Friday 24 February 2012

'Mapped Security' Concept in LTE


When a UE registers on a network in 2G/3G or LTE, it has to perform Authentication. The Authentication Vectors are located in the USIM for the device and in Authentication Center (AuC) in the network. Once the Authentication is performed successfully, then the Keys for Ciphering and Integrity are derived and used during the call.

As I showed in my earlier post here, It is possible that the same AuC is used for 2G/3G and LTE networks. In this case if the UE has recently performed Authentication in one network then unless the keys are old, there is no need to perform the Authentication again in the other radio access technology (RAT). The Security keys (Ciphering and Integrity key) would be derived based on the keys in the previous RAT. 3GPP TS 33.102 and 3GPP TS 33.401 gives the details on how to derive the key from the previous RAT while in the new RAT using this mapped security concept.

2 comments:

Sivaram Kurapati said...

When a UE registered in LTE moves to 2G/3G, for CS it need to do the seperate Authentication..for PS it can use the mapped context received from LTE.

Zahid Ghadialy said...

Thanks Siva, should have clarified.