INDEXHABOUTHcopyright © samir amberkar

1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
1.9
1.10
1.11
1.12
1.13
1.14
1.15
1.16
1.17
1.18
1.19
1.20

2.1

3.1
3.2
3.3
3.4
3.5




another knowledge site

3GPP Modem
Simulator

Test Your
Knowledge

another knowledge site
1.1

LTE NAS Security
(Native) Security flow
  UE MME

Attach Request
(eKSI=no key available, UE security capability)
This is first power on with new USIM, so UE does not have previous security context. During next power-on, current security context would be taken from USIM or non-volatile memory.


eKSI=no key available
Capability
(void context)

partial native current



Authentication Request
(eKSI=KSIASME/id=y, AUTN, RAND)
UE creates a non-current partial native security context and marks it for given eKSI.


eKSI=no key available
Capability
(void context)

partial native current

eKSI=KSIASME/y
UL count=0
DL count=0
Capability

partial native non-current

UE sends AUTHENTICATE command to USIM application to compute RES, CK, IK for given RAND. USIM application too authenticates network with AUTN. This is first step of AKA (Authentication and Key Agreement) procedure. UE then derives KASME with input as CK, IK, SN id (MCC/MNC), and (SQN⊕AK) taken from AUTN. This is updated in non-current security context.

eKSI=no key available
Capability
(void context)

partial native current

eKSI=KSIASME/y
UL count=0
DL count=0
Capability
KASME

partial native non-current


Copyright © Samir Amberkar Page 2 of 6


I II III IV V VI