AUTHENTICATION AND KEY AGREEMENT

The AKA process takes place as soon as the UE is detected on the

network. The Key Agreement refers to the generation of the
Confidentiality Key (CK) used to encrypt over-the-air communications
and the Integrity Key (IK). The IK is used to verify that the message has
not been tampered with by a man in the middle.

The UMTS authentication vector uses a quintet of parameters

which provides temporary authentication data that enables an
VLR or SGSN to engage in UMTS authentication with a
particular user.

Each Authentication Vector consists of:

• A random number RAND
• An expected response XRES
• A cipher or Confidentiality key CK
• An integrity key IK
• An authentication token AUTN
1.- VLR requests the HE/HLR to send ordered array of n
authentication vectors. The authentication vectors are ordered
based on sequence number

2.- When VLR wants to perform AKA with the UE, it selects the next
Authentication Vector from the stored ordered array and sends the
parameters RAND and AUTN to the user.

3.-. The UE checks if the AUTN is valid and if it is then produces a

response RES that is sent back to VLR/SGSN.

4.- The procedure has been successful for the UE. It will retrieve the CK
and IK from the USIM and transfer it to the entities that perform
Ciphering (RLC and MAC) and Integrity (RRC) functions.

5.- When the VLR/SGSN receives the response RES, it compares it with
the expected response XRES. If they match then the procedure is
successful according to the VLR/SGSN. It will transfer the CK and IK to
the entities that will perform ciphering and integrity protection.
Step#1
In the beginning both the USIM and the Network are not authenticated. That
means USIM does not know whether the network is a real network and
network does not know whether the USIM is a valid Subscriber.

Step#2
Network starts the authentication procedure by sending the User
Authentication Request with the parameter RAND and AUTN.

Step#3
After UE receives RAND and AUTN, the USIM first computes the anonymity key and retrieves the SQN
After that UE computes XMAC and compares with MAC.
If both are different UE send user authentication reject back to the VLR/SGSN.
If the USIM finds the SQN is not in the correct range, it sends synchronization failure.

Step#4
UE sends expected response RES to the VLR/SGSN.
If RES = XRES, then the authentication procedure completes
During RRC Connection Establishment when UE sends
RRC Connection Setup complete message, it transfers
the UE capability as a part of this message.

During AKA procedure, Core Network decides which UE

Integrity Algorithm (UIA) and which UE Encryption
Algorithm (UEA) should be used.