FIG. 9A is a block diagram of third party equipment of a third party according to some embodiments.

FIG. 9B is a block diagram of third party equipment of a third party according to other embodiments.

FIG. 1 shows a communication system 10 that according to some embodiments enables secure, authenticated communication between an initiator 12 and a responder 14. In one context, the initiator 12 is a wireless device (e.g., a user equipment) and the responder 14 is a network node that implements a non-3GPP interworking function (N3IWF) or an enhanced packet data gateway (ePDG) which the wireless device uses to access a 3GPP core network via a non-3GPP access network. In this context, some embodiments enable secure, authenticated communication between the wireless device and the N3IWF (or ePDG) via an untrusted non-3GPP access network.

No matter the particular context, though, the initiator 12 initiates negotiation of security parameters (e.g., a cryptographic suite) with the responder 14 in order to establish a secure communication channel 16 between the initiator 12 and the responder 14. In embodiments where the negotiation is performed via the Internet Key Exchange, IKE, protocol, for example, the secure communication channel 16 may constitute an IKE security association (SA) between the initiator 12 in the form of an IKE initiator and the responder 14 in the form of an IKE responder. Regardless, the initiator 12 and the responder 14 then authenticate one another in a way bound to the already negotiated secure communication channel 16.