4G | ShareTechnote

4G/LTE -

Authentication Failure

Authentication Failure is mostly related to wrong AUTN value in Authentication Request message. There are three main parameters including AUTN value and these main parameter would cause three different failure cause as follows.

Parameter	Failure Code
MAC Code	#20:MAC failure (Example)
Separation Bit (First bit of AMF)	#26:Non-EPS authentication unacceptable (Example)
SQN	#21:Synch failure (Example)

Example : Invalid MAC Code

Following example is for Invalid MAC Code and this test is based on the following test USIM. This test USIM uses 3GPP Test Algorithm specifed in 34.108

Correct Parameters :

SQN=000000000000

AMF=8000

K= 00112233445566778899AABBCCDDEEFF

--------------------------------------------

RAND=31323131353836343132313135383634

IK= 1302716D5043B9AB9B8AF9E5D8CB3123

CK= 231302716D5043B9AB9B8AF9E5D8CB31

AUTN=02716D5043B9800031231302716DD043

Invalid Parameters used for Test :

SQN=FFFFFFFFFFFF

AMF=8000

K= 00112233445566778899AABBCCDDEEFF

--------------------------------------------

RAND=31323131353836343132313135383634

IK= 1302716D5043B9AB9B8AF9E5D8CB3123

CK= 231302716D5043B9AB9B8AF9E5D8CB31

AUTN=FD8E92AFBC458000CEDCECFD8E92D043

Step	Direction	Message
1	UE <- NW	Authentication Request
2	UE -> NW	Authentication Failure

1) Authentication Request

DL-DCCH-Message

message: c1 (0)

c1: dlInformationTransfer (1)

dlInformationTransfer

rrc-TransactionIdentifier: 0

criticalExtensions: c1 (0)

c1: dlInformationTransfer-r8 (0)

dlInformationTransfer-r8

dedicatedInfoType: dedicatedInfoNAS (0)

dedicatedInfoNAS: 0752033132313135383634313231313538363410fd8e92af...

Non-Access-Stratum (NAS)PDU

0000 .... = Security header type: Plain NAS message, not security protected (0)

.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)

NAS EPS Mobility Management Message Type: Authentication request (0x52)

0000 .... = Spare half octet: 0

.... 0... = Type of security context flag (TSC): Native security context

(for KSIasme)

.... .011 = NAS key set identifier: (3) ASME

Authentication Parameter RAND - EPS challenge

RAND value: 31323131353836343132313135383634

Authentication Parameter AUTN (UMTS and EPS authentication challenge)

- EPS challenge

Length: 16

AUTN value: fd8e92afbc458000cedcecfd8e92d043

SQN xor AK: fd8e92afbc45

AMF: 8000

MAC: cedcecfd8e92d043

2) Authentication Failure

UL-DCCH-Message

message: c1 (0)

c1: ulInformationTransfer (9)

ulInformationTransfer

criticalExtensions: c1 (0)

c1: ulInformationTransfer-r8 (0)

ulInformationTransfer-r8

dedicatedInfoType: dedicatedInfoNAS (0)

dedicatedInfoNAS: 1792f6a1a905075c14

Non-Access-Stratum (NAS)PDU

0001 .... = Security header type: Integrity protected (1)

.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)

Message authentication code: 0x92f6a1a9

Sequence number: 5

0000 .... = Security header type: Plain NAS message, not security protected (0)

.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)

NAS EPS Mobility Management Message Type: Authentication failure (0x5c)

EMM cause

Cause: MAC failure (20)

Example : Invalid Separation Bit

Following example is for Invalid MAC Code and this test is based on the following test USIM. This test USIM uses 3GPP Test Algorithm specifed in 34.108

Correct Parameters :

SQN=000000000000

AMF=8000

K= 00112233445566778899AABBCCDDEEFF

--------------------------------------------

RAND=31323131353836343132313135383634

IK= 1302716D5043B9AB9B8AF9E5D8CB3123

CK= 231302716D5043B9AB9B8AF9E5D8CB31

AUTN=02716D5043B9800031231302716DD043

Invalid Parameters used for Test :

SQN=000000000000

AMF=0000

K= 00112233445566778899AABBCCDDEEFF

--------------------------------------------

RAND=31323131353836343132313135383634

IK=1302716D5043B9AB9B8AF9E5D8CB3123

CK=231302716D5043B9AB9B8AF9E5D8CB31

AUTN=02716D5043B9000031231302716D5043

Step	Direction	Message
1	UE <- NW	Authentication Request
2	UE -> NW	Authentication Failure

1) Authentication Request

DL-DCCH-Message

message: c1 (0)

c1: dlInformationTransfer (1)

dlInformationTransfer

rrc-TransactionIdentifier: 0

criticalExtensions: c1 (0)

c1: dlInformationTransfer-r8 (0)

dlInformationTransfer-r8

dedicatedInfoType: dedicatedInfoNAS (0)

dedicatedInfoNAS: 075200313231313538363431323131353836341002716d50...

Non-Access-Stratum (NAS)PDU

0000 .... = Security header type: Plain NAS message, not security protected (0)

.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)

NAS EPS Mobility Management Message Type: Authentication request (0x52)

0000 .... = Spare half octet: 0

.... 0... = Type of security context flag (TSC): Native security context (

for KSIasme)

.... .000 = NAS key set identifier: (0) ASME

Authentication Parameter RAND - EPS challenge

RAND value: 31323131353836343132313135383634

Authentication Parameter AUTN (UMTS and EPS authentication challenge)

- EPS challenge

Length: 16

AUTN value: 02716d5043b9000031231302716d5043

SQN xor AK: 02716d5043b9

AMF: 0000

MAC: 31231302716d5043

2) Authentication Failure

UL-DCCH-Message

message: c1 (0)

c1: ulInformationTransfer (9)

ulInformationTransfer

criticalExtensions: c1 (0)

c1: ulInformationTransfer-r8 (0)

ulInformationTransfer-r8

dedicatedInfoType: dedicatedInfoNAS (0)

dedicatedInfoNAS: 075c1a

Non-Access-Stratum (NAS)PDU

0000 .... = Security header type: Plain NAS message, not security protected (0)

.... 0111 = Protocol discriminator: EPS mobility management messages (0x07)

NAS EPS Mobility Management Message Type: Authentication failure (0x5c)

EMM cause

Cause: Non-EPS authentication unacceptable (26)