5G-TMSI

5G Temporary Mobile Subscription Identifier

Identifier →
Introduced in Rel-15

5G-TMSI is a temporary identifier assigned by the AMF to a UE to uniquely identify it within a specific AMF set, protecting the permanent SUPI over the air interface for privacy and efficient signaling.

Category
Identifier
Introduced
Rel-15
Where
Core Network › 5G Core
Specifications
2 specs
5G-TMSI Description Purpose Related Classification Detected Changes Specifications

Description

The 5G-TMSI (5G Temporary Mobile Subscription Identifier) is a fundamental temporary identifier used within the 5G Core (5GC) network to uniquely and temporarily identify a User Equipment (UE) during its registration and active sessions. It is a 32-bit value assigned by the Access and Mobility Management Function (AMF) to a UE upon successful registration or service request procedures. The primary architectural role of the 5G-TMSI is to serve as a local alias within the serving AMF and its associated AMF set, allowing the network to reference the UE's security context and subscription profile without repeatedly transmitting its permanent, globally unique SUPI (Subscription Permanent Identifier) over the radio interface, which is a critical security and privacy measure.

Operationally, the 5G-TMSI is constructed and managed by the AMF. When a UE initially registers with the network without a valid 5G-TMSI (e.g., during initial attach or after moving to a new tracking area), it uses its SUPI or a privacy-protected variant (SUCI) for identification. Upon successful authentication and registration, the AMF allocates a fresh 5G-TMSI and delivers it to the UE in a secured NAS (Non-Access Stratum) message. Subsequently, for most signaling procedures like Service Requests, Periodic Registration Updates, or Mobility Registration Updates, the UE includes this 5G-TMSI in the RRC (Radio Resource Control) and NAS messages. The AMF uses the received 5G-TMSI to efficiently retrieve the UE's context from its local database.

The identifier's structure, while a 32-bit string, is subdivided to encode routing information. The most significant bits can indicate the AMF Set ID and AMF Pointer, which helps the Radio Access Network (RAN) in the RAN-based Notification Area (RNA) or during RRC Inactive state to route the initial message from the UE to the correct AMF within the pool. This routing capability is a key component for efficient mobility and session management, preventing the need for broadcast paging across all AMFs in a pool. The 5G-TMSI's validity is tied to the UE's registration state; it may be reallocated by the network upon re-registration, inter-AMF mobility, or for periodic refreshment as a privacy enhancement.

In the broader 5G system, the 5G-TMSI works in conjunction with other identifiers like the 5G-GUTI (5G Globally Unique Temporary Identifier), which provides a globally routable temporary identity. The 5G-TMSI forms the least significant 32 bits of the 5G-GUTI. While the 5G-GUTI is used for inter-AMF and inter-PLMN mobility, the 5G-TMSI is optimized for intra-AMF-set signaling efficiency. Its role is critical for reducing signaling overhead, enabling fast context retrieval, and fundamentally upholding user privacy by minimizing the transmission of permanent credentials, making it a cornerstone of 5G secure access and mobility management.

Purpose & Motivation

The 5G-TMSI was created to address critical shortcomings in previous mobile generations, particularly the exposure of long-term subscriber identities over the air interface. In pre-5G systems like LTE, while a Temporary Mobile Subscriber Identity (TMSI) was used, the overall identifier structure and privacy mechanisms were less robust. The 5G-TMSI, as part of the 5G-GUTI framework, provides a more structured and secure temporary identification system designed for the service-based architecture of 5GC.

A primary problem it solves is user privacy protection. The permanent subscriber identifier (SUPI) must never be transmitted in clear text over non-secure radio links. By using a frequently changing 5G-TMSI for most signaling interactions, the SUPI is shielded from eavesdroppers, preventing subscriber tracking and profiling. This addresses growing regulatory and consumer demands for enhanced privacy. Furthermore, it solves network efficiency problems. The 5G-TMSI, with its encoded AMF routing information, allows the RAN to quickly route connection requests to the correct AMF without extensive querying, reducing connection setup delays and signaling load on the network, which is essential for supporting massive numbers of IoT devices and ultra-reliable low-latency communications.

Historically, temporary identifiers existed in 2G/3G/4G, but 5G's decoupled architecture (separating AMF from SMF) and support for new states like RRC Inactive required a more refined approach. The 5G-TMSI is designed to work seamlessly within the 5G-GUTI structure to support efficient mobility across AMF pools and PLMNs, a scenario more common in 5G's dense and heterogeneous network deployments. Its creation was motivated by the need for a scalable, secure, and efficient identity management scheme that supports 5G's diverse use cases, from enhanced mobile broadband to massive machine-type communications, without compromising performance or security.

Classification

Part of5G-GUTI
Specific types5G-GUTI
Related approachesSUPI

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (76 CRs across 5 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Rel-15 19 changes

In Release 15, the 5G-TMSI function was newly introduced as part of the 5G-GUTI (5G Globally Unique Temporary Identifier), which is allocated by the AMF. Key enhancements included the clarification of temporary identity usage in the service request procedure, the correction and completion of the 5GS mobile identity IE definition, and the explicit handling of a mapped 5G-GUTI derived from a 4G-GUTI during inter-system change. Furthermore, the release specified the allocation of a temporary identity and improvements for its assignment after a network-triggered service request.

  • Network Slicing Subscription Change Indication TS 24.501CR0010
  • Remove the remaining instance of SUPI paging TS 24.501CR0055
  • Storing of MPS indicator in non-volatile memory of mobile TS 24.501CR0123
  • Correction on 5G-GUTI type encoding TS 24.501CR0329
  • Clarification on the temporary identity in the service request procedure TS 24.501CR0352
  • Alignment of 5G-GUTI assignment with SA3 TS 24.501CR0470

+ 13 more changes

Rel-16 12 changes

In Release 16, the specification introduced the handling of a "Native 5G-GUTI" as an additional GUTI in the Additional GUTI IE during initial registration, distinct from a "Mapped 5G-GUTI" derived from a 4G-GUTI. It also clarified the use of the 5G-GUTI within a Standalone Non-Public Network (SNPN), where it is not globally unique. Furthermore, Release 16 defined octet alignment for the 5G-GUTI within the 5GS mobile identity information element.

  • Alternative 2: Handling of a UE not allowed to access SNPN services via a PLMN by subscription with 5GMM cause value #72 TS 24.501CR2252
  • 5G-GUTI as additional guti in initial registration and UE holds 4G-GUTI TS 24.501CR0782
  • 5G-GUTI not globally unique in an SNPN TS 24.501CR1458
  • MA PDU session rejection due to operator policy and subscription policy TS 24.501CR1504
  • Octet alignment for 5G-GUTI in 5GS mobile identity IE TS 24.501CR1583
  • Inclusion of ATTACH REQUEST message in REGISTRATION REQUEST message during initial registration when 5G-GUTI mapped from 4G-GUTI is used TS 24.501CR0793

+ 6 more changes

Rel-17 24 changes

In Release 17, enhancements for the 5G-TMSI function included clarifications on the handling of a mapped 5G-GUTI and its allocation during specific procedures, such as when T3346 is running. The release also provided corrections for UE behavior after receiving a "Network slicing subscription changed" indication and addressed the UE identity used during onboarding in an SNPN when the UE already possesses a 5G-GUTI. Furthermore, it introduced clarifications on maintaining the 5G-GUTI in abnormal cases and fixed encoding errors within the 5GS mobile identity information element.

  • Requirements related to UAS subscription change TS 24.501CR3770
  • PDU session establishment with the DNN/S-NSSAI for UAS service from the UE whch has valid aerial subscription but UUAA-MM is failed abnormally TS 24.501CR3792
  • Rejected NSSAI due to subscription TS 24.501CR2573
  • Fix of encoding errors in 5GS mobile identity IE TS 24.501CR2597
  • Correction on UE behaviour after receiving "Network slicing subscription changed" indication TS 24.501CR2619
  • Avoid including both PAP/CHAP and EAP identifiers in PDU session establishment request TS 24.501CR2941

+ 18 more changes

Rel-18 9 changes

In Release 18, the enhancements for 5G-TMSI (as part of the 5G-GUTI) introduced new rules for its selection when a UE is operating in an Equivalent SNPN, ensuring the appropriate mobile identity is used in this scenario. Additionally, the release specified UE behavior for updating the configured NSSAI upon receiving a "Network slicing subscription changed" indication. These changes provided clearer procedures for identity management and subscription handling in standalone non-public and sliced networks.

  • Equivalent SNPN usage for mobile identity selection TS 24.501CR4840
  • Protecting the N3IWF/TNGF identifier information in the REGISTRATION REJECT message TS 24.501CR5932
  • At least one default subscribed S-NSSAI in user subscription TS 24.501CR4626
  • Clarification of UE behaviour when the UE receives the "Network slicing subscription changed". TS 24.501CR4908
  • Correction for N3IWF identifier IE TS 24.501CR5120
  • Equivalent SNPNs: 5G-GUTI selection TS 24.501CR4997

+ 3 more changes

Rel-19 12 changes

In Release 19, the updates for the 5G-TMSI function focused on enhancements and corrections related to Non-3GPP device identifiers and their associated QoS differentiation. Specifically, the release introduced support for multiple Non-3GPP device identifiers, along with new procedures for suspending and rejecting QoS differentiation for these identifiers. Additionally, corrections were made to the 5GS mobile identity and the handling of the 5G-GUTI, including UE actions upon its deletion.

  • Support of reject QoS differentiation for non-3GPP device identifier(s) TS 24.501CR6926
  • Procedure update for QoS differentiation of non-3GPP device identifiers TS 24.501CR6994
  • Suspending QoS differentiation for non-3GPP device identifier TS 24.501CR7087
  • Correction to the inconsistent LCS correlation identifier TS 24.501CR6380
  • Clarification of the mobile reachable tmer to avoid an expired timer in the unavailability period TS 24.501CR6542
  • Support of multiple Non-3GPP device identifiers for QoS differentiation TS 24.501CR6925

+ 6 more changes

Explore further

Broader topics and technologies where 5G-TMSI plays a role.

Topics
Authentication (5G-AKA, EAP)RRC (Radio Resource Control)NAS (Non-Access Stratum)Privacy (SUPI, SUCI)MEC (Edge Computing)LTE / LTE-Advanced
Technologies
LTE5G

Defining Specifications

3GPP specifications that define or reference 5G-TMSI, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 24.501 vj50 5G NAS Protocols Specification Rel-19
TS 24.890 vg00 5G NAS Protocol for 5GS Stage 3 Rel-16