LTE: How data of MBMS services are protected ?

Question

Data transmitted through the dedicated bearer is encrypted and it is done by eNodeB before sending data over the air. MBMS data comes from MBMS-GW and it does not pass to PDCP layer. Now I want to know whether MBMS data is being encrypted or not. If yes then which network node do this and how it is enabled between UE and network ?

Answer 1

For securily transmission of MBMS data, 3GPP proposed "MBMS Security" concept which enables muti level security to mbms data.

Its a huge concept to discuss, specification available for that have look on that.

For quick reference just check this link.

http://www.3g4g.co.uk/Tutorial/ZG/Mbms/security.html

Comments

Thanks Suchakravarthi.

Answer 2

Content Provider provides the plain data to BMSC server and it is the BMSC responsibility to encrypt the data before forwarding to the MBMS-GW. BMSC uses MTK (Multicast Traffic Key) to encrypt the service specific data. The key is distributed as part of content itself using the MSK to protect it. MSK (MBMS service key) is shared by BMSC to UE using the MUK to protect it.

MUK (MBMS User Key) and MRK (MBMS Request Key) is generated at BMSC and UE from the shared secret key stored in HSS.

Comments

Thanks.