/or connected with the system.
[0043] As discussed in the background section, that the currently available quantum random generator
35 (QRNG) modules for authentication of one or more user device have several issues such as when the
Quantum Random Number (QRN) module is faulty, and an authentication service is no longer available
to be provided by a Unified Data Management (UDM) or a Home Subscriber Server (HSS) or a Home
8

Location Register (HLR). Further, an unavailability the QRN module for the authentication service
impacts a plurality of subscriber services and leads to service outages, such as disruption of
communications, which is not desirable. Also, the issue of service outage may result in loss of customer
trust and satisfaction. Hence, the current known solutions have several shortcomings. The present
5 disclosure aims to overcome the above-mentioned and other existing problems in this field of
technology by providing a network server for authenticating a user device using a pool of quantum
random numbers and a method thereof, wherein the method involves receiving a request for performing
an authentication procedure from a user device, and in response to the request, a Quantum Random
Number (QRN) is retrieved from a QRN pool to perform the authentication procedure of the user device.
10 The retrieval of the QRN from a local QRN pool, instead of obtaining such QRN directly from the
QRNG module, significantly reduces the total time taken to perform the authentication procedure. Further, by using this approach, the authentication of user devices can continue even when the QRNG module is unavailable due to any faults.
15 [0044] FIG. 1 illustrates an exemplary block diagram representation of 5th Generation Core (5GC)
network architecture, in accordance with exemplary implementation of the present disclosure. As shown in FIG. 1, the 5GC network architecture [100] includes a User Equipment (UE) [102], a Radio Access Network (RAN) [104], an Access and Mobility Management Function (AMF) [106], a Session Management Function (SMF) [108], a Service Communication Proxy (SCP) [110], an Authentication
20 Server Function (AUSF) [112], a Network Slice Specific Authentication and Authorization Function
(NSSAAF) [114], a Network Slice Selection Function (NSSF) [116], a Network Exposure Function (NEF) [118], a Network Repository Function (NRF) [120], a Policy Control Function (PCF) [122], a Unified Data Management (UDM) [124], an Application Function (AF) [126], a User Plane Function (UPF) [128], a Data Network (DN) [130], wherein all the components are assumed to be connected to
25 each other in a manner as obvious to the person skilled in the art for implementing features of the present
disclosure.
[0045] Radio Access Network (RAN) [104] is the part of a mobile telecommunications system that
connects User Equipment (UE) [102] to the core network (CN) and provides access to different types
30 of networks (e.g., 5G network). It consists of radio base stations and the radio access technologies that
enable wireless communication.
[0046] Access and Mobility Management Function (AMF) [106] is a 5G core network function
responsible for managing access and mobility aspects, such as UE registration, connection, and
35 reachability. It also handles mobility management procedures like handovers and paging.
9

[0047] Session Management Function (SMF) [108] is a 5G core network function responsible for managing session-related aspects, such as establishing, modifying, and releasing sessions. It coordinates with the User Plane Function (UPF) [128] for data forwarding and handles IP address allocation and QoS enforcement. 5
[0048] Service Communication Proxy (SCP) [110] is a network function in the 5G core network that facilitates communication between other network functions by providing a secure and efficient messaging service. It acts as a mediator for service-based interfaces.
[0049] Authentication Server Function (AUSF) [112] is a network function in the 5G core, responsible for authenticating UEs [102] during registration and providing security services. It generates and verifies authentication vectors and tokens. For authentication, the AUSF [112] typically uses QRNs retrieved from a QRNG module. With the implementation of the present disclosure, the AUSF [112] is able to perform the authentication procedure even when the QRNG module is inactive/ unavailable.
[0050] Network Slice Specific Authentication and Authorization Function (NSSAAF) [114] is a network function that provides authentication and authorization services specific to network slices. It ensures that UEs can access only the slices for which they are authorized.
20 [0051] Network Slice Selection Function (NSSF) [116] is a network function responsible for selecting
the appropriate network slice for a UE based on factors such as subscription, requested services, and network policies.
[0052] Network Exposure Function (NEF) [118] is a network function that exposes capabilities and
25 services of the 5G network to external applications, enabling integration with third-party services and
applications.
[0053] Network Repository Function (NRF) [120] is a network function that acts as a central repository
for information about available network functions and services. It facilitates the discovery and dynamic
30 registration of network functions.
[0054] Policy Control Function (PCF) [122] is a network function responsible for policy control decisions, such as QoS, charging, and access control, based on subscriber information and network policies. 35
[0055] Unified Data Management (UDM) [124] is a network function that centralizes the management of subscriber data, including authentication, authorization, and subscription information. For
10

authentication, the UDM [124] typically uses QRNs retrieved from a QRNG module. With the implementation of the present disclosure, the UDM [124] is able to perform the authentication procedure even when the QRNG module is inactive/ unavailable.
5 [0056] Application Function (AF) [126] is a network function that represents external applications
interfacing with the 5G core network to access network capabilities and services.
[0057] User Plane Function (UPF) [128] is a network function responsible for handling user data traffic, including packet routing, forwarding, and QoS enforcement. 10
[0058] Data Network (DN) [130] refers to a network that provides data services to user equipment (UE) in a telecommunications system. The data services may include but are not limited to Internet services, private data network related services.
15 [0059] FIG. 2 illustrates an exemplary block diagram of a computing device [200] (also referred herein
as a computing system [200]) upon which the features of the present disclosure may be implemented in accordance with an exemplary implementation of the present disclosure. In an implementation, the computing device [200] may also implement a method for authenticating a user device using a pool of quantum random numbers by utilising a network server. In another implementation, the computing
20 device [200] itself implements the method for authenticating the user device using the pool of quantum
random numbers using one or more units configured within the computing device [200], wherein said one or more units are capable of implementing the features as disclosed in the present disclosure.
[0060] The computing device [200] may include a bus [202] or other communication mechanism for
25 communicating information, and a hardware processor [204] coupled with the bus [202] for processing
information. The hardware processor [204] may be, for example, a general-purpose microprocessor.
The computing device [200] may also include a main memory [206], such as a Random-Access Memory
(RAM), or other dynamic storage device, coupled to the bus [202] for storing information and
instructions to be executed by the processor [204]. The main memory [206] also may be used for storing
30 temporary variables or other intermediate information during execution of the instructions to be
executed by the processor [204]. Such instructions, when stored in non-transitory storage media
accessible to the processor [204], render the computing device [200] into a special-purpose machine
that is customized to perform the operations specified in the instructions. The computing device [200]
further includes a Read Only Memory (ROM) [208] or other static storage device coupled to the bus
35 [202] for storing static information and instructions for the processor [204].
11

[0061] A storage device [210], such as a magnetic disk, optical disk, or solid-state drive is provided
and coupled to the bus [202] for storing information and instructions. The computing device [200] may
be coupled via the bus [202] to a display [212], such as a Cathode Ray Tube (CRT), Liquid Crystal
Display (LCD), Light Emitting Diode (LED) display, Organic LED (OLED) display, etc. for displaying
5 information to a computer user. An input device [214], including alphanumeric and other keys, touch
screen input means, etc. may be coupled to the bus [202] for communicating information and command
selections to the processor [204]. Another type of user input device may be a cursor controller [216],
such as a mouse, a trackball, or cursor direction keys, for communicating direction information and
command selections to the processor [204], and for controlling cursor movement on the display [212].
10 This input device typically has two degrees of freedom in two axes, a first axis (e.g., x) and a second
axis (e.g., y), that allow the device to specify positions in a plane.
[0062] The computing device [200] may implement the techniques described herein using customized hard-wired logic, one or more ASICs or FPGAs, firmware and/or program logic which in combination
15 with the computing device [200] causes or programs the computing device [200] to be a special-purpose
machine. According to one implementation, the techniques herein are performed by the computing device [200] in response to the processor [204] executing one or more sequences of one or more instructions contained in the main memory [206]. Such instructions may be read into the main memory [206] from another storage medium, such as the storage device [210]. Execution of the sequences of
20 instructions contained in the main memory [206] causes the processor [204] to perform the process
steps described herein. In alternative implementations of the present disclosure, hard-wired circuitry may be used in place of or in combination with software instructions.
[0063] The computing device [200] also may include a communication interface [218] coupled to the
25 bus [202]. The communication interface [218] provides a two-way data communication coupling to a
network link [220] that is connected to a local network [222]. For example, the communication interface
[218] may be an integrated services digital network (ISDN) card, cable modem, satellite modem, or a
modem to provide a data communication connection to a corresponding type of telephone line. As
another example, the communication interface [218] may be a local area network (LAN) card to provide
30 a data communication connection to a compatible LAN. Wireless links may also be implemented. In
any such implementation, the communication interface [218] sends and receives electrical, electromagnetic or optical signals that carry digital data streams representing various types of information.
35 [0064] The computing device [200] can send messages and receive data, including program code,
through the network(s), the network link [220] and the communication interface [218]. In the Internet example, a server [230] might transmit a requested code for an application program through the Internet
12

[228], the ISP [226], the local network [222], the host [224] and the communication interface [218]. The received code may be executed by the processor [204] as it is received, and/or stored in the storage device [210], or other non-volatile storage for later execution.
5 [0065] Referring to FIG. 3, an exemplary block diagram of a network server [300] for authenticating
a user device, is shown, in accordance with the exemplary implementations of the present disclosure. The network server [300] comprises at least one transceiver unit [302], at least one collection unit [304], at least one authentication unit [306], at least one Quantum Random Number pool [312] and at least one storage unit [310]. Also, all of the components/ units of the network server [300] are assumed to be
10 connected to each other unless otherwise indicated below. As shown in the figures all units shown
within the network server should also be assumed to be connected to each other. Also, in FIG. 3 only a few units are shown, however, the network server [300] may comprise multiple such units or the network server [300] may comprise any such numbers of said units, as required to implement the features of the present disclosure.
15
[0066] Further, in accordance with the present disclosure, it is to be acknowledged that the functionality described for the various the components/units can be implemented interchangeably. While specific embodiments may disclose a particular functionality of these units for clarity, it is recognized that various configurations and combinations thereof are within the scope of the disclosure.
20 The functionality of specific units as disclosed in the disclosure should not be construed as limiting the
scope of the present disclosure. Consequently, alternative arrangements and substitutions of units, provided they achieve the intended functionality described herein, are considered to be encompassed within the scope of the present disclosure.
25 [0067] The network server [300] is configured for authenticating the user device with the help of the
interconnection between the components/units of the network server [300].
[0068] In order to authenticate the user device, the transceiver unit [302] of the network server [300]
is configured to receive, a request for performing an authentication procedure, from the user device.
30 The present disclosure encompasses the request refers to a signal or a message which is transmitted
from the user device to the network server [300] to perform the authentication procedure associated with the user device. The authentication procedure involves verification of a confidential data that may be related to at least one of the user device and/or a user of the user device.
35 [0069] The present disclosure encompasses that the network server [300] is one of a Unified Data
Management (UDM) server, a Home Subscriber Server (HSS), and a Home Location Register (HLR) server. The HSS is a server that maintains a main subscriber database that is used in Internet Protocol
13

Multimedia Subsystem (IMS) to provide one or more details of one or more subscribers, to other entities
within a network. The IMS further enables one or more users to be granted or refused an access to one
or more other services in the network. The HLR server is a server that maintains a database which
includes an information about one or more authorized subscribers, via the use of a Global System for
5 Mobile communication (GSM) core network. The HLR server helps to ensure that only authenticated
and permitted users, and their devices, may use the one or more services associated with the network.
Furthermore, as also indicated above with reference to FIG. 1, the UDM server/ UDM [124] manages
a user subscription data in the network. Further, the UDM server/ UDM [124] may be a centralized
database that stores and provides access to user-related information such as authentication credentials,
10 service profiles, and policy rules, thus the UDM [124] may facilitate a network authentication operation,
a network authorization operation, and a network service provisioning operation for the users in the network.
[0070] In another exemplary embodiment, the network server [300] may be a standalone network
15 server [300] that may be in communication with one or more of the Unified Data Management (UDM)
server, the Home Subscriber Server (HSS), and the Home Location Register (HLR) server, in order to implement the features of the present disclosure.
[0071] Further, the collection unit [304] of the network server [300] is connected to at least the
20 transceiver unit [302]. The collection unit [304] is configured to retrieve a Quantum Random Number
(QRN) from a QRN pool [312] upon receiving the request for performing an authentication procedure
from the user device. The present disclosure encompasses that the collection unit [304] is configured to
retrieve the QRN from the QRN pool [312]. Thus, even in case of an intermittent failure of the QRNG
module, the authentication process can continue since the collection unit [304] can now fetch the QRNs
25 from the QRN pool [312] instead of the QRNG module. Further, the intermittent failure is a type of
failure which occurs sporadically and unpredictably in the UDM, the HSS and the HLR.
[0072] As used herein “Quantum Random Number (QRN)” refers to a random number generated using
quantum random number generation processes, which is inherently unpredictable and provides a high
30 level of randomness. Further, QRNs may be used as cryptographic keys for authentication of the user
device or as a challenge-response mechanism to verify the identity of the user device.
[0073] The present disclosure encompasses that the collection unit [304] retrieves the QRN from the
QRN pool [312] via utilizing one or more pre-defined data retrieval techniques, wherein the one or
35 more pre-defined data retrieval techniques may be further based on the authentication procedure
associated with the user device.
14

[0074] The present disclosure encompasses that the QRN may be generated via a Quantum Random
Number Generator (QRNG) module. The QRNG module may utilize one or more quantum random
number generation protocols for generating one or more QRNs. Further, the one or more QRNs
generated by the QRNG module may be stored in the QRN pool [312] based on a target authentication
5 procedure associated with the user device. The present disclosure encompasses that the QRN may be at
least one of a numeric value, an alphabetic value, and an alphanumeric value.
[0075] The present disclosure encompasses that the QRN pool [312] comprises one or more batches
of QRNs, wherein each of the one or more batches has a pre-defined count of random numbers. By
10 storing the QRNs in one or more batches, it can be ensured that a large number of QRNs are always
available for the authentication procedure.
[0076] The present disclosure encompasses that the one or more batches of the QRNs in the QRN pool [312], is generated by a Quantum Random Number Generator (QRNG) module (not shown in FIG. 3).
15 The QRNG module may be located at the network server [300] or may be present in another node/
module and may be connected to the network server [300]. The Quantum Random Number Generator (QRNG) module includes one or more processors for generating the one or more batches of the QRNs by utilizing a set of predefined random number generation rules. The set of predefined random number generation rules may include rules for each target authentication procedure from one or more
20 authentication procedures, such that a corresponding rule may be utilised to generate the one or more
batches of the QRNs associated with the target authentication procedure.
[0077] The present disclosure encompasses that the QRN is retrieved by the collection unit [304] from a batch of the one or more batches in the QRN pool [312].
25
[0078] The present disclosure encompasses that the QRNG module is configured to generate a new batch of QRNs, for storing in the QRN pool [312], in an event where the pre-defined count of QRNs in the batch of the one or more batches in the QRN pool [312] is below a threshold. This ensures that when a batch of QRNs is about to be exhausted (since the QRNs from said batch have already been used for
30 authentication), the QRN pool [312] is re-filled by storing additional QRNs generated by the QRNG
module. This in turn ensures that a large amount of QRNs are available for being used in the authentication procedure.
[0079] The present disclosure encompasses that the QRNG module generates the new batch of QRNs
35 automatically in an event the pre-defined count of QRNs in the batch of the one or more batches in the
QRN pool [312] falls below the threshold. The threshold is a pre-set value that may be set by the
15

administrator for a particular batch. Further, in a scenario, where the number of available QRNs in a
target batch in the QRN pool [312] that is associated with the target authentication procedure falls below
a predefined threshold number of the QRN associated with the target batch, the QRNG module then
generates the new batch of QRN that are associated with the target authentication procedure of the user
5 device. For example, if Batch A of a QRN pool [312] associated with an authentication procedure Z has
a threshold i.e., the predefined threshold number of the QRN as 10 units, then, in this example, if the
number of available QRNs in the Batch A reaches to 9 units, then the QRNG module may generate a
Batch B of QRNs associated with the target authentication procedure, wherein the Batch B of QRNs
comprises a number of QRNs corresponding to at least 10 units, and provides the same to the QRN pool
10 [312].
[0080] The present disclosure encompasses that the QRN pool [312] is locally stored in the storage unit [310] associated with the network server [300].
15 [0081] Further, the authentication unit [306] at the network server [300] is connected to at least the
collection unit [304]. The authentication unit [306] is configured to perform the authentication of the user device based at least on the QRN received from the QRN pool [312].
[0082] Further, in an exemplary implementation of the present disclosure, the authentication unit [306]
20 may authenticate the user device by matching the QRN received from the QRN pool [312] with a
prestored value of the authentication procedure associated with the user device. The prestored value of
the authentication procedure associated with the user device may be fetched from the storage unit [310]
in order to match the QRN received from the QRN pool [312] with the prestored value of the
authentication procedure. Further, in another exemplary implementation of the present disclosure, the
25 authentication unit [306] may authenticate the user device based on a predefined authentication
technique.
[0083] Further, in an event when the QRN received from the QRN pool [312] fully aligns or fully
matches with the prestored value, then the user device is successfully authenticated, and the
30 authentication unit [306] thereafter may grant access to the one or more services to the user device.
[0084] Furthermore, in an event when the QRN received from the QRN pool [312] does not align or
does not match with the prestored value associated with the authentication procedure, then the user
device is not successfully authenticated, i.e., the authentication fails. The authentication unit [306] may
35 then deny the access of the one or more services to the user device.
16

[0085] Referring to FIG. 4, an exemplary method flow diagram [400] for authenticating a user device, in accordance with exemplary implementations of the present disclosure is shown. In an implementation the method [400] is performed by the network server [300]. Also, as shown in FIG. 4, the method [400] starts at step [402]. 5
[0086] At step [404], the method [400] comprises receiving, by a transceiver unit [302] at a network server [300], a request for performing an authentication procedure from the user device.
[0087] The present disclosure encompasses the request refers to a signal or a message which is
10 transmitted from the user device to the network server [300] to perform the authentication procedure
associated with the user device. The authentication procedure involves verification of a confidential data that may be related to at least one of the user device and/or a user of the user device.
[0088] The present disclosure encompasses that the network server [300] is one of a Unified Data
15 Management (UDM) server, a Home Subscriber Server (HSS), and a Home Location Register (HLR)
server. The HSS is a server that maintains a main subscriber database that is used in Internet Protocol
Multimedia Subsystem (IMS) to provide one or more details of one or more subscribers to other entities
within a network. The IMS further enables one or more users to be granted or refused an access to one
or more other services in the network. The HLR server is a server that maintains a database which
20 includes an information about one or more authorized subscribers via using a Global System for Mobile
communication (GSM) core network. The HLR server helps to ensure that only authenticated and
permitted users, and their devices, may use the one or more services associated with the network.
Furthermore, as also discussed above with reference to FIG. 1, the UDM server/ UDM [124] manages
a user subscription data in the network. Further, the UDM server/ UDM [124] may be a centralized
25 database that stores and provides access to user-related information such as authentication credentials,
service profiles, and policy rules, thus the UDM [124] may facilitate a network authentication operation, a network authorization operation, and a network service provisioning operation for the users in the network.
30 [0089] At step [406], the method [400] comprises retrieving, by a collection unit [304] at the network
server [300], a Quantum Random Number (QRN) from a QRN pool [312].
[0090] The present disclosure encompasses that the QRN is retrieved from a batch of the one or more
batches in the QRN pool [312]. The present disclosure encompasses that the collection unit [304]
35 retrieves the QRN from the QRN pool [312], via the utilization of one or more pre-defined data retrieval
techniques, wherein the one or more pre-defined data retrieval techniques may be further based on the authentication procedure associated with the user device.
17

[0091] As used herein “Quantum Random Number (QRN)” refers to a random number generated using
quantum random number generation processes, which is inherently unpredictable and provides a high
level of randomness. Further, QRNs may be used as cryptographic keys for authentication of the user
5 device or as a challenge-response mechanism to verify the identity of the user device.
[0092] The present disclosure encompasses that the QRN may be generated via a Quantum Random
Number Generator (QRNG) module. The QRNG module may utilize one or more quantum random
number generation protocols for generating one or more QRNs. Further, the one or more QRNs
10 generated by the QRNG module may be stored in the QRN pool [312] based on a target authentication
procedure associated with the user device. The present disclosure encompasses that the QRN may be at least one of a numeric value, an alphabetic value, and an alphanumeric value.
[0093] The QRN pool [312] comprises one or more batches of QRNs, wherein each of the one or more
15 batches has a pre-defined count of random numbers. By storing the QRNs in one or more batches, it
can be ensured that a large number of QRNs are always available for the authentication procedure.
[0094] The present disclosure encompasses that the one or more batches of the QRNs in the QRN pool [312], is generated by a Quantum Random Number Generator (QRNG) module. The Quantum Random
20 Number Generator (QRNG) module includes one or more processors for generating the one or more
batches of the QRNs by utilizing a set of predefined random number generation rules. The set of predefined random number generation rules may include rules for each target authentication procedure from one or more authentication procedures, such that a corresponding rule may be utilised to generate the one or more batches of the QRNs associated with the target authentication procedure from one or
25 more authentication procedures associated with the user device.
[0095] The present disclosure encompasses that the method [400] further comprises generating, by the
QRNG module, a new batch of QRNs, for storing in the QRN pool [312], in an event where the pre¬
defined count of QRNs in the batch of the one or more batches in the QRN pool [312] is below a
30 threshold. This ensures that when a batch of QRNs is about to be exhausted (since the QRNs from said
batch have already been used for authentication), the QRN pool [312] is re-filled by storing additional QRNs generated by the QRNG module. This in turn ensures that a large amount of QRNs are available for being used in the authentication procedure.
35 [0096] The present disclosure encompasses that the QRNG module generates the new batch of QRNs
automatically in an event where the pre-defined count of QRNs in the batch of the one or more batches in the QRN pool [312] falls below the threshold. The threshold is a pre-set value that may be set by the
18

administrator for a particular batch. Further, in a scenario, where the number of available QRNs in a
target batch in the QRN pool [312] that is associated with the target authentication procedure falls below
a predefined threshold number of the QRN associated with the target batch, in that scenario the QRNG
module then generates the new batch of QRN that are associated with the target authentication
5 procedure of the user device. For example, if Batch A of a QRN pool associated with an authentication
procedure Z has a threshold i.e., the predefined threshold number of the QRN as 10 units, then, in this
example, if the number of available QRNs in the Batch A reaches to 9 units, then the QRNG module
may generate a Batch B of QRNs associated with the target authentication procedure, wherein the Batch
B of QRNs comprises a number of QRNs corresponding to at least 10 units, and provides the same to
10 the QRN pool [312].
[0097] The present disclosure encompasses that the QRN pool [312] is locally stored in a storage unit [310] associated with the network server [300].
15 [0098] At step [408], the method [400] comprises performing, by an authentication unit [306] at the
network server [300], the authentication of the user device based at least on the QRN received from the QRN pool [312].
[0099] The present disclosure encompasses that the authentication unit [306] may authenticate the user
20 device by matching the QRN received from the QRN pool [312] with a prestored value of the
authentication procedure associated with the user device. The prestored value of the authentication procedure associated with the user device may be fetched from the storage unit [310] in order to match the QRN received from the QRN pool [312] with the prestored value of the authentication procedure.
25 [0100] Further, in an event where the QRN received from the QRN pool [312] fully aligns or fully
matches with the prestored value, then the user device is successfully authenticated, and the authentication unit [306] may thereafter grant access of the one or more services to the user device.
[0101] Furthermore, in an event when the QRN received from the QRN pool [312] does not align or
30 does not match with the prestored value associated with the authentication procedure, then the user
device is not successfully authenticated, i.e., the authentication fails. The authentication unit [306] may then deny the access of the one or more services to the user device.
[0102] The method [400] terminates at step [410]. 35
[0103] Referring to FIG. 5, an exemplary method [500] flow diagram for authenticating a user device, in accordance with exemplary implementations of the present disclosure is shown.
19

[0104] At step [S1], the method [500] initiates with a User Equipment Authentication Unit (UEAU) and thereafter, at step [S2], one or more configurations from a pool of configurations is read. Further, at step [S3], a Quantum Random Number (QRN) pool [312] is filled with a pre-defined count of QRNs, by a Quantum Random Number Generator (QRNG) module, and at step [S4], in case the count of QRNs in the QRN pool [312] is below a threshold, then more QRNs are generated by the Quantum Random Number Generator (QRNG) module.
[0105] At step [S5], a key generation request is awaited. Then, at step [S6], in an event where the key generation request is received from the user device, the method moves to step [S7].
[0106] Thereafter, at step [S7], a random number i.e., the QRN is retrieved from the QRN pool [312], and step [S8], the random number/ QRN is transmitted in response to the key generation request (i.e., the QRN pool [312] responds with a generated key and goes back to listening), and further the method repeats the step [S5].
[0107] Referring to FIG. 6, an exemplary block diagram [600] of a Quantum Random Number (QRN) pool manager [604] for authenticating a user device in accordance with exemplary implementations of the present disclosure is shown. The QRN pool manager [604] comprises a User Equipment Authentication Unit (UEAU) [602], and a QRN appliance live streams storing unit [606].
[0108] In an implementation, the UEAU [602] requests a random number from a QRN pool manager [604]. The QRN pool manager [604] is responsible for handling one or more QRN pools having a plurality of QRNs stored in one or more batches, for example, as shown in FIG. 6, a QRN pool (MxN) comprises the one or more Batches such as Batch 1, wherein the Batch 1 may further comprise QRN 1.1, QRN 1.2 …. QRN 1. N (depicted as Rand 1.1, Rand 1.2….Rand 1.N in FIG. 6). Similarly, each QRN pool (MxN) from the one or more QRN pools comprises Batch 1, Batch 2, … Batch M.
[0109] In response to the request transmitted by the UEAU [602], the QRN pool manager [604] responds with the QRN.
[0110] Further, the QRN pool manager [604] requests a batch of QRNs from the QRN appliance live streams storing unit [606]. In response to the request made by the QRN pool manager [604], the QRN appliance live streams storing unit [606] transmits the batch of QRNs associated with the request.
[0111] The present disclosure further discloses a User Equipment (UE) [102] comprising a memory; and a processor connected to the memory. The processor is configured to transmit to a network server

[300], a request to perform an authentication procedure of the user equipment. The processor is further configured to receive, from the network server [300], an authentication response associated with the request, wherein the authentication response is received based on retrieving, at the network server [300], a Quantum Random Number (QRN) from a QRN pool [312], and performing, at the network server [300], the authentication of the user equipment based at least on the QRN received from the QRN pool [312].
[0112] The present disclosure further discloses a non-transitory computer readable storage medium storing instructions for authenticating a user device, wherein the instructions including an executable code. The executable code, when executed by one or more units of a network server [300], causes: a transceiver unit [302] to receive at the network server [300], a request for performing an authentication procedure from the user device; a collection unit [304] to retrieve at the network server [300], a Quantum Random Number (QRN) from a QRN pool [312]; and an authentication unit [306] to perform at the network server [300], the authentication of the user device based at least on the QRN received from the QRN pool [312].
[0113] As is evident from the above, the present disclosure provides a technically advanced solution for authenticating a user device using a pool of quantum random numbers. The present disclosure provides a solution to authenticate the user device by receiving a request for performing an authentication procedure from a user device and in response to the request, a Quantum Random Number (QRN) is retrieved from a local QRN pool [312] to perform the authentication of the user device. The use of a local QRN pool to retrieve QRNs for authentication significantly reduces the time required for authentication. The present disclosure allows authentication of user devices even in case of an intermittent failure associated with a QRN generation module. By reducing the dependency on the QRNG module each time an authentication procedure is to be performed, the present disclosure ensures uninterrupted authentication, and consequently, reduces the instances of service outages that were previously being caused due to failed authentication procedures, owing to the unavailability of the QRNG module. With the implementation of the present disclosure, a Unified Data Management (UDM) server or a Home Subscriber Server (HSS), or a Home Location Register (HLR) server keep serving for the purposes of authenticating the user device. Further, the present solution ensures that the QRN pool [312] is highly available by filling back the QRN pool [312] automatically, as soon as a batch of QRNs is exhausted. The present solution further optimizes network performance by generating QRNs on demand.
[0114] While considerable emphasis has been placed herein on the disclosed implementations, it will be appreciated that many implementations can be made and that many changes can be made to the implementations without departing from the principles of the present disclosure. These and other

changes in the implementations of the present disclosure will be apparent to those skilled in the art, whereby it is to be understood, that the foregoing descriptive matter to be implemented, is illustrative and non-limiting.

We Claim:
1. A method for authenticating a user device, the method comprising:
- receiving, by a transceiver unit [302] at a network server [300], a request for performing an authentication procedure from the user device;
- retrieving, by a collection unit [304] at the network server [300], a quantum random number (QRN) from a QRN pool [312]; and
- performing, by an authentication unit [306] at the network server [300], the authentication of the user device based at least on the QRN received from the QRN pool [312].

2. The method as claimed in claim 1, wherein the network server [300] is one of a Unified Data Management (UDM) server, a Home Subscriber Server (HSS), and a Home Location Register (HLR) server.
3. The method as claimed in claim 1, wherein the QRN pool [312] comprises one or more batches of QRNs, wherein each of the one or more batches has a pre-defined count of random numbers.
4. The method as claimed in claim 3, wherein, the one or more batches of the QRNs in the QRN pool [312], is generated by a quantum random number generator (QRNG) module.
5. The method as claimed in claim 3, wherein, the QRN is retrieved from a batch of the one or more batches in the QRN pool [312].
6. The method as claimed in claim 3, further comprising:
- generating, by the QRNG module, a new batch of QRNs, for storing in the QRN pool [312],
in an event a pre-defined count of QRNs in the batch of the one or more batches in the QRN
pool [312] is below a threshold.
7. The method as claimed in claim 1, wherein the QRN pool [312] is locally stored in a storage unit [310] associated with the network server [300].
8. A network server [300] for authenticating a user device, the network server [300] comprising:
- a transceiver unit [302] configured to receive a request for performing an authentication
procedure from the user device;

- a collection unit [304] connected to at least the transceiver unit [302], the collection unit [304] configured to retrieve a quantum random number (QRN) from a QRN pool [312]; and
- an authentication unit [306] connected to at least the collection unit [304], the authentication unit [306] configured to perform the authentication of the user device based at least on the QRN received from the QRN pool [312].

9. The network server [300] as claimed in claim 8, wherein the network server [300] is one of a Unified Data Management (UDM) server, a Home Subscriber Server (HSS), and a Home Location Register (HLR) server.
10. The network server [300] as claimed in claim 8, wherein the QRN pool [312] comprises one or more batches of QRNs, wherein each of the one or more batches has a pre-defined count of random numbers.
11. The network server [300] as claimed in claim 10, wherein, the one or more batches of the QRNs in the QRN pool [312], is generated by a quantum random number generator (QRNG) module.
12. The network server as claimed in claim 10, wherein, the QRNs are retrieved from a batch of the one or more batches in the QRN pool [312].
13. The network server [300] as claimed in claim 11, wherein the QRNG module is configured to generate a new batch of QRNs, for storing in the QRN pool [312], in an event the pre-defined count of QRNs in the batch of the one or more batches in the QRN pool [312] is below a threshold.
14. The network server [300] as claimed in claim 8, wherein the QRN pool [312] is locally stored in a storage unit [310] associated with the network server [300].
15. A User Equipment (UE) comprising:

- a memory; and
- a processor connected to the memory, wherein the processor is configured to:
o transmit, to a network server [300], a request to perform an authentication procedure of the user equipment [102], and

o receive, from the network server [300], an authentication response associated with the request, wherein the authentication response is received based:
retrieving, at the network server [300], a quantum random number (QRN) from a QRN pool [312], and
performing, at the network server [300], the authentication of the user equipment based at least on the QRN received from the QRN pool [312].