5G Integrity Protection Procedure Explained

Introduction

In 5G networks, Integrity Protection ensures that signaling messages exchanged between the User Equipment (UE) and the network are not modified or tampered with during transmission.

Integrity protection allows the receiving entity to verify that a message:

• was sent by a legitimate source
• has not been altered during transmission

This mechanism is critical for maintaining secure signaling communication in mobile networks.

The procedure is defined by the 3rd Generation Partnership Project in:

• 3GPP TS 33.501 - 5G Security Architecture
• 3GPP TS 24.501 - NAS Protocol
• 3GPP TS 38.331 - RRC Protocol

Why Integrity Protection Is Needed

Without integrity protection, attackers could:

• modify signaling messages
• inject malicious commands
• disrupt network operations

Integrity protection ensures that any modification to a message can be detected immediately.

This is especially important for control-plane signaling messages.

Network Functions Involved

UE (User Equipment)

Applies integrity protection to signaling messages sent to the network.

gNB (Next Generation NodeB)

Handles integrity protection for Access Stratum (AS) signaling.

AMF (Access and Mobility Management Function)

Manages integrity protection for NAS signaling.

Interfaces Used

Integrity Protection Call Flow

Below is the simplified signaling sequence.

UE             gNB             AMF
 |              |               |
 |--Protected NAS Message----->|
 |              |-------------->|
 |              |               |
 |<--Protected NAS Response----|

All signaling messages include an integrity check value (MAC-I).

Step-by-Step Explanation

Step 1: Integrity Key Derivation

Integrity protection uses keys derived during the key derivation procedure.

Typical integrity keys include:

Important parameters to check

Engineers should verify:

• key derivation parameters
• security context validity
• algorithm compatibility

Step 2: Integrity Algorithm Selection

During the Security Mode procedure, the network selects the integrity algorithm.

Common algorithms include:

Important parameters to check

Check:

• UE algorithm support
• algorithm priority configuration
• network security policy

Step 3: Message Integrity Calculation

Before transmitting a signaling message, the sender calculates an integrity check value (MAC-I) using:

• integrity key
• message content
• sequence number

Important parameters to check

Verify:

• correct sequence numbers
• message authentication code generation
• synchronization status

Step 4: Integrity Verification

The receiving entity recalculates the integrity check value and compares it with the received MAC-I.

If the values match:

• the message is accepted

If the values do not match:

• the message is rejected

Important parameters to check

Check:

• MAC-I validation
• sequence number synchronization
• message integrity status

Integrity Protection in 5G Layers

Integrity Protection Example

A protected message typically contains:

Troubleshooting Integrity Issues

Integrity Check Failure

Possible causes:

• incorrect integrity key
• sequence number mismatch
• message corruption

Message Rejection

Possible reasons:

• MAC-I mismatch
• security context desynchronization
• algorithm mismatch

Replay Attack Detection

Possible causes:

• reused sequence numbers
• delayed signaling messages
• malicious traffic injection

Relevant 3GPP Specifications

The Integrity Protection mechanism is defined by the 3rd Generation Partnership Project in:

• 3GPP TS 33.501 - Security Architecture
• 3GPP TS 24.501 - NAS Protocol
• 3GPP TS 38.331 - NR RRC Protocol

Summary

The Integrity Protection procedure ensures that signaling messages exchanged between the UE and the network remain authentic and unchanged.

The process includes:

1. deriving integrity protection keys
2. selecting integrity algorithms
3. generating integrity check values
4. verifying message authenticity

This mechanism protects 5G networks from message tampering and signaling attacks, ensuring secure communication.