top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Why security Mode Complete message is integrity protected but unciphered in RRC ?

+3 votes
1,513 views
Why security Mode Complete message is integrity protected but unciphered in RRC ?
posted Dec 15, 2014 by Gnanendra Reddy

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

1 Answer

0 votes

I hope I understood your query correctly, please comment if I am wrong -

Lets first understand what is Integrity Protection -
Integrity protection means, Receiver can verify that received message is the same as that Sender/Transmitter sends.

Lets see what ciphering means -
Ciphering means: Transmitter/sender encrypts the data with a key and that key knows to only Receiver. It can be done by;

And in short we can say for C-Plane (i.e. DCCH data): Integrity protection applied and for U-plane: Integrity protection and ciphering is applied.

Now lets see how SECURITY MODE procedure works to see the complete flow
The eNodeB sends integrity protected SECURITY MODE COMMAND message to the UE. The UE shall derive KeNB and KRRCint which is associated with integrity protection algorithm indicated in the SECURITY MODE COMMAND. Then, UE verifies the Integrity of the received SECURITY MODE COMMAND by checking the Message Authentication Code (MAC) in the SECURITY MODE COMMAND message. If the SECURITY MODE COMMAND message fails the integrity protection check, then the UE sends SECURITY MODE FAILURE to the eNodeB.

If the SECURITY MODE COMMAND passes the integrity protection check, then the UE shall derive the encryption keys KRRCenc key and the KUPenc keys associated with the ciphering algorithm indicated in the SECURITY MODE COMMAND. The UE shall apply integrity protection using the indicated algorithm (EIA) and the integrity key, KRRCint immediately, i.e. integrity protection shall be applied to all subsequent messages received and sent by the UE, including the SECURITY MODE COMPLETE message. The UE shall apply ciphering using the indicated algorithm (EEA), KRRCenc key and the KUPenc key after completing the procedure, i.e. ciphering shall be applied to all subsequent messages received and sent by the UE, except for the SECURITY MODE COMPLETE message which is sent un-ciphered.

answer Dec 15, 2014 by Salil Agrawal
"And in short we can say for C-Plane (i.e. DCCH data): Integrity protection applied and for U-plane: Integrity protection and ciphering is applied."

This seems incorrect as per my understanding  for C-Plane (i.e. DCCH data): Integrity protection and ciphering both applied and for U-plane: only ciphering is applied.
Similar Questions
+2 votes

During attach procedure, UE sends "Attach Request" along with "RRC Connection Setup Complete", eNodeB sends "Attach Accept" along with "RRC Connection Reconfiguration then why UE does not send "Attach Complete" along with "RRC Connection Reconfiguration Complete" message ? What could be the reason for defining the messages so ?

+4 votes

In release 9 of 3GPP 36.331 specification, a new IE "rlf-InfoAvailable-r9" has been introduced in rrc re-establishment complete message. Can anyone please explain this ?

...