Skip to main content


LTE Security

Dan Forsberg, Günther Horn, Wolf-Dietrich Moeller, Valtteri Niemi

ISBN: 978-1-119-95730-0 June 2011 298 Pages


Addressing the security solutions for LTE, a cellular technology from Third Generation Partnership Project (3GPP), this book shows how LTE security substantially extends GSM and 3G security. It also encompasses the architectural aspects, known as SAE, to give a comprehensive resource on the topic. Although the security for SAE/LTE evolved from the security for GSM and 3G, due to different architectural and business requirements of fourth generation systems the SAE/LTE security architecture is substantially different from its predecessors. This book presents in detail the security mechanisms employed to meet these requirements.

Whilst the industry standards inform how to implement systems, they do not provide readers with the underlying principles behind security specifications. LTE Security fills this gap by providing first hand information from 3GPP insiders who explain the rationale for design decisions.

Key features:

  • Provides a concise guide to the 3GPP/LTE Security Standardization specifications
  • Authors are leading experts who participated in decisively shaping SAE/LTE security in the relevant standardization body, 3GPP
  • Shows how GSM and 3G security was enhanced and extended to meet the requirements of fourth generation systems
  • Gives the rationale behind the standards specifications enabling readers to have a broader understanding of the context of these specifications
  • Explains why LTE security solutions are designed as they are and how theoretical security mechanisms can be put to practical use


1 Overview of the Book.

2 Background.

2.1 Evolution of Cellular Systems.

2.2 Basic Security Concepts.

2.3 Basic Cryptographic Concepts.

2.4 Introduction to LTE Standardization.

2.5 Notes on Terminology and Specification Language.

3 GSM Security.

3.1 Principles of GSM Security.

3.2 The Role of the SIM.

3.4 GSM Cryptographic Algorithms.

4 Third-generation Security (UMTS).

4.1 Principles of Third-generation Security.

4.2 Third-generation Security Mechanisms.

4.3 Third-generation Cryptographic Algorithms.

4.4 Interworking between GSM and 3G security.

4.5 Network Domain Security.

5 3G–WLAN Interworking.

5.1 Principles of 3G–WLAN Interworking.

5.2 Security Mechanisms of 3G–WLAN Interworking.

5.3 Cryptographic Algorithms for 3G–WLAN Interworking.

6 EPS Security Architecture.

6.1 Overview and Relevant Specifications.

6.2 Requirements and Features of EPS Security.

6.3 Design Decisions for EPS Security.

6.4 Platform Security for Base Stations.

7 EPS Authentication and Key Agreement.

7.1 Identification.

7.2 The EPS Authentication and Key Agreement Procedure.

7.3 Key Hierarchy.

7.4 Security Contexts.

8 EPS Protection for Signalling and User Data.

8.1 Security Algorithms Negotiation.

8.2 NAS Signalling Protection.

8.3 AS Signalling and User Data Protection.

8.4 Security on Network Interfaces.

8.5 Certificate Enrolment for Base Stations.

8.6 Emergency Call Handling.

9 Security in Intra-LTE State Transitions and Mobility.

9.1 Transitions to and from Registered State.

9.2 Transitions Between Idle and Connected States 149

9.3 Idle State Mobility.

9.4 Handover.

9.5 Key Change on the Fly.

9.6 Periodic Local Authentication Procedure.

9.7 Concurrent Run of Security Procedures.

10 EPS Cryptographic Algorithms.

10.1 Null Algorithms.

10.2 Ciphering Algorithms.

10.3 Integrity Algorithms.

10.4 Key Derivation Algorithms.

11 Interworking Security Between EPS and Other Systems.

11.1 Interworking with GSM and 3G Networks.

11.2 Interworking with Non-3GPP Networks.

12 Security for Voice over LTE.

12.1 Methods for Providing Voice over LTE.

12.2 Security Mechanisms for Voice over LTE.

13 Security for Home Base Station Deployment.

13.1 Security Architecture, Threats and Requirements.

13.2 Security Features.

13.3 Security Procedures Internal to the Home Base Station.

13.4 Security Procedures between Home Base Station and Security Gateway.

13.5 Security Aspects of Home Base Station Management.

13.6 Closed Subscriber Groups and Emergency Call Handling.

14 Future Challenges.

14.1 Near-term Outlook.

14.2 Far-term Outlook.




"It also encompasses the architectural aspects, known as SAE, to give a comprehensive resource on the topic." (Headsets, 16 February 2011)