4G/LTE - NAS

  

 

 

 

EIA(EPS Integrity Algorithms)

 

As the term implies, this is "Integrity Algorithm" being used in LTE. This algorithm applies only to C-Plane data (NAS mesage). You can take this as a kind of special encryption algorithm which is used only for NAS message. Like EEA, this is also determined by the Network and informed to UE by EMM:Security Mode Command and RRC : Security Mode Command message.

 

NAS_LTE:EMM,Security mode command

Security mode command ::= DIVISION

  +-Security header type ::= V

  | +-Security header type ::= CHOICE [Plain NAS message, not security protected]

  +-EPS mobility management protocol discriminator ::= V

  | +-Protocol discriminator ::= PD [7]

  +-Security mode command message identity ::= V

  | +-Message type ::= MSG [5D]

  +-Selected NAS security algorithms ::= V

  | +-Octet1 ::= DIVISION

  |   +-spare ::= FIX [0]

  |   +-Type of ciphering algorithm ::= CHOICE [EPS encryption algorithm EEA0(ciphering not used)]

  |   +-spare ::= FIX [0]

  |   +-Type of integrity protection algorithm ::= CHOICE [Reserved 0]

  +-Spare half octet ::= V

  | +-Spare half octet ::= FIX [0]

  +-NAS key set identifier ::= V

  | +-TSC ::= CHOICE [native security context (for KSI ASME)]

  | +-NAS key set identifier ::= CHOICE [possible values for the NAS key set identifier 0]

  +-Replayed UE security capabilities ::= LV

  | +-Octet1 ::= DIVISION

  | | +-Length of UE security capability contents ::= LEN (0..255) [5]

 

   +-c1 ::= CHOICE [securityModeCommand]

      +-securityModeCommand ::= SEQUENCE

        +-rrc-TransactionIdentifier ::= INTEGER (0..3) [0]

        +-criticalExtensions ::= CHOICE [c1]

          +-c1 ::= CHOICE [securityModeCommand-r8]

            +-securityModeCommand-r8 ::= SEQUENCE [0]

              +-securityConfigSMC ::= SEQUENCE

              | +-securityAlgorithmConfig ::= SEQUENCE

              |   +-cipheringAlgorithm ::= ENUMERATED [eea0]

              |   +-integrityProtAlgorithm ::= ENUMERATED [spare1]

              +-nonCriticalExtension ::= SEQUENCE OPTIONAL:Omit

 

Currently there are two different types of EIA we can use as shown in the following table.

    Identifier

    Type

    Description

    0000

    128-EIA0

    Null Integrity algorithm

    0001

    128-EIA1

    SNOW 3G

    0010

    128-EIA2

    AES

    0011

    128-EIA3

    ZUC

 

In Rel 8, EIA0 is not officially defined because integrity protection is mandatory for RRC (AS) and NAS signalling messages, but in some special condition (e.g, in UE testing environment),  Null Integrity is used. Even in this case, NAS message carries Integrity Header, but the MAC (Message Authentication Code) part of the header is all set to be 0.

    Refer to following ASN from 36.331 V8.10.0 (2010-07)

     

    SecurityAlgorithmConfig ::= SEQUENCE {

      cipheringAlgorithm ENUMERATED {

              eea0, eea1, eea2, spare5, spare4, spare3,spare2, spare1, ...},

      integrityProtAlgorithm ENUMERATED {

              reserved, eia1, eia2, spare5, spare4, spare3,spare2, spare1, ...}

    }

 

In Rel 9, 3GPP started to define EIA0 as shown below. I am not sure if there is any live network using EIA0.. probably 3GPP started supporting this for test purpose.

    Refer to following ASN from 36.331 V10.4.0 (2012-01)

    SecurityAlgorithmConfig ::= SEQUENCE {

      cipheringAlgorithm ENUMERATED {

        eea0, eea1, eea2, spare5, spare4, spare3,spare2, spare1, ...},

      integrityProtAlgorithm ENUMERATED {

        eia0-v920, eia1, eia2, spare5, spare4, spare3,spare2, spare1, ...}

    }

 

 

Reference :

 

[1] The New LTE Cryptographic Algorithms EEA3 and EIA3