what is the use of NCC and NH regarding security keys derivation in LTE ?

Question

I have some doubts regarding Horizontal and Vertical Security keys derivation in lte. How these are regenerated in x2 based handover and S1 based handover differently. what are parameters are needed for both horizontal and vertical security.

Answer 1

Use of NH and NCC:
NH: Its the 256bit key which is derived at MME and UE in exactly in the same way as KeNB is generated. This value send to eNB during HO procedure then its called as NH whereas send during attach procedure is called as KeNB.

Q) Why NH is not termed as KeNB?
Ans) During key derivation in HO / Reestablishment etc procedure used/unused NH pair is being used. So NH may be kept in context as unused/used while KeNB would be the key under current use.

NCC: This value has significance at UE. As there is no security key exhange in LTE. So based on the NCC value UE can derive the corresponding NH value which were derived in network.

X2 based HO: KeNB* is generated and send to the target eNB.
S1 based HO: MME generates the NH and send to Target eNB.

Answer 2

I hope I understood your problem correctly, though not the expert in this area -
Horizontal key derivation is defined as using the KeNB, moving across the key chaining model. Vertical key derivation is defined as using the NH parameter, moving down the chain. For inter-eNB handovers, vertical key derivation is used when the source eNB holds a {NCC, NH} pair, with the NCC larger than that of the currently active KeNB. Otherwise horizontal key derivation is used. For intra-eNB handovers, the source eNB has the choice of using either.
For more detail look at http://www.home.agilent.com/upload/cmc_upload/All/Security_in_the_LTE-SAE_Network.PDF?&cc=IN&lc=eng page 16 and 17.