top button
Flag Notify
    Connect to us
      Site Registration

Site Registration

Why is Security command required at both NAS and RRC levels?

+1 vote

Also NAS security is established before RRC security. Pls share your thoughts. Thanks.

posted Jul 11, 2013 by Chandra Javalkar

Share this question
Facebook Share Button Twitter Share Button LinkedIn Share Button

4 Answers

+5 votes

There may be various reasons to apply two levels ( AS and NAS) security in lte. A Ue performs basically two operations (Control and Data ) operations. Its network responsibility to secure these two. I mean Network secure control and data. UE performs control signaling with eNB and MME like RRC message and NAS messages. UE receives and send data through ENB there is no direct interface with any other node for SGW.

So to secure NAS and RRC signalling both. There are two Security mode command sent out to UE. One for NAS and one for RRC. Kasme is used as input to generate NAS int and encryption keys for the security of NAS messages. Kenb is used as input to generate RRCint, RRCenc, RRCup keys for the security of RRC messages and Data.

NAS security mode command tells to UE about selected algorithm for NAS keys. To generate NAS Keys Kasme and selected algo is used. So NAS security keys changes only when either Kasme changes or supported algorithms changes. and Similarly AS security modes command tells to UE about selected algo for Radio.

answer Jul 12, 2013 by Vimal Kumar Mishra
+1 vote

Not sure if I understood it correctly -
Security in LTE can be devided into three parts
1. Network Access Security
2. Network Domain Security
3. UE security

Network Access Security primarily covers three parts
a. Encryption and Integrity Protection at RRC
b. Encryption and Integrity Protection at NAS
c. Encryption of Radio Bearers,

So RRC and NAS serves different purpose. For more details please have a look at

answer Jul 12, 2013 by Salil Agrawal
0 votes

EPS has two security stratums: AS and NAS.
There are different security associations for each of them.
AS security can start or be updated independently from NAS security. There fore, there is a need for two separate SMCs, one for AS and one for NAS.

answer Jul 14, 2013 by Mithalesh Gupta
0 votes

one is for security between MME and UE (NAS Control messages) and other one is between UE and e-NodeB (AS messages). User plane and control plane security are done independently.

answer Jul 15, 2013 by anonymous
Similar Questions
+4 votes

For NAS security mode command ,input giving to CMAC (integrity check) function at both UE and MME side are same but still im getting intgrity check failed ,for exp:
1) KEY = \xef\x6b\xee\xda\x7f\x66\xc5\x67\x34\xa6\x1b\xcf\x1e\x8f\x12\x87.
2) COUNT = 0.
3) BEARER ID =0.
5) mesage = \x07\x5d\x22\x00\x02\xe0\xe0.
6)sequence no. = 0x00.
please can you explain me with this example ,what will be the final message(message forming) M.

+2 votes

I was looking into IEs of handover required and handover command messages defined in 36.413 specification.
Sending "handover type" in handover required message towards the MME make sense but again get back the same IE in handover command message from MME in the handover command message, I could not make out the reason behind it.
Can someone please explain the reason of presence of "Handover Type" IE in the handover command message when eNodeB already knows which type of request it sent to MME for an UE ?

Is there any possibility MME can change the type of Handover in handover command message ? If yes then what could be the scenarios ?

+1 vote

I was looking into NAS header. First four bits are used for security header type. Few values I understood but one value I could not understand which was 1100 saying "security header for service request message". I could not understand why such thing is defined only for service request message not for the other messages ?