Access Stratum security activation must be performed after setting up SRB0 and SRB1 and before setting up SRB2 and any DRBs. SRB0 cannot be used after security activation.

 

eNB sends an integrity protected Security Mode Command, containing information on algorithm to be used for Access Stratum integrity protection and ciphering UE calculates keys, checks MAC (Message Authentication Code) of Security Mode Command and if correct, sends back an integrity protected and ciphered Security Mode Complete message.

 

If Security Mode Command integrity protection fails (or there is any other activation failure), the UE sends back a Security Mode Failure message.

 

As a result of the RRC security activation procedure, the AS applies three different security keys:

  • One for the integrity protection of RRC signalling (KRRCint),

  • One for the encryption of RRC signalling (KRRCenc)

  • One for the encryption of user data (KUPenc).

 

1. Ciphering

Ciphering, also known as encryption, ensures that intruders cannot read the data and signalling messages that the mobile and network exchange. Ciphering can be applied to both U-Plane Data and C-Plane Data (RRC/NAS Message). The type of EEA being used is determined by Network and informed to UE via Security Mode Command. NAS EEA is carried by NAS:Security Mode Command and RRC EEA is carried by RRC:Security Mode Command. Currently there are three different types of EEA we can use as shown in the following table.

LTE Security

 

2. Integrity

Integrity protection ensures that the intruder cannot replay or modify signalling messages that the mobile and network exchange. It protects the system against problems such as man-in-middle attacks, in which an intruder intercepts a sequence of signalling messages and modifies and re transmits them, in an attempt to take control of the mobile. This algorithm applies only to C-Plane data (NAS message). You can take this as a kind of special encryption algorithm which is used only for NAS message. Like EEA, this is also determined by the Network and informed to UE by EMM:Security Mode Command and RRC:Security Mode Command message. Currently there are two different types of EIA we can use as shown in the following table.

 

The integrity and ciphering algorithms can only be changed upon handover. The AS keys don’t change during intra-RAT idle mode mobility. The below table summarizes the ciphering and integrity protection requirement for the NAS, RRC and user plane data.

During a successful EPS authentication, the CK and IK keys are computed and then these are used as key material to compute a new key, KASME (Access Security Management Entity).