top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration

EPS authentication, please explain?

+3 votes

I am looking at the EPS authentication, can someone please explain in detail?

posted Apr 1, 2014 by Hafeth Dawbaa

Share this question
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button

3 Answers

+1 vote
Best answer

Not sure what you are looking exactly, but following Procedure should help.

EPS Authentication and Key Agreement (AKA)

  1. The purpose of the EPS authentication and key agreement (AKA) procedure is to provide mutual authentication between the user and the network and to agree on a key KASME
  2. The EPS AKA procedure is always initiated and controlled by the network. However, the UE can reject the EPS authentication challenge sent by the network. The UE shall proceed with an EPS authentication challenge only if an USIM is present
  3. When a NAS signalling connection exists, the network can initiate an authentication procedure at any time. The network initiates the authentication procedure by sending an AUTHENTICATION REQUEST message to the UE
  4. The MME sends unciphered AUTHENTICATION REQUEST message to the UE which includes a random number RAND and an authentication parameter AUTN (these values are retrieved from HSS via Auth Info exchange). Now the UE’s job is to compute the authentication response parameter RES and send it back to the MME in AUTHENTICATION RESPONSE message
  5. The value of RES is computed by the USIM using RAND, AUTN and the secret key ‘K’ which is stored in the USIM.
  6. The IE Authentication parameter RAND (EPS challenge) will carry the RAND of length 128-bits. It provides the MS with a non-predictable number to be used to calculate the authentication response parameter RES
  7. The IE Authentication parameter AUTN (EPS challenge) will carry the AUTN of length 128-bits. It provides the MS with a means of authenticating the network. The AUTN consists of (SQN xor AK)||AMF||MAC = 48 + 16 + 64 = 128-bits. In the AUTHENTICATION REQUEST example below, AUTN value = 6e323b36c46c5555a3df0e6e323b6391 which means that,

    SQN xor AK = 6e323b36c46c
                AMF: 5555 
                MAC: a3df0e6e323b6391

For more detail please look at TS33.401 and TS33.102. Following IEE paper should also help


answer Apr 2, 2014 by Salil Agrawal
Thank you very much for such a brief and excellent explanation, Salil.
+2 votes

EPS Authentication is a mutual authentication process, In which MME sends "Aunthentication Request" message to UE and UE responds back to MME using "Authentication Response".

  1. MME sends RAND and AUTN within the Authentication Request message. RAND is nothing but a random number generated at the MME and AUTN is a combination of some other few parameters.
    AUTN = SQN (48 bits) XOR AK || AMF (16 bits) || MAC (128 bits). To generate AUTN, subscriber key (K) is being used.

  2. Once UE receives Authentication request message from MME. Based on RAND and AUTN, it also generates and responds back with XRES parameter using the Authentication Response message to the MME.

I have wireshark log of lte attach procedure, if you are interested then I can send to you.

answer Apr 2, 2014 by Vimal Kumar Mishra
+1 vote

Authentication is a process to check whether the particular user (IMSI) is registered in network properly. It may done in HSS . So, Authentication is user specific and Authorization is service specific.

answer Apr 2, 2014 by sivanraj
In Lte, this process is known as mutual authentication since UE and network both authenticate to each other. I just brought up this point here because your statement is pertaining towards only one side (i.e. Authentication @ Network)
thanks vimal
Similar Questions
+5 votes

How the AKA procedure in H(e)NBs are peformed?

+1 vote

Hi All,

It is mentioned in different websites that in LTE max. of 8 DRB can be established per UE. But as per page 652 of 36.331 V13.2.0, the max no. of DRB is 11.
"maxDRB INTEGER ::= 11 -- Maximum number of Data Radio Bearers"

Based on what source are we saying that max. DRB in LTE is 8 and not 11.

It was mentioned in one of the old threads the following:

If EPS bearer ID is = x +4 ;
DRB ID = x;
Logical Channel ID = x + 2

I found the above relationship of DRB ID & EPS Bearer ID to be true for one of the eNB vendors but not for another one.

EPS ID is 5 and DRB ID is 4 instead of 1. Can somebody comment in this?
NOTE : All these ranges is with respect to DRB establishment

EPS Bearer ID Range is INTEGER (0..15) (But 0-4 is reserved so we use starting from 5 )
DRB ID Range is INTEGER (1..32) (As in LTE max 8 DRB can be established per UE so we use from 1-8)
Logical Channel ID range for DRBs is INTEGER (3..10) ( For for DRB1 we use 3 as logical channed ID)


+2 votes

What is the status of EPS bearers when UE hits RL failure? Is it the same case when UE moves to ECM idle state due to inactivity?

Contact Us
+91 9880187415
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Karnataka INDIA.