KIK

Key Identifier for protecting KIc and KID

Security
Introduced in Rel-5
A key identifier used in early 3GPP specifications to reference the ciphering key (KIc) and integrity key (KID) in security procedures. It acts as an index or label for the active key set, enabling the network and UE to select the correct keys for protecting signaling and user data communications.

Description

The Key Identifier for protecting KIc and KID (KIK) is a security parameter defined in 3GPP Release 5 specifications, primarily within the context of 3G security architecture. It serves as an identifier or reference pointer that indicates which specific pair of ciphering and integrity keys (KIc and KID) are currently in use or should be used for securing communications between the User Equipment (UE) and the network. The KIc is the ciphering key used for confidentiality protection of data and signaling, while the KID is the integrity key used to ensure the data and signaling have not been tampered with. The KIK does not contain the key material itself but points to the key set stored securely in both the UE and the network's Authentication Centre (AuC) or Home Subscriber Server (HSS).

Architecturally, the KIK is part of the security context established during authentication and key agreement (AKA) procedures. When a UE authenticates with the network, the AuC/HSS generates a cipher key (CK) and an integrity key (IK) as part of the AKA vector. These keys (CK/IK) may be further transformed or mapped to the access-stratum keys KIc and KID for use in specific domains like the Circuit Switched (CS) or Packet Switched (PS) core. The KIK is associated with this derived key set. It is transmitted between network entities (e.g., from HSS to Visitor Location Register (VLR) or Serving GPRS Support Node (SGSN)) within signaling messages like the MAP (Mobile Application Part) protocol to indicate which keys the serving network should use.

In operation, when a security mode command is initiated to start ciphering and integrity protection on a radio connection, the network includes the KIK in the signaling to the UE. The UE, which has previously stored one or more key sets (each with a corresponding KIK) from the authentication procedure, uses the received KIK to identify and select the correct KIc and KID from its local storage. Both sides then use these identified keys to initialize the encryption and integrity algorithms (e.g., UEA or UIA in UMTS). This mechanism allows for key management, including key changes or the use of multiple simultaneous security contexts, by simply referencing different KIK values.

Its role was crucial in early 3G security for enabling key freshness and management without needing to frequently transmit the actual keys over the air. By using an identifier, the system could efficiently switch to new keys (e.g., after a location update or periodic authentication) and ensure synchronization between the UE and network. However, the concept of a separate KIK for KIc/KID was largely superseded in later 3GPP releases (like LTE and 5G) by more integrated key hierarchies where keys are identified implicitly by key derivation parameters or specific key set identifiers within a broader security context. The KIK represents an early, explicit key indexing mechanism in the evolution of mobile network security.

Purpose & Motivation

The KIK was created to address the need for efficient and secure key management in 3G UMTS networks. In the transition from 2G (GSM) to 3G, security was significantly enhanced with the introduction of mutual authentication and separate integrity protection alongside ciphering. This resulted in two keys per session: KIc for ciphering and KID for integrity. A mechanism was required to allow the network to unambiguously tell the UE which pair of keys to use, especially since multiple key sets could be stored from previous authentications or for different service domains.

Prior approaches in GSM used a single ciphering key (Kc) with less sophisticated management. The introduction of a key identifier solved the problem of key synchronization and selection. Without an identifier, the network and UE might lose alignment on which key is current after handovers or during concurrent services, leading to communication failures or security vulnerabilities. The KIK provided a simple index to maintain this alignment, enabling features like key change on-the-fly without re-authentication by distributing a new key set with a new KIK.

Its development in Release 5 was part of the broader 3G security framework defined in TS 33.102 and related specifications like TS 23.048. It facilitated the separation of key generation in the home network (AuC/HSS) from key usage in the serving network (VLR/SGSN), as the serving network could reference keys using the KIK without handling the key derivation logic itself. However, as security architectures evolved towards LTE and 5G, the key hierarchy became more complex and derivation-based, reducing the need for such explicit standalone identifiers. The KIK's purpose was effectively absorbed into more comprehensive key identifiers and derivation schemes, making it a historical but important step in the evolution of mobile security key management.

Key Features

  • Identifier used to reference a specific pair of ciphering (KIc) and integrity (KID) keys
  • Enables synchronization of key selection between UE and network entities
  • Supports key management and the use of multiple stored security contexts
  • Transmitted in network signaling (e.g., MAP messages) to indicate active key set
  • Allows for key changes without immediate re-authentication
  • Part of the 3G UMTS security architecture defined in early releases

Evolution Across Releases

Rel-5 Initial

Initial definition of KIK in 3GPP specifications, including TS 23.048. Established as the key identifier for the ciphering key KIc and integrity key KID within the UMTS security architecture, enabling managed key usage between the UE, VLR, and SGSN.

TS 23.048

Defining Specifications

SpecificationTitle
TS 23.048 3GPP TS 23.048