Apis TechTip – 5G UE Security


Welcome to this episode of Apis TechTips, a series of short explainer excerpts from real Apis training courses.

This episode goes through the User Equipment security functions in 5G, and it comes from the course “5G Security in an Hour”.


If you enjoyed this Apis Tech Tip, check out the full Apis course ”5G Security in an Hour” where this video came from. There you will learn about security threats, requirements and recommendations related to the 5G network architecture, and also network features and procedures to combat these threats.

Here are some of the topics that are covered in “5G Security in an Hour”:

  • Security Aspects and Threats
  • Requirements and Recommendations
  • 5G Security Features and Procedures
  • UE Authentication and Authorization
  • 5GS Security Key Hierarchy

To learn more about this course, go to https://apistraining.com/portfolio/5g-security-in-an-hour/

This TechTip is also part of a whole eBook of tips, all focusing on 5G technology. We call it an eBook+ since all chapters are both text and video. If you want to read the text, you can do that, and if you want to watch a teacher tell the story, you can choose that.

All the video chapters are excerpts taken directly from our recorded lessons, so if one of them piques your interest, you can easily go to the course and dive deeper into that particular subject.

This particular eBook+ is called “5G Demystified: Use Cases, Architecture, and More”, and you only need to CLICK HERE to request it for immediate download.

Below you can find the transcribed text for this particular TechTip.

5G UE Security Functions

Let’s look at an overview of the new 5G security functions. A lot of the security-related functions are involved in establishing the UE’s presence in the network and then in the actual communication.

We have the 5G network elements represented in the image. Over on the left is the mobile equipment with a UICC card, or an eSIM-based deployment, with the USIM application on it. These are together called a UE, or User Equipment. In a roaming scenario, the border between the visited network (VPLMN) and the home network (HPLMN) will be at the dashed line in the middle. Security in 3GPP networks has always been based on a shared secret long-term key, which is securely stored somewhere in the network databases. For instance, in an HSS, UDM, or UDR, there are a few possible deployments here, and in an elementary file in the USIM application. This elementary file is not accessible from the outside, and authentication procedures and generation of security keys are based on it.

One of the news in 5G is that 5G allows access to the network from devices that are without the USIM and without these credentials, and the security is instead based on certificates. But apart from this exception, we still use the method used since the 2G times, with some noticeable improvements, and there are, in fact, quite a few of them.

Let’s take a look at the 5G authentication procedure first by looking at the arrows indicating which elements are involved in it. The purpose of this procedure is for the network to verify that if the user equipment (UE) device says that my identity number is such and such that it’s telling the truth. The device, UE, wants to make sure it’s talking to the real network, something that has access to my credentials stored in the home network.

Verification of the identity was since 2G times done by the visited network. One of the news in 5G is that it’s also done in the home network.

What about protection of signaling messages? Encryption and integrity protection have existed in the 3GPP systems since always, and starting from 4G is independent of the radio level signaling and the core network between the UEs and an AMF in 5G or an MME if it’s 4G.

Now, user data protection for all the data radio bearers. We had encryption since always, and now the news in 5G is that there is also an option to have integrity protection for user data. Funnily enough, in the recommendations covered elsewhere in this course, one of them actually suggests that this integrity protection should be switched off over the radio. The reason is that if there is some application that really requires integrity-protected communication, it will most likely have some kind of end-to-end integrity protection and not just over the air interface. So, adding this doesn’t really make much sense.

Privacy protection. Again, since 2G days, mobile devices have been using temporary identifiers when introducing themselves to the network. The identifiers that are provided by the core network are mapped to permanent identifiers and changed regularly to provide identity privacy protection. So, is there any news in 5G? Well, every now and then, the devices are forced to reveal their permanent identity because the temporary one is useless in the new environment. Before 5G, it was always sent in unencrypted form.

So, the subscriber identity (IMSI number) could occasionally go over the air without any protection. This is fixed in a 5G. It will be encrypted when needed.

Share This Post

Latest news and insights

New course - 5G for Everyone
Due to increased demand, we have now recorded a simple course about 5G! For everyone!  We will...
Read More
Download Our 5G Demystified eBook+
Use Cases, Architecture, and More About this eBook+ The world of 5G has...
Read More