Session 5

The evolved Packet Core

(EPC): The allall-IP based
Core Network of LTE
ITU ASP COE Training on Technology,
Standardization and Deployment of Long
Term Evolution (IMT)
Sami TABBANE

9-11 December 2013 Islamic Republic of Iran

1

Agenda

1. User Plane Overview

2. LTE Interfaces
3. LTE Identities
4. LTE/EPC Bearers
5. Network Entities
6. Backhauling and Backbone
7. Security
2

Network and protocol architecture

1. User plane Overview

User plane Overview

User
plane
Architecture:

Traffic

Cost efficient 2 types of

nodes architecture
Fully meshed approach
with
tunneling
mechanism over IP
transport network
Iu Flex approach
Access Gateway (AGW)
Enhanced Node B (ENB)

User plane Overview

S1-flex Mechanism
Allows:
Network redundancy,
Load sharing of traffic across network
elements in the CN, the MME and the SGW,

Creates pools of MMEs and SGWs,

Each eNB connected to multiple MMEs and
SGWs in a pool.
5

MME Pooling S1 Flex

Flexible architecture
S1 Flex + MME Pooling network redundancy and traffic load
sharing
S1 Flex: eNB can connect to a maximum of 16 MMEs
In practice geographical redundancy is desired, connecting each
eNB to 2 MMEs, in different locations.
6

Multiple Operator Core Network

MOCN service providers can have separate core networks

(MME, SGW, PDN GW) and E-UTRAN (eNBs) jointly shared.
Enabled by the S1-flex mechanism (each eNB can be
connected to multiple core networks entities).
7

Network sharing benefits

Network and protocol architecture

2. LTE Interfaces

LTE-SAE network interfaces

HSS
Gr

IP networks

PCRF
S7

S6

SGi

S4

SGSN

S3

MME

SAE GW

S2a/b

S11

Iu CP
Gb
2G
networks

Iu UP
3G networks

S1 CP
Iu CP
LTE networks

non 3GPP
networks

10

LTE-SAE network interfaces

S1-flex: eNB (enhanced Node B) and aGW (access Gateway) multipointto-multipoint links,
X2: inter-eNBs direct interface for HO management and RRM.
GGSN, SGSN and RNC elements: unique and central node ACGM (Access
Core Gateway) or a-GW (in 3GPP LTE/SAE, aGW refers to the Serving
Gateway (SGW)).
A-GW: terminates control and used planes for UE and manages the core
network features implemented in the GGSN and SGSN in Release 6.
UE Control plane protocol similar to Release 6 RRC (Radio Resource
Control): mobility control and radio bearer configuration.
ACGW user plane: header compression, ciphering, integrity and ARQ
11

Core Network Interface

Two interfaces:
S1 for the control plane
X2 for the user plane
Inter-eNode Bs X2 interface (includes Control and user planes)

12

E-UTRAN Network interfaces

Interfaces

User plane carries user data and high layers signaling:

Voice and data packets
Application level signaling (SIP, SDP or RTCP (Real-time Transport Control
Protocol) packets)

Before transmission on S1 interface, user plane packets are

transmitted to the transport layer without processing,
Control plane is linked to the messages and procedures related
to the interface operation:
Handover management control messages
Bearer control messages

13

E-UTRAN Network interfaces

Interfaces

Physical layer (part of the transport layer) is common to

the user and control planes,
Control plane signaling: more constraints in terms of
security, reliability and data loss,
User plane information: less secured routing protocols
S1 and X2 interfaces specified by the 3GPP
eNodeB of various vendors may be:
Interconnected through X2 interface
Connected to the MME or S-GW (S1 interface).

14

E-UTRAN Network interfaces

S1 interface: user plane

User plane S1 interface or S1-U:

Carries user data packets between eNodeB and
Serving GW,
Uses GTP (GPRS Tunneling Protocol) inherited
from 2G/GPRS and 3G/UMTS networks top of
UDP/IP, with user data encapsulation,
No flow control, no error control and no data
delivery guaranteed.

15

GTP

All variants of GTP have certain features in common. The structure of the messages is the same, with a
GTP header following the UDP/TCP header.
GTPv1 headers contain the following fields:
+

Bit 0-2

Version

Protocol type Reserved

5
Extension
Header Flag

32
64

6
7
8-15
Sequence
N-PDU
Message Type
Number Flag Number Flag

16-23

24-31
Total length

TEID
Sequence number

N-PDU number

Next extension header type

Version: 3-bit field. For GTPv1, this has a value of 1.

Protocol Type (PT): 1-bit value that differentiates GTP (value 1) from GTP' (value 0).
Reserved a 1-bit reserved field (must be 0).
Extension header flag (E): 1-bit value that states whether there is an extension header optional field.
Sequence number flag (S): 1-bit value that states whether there is a Sequence Number optional field.
N-PDU number flag (PN): 1-bit value that states whether there is a N-PDU number optional field.
Message Type: 8-bit field to indicate the type of GTP message. Different types of messages are defined in
3GPP TS 29.060 section Length a 16-bit field that indicates the length of the payload in bytes (rest of the
packet following the mandatory 8-byte GTP header). Includes the optional fields.
Tunnel endpoint identifier (TEID): 32-bit(4-octet) field used to multiplex different connections in the
same GTP tunnel.
Sequence number: optional 16-bit field. Exists if any of the E, S, or PN bits are on.
N-PDU number: optional 8-bit field. This field exists if any of the E, S, or PN bits are on.
Next extension header type: optional 8-bit field. This field exists if any of the E, S, or PN bits are on.
16

GTP principle

17

E-UTRAN Network interfaces

S1 interface: Control plane

Control plane S1 interface, or S1-C: signaling interface

supporting a set of features and procedures between eNodeB
and MME,
4 main groups S1-C signaling procedures:
Bearer related procedures: bearer establishment, change and release,
Handover procedures: all S1 features related to the mobility of the users
between eNodeBs or with the 2G/3G technologies,
NAS (Non Access Stratum) signaling transfer: signaling between a
terminal and MME, through S1 interface (eNodeB transparent signaling),
Paging procedure: used for MT sessions (the MME request from eNodeB
to page a terminal in a given cell)

18

Network and protocol architecture

3. LTE Identities

19

User Identities

International Mobile Subscriber Identity (IMSI)

allocated to each mobile subscriber in every (GSM,
UMTS, and EPS) system.
VLRs, SGSNs and MMEs may allocate Temporary
Mobile Subscriber Identities (X-TMSI) for subscriber
identity confidentiality.
An MS may be allocated three TMSIs through the:
VLR (TMSI)
SGSN (P-TMSI)
MME (S-TMSI, M-TMSI, part of GUTI, Globally Unique
Temporary UE Identity).
20

User Identities

IMSI is composed of three parts:

Mobile Country Code (MCC) consisting of three digits,
Mobile Network Code (MNC) consisting of two or three digits for
GSM/UMTS applications.
Mobile Subscriber Identification Number (MSIN) identifying the mobile
subscriber within a PLMN.

National Mobile Subscriber Identity (NMSI) = MNC and NMSI.

21

User Identities
Temporary Mobile Subscriber Identity (TMSI) structure and coding is chosen by agreement
between operator and ME manufacturer in order to meet local needs.
The TMSI consists of 4 octets. It can be coded using a hexadecimal representation. The
network shall not allocate a TMSI with all 32 bits equal to 1, because TMSI must be stored
in the SIM, and SIM uses 4 octets with all bits equal to 1 to indicate that no valid TMSI is
available.
Globally Unique Temporary UE Identity (GUTI ): unambiguous identification of the UE that
does not reveal the UE or the user's permanent identity in the Evolved Packet System
(EPS). It allows the identification of the MME and network.
GUTI = GUMMEI + M-TMSI, where
GUMMEI = MCC + MNC + MME Identifier
MME Identifier = MME Group ID + MME
Code
MCC and MNC shall have the same field
size as in earlier 3GPP systems.
M-TMSI shall be of 32 bits length.
MME Group ID shall be of 16 bits length.
MME Code shall be of 8 bits length.
22

LTE Identities
ID
IMSI

PLMN ID
MCC
MNC

Meaning

Description

International Mobile
Subscriber Identity

Unique identification of mobile (LTE)

subscriber Network (MME) gets the
PLMN of the subscriber

Public Land Mobile

Network Identifier

Unique identification of PLMN

Mobile Country Code assigned by ITU

Mobile Network Code assigned by National Authority
Mobile Subscriber
MSIN
assigned by operator
Identification Number
To identify a UE between the UE and
Globally Unique
GUTI
the MME on behalf of IMSI for security
Temporary UE Identity
reason
GUTI is stored in TIN parameter of UEs
Temporary Identity
MM context. TIN indicates which
TIN
used in Next Update temporary ID will be used in the next
update.
To locally identify a UE in short within a
SAE Temporary Mobile
MME group (Unique within a MME
S-TMSI
Subscriber Identity
Pool)

Structure
IMSI (not more than 15
digits) = PLMN ID +
MSIN = MCC + MNC +
MSIN
PLMN ID (not more
than 6 digits) = MCC +
MNC
3 digits
2 or 3 digits
9 or 10 digits
GUTI (not more than 80
bits) = GUMMEI + MTMSI
TIN = GUTI

S-TMSI (40 bits) =

MMEC + M-TMSI
23

LTE Identities
ID
M-TMSI

Meaning
MME Mobile
Subscriber Identity

Description
Unique within a MME

Globally Unique MME To identify a MME uniquely in global

GUMMEI
Identity
GUTI contains GUMMEI
MMEI
MMEGI
MMEC
C-RNTI
IMEI
IMEI/SV

ECGI

To identify a MME uniquely within a

MME Identifier
PLMN
Operator commissions at eNBMMEI
MME Group Identifier Unique within a PLMN
To identify a MME uniquely within a
MME Code
MME Group. S-TMSI contains MMEC8
Cell- Radio Network
To identify an UE uniquely in a cell
Temporary Identifier
International Mobile To identify a ME (Mobile Equipment)
Equipment Identity
uniquely
To identify a ME (Mobile Equipment)
IMEI/Software Version
uniquely
To identify a Cell in global (Globally
E-UTRAN Cell Global Unique)
Identifier
EPC can know UE location based of
ECGI

Structure
32 bits
GUMMEI (not more
than 48 bits)= PLMN ID
+ MMEI
MMEI (24 bits) =
MMEGI + MMEC
16 bits
8 bits
0x0001 ~ 0xFFF3 (16
bits)
IMEI (15 digits) = TAC +
SNR + CD
IMEI/SV (16 digits) =
TAC + SNR + SVN
ECGI (not more than 52
bits) = PLMN I D+ ECI
24

LTE Identities
ID
ECI

Meaning
E-UTRAN Cell
Identifier

PGW ID PDN GW Identity

TAI

TAC

TAI List

Tracking Area
Identity

Description
To identify a Cell within a PLMN

Structure
ECI (28 Bits) = eNB ID
+ Cell ID

To identify a specific PDN GW (PGW)

HSS assigns P-GW for PDN (IP
network) connection of each UE

IP address (4 bytes)
or FQDN (variable
length)

To identify Tracking Area

Globally uniqueTAI

TAI (not more than

32 bits) = PLMN ID +
TAC P-GW

To indicate eNB to which Tracking

Tracking Area Code Area the eNB belongs (per Cell)
16 bits
Unique within a PLMN16
UE can move into the cells
Tracking Area
included in TAL list without
Variable length
Identity List
location update (TA update)
Globally unique

25

LTE Identities
ID

Meaning

Description
To identify an PDN (IP network), that
mobile data user wants to
communicate with
PDN Identity (APN) is used to
Packet Data Network determine the P-GW and point of
PDN ID
Identity
interconnection with a PDN
With APN as query parameter to the
DNS procedures, the MME will receive
a list of candidate P-GWs, and then a PGW is selected by MME with policy
EPS
Evolved Packet System To identify an EPS bearer (Default or
Bearer ID Bearer Identifier
Dedicated) per an UE4
E-UTRAN Radio Access
E-RAB ID
To identify an E-RAB per an UE
Bearer Identifier
Data Radio Bearer
DRB ID
To identify a DRB per an UE
Identifier
To identify the default bearer
LBI
Linked EPS Bearer ID
associated with a dedicated EPS bearer
Tunnel End Point
To identify the end point of a GTP
TEID
identifier
tunnel when the tunnel is established

Structure

PDN Identify = APN =

APN.NI + APN.OI
(variable length)

4 bits
4 bits
4 bits
4 bits
32 bits

26

LTE Identities

27

Control Plane Protocols

4. Network Entities

28

MME
MME host the following functions:

NAS signaling security

AS security control

Inter CN node signaling for mobility between 3GPP access networks

Tracking Area list management

PDN GW and Serving GW selection

MME selection for handovers with MME change

SGSN selection for handovers to 2G or 3G 3GPP access networks

Roaming

Authentication

Bearer management functions including dedicated bearer establishment

Support PWS (which includes ETWS and CMAS) message transmission

UE reachability in idle state (including control and paging retransmission)

29

S-GW

Serving Gateway (S-GW) hosts the following functions:

The local Mobility Anchor point for inter-eNB handover

Mobility anchoring for inter-3GPP mobility

E-UTRAN idle mode downlink packet buffering and initiation of network tri
ggered service request procedure

Lawful Interception

Packet routeing and forwarding

Transport level packet marking in the uplink and the downlink

Accounting on user and QCI granularity for inter-operator charging

UL and DL charging per UE, PDN, and QCI

30

P-GW

PDN Gateway hosts the following functions:

Per-user based packet filtering (by e.g. deep packet inspection)

Lawful Interception

UE IP address allocation

Transport level packet marking in the downlink

UL and DL service level charging, gating and rate enforcement

DL rate enforcement based on APN-AMBR

Credit control for online charging

Note

The S-GW and P-GW are usually integrated in the same equipment (direct
tunnel).

Physical separation is done in the case of roaming.

31

PCRF HSS
PCRF (Policy Control and Charging Rules Function)
-

Policy control decision-making,

Control the flow-based charging functionalities in the Policy Control

Enforcement Function (PCEF), which resides in the P-GW

Provides the QoS authorization (QoS class identifier [QCI] and bit rates) that
decides how a certain data flow will be treated in the PCEF and ensures that
this is in accordance with the users subscription profile.

HSS (Home Subscriber Server)

-

Contains users SAE subscription data such as the EPS-subscribed QoS

profile and any access restrictions for roaming

Holds information about the PDNs to which the user can connect (in the form
of an access point name (APN) (which is a label according to DNS naming
conventions describing the access point to the PDN) or a PDN address
(indicating subscribed IP address(es))

Holds dynamic information such as the identity of the MME to which the user is
currently attached or registered

Integrates the authentication center (AUC), which generates the vectors for
authentication and security keys.
32

LTE Entity Functions Summary

RR: Radio Resource RRC: Radio Resource Control EMM: Evolved Mobility Management ECM: Evolved Connection Management
33

Network and protocol architecture

5. LTE/EPC Bearers

34

Control plane protocols

Radio Protocol Stack Overview

35

RRC Overview (1/2)

Main RRC services and functions:

System Information Broadcast:
Through the logical channel BCCH
Related to the access network (Settings related to the radio) or core
network (PLMN Identity, ...)

Paging: Through the PCCH (logical channel)

Establishment, maintenance and release of an RRC
connection between the UE and E-UTRAN:
Allocation of temporary identifiers between UE and E-UTRAN
Configuration of signaling radio bearer(s) for RRC connection

Security functions including key management,

Mobility functions including:
UE measurement reporting for handover RRC talks directly with PHY
to obtain measurement results
UE cell selection and reselection and control of cell selection and
reselection
36

RRC Overview (2/2)

Transmission of signaling messages to and

from the EPS: NAS Messages (Non Access
Stratum) handled transparently by the RRC
(Radio Resource Control): control information
exchanged between UE and E-UTRAN
E-UTRAN RRC significantly simplified compared
to UTRAN: Reduction in the number of
messages
37

Default/Dedicated Bearer

Default Bearer vs Dedicated Bearer

A default bearer carries all kinds of traffic (no filter) without
QoS. It is typically created during the Attach procedure
A dedicated bearer carries a specific data flow, identify by the
TFT (Traffic Flow Template), with a given QoS.
Ex.: Voice, streaming
Can be established:
During the Attach procedure (depending on the user profile)
After the Attach procedure, on demand.

38

Default/Dedicated bearer

39

Default/Dedicated Bearer

When the UE establishes a PDN

Connection this creates a logical end to
end "pipe" between the UE and the
PGW.
The UE is assigned an IP address (IPv4 or
IPv6) and the default bearer is setup
(always best effort).
If the UE requires some QoS different
than best effort, a dedicated bearer can
be setup. This will be a necessity for
voice services over LTE for example but
could also be used when a streaming
session is setup, or a Skype session etc.
The network knows that a dedicated
bearer is needed by DPI, most likely by
the PCRF node.
40

DPI (Deep Packet Inspection)

DPI = HW and SW solution that:
Monitors a network's data stream,
Identifies protocols and applications, inappropriate URLs,
intrusion attempts and malware

DPI inspects, reassembles and decompresses

incoming packets, analyzes the code and passes
data to appropriate applications and services.
If malicious URLs or code are detected, the
system can block them entirely.
DPI can also be used by service providers to
offer subscribers different levels of access (such
as type of usage, data limits or bandwidth level),
comply with regulations, prioritize traffic, adjust
loads and gather statistical information.
DPI can recognize applications as data passes
through the system, allocating each the
resources they need.
41

Default Bearer QoS Control

Aggregated bandwidth

Total volume
limit exceeded
Cell capacity
Aggregated load in the cell

Normal users

THP=2
THP=2

THP=2
THP=3

Heavy user

Heavy users are dynamically downprioritized at network congestion

42

Network and protocol architecture

6. Mobile Backhaul /Backbone

43

Wireless Backhaul

Access Network
Copper
Fiber
Handset,
PDA or Laptop

Carrier Base Station

Public Switched
Telephone Network
Mobile Switching Office
(provisioning, call routing, etc)

Source: Fibertower Investor Presentation, April 2008.

Three Main Transport Methods

Copper (T1s)
Fiber
Microwave
Copper/Fiber Hybrid Solution
Copper TDM great for voice, not so great for data
Fiber Ethernet great for data, allows transition to VOIP
44

Wireless Backhaul Infrastructure Trends

Fiber quickly
replacing
copper to meet LTE
bandwidth
requirements
Point-to-point
microwave
backhauled to fiber
to save cost
- Ethernet over E1
driving savings, greater data flow and greater reliability

45

LTE Architecture: Mobile backhaul trends

Convergence of backhaul/backbone
In 2G/3G mobile networks, the BSC/RNC perform RRM. They reside at the local switch and the
connection between the base station and the controllers is enabled via the backhaul network. The
backbone network is not involved and can be functionally separate, being utilized primarily for
interconnection of switch.

Mobile backhaul is
increasingly becoming
a strategic investment
for service providers
(source: World Mobile
Backhaul Infrastructure
Market,
Frost
&
Sullivan,
February
2009) and hence the
need for flexibility is
ever growing.
46

LTE Architecture: The Mobile broadband backhaul

Broadband Mobile Network Evolution

Backhaul systems designed to serve LTE deployments should

address three basic requirements:
Higher capacities: Backhaul to a single site should be able
scale to 100Mbps and even beyond
Lower Latencies: The requirement for 10 millisecond endto-end leads to select a solution that supports extremely
low latency
All IP: Support IP traffic from the get-go.
47

Examples of microwave capacities

BridgeWave Description
80 GHz Fast Ethernet extended range
wireless bridge
80 GHz Fast Ethernet extended range
wireless bridge
80 GHz Fast Ethernet medium range
wireless bridge
80 GHz Fast Ethernet medium range
wireless bridge
80 GHz Fast Ethernet medium range
wireless bridge
80 GHz Fast Ethernet medium range
wireless bridge
80 GHz AdaptRate 100/1000 Mbps
extended range wireless bridge
80 GHz AdaptRate 100/1000 Mbps
extended range wireless bridge

Distance

Capacity
125Mbps
Up to 4 Miles(KM)
Upgrade to Gig-E
125Mbps
Up to 5 Miles(8.0KM)
Upgrade to Gig-E
Up to 5 miles(8 km)

100 Mbps

Up to 6 miles(9.7 km)

100 Mbps

Up to 4 miles( km)

1000 Mbps

Up to 5 miles(8 km)

1000 Mbps

Up to 5 miles(8 km)

100/1000 Mbps

Up to 6 miles(9.7 km) 100/1000 Mbps

48

Summary

The E-UTRAN

The E-UTRAN consists of eNodeBs which provide E-UTRA user plane (PDCP/RLC/MAC/PHY) and control plane
(RRC) protocol terminations toward the user equipment (UE).
The eNBs are interconnected with each other by means of the X2 interface.
The eNBs connected through S1 interface to the Evolved Packet Core (EPC), more specifically to the Mobility
Management Entity (MME) by means of the S1-MME interface and to the Serving Gateway (SGW) by means
of the S1-U interface.

The EPC (Evolved Packet Core)

The LTE architecture defines the Evolved Packet

System (EPS) as a combination of the LTE access
system (radio part) and an IP-based core network,
the Evolved Packet Core (EPC).
The EPC is an all-IP mobile core network for LTE,
allowing the convergence of packet-based realtime and non-real-time services.
All EPS transactions are IP-based: from the mobile
handsets, over eNode Bs, across the EPC, and
throughout the application domain, for both IMS
and non-IMS.
The EPC is a multi-access core IP-based network
that enables operators to deploy and operate one
common packet core network for 3GPP radio
access (LTE, 3G, and 2G) and non-3GPP radio
access (HRPD, WLAN, and WiMAX), and fixed
access (Ethernet, DSL, cable and fiber)

LTE Architecture
49

Control Plane Protocols

7. Security

50

Security Aspects and parameters in LTE

IPsec
KUPenc

Security concerns:
As UMTS, UE authentication
(USIM: 128 bits key imposed);
The internal signaling protection
(integrity), signaling and traffic
encryption;
Additional signaling encryption for
RRC and NAS.

Safety
is
enhanced
protecting all entities

eNodeB

S-GW
KNASenc

KRRCenc

RRC

KNASint

MME

KRRCint

USIM / AuC

by

Hierarchical protection (UE, eNB,

ASME, HSS, AuC);
Ensure transport security on all
interfaces.

CK, IK
UE / HSS
KASME
UE / MME
KNASenc

KNASint
KeNB
UE / eNB
KUPenc

KRRCint

KRRCenc

ASME: Access Security Mangement Entity

51

Security Aspects and parameters in LTE

Main changes and additions for security in LTE versus

3G:
Introduction of a hierarchical key system in which keys
can be changed for different purposes,
Separation of the security functions for the NAS,
Introduction of the concept of forward security: limits
the security issues when a disclosed key is used
Additional security functions for 3G and LTE network
interconnection
52

Security Aspects and parameters in LTE

Characteristics

Re-use of UMTS Authentication and Key Agreement (AKA)

Use of USIM required (GSM SIM excluded)
Extended key hierarchy
Longer keys
Greater protection for backhaul
Integrated interworking security for legacy and non-3GPP networks

53

Security Aspects in LTE

Encryption is performed at the eNodeB.

MSPs (Mobile Services Provider) should
support encryption within the transport
network, especially if using third-party
backhaul transport providers or public
Internet transport.
IPSec tunneling between the eNodeB and
the security gateway used to secure data and
provide QoS to manage the security
centrally.
54

Security Aspects and parameters in LTE

NAS security
NAS messages, UE and MME scope .
NAS message communication between UE and MME are Integrity protected
and Ciphered with extra NAS security header.
AS security
RRC and user plane data, UE and eNB scope .
PDCP layer in UE and eNB side responsible for ciphering and integrity.
RRC messages integrity protected and ciphered but U-Plane data is only
ciphered.
Different Security algorithms (integrity/ciphering)
Integrity (EIA: EPS Integrity Algorithm)
0000 EIA0 Null Integrity Protection algorithm
0001 128-EIA1 SNOW 3G
0010 128-EIA2 AES

Ciphering (EEA: EPS Encryption Algorithm)

0000 EEA0 Null ciphering algorithm
0001 128-EEA1 SNOW 3G based algorithm
0010 128-EEA2 AES based algorithm
55

Security Aspects and parameters in LTE

Key/parameters distribution in LTE nodes

AMF (Authentication Management Field) SQN (Sequence Number)

56

Key hierarchy
Faster handovers and key changes, independent of AKA
Added complexity in handling of security contexts
USIM / AuC

CK, IK
UE / HSS

KASME
UE / MME
KNASenc

KNASint
KeNB
UE / eNB
KUPenc

KRRCint

KRRCenc

ASME: Access Security Mangement Entity

57

Security Aspects and parameters in LTE

Security aspects in LTE

58

Security Aspects and parameters in LTE

AKA procedure

59

Security Aspects and parameters in LTE

LTE Ciphering and Integrity Algorithms

60

Security Aspects and parameters in LTE

Security keys for AS (Access Stratum)

User data and control
Different from those used in EPC.

eNodeB keys:
KeNB: Derived by the terminal and the MME from KASME ('Master
Key') and issued by the MME in eNodeB (Master Key)
KeNB is used to derive the AS traffic keys and handover key KeNB *
KeNB*: Derived from the terminal and the source from eNodeB
KeNB or valid NH (Next Hop) During the handover, the terminal
and the target eNodeB derive a new KeNB* from KeNB

61

Security Aspects and parameters in LTE

KUPenc: Derived from KeNB and used to encrypt the user plane
KRRCint: Derived from KeNB and used to ensure the integrity of RRC
message
KRRCenc: Derived from KeNB and used to encrypt RRC messages
Next Hop (NH): Intermediate key used to derive KeNB* during intra-LTE
handover security
The NCC (Next Hop Chaining Counter) determines if the next KeNB*
must be based on a current KeNB* or fresh NH:
If no fresh NH available
Fresh NH

target PCI (Physical Cell Identity) + KeNB

Target PCI + NH

62

Security Aspects and parameters in LTE

Keys derivation scheme

63

Security Aspects and parameters in LTE

LTE: Initial Attach
K

eNB
- Does AUTN come from
HSS?

MME

- Have I seen it before?

ATTACH REQUEST
(IMSI, SUPPORTED_ALGS)

AUTH VECT REQUEST

(IMSI)

1. Check (AES1(K, RAND), SQN, AUTN))

2. RES = AES2(K, RAND)

RES
Derive KASME, KeNB ....

RAND, XRES,
AUTN, KASME

RAND, AUTN

3. (Ck, Ik) = AES3(K, RAND)

RES,
Ck, Ik

HSS

OK, SELECTED_ALG,
SUPPORTED_ALGS

RAND = RANDOM()
Check: RES == XRES ??
SQN = SQN + 1
AUTN = AES1(K, RAND, SQN)
RES = AES2(K, RAND)
(Ck, Ik) = AES3(K,
KA RAND)
KASME = F(Ck, Ik, ...) F

- Verify OK
- Switch on security

Ke

KN-int

KN-enc

[OK]
KeNB
Protected signaling
Protected traffic

KeNB

F
KeUP-enc

KeRRC-int

KeRRC-enc

64

Backhauling Security

Technologies: IP/MPLS (Backbone), Metro Ethernet (Backhaul)

IETF has defined a suite of security protocols: Internet Protocol Security or IPsec.
Provide end-to-end security at the packet processing layer to protect the network and higherlayer applications.
Secures communications on a host-to-host, network-to-network and network-to-host basis.
Ipsec authenticates and encrypts each IP packet within a communications session.

IPsec tunnel with BGP/MPLS IPVPN

65

Thank you

66