INDEXHABOUTHcopyright © samir amberkar

1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
1.9
1.10
1.11
1.12
1.13
1.14
1.15
1.16
1.17
1.18
1.19
1.20

2.1

3.1
3.2
3.3
3.4
3.5




another knowledge site

3GPP Modem
Simulator

Test Your
Knowledge

another knowledge site

LTE NAS Security - 2
Idle mode RAT change from E-UTRAN to UTRAN/GERAN

Ref: [33.401:9.1.1, 10.2.1], [23.401:D.3.5, 4.3.5.6], [24.008:4.7.5.1.1], [23.003:2.8.2.1].

Below diagram depicts change from E-UTRAN to UTRAN. The same procedure is applicable to change to GERAN; GPRS security context is mapped after mapping EPS context to UMTS one.

     UE UTRAN

if  TIN=P-TMSI or RAT related P-TMSI

Existing UMTS

KSI
CK
IK


else  TIN=GUTI
LTE-mapping-arrow-703689.png
EPS NAS

eKSI=KSIASME/y
KKSME
UL NAS count
DL NAS count
UE security capability
KNASint/Enc algo id
KNASenc/Int algo id

 mapped UMTS

KSI=y
CK'
IK'

NAS token, CK', and IK' would be generated from KASME and NAS UL Count. Truncated (two least octets of) NAS Token would be put in P-TMSI signature. NAS token help authenticating UE. Mapped UMTS context is stored in USIM. GPRS Kc too generated and updated in USIM.

Routing Area Update Request
(KSI, P-TMSI signature) 		new-right4.JPG
Even though security keys are generated, algorithms are still to be decided. This is handled in RRC Security Mode procedure.


new-left4.JPG RRC Security Mode Command
(integrity/ciphering algoritm, MAC-I)
Further procedure is outside the scope of this document. You may refer [33.102:6.4.5]. UE will now have complete (mapped) UMTS Security context.


Copyright © Samir Amberkar Page 3 of 8


I II III IV V VI VII VIII