www.nmcgroups.

com

LTE Security
HSS
IMSI, LTE K

Mandatory Optional

EPS AKA provides authentication, confidentiality and integrity protection for LTE network Authentication method: EPS AKA Authentication parameters: IMSI, EPS AV (KASME, RAND, AUTN, XRES), RES NAS integrity protection (AES, Snow 3G) NAS ciphering (Null, AES, Snow 3G) RRC signaling integrity protection (AES and Snow 3G) RRC signaling ciphering (Null, AES, Snow 3G) User plane ciphering (Null, AES, Snow 3G) Key derivation function: HMAC-SHA-256 Security master key: KASME Security key for NAS signaling: KNASenc, KNASint Security key for RRC signaling: KRRCenc, KRRCint Security key for user plane: KUPenc References TS 24.301 TS 33.401

EPS Authentication Vectors

(RAND, AUTN, XRES, KASME)

MME

KNASint/KNASenc

Mutual Authentication NAS Signaling Integrity/ Ciphering eNB

KRRCint/KRRCenc KUPenc

RRC Signaling Integrity/ Ciphering

IMSI, LTE K

User Plane Ciphering

UE

KNASint/KNASenc KRRCint/KRRCenc

KUPenc

UE
1

eNB
Attach Request (IMSI, UE Security Capability, KSIASME=111)

MME

HSS

Authentication

Authentication Data Request (IMSI, SN ID, Network Type) Authentication Request(RAND, AUTNHSS, KSIASME=1) [not ciphered; not integrity protected] Authentication Data Response (AVs (1...n)) LTE K RAND SQN SN ID EPS AKA Algorithm AUTNUE 2 RES KASME Network(HSS) Authentication ( AUTNUE = AUTNHSS ) Authentication Response(RES) [not ciphered; not integrity protected] UE Authentication ( RES = XRES ) Select encryption/integrity algorithm KASME Alg-ID, Alg Distinguisher KDF KNASint KNASenc, KNASint NAS Security Mode Complete (NAS-MAC) [NAS ciphered and integrity protected] Ciphered and Integrity Protected NAS Signaling Accept Accept <Initial Context Setup Request> (UE Security Capability, KeNB) KNASenc KNASenc, KNASint Compute KeNB KASME NAS Uplink Count KDF 3 KNASint LTE K RAND SQN SN ID EPS AKA Algorithm AUTNHSS XRES KASME

Authentication Vector = (RAND, XRES, AUTNHSS, KASME)

NAS Security Setup

KASME Alg-ID, Alg Distinguisher

NAS Security Mode Command (KSIASME=1, Replayed UE Security Capability, NAS Ciphering Algorithm=EEA1, NAS Integrity Algorithm=EIA1, NAS-MAC) [NAS integrity protected]

KDF KNASenc

AS Security Setup
KASME NAS Uplink Count Select encryption/integrity algorithm KDF KeNB AS Security Mode Command (Ciphering Algorithm=EEA1, Integrity Algorithm=EIA1, MAC-I) [AS integrity protected] AS Security Mode Complete (MAC-I) [AS integrity protected] KUPenc KRRCenc, KRRCint KUPenc Ciphered and Integrity Protected RRC Signaling Ciphered User Plane KRRCenc, KRRCint KUPenc KeNB
Alg-ID, Alg Distinguisher

KeNB

KDF KRRCenc KRRCint KUPenc

KeNB Alg-ID, Alg Distinguisher KDF KRRCenc KRRCint

UE Network Capability (24.301) EPS encryption algorithm (EEA) EEA0 NO encryption 128-EEA1 SNOW 3G 128-EEA2 128-bit AES EEA3~EEA7 NOT Defined EPS integrity algorithm (EIA) 128-EIA1 SNOW 3G 128-EIA2 128-bit AES EEA3~EEA7 NOT Defined

UE Security Capability (Supported encryption/integrity algorithm) - EEA0=on, EEA1=on, EEA2=off, - EIA1=on, EIA2=on, Alg-ID EEA0 EEA1 EEA2 EIA1 EIA2 00 01 02 01 02 Alg Distinguisher NAS-enc-alg 01 NAS-int-alg 02 RRC-enc-alg 03 RRC-int-alg 04 UP-enc-alg 05

About NMC Consulting Group

NMC Consulting Group was founded on year 2002 and is advanced, professional network consulting company which is specialized for IP Network area like FTTH, Metro Ethernet and IP/MPLS, Service area like IPTV and IMS lastly, Wireless network area like Mobile WIMAX and LTE. Copyright 2002-2011 NMC Consulting Group. All rights reserved.