top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Why there is two types of security in LTE

+4 votes
1,670 views

There in AS security and NAS security procedure in LTE unlike 3g.I want to know the reason behind the additional AS security procedure in LTE.

posted Jan 3, 2014 by Sony Mohanty

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button
Could not understand your question, can you please describe in detail...
Hi Salil, she is asking why two level of securities have been implemented. Here two level means 1) security between UE and ENodeB. 2) security between UE and MME.
Thanks @Soni, got it now. But as far as I remember the same was the case in UMTS (may be later specs) also.

But in LTE the reason for AS security is to protect the wireless interface which is obvious, now additional security cover for the NAS message is for providing the support of RAN operator (handles the access network) and Network operator which can be two separate entities and S1(U/C) can be insecure interface (there could be more reason for this).
check this should be helpful to understand the complete security overview. http://www.slideshare.net/aliirfan04/lte-security-overview
I think its not two rather three one is AS i.e. UE<-->eNodeB another is NAS ie UE<-->MME and the third one is MME<-->HSS.

1 Answer

+1 vote

As with respect to security they want to secure
1> Core network communication (UE - MME)
2> Network(Access ) Edge communication (UE-ENODEB)

So MME takes the Key from HSS and generates the authentication vectors and send them to UE and ENODEB But he directly not share the KASME generated by the UE.

The derived key will be used for security(Both AS and NAS) purpose.

Another scenario :-

When UE is in IDLE mode no context at ENodeB also , So using NAS Security only they communicate messages till UE comes to connected mode.

answer Jan 9, 2014 by Sachidananda Sahu
Similar Questions
+3 votes

As i know about RACH function is, suppose a UE wants to access the network, so first it will try to attach or syncronise with the network. In LTE a separate channel PRACH ( Physical Random Access Channel) is provided for initial access to the network.

The functionality is clear to me that is not a problem but to understand those two procedures i am having a trouble...

+1 vote

In core network except radio part, how many types of encryption and security concepts has been implemented ?

...