5G Security Procedures
5G security procedures protect registration, signaling, access stratum communication, non-3GPP access, relay behavior, and sidelink service. Use this hub to jump into authentication, NAS Security Mode, AS security activation, security context update, identity recovery, EAP-AKA non-3GPP authentication, relay key, and sidelink security call flows.
Quick Links
What This Covers
5G authentication and identity procedures validate the subscriber and recover protected identity context when needed.
NAS Security Mode, AS security activation, and context update flows activate or refresh protected signaling between the UE, RAN, and core.
Use the links below to jump directly into authentication, NAS security, AS security, key update, identity recovery, EAP-AKA, relay, and sidelink security call flows.
Subscriber Authentication
Procedures that validate subscriber identity and allow protected continuation of 5G service.
- Authentication Procedure — UE authentication
- Re-Authentication / Identity Recovery Procedure — Later identity revalidation and security recovery
- EAP-AKA’ / Non-3GPP Access Authentication — Authentication for alternate non-3GPP access
Security Activation and Refresh
Procedures that activate or refresh the active NAS and access-side security context.
- NAS Security Mode Procedure — Activate NAS protection for later signaling
- AS Security Activation Procedure — Activate access-stratum radio security
- Security Context Update — Update encryption keys
Relay and Specialized Security
Procedures that handle relay-aware, sidelink-aware, or other non-basic security branches.
- Relay Key Procedure — Relay-specific NAS key and authentication exchange
- Relay / Sidelink Security Procedure — Security handling for relay-aware or sidelink use cases