INTRODUCTION

Hello and welcome, my topic today is authentication in LTE technology. I want to start
off by a brief introduction and then I’ll develop some aspects of LTE security.
So, wireless communication, in its nature, is always at a risk of eavesdropping and
manipulation because, data originally sent to a specific user can be received and
unlawfully used by an unintended user. Also locations of a user can be easily tracked
by tracing which cell the user is connected. And this can result in privacy infringement.
Due to that, mobile communication networks has to provide security features to ensure
integrity of the data received and protect the privacy of users.
Lucky for us, LTE offers authentication, NAS security and AS security. Which will be
discussed later on.

MAIN SECURITY MECHANISMS

A basic point is the main security mechanisms, and we have 3 of them here.
Authentication, Integrity and Encryption. Authentication is the process of determining
whether a user is an authorized subscriber or not, in the other hand, the integrity verifies
that the received message is exactly the message the transmitter sent. And finally the
transmitter encrypts the data with a secret key that is only known to the receiver.
We’ll be focusing on authentication.
So, to understand how these features work, we need to look at the means used by LTE,
which are Security Keys. And, there is lots of them, they are all derived form a master
key which in itself is extracted from the (IMSI) that is of course globally unique and it
is never sent on the network to avoid identity theft. We call such thing hierarchy. If
you’re wondering what these gears are? They are nothing but algorithms and inputs that
are used to help produce a key.

SECURITT CONCEPT
Moving on to the crux of the matter, how does all of it works? Well, the next slide
contains a figure which indicate three areas:
1. LTE Authentication
2. NAS (Non Access Stratum) security performs integrity and ciphering of
signaling between a UE and an MME.
3. While AS (Access Stratum) security performs integrity protection and ciphering
of RRC signaling between UE and eNB (RRC being Radio Resource Control).
And performs ciphering of user traffic between a UE and eNB.
AUTHENTICATION IN LTE

The purpose of the EPS authentication and key agreement (AKA) (which is this whole
network, it’s called EPS-AKA) well its purpose is to provide mutual authentication
between the user and the network and to agree on the same Access Security
Management Entity key (the KASME).

Now I refer you to the left of the slide which illustrate mutual authentication.
1. The EPS AKA procedure is always initiated and controlled by the network. However,
the UE shall proceed with an EPS authentication challenge only if a USIM is present.
2. The UE initiates the authentication procedure by sending an attach request message
to the MME (which contains the IMSI and KASME).
3. The MME forwards it to the HSS and waits for it to generate a vector called
authentication vector (that has a random number RAND used to challenge the user,
an authentication token AUTN, an expected response XRES calculated by the HSS
using a cryptographic function, and finally the KASME) The MME downloads it via
a protocol called Diameter. Then sends it back to the UE and adds a sequence
number “i” to differentiate it from other attempts.
4. Now the UE’s job is to compute the authentication response parameter RES which
is done by the USIM using RAND, AUTN and the secret key K. And while he’s
doing that he also has to authenticate the network by comparing AUTN with the
expected one, once done he can send the authentication response to the MME.
5. Now the MME compares the UE’s response RES with the one computed by the HSS
XRES, if they aren’t the same the UE is rejected, and if they are equal the UE is
authenticated and MME updates the HSS with its location and the user can start
sending data which will be encrypted by certain algorithms.

At the end of the day, the goals are simple: safety and security. Thank you and I’ll be
happy to take any question.