4G/LTE - NAS

 

 

 

 

EEA(EPS Encryption Algorithms)

 

Simply put, this is a Ciphering Algorithm. and Ciphering can be aplied to both U-Plane Data and C-Plane Data (RRC/NAS Message). The type of EEA being used is determined by Network and informed to UE via Security Mode Command. NAS EEA is carried by NAS:Security Mode Command and RRC EEA is carried by RRC:Security Mode Command.

 

NAS_LTE:EMM,Security mode command

Security mode command ::= DIVISION

  +-Security header type ::= V

  | +-Security header type ::= CHOICE [Plain NAS message, not security protected]

  +-EPS mobility management protocol discriminator ::= V

  | +-Protocol discriminator ::= PD [7]

  +-Security mode command message identity ::= V

  | +-Message type ::= MSG [5D]

  +-Selected NAS security algorithms ::= V

  | +-Octet1 ::= DIVISION

  |   +-spare ::= FIX [0]

  |   +-Type of ciphering algorithm ::= CHOICE [EPS encryption algorithm EEA0(ciphering not used)]

  |   +-spare ::= FIX [0]

  |   +-Type of integrity protection algorithm ::= CHOICE [Reserved 0]

  +-Spare half octet ::= V

  | +-Spare half octet ::= FIX [0]

  +-NAS key set identifier ::= V

  | +-TSC ::= CHOICE [native security context (for KSI ASME)]

  | +-NAS key set identifier ::= CHOICE [possible values for the NAS key set identifier 0]

  +-Replayed UE security capabilities ::= LV

  | +-Octet1 ::= DIVISION

  | | +-Length of UE security capability contents ::= LEN (0..255) [5]

 

   +-c1 ::= CHOICE [securityModeCommand]

      +-securityModeCommand ::= SEQUENCE

        +-rrc-TransactionIdentifier ::= INTEGER (0..3) [0]

        +-criticalExtensions ::= CHOICE [c1]

          +-c1 ::= CHOICE [securityModeCommand-r8]

            +-securityModeCommand-r8 ::= SEQUENCE [0]

              +-securityConfigSMC ::= SEQUENCE

              | +-securityAlgorithmConfig ::= SEQUENCE

              |   +-cipheringAlgorithm ::= ENUMERATED [eea0]

              |   +-integrityProtAlgorithm ::= ENUMERATED [spare1]

              +-nonCriticalExtension ::= SEQUENCE OPTIONAL:Omit

 

Currently there are three different types of EEA we can use as shown in the following table.

    Identifier

    Type

    Description

    0000

    128-EEA0

    Null ciphering algorithm

    0001

    128-EEA1

    SNOW 3G

    0010

    128-EEA2

    AES

    0011

    128-EEA3

    ZUC

 

 

Reference :

 

[1] The New LTE Cryptographic Algorithms EEA3 and EIA3