LTE Security Terminology

ASME-Access Security Management Entity

Architecture

• HSS/HE – Home Subscriber Server– Contains the User credentials and profile settings
• ME – Mobile Equipment – UE without UICC / USIM
• UICC – Universal Integrated Circuit Card – Smart Card used in UMTS and GSM
• (U)SIM – (UMTS) Subscriber Identity Module – Application in the UICC for (3G) 2G

EPS AKA

• AKA – Authentication and Key Agreement
• RAND – AKA: Random challenge
• AUTN – AKA: Authentication Token
• XRES – AKA: Expected Response
• E-AV – EPS Authentication Vector – Contains: AUTN, XRES, KASME, RAND

IDENTITY

• IMSI – International Mobile Subscriber Identity (user id)
• IMEI – International Mobile Equipment Identity (device id)
• GUTI – Globally Unique Temporary Identity– Similar to P-TMSI in UMTS but longer 

Identifiers 

GUTI : ID which uniquely identifies a UE in EPS without revealing the users permanent ID. GUTI is allocated by a MME which can be used to

•   Uniquely identify the MME which allocated the GUTI
•   Uniquely identify the UE within the MME that allocated the GUTI

GUTI = GUMMEI + M-TMSI

Where
GUMMEI
GUMMEI: Globally unique MME Identifier which is used to identify a MME uniquely

GUMMEI = MCC+MNC+MME Identifier

MME Identifier(MMEI) = MME Group ID(MMEGI)+MME Code(MMEC)

The MMEC provides a unique identity to an MME within the MME pool, 
while the MMEGI isused to distinguish between different MME pools.

TMSI:

  The TMSI is a temporary number used instead of the IMSI to identify an MS. (8 digits)

  Mapping of the TMSI to the IMSI is done by the network and is typically handled by the VLR

Note:

IMSI is sent only when necessary, for example

•   when the SIM is used for the first time
•   when there is data loss at VLR

TAI: Tracking Area Identity

IMSI <=15 digits

The Serving Network identity i.e. MCC + MNC

Network Type : E-UTRAN

Similar to UMTS AKA, EPS AKA is also based on the shared key K between USIM and the networks.

Steps involved

1.Identity Request

2.AKA Procedure

3.Key Derivation