NAS 5G Network to UE 3GPP TS 24.501

5G NAS - Relay Authentication Request

Relay Authentication Request is the NAS message the network sends to start or continue the relay-specific authentication branch after relay-key handling or related relay security preparation.

Message Fact Sheet

Protocol	nas	Network	5g
Spec	3GPP TS 24.501	Spec Section	8.2.37
Direction	Network to UE	Message Type	5GMM signaling

Full message name	5G NAS - Relay Authentication Request
Protocol	NAS
Technology	5G
Direction	Network to UE
Interface	N1
Signaling bearer / channel	NAS signaling / Dedicated NAS message, transported over the existing NAS path
Typical trigger	Sent when the network needs to challenge or authenticate the relay participant as part of a relay-specific NAS security procedure.
Main purpose	Challenges the UE or relay participant with relay-authentication data so the relay security procedure can move into its authentication stage.
Main specification	3GPP TS 24.501, 8.2.37
Release added	Release 17
Procedures where used	Relay authentication procedure, Relay security handling, ProSe relay context

What is Relay Authentication Request in simple terms?

Relay Authentication Request is the NAS message the network sends to start or continue the relay-specific authentication branch after relay-key handling or related relay security preparation.

Challenges the UE or relay participant with relay-authentication data so the relay security procedure can move into its authentication stage.

Why this message matters

Relay Authentication Request is the network challenging the relay participant in a specialized relay security procedure.

Where this message appears in the call flow

Relay Authentication Procedure

Call flow position: Network challenge step in the relay-authentication branch.

Typical state: Relay-capable context exists and the network is moving from relay-key setup into relay authentication.

Preconditions:

Relay security context exists.
The network is ready to authenticate the relay participant.

Next likely message: Relay Authentication Response

ProSe Relay Security Handling

Call flow position: Authentication challenge step after or alongside relay-key preparation.

Typical state: The relay-specific procedure is now validating the relay participant using authentication data.

Preconditions:

Relay transaction context exists.

Next likely message: Relay Authentication Response

Call flow position

Previous message(s): Relay Key Accept, Relay security context preparation

Next message(s): Relay Authentication Response

Message direction and transport

Sender and receiver: Network to UE

Interface: N1

Domain: Core-side mobility management signaling with relay-specific security context

Signaling bearer: NAS signaling

Logical channel: Dedicated NAS message, transported over the existing NAS path

Transport / encapsulation: NAS 5GS message carried end-to-end between the network NAS entity and the UE-side relay participant

Security context: This message belongs to the relay-authentication branch, so it should be interpreted together with relay transaction context, any preceding relay key handling, and the later Relay Authentication Response.

Message Structure Overview

Relay Authentication Request is a specialized NAS relay-security challenge message rather than a mainstream authentication request used in ordinary registration.
In trace analysis, engineers usually inspect the relay transaction identity first and then the relay authentication parameters that drive the response.

ASN.1 Message Syntax for 5G NAS - Relay Authentication Request

This message is not typically analyzed as ASN.1 on the wire. It is usually read as a NAS or protocol field structure instead.

Relay Authentication Request follows NAS 24.501 IE structure and is not an ASN.1 message.

5G NAS - Relay Authentication Request - Example Dump

Relay Authentication Request
  Extended Protocol Discriminator: 5G Mobility Management
  Security Header Type: Integrity protected and ciphered
  Message Type: Relay Authentication Request
  ProSe Relay Transaction Identity: 7
  Relay Authentication Parameters: 0x5ea193ab...

How to read this dump

The message is best read as a relay-security challenge whose value comes from the relay transaction identity and authentication parameters.
The next useful check is whether the UE returns Relay Authentication Response.

Important Information Elements

IE	Required	Description
`ProSe relay transaction identity`	Yes	Identifies the relay-authentication transaction so the challenge and later response can be correlated.
`Relay authentication parameters`	Yes	Carries the authentication challenge data or relay-specific authentication information the UE must process.

Detailed field explanation

`ProSe relay transaction identity`

Identifies the relay-authentication transaction so the challenge and later response can be correlated.

Presence: Required

In practice: In practice, compare this field with the original request and with any later release-dependent optional fields so you can see whether the network accepted the same service model the UE asked for.

`Relay authentication parameters`

Carries the authentication challenge data or relay-specific authentication information the UE must process.

Presence: Required

What to check in logs and traces

Confirm the message appears in a relay-capable NAS context.
Inspect the ProSe relay transaction identity.
Check the relay authentication parameters and correlate them with the expected relay scenario.
Look for the immediate Relay Authentication Response.

Common Issues and Troubleshooting

Relay Authentication Request appears but no usable response follows.

Likely cause: The relay authentication parameters may not be accepted, understood, or processable by the UE or relay participant.

What to inspect: Check the relay transaction identity, authentication parameters, and whether the later response is missing or rejected.

Next step: Correlate the challenge with the preceding relay-key context and compare against a known-good relay-authentication trace.

Relay-specific procedure fails even though ordinary NAS authentication is fine.

Likely cause: The issue belongs to the specialized relay authentication branch rather than to normal 5GMM authentication.

What to inspect: Focus on the relay-specific IEs and the later Relay Authentication Response rather than on the standard Authentication Request / Response flow.

Next step: Treat the problem as relay-feature authentication analysis, not general registration analysis.

FAQ

What does Relay Authentication Request do in 5G?

It challenges the relay participant with relay-specific authentication information so the relay authentication procedure can continue.

Is Relay Authentication Request the same as normal Authentication Request?

No. The normal Authentication Request is used in mainstream 5GMM procedures, while Relay Authentication Request belongs to the specialized relay-security branch.

What usually comes after Relay Authentication Request?

The usual next step is Relay Authentication Response.

Related message pages

Related Procedures

Relay Authentication Procedure

Related Tools

Use This Reference in Practice

Decode this message with the 3GPP Decoder, inspect the related message database, or open the matching call flow to see where this signaling step fits in the full procedure.