Chris Cox Communications
Career profile
UMTS specifications
Website terms and conditions

35 series - Cryptographic algorithms

Encryption & integrity protection algorithms UEA2 & UIA2 Network access security (33 series) 33.105 - Cryptographic algorithm requirements Encryption & integrity protection algorithms UEA1 & UIA1 Authentication Up to the UMTS specifications


The 35 series defines the cryptographic algorithms used in network access security. There are algorithms for the following security features:

  • Authentication: The home network confirms the identity of the user, to prevent unauthorised users from gaining access to the network. The mobile also confirms the identity of the network, to prevent spoof networks from communicating with the user.
  • Encryption: Data and signalling messages can be encrypted on the radio link between the UE and the serving network's RNC, to prevent eavesdropping.
  • Integrity protection: An integrity field is added to most of the signalling messages exchanged between the UE and the serving network's RNC, to prevent the messages from being modified in a "man-in-the-middle" attack.

The algorithms are publicly defined: their security relies on shared knowledge of a secret key K, which is stored in the mobile's USIM and the home network's authentication centre. K is used by the authentication algorithm, which also computes two additional keys CK and IK that are used for encryption and integrity protection.

The most useful introduction is the 33 series specification TS 33.105.


CKCipher key
IKIntegrity key
RNCRadio network controller
UEUser equipment
USIMUniversal subscriber identity module
Copyright Chris Cox Communications © 2019. All rights reserved.