top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Use of Integrity protection in LTE?

+1 vote
888 views

For confirmation purpose only, I want to know the use of integrity protection. As per my understanding integrity protection is only needed to verify Security-Mode-Command/Security-Mode-Complete messages? Because all subsequent messages are encrypted and any "man in the middle attack" will result in decryption failure at the other end.

Is my understanding correct?

posted Jul 7, 2014 by Yogeshwar Thakur

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

Yes, your understanding is correct. I just want to add some more information. The purpose of integrity is to make sure that data is not damaged by mistake like due to additional signal etc. Between a sender and receiver anyone can read data like wireshark captures the logs whereas encryption changes the actual data i.e. known as encrypted data and receiver decrypt the data. Even if someone is in between sender and receiver that person or thing can't read the data.

Security mode command message is an integrity protected message whereas security mode complete message is integrity protected as well as ciphered. Both are necessary to transfer the information successfully between the sender and receiver.

answer Jul 7, 2014 by Rupam
Similar Questions
+2 votes

In LTE, if a NAS packet is going to be sent, the encryption is followed by integrity protection in NAS layer, but in RRC/PDCP layer, When RRC messages are being sent, they are integrity protected first and then encrypted before being sent, unlike NAS messages were. Why the integrity and encryption protection order is different in NAS and AS layer?

+1 vote

I was going through the security specification of 5G network and stopped at a point where it was mentioned that UE shall support integrity protection of user data along with the integrity protection of RRC and NAS-Signalling. Section 5.1.3.1 also mentions that integrity protection of the user data between UE and gNB is optional to use.
I want to know that for which cases/scenarios, it would be needed to enable integrity protection for user data between UE and gNB ?
Enabling both integrity and ciphering for the user data would be an overhead, therefore I started thinking about scenarios/cases.

+1 vote

Is it necessary to implement both integrity and ciphering together for a message ? or for certain cases only integrity or only ciphering required ?

...