LTE Security
Course Overview
This course is designed to help participants understand the various security issues surrounding LTE networks. Encryption algorithms used in LTE networks will be discussed in-depth to enhance participants’ understanding of encryption algorithms. Participants will also learn how to manage the security keys involved in LTE networks, the functions of the PKI architecture components, IPsec over Public Internet and Private Backhaul networks.
Target Audience
This course is designed for engineers, managers and other personnel who have a need to acquire a technical overview of the security environment employed within GSM/WCDMA/LTE networks.
It will also be of benefit to those in the wider technical community who have a need to understand the security protocols employed by cellular networks.
Duration & Training Format
[Classroom: 3 days / LIVE Virtual*: 21 hours]
- A minimum of 5 or more participants are required for a company-based LIVE Virtual course to commence
- LIVE Virtual courses can be conducted for 5 hours or 7 hours daily. Please note that the number of training days will be extended if you opt for 5 hours daily.
Course Objectives
At the end of this course, participants will be able to:
- Explain the security bases for LTE networks
- List the encryption algorithms
- Understand how the LTE security feature groups meet certain threats and accomplish certain security objectives: Network access security, LTE Security Encryption etc.
- Understand Security Keys Management: The differences between the private and public keys, how to exchange keys with security over the network (using original algorithms such as Deffie-Helmann) and how this drives to certificates and PKI
- Describe the functions of the PKI architecture components
- Describe concept for IPsec over public Internet and Private Backhaul
Course Outline
- Introduction to LTE Network Components and Architecture
- LTE Architecture
- ePC Architecture
- eUTRAN Transport Plan Design
- Overview of Security Concepts
- What Protection Measures to Ensure
- The Security Standards X.800
- The X.800 Threat Model
- The Security Standards: X.805
- 805: Three Security Layers
- 805: Three Security Planes
- Security Dimensions
- Basics on Transport Security
- Private vs. Public IP Addresses, How to Make the Connection
- NAT/NAPT: What are the Differences
- Public Key vs Private Key: How to Make the Communication Secure
- Deffie-Helmann Key Exchange Algorithm
- Certificate-based Systems
- IPsec Uses
- IPsec Tunnel Mode
- IPsec Encryption
- TLS/SSL Mechanisms
- Security Keys – 3GPP TS 36.300
- LTE Security Key Hierarchy
- Protection in the LTE Control Plan
- Protection in the LTE User Plan
- Key Derivation at the MME and UE
- Key Derivation at the eNodeB and UE
- 3GPP Security Specifications
- LTE / EPC Security Procedures
- Authentication, Encryption, Integrity Checking
- LTE/EPC Protocol Stack for User Plane and Control Plane
- LTE/EPC Vulnerabilities
- Data Encryption Standards and Algorithms: AES 3DES, DSA, RSA, etc.
- Security Certificates
- 509 Public Key Infrastructure
- Security Features in IP Multimedia System
- Security Associations, Authentication, Encryption
- Diameter Protocol, Commands, Applications and Attribute Value Pairs
- Diameter Nodes
Pre-requisites
- A basic knowledge of LTE is required
- An understanding of IP and security procedures would be an advantage
Related Courses
