lte-security-ue-interfaces

lte-security-ue-interfaces

UE Interfaces (LTE Security for new user) LTE Terminal LTE Network USIM UE e Node B MME Generated with EventStudio System Designer - http://www.51wendang.com/EventStudio

EventStudio System Designer 6

31-Dec-13 14:51 (Page 1)

We recommend going through the following presentation for a good background on LTE keys. http://www.51wendang.com/lte/security/lte-security-presentation.pdf

LTE UE is Provisioned

UE is powered on Initial NAS Message UE Security Capabilities, Supported ciphering and integrity protection algorithms

The UE establishes an RRC connection and sends a Initial NAS Message to the MME.

Authentication Authentication Request RAND, AUTN, KSI-ASME

The MME sends an unciphered Authentication Request to the UE. The message contains the RAND and AUTN numbers. Key selection identifier (KSI-ASME) is also included in the message. The UE reads the shared secret K key from the USIM. The UE computes an authentication result (RES) from the key K and the received AUTN and RAND values. The UE sends the RES value back to the MME.

Read the Key K Compute RES from K, AUTN and RAND

Authentication Response RES

Enable NAS ciphering and integrity protection NAS Security Mode Command EPS Encryption Algorithm, EPS Integrity Algorithm, KSI-ASME

MME initiates the NAS security procedure. The encryption and integrity protection algorithms are included in the message. Key selection identifier (KSI-ASME) is also included in the message. The UE uses the K-ASME key and the EPS encryption algorithm to derive the NAS encryption key. The UE selects the K-ASME key based on the KSI-ASME received from the network. The UE then uses the K-ASME key and the EPS integrity algorithm to derive the NAS integrity protection key. UE responds back to the MME. This message is sent with NAS ciphering and integrity protection.

Generate K-NAS-enc from EPS Encryption Algorithm, K-ASME

Generate K-NAS-int from EPS Integrity Algorithm, K-ASME

NAS Security Mode Complete

Enable RRC integrity protection and RRC/User Plane ciphering RRC Security Mode Command AS Encryption Algorithm, AS Integrity Algorithm, START for integrity and encryption Generate K-RRC-enc and K-UP-enc keys from the AS Encryption Algorithm and K-ASME Generate K-RRC-int key from the AS Integrity Algorithm and K-ASME

The eNodeB initiates the security mode command to the UE. The message contains the AS integrity protection and encryption algorithms. The START parameters are also included in the message. The UE uses the K-ASME and the AS Encryption algorthm to determine the RRC and User Plane encryption keys. The UE uses the K-ASME and the AS Integrity algorthm to determine the RRC integrity protection key. UE responds with success. This message uses the newly activated keys to encrypt and integrity

RRC Security Mode Complete

lte-security-ue-interfaces

Word文档免费下载Word文档免费下载:lte-security-ue-interfaces (共2页,当前第1页)

lte security ue interfaces相关文档

最新文档

返回顶部