Description
The Key Set Identifier (KSI) is a fundamental security identifier within the 3GPP authentication and key agreement (AKA) framework. It acts as a short, efficient reference to a complete set of derived cryptographic keys that exist both in the User Equipment (UE) and in the network's security context. The primary keys it identifies are the ciphering key (CK) and the integrity key (IK), which are generated during the AKA procedure. In later releases (e.g., for 5G), it also references the anchor key (K_AMF) and its derived keys.
Technically, the KSI is a small value (e.g., 3 bits in UMTS/LTE, part of a larger identifier in 5G) that is assigned by the network during a successful authentication. The network stores the full key set (CK, IK, and the sequence number SQN) in its security context database, indexed by the KSI and the user's permanent identity (like IMSI or SUPI). The UE stores the same key set locally, also associated with the KSI. When subsequent security-protected communication is initiated (e.g., for a service request or a location update), the network can include the KSI in a signaling message (like the RRC Connection Reconfiguration or NAS Security Mode Command) instead of sending the full keys. The UE uses the received KSI to look up its locally stored corresponding CK and IK, which are then used to initialize the ciphering and integrity protection algorithms (e.g., SNOW 3G, AES, ZUC).
There are different types of KSI to manage key contexts for different network domains. In UMTS and LTE, the KSI_ASME (where ASME is the Access Security Management Entity) is used for the EPS security context. The network may also maintain separate KSIs for ciphering (KSI_C) and integrity (KSI_I) in some legacy contexts. The KSI mechanism enables efficient key management by avoiding the need to re-run the full, computationally intensive AKA procedure for every connection setup. It supports security context transfer between network nodes (e.g., during handover) and allows for the reuse of established security contexts for a period of time, improving signaling efficiency and connection setup times while maintaining robust security.
Purpose & Motivation
The Key Set Identifier was created to solve the problem of efficient and secure key referencing in mobile networks. Without such an identifier, the network would need to either repeatedly perform full authentication (increasing latency and signaling load) or somehow transmit or negotiate which key set to use in an insecure manner. The KSI provides a secure shorthand.
Its primary purpose is to enable the reuse of established security contexts. After an initial authentication, a security context containing fresh cryptographic keys is established. The KSI allows this context to be referenced and reactivated for subsequent connections without repeating the full authentication, significantly speeding up procedures like idle-to-active transitions and handovers. This is critical for user experience, especially for services requiring frequent, short transmissions.
Historically, the concept evolved from GSM's Key Sequence Number but was significantly enhanced for 3G UMTS to provide stronger security within the new AKA protocol. In GSM, security was weaker, and key management less sophisticated. The introduction of mutual authentication and stronger algorithms in 3G necessitated a more robust key hierarchy and management system, of which the KSI is a core component. It addresses the limitation of not having a secure, agreed-upon reference to pre-shared key material, which is essential for the performance and scalability of secure mobile communications. In 5G, its role continues within the new 5G AKA and EAP-AKA' protocols, ensuring backward compatibility and efficient security context management in a more complex network slicing environment.
Classification
Detected Changes Across Releases
from 3GPP Change RequestsSpecific changes extracted from the „Change history“ tables of 3GPP specifications (40 CRs across 5 releases). Complements the general historical overview above with the evidence-based evolution of this function.
Studied in Rel-4, normative work from Rel-15.
In Release 15, the KSI function was updated to clarify its usage during inter-system handover from 5GS to EPS, specifically for the mapped EPS security context. The release also introduced corrections and clarifications for related identifiers, including the NAS connection identifier, to align it with the access type identifier. Furthermore, enhancements were made to subscription identifier privacy mechanisms applicable during initial registration and de-registration procedures.
- Subscription identifier privacy suppport TS 31.102CR0778
- Clarification to Subscription identifier privacy TS 33.501CR0145
- Correction for KSI name for mapped EPS security context during inter-system handover from 5GS to EPS TS 24.301CR3116
- UE identifier provided during an initial registration procedure TS 24.501CR0679
- Removal of Editor's note on home network public key and home network public key identifier update and removal of protection scheme identifier TS 24.501CR0845
- Align NAS connection identifier with access type identifier TS 33.501CR0258
+ 7 more changes
In Release 16, the KSI (Key Set Identifier) function was updated with a correction to its terminology and an alignment of the 5G ciphering and integrity algorithm identifiers. Furthermore, the release defined a new DF_SAIP and reserved an identifier for SUCI calculation in eUICCs.
- SUCI computation: implementers' test data for network specific identifier-based SUPI TS 33.501CR0847
- Possible KSI types in EPS TS 24.301CR3346
- Correction to KSI terminology TS 24.301CR3434
- Correction of certain erroneous Information Element Identifiers TS 24.501CR2033
- Packet filter identifier setting when requesting new packet filters TS 24.501CR2536
- Alignment of the 5G ciphering and integrity algorithm identifiers TS 24.301CR3221
+ 2 more changes
In Release 17, the specification clarified the setting of the packet filter identifier value and aligned the allocation of identifiers like the GUTI to best practices for unpredictable generation. This release also introduced a specific access technology identifier for satellite NG-RAN and corrected a file identifier for the EF5G_PROSE_UIR. Furthermore, it included a procedural update to avoid including both PAP/CHAP and EAP identifiers in a PDU session establishment request.
- Avoid including both PAP/CHAP and EAP identifiers in PDU session establishment request TS 24.501CR2941
- Clarification on the setting of packet filter identifier value TS 24.501CR3300
- Network identifier is not specified TS 24.501CR3389
- Access Technology Identifier satellite NG-RAN TS 24.501CR3636
- Correction of file identifier for EF5G_PROSE_UIR TS 31.102CR0982
- Align GUTI allocation to best practices of unpredictable identifier generation TS 33.401CR0702
In Release 18, specific clarifications and corrections were made to the handling of the N3IWF/TNGF identifier, a type of network access identifier, within the registration procedure. The changes focused on protecting this identifier information when sent in the REGISTRATION REJECT message and resolving editorial notes related to its use during trusted non-3GPP access. These updates ensured consistent and secure handling of this key network function identifier across the specified interfaces and procedures.
- Protecting the N3IWF/TNGF identifier information in the REGISTRATION REJECT message TS 24.501CR5932
- Resolution of editor notes related to the temporary identifier used during trusted non-3GPP access. TS 33.501CR1766
- Correction for N3IWF identifier IE TS 24.501CR5120
- Correction related to receiving N3IWF identifier IE in the REGISTRATION REJECT TS 24.501CR5322
- Correction of DF Identifier for 5MBSUECONFIG TS 31.102CR0984
In Release 19, the KSI function was enhanced to support QoS differentiation for multiple non-3GPP device identifiers. The release introduced new procedures for suspending and rejecting this QoS differentiation, alongside corrections to the associated connection information IE. These updates provided a more robust framework for managing quality of service based on non-3GPP device identifiers.
- Support of reject QoS differentiation for non-3GPP device identifier(s) TS 24.501CR6926
- Procedure update for QoS differentiation of non-3GPP device identifiers TS 24.501CR6994
- Suspending QoS differentiation for non-3GPP device identifier TS 24.501CR7087
- Correction to the inconsistent LCS correlation identifier TS 24.501CR6380
- Support of multiple Non-3GPP device identifiers for QoS differentiation TS 24.501CR6925
- QoS differentiation for non-3GPP device identifiers clean up TS 24.501CR6993
+ 2 more changes
Explore further
Broader topics and technologies where KSI plays a role.
Defining Specifications
3GPP specifications that define or reference KSI, with the latest known release. Sourced from the 3GPP document catalog — see methodology.
| Specification | Title | Release |
|---|---|---|
| TR 21.905 vj00 | 3GPP Technical Terms and Definitions | Rel-19 |
| TS 23.060 vj00 | GPRS Service Description Stage 2 | Rel-19 |
| TS 24.301 vj60 | NAS protocol for Evolved Packet System | Rel-19 |
| TS 24.501 vj50 | 5G NAS Protocols Specification | Rel-19 |
| TS 31.102 vj40 | USIM Application Specification | Rel-19 |
| TS 31.103 vj00 | ISIM Application Specification | Rel-19 |
| TS 31.121 vi50 | UICC-terminal interface test specification | Rel-18 |
| TS 33.102 vj10 | 3G Security Architecture Specification | Rel-19 |
| TS 33.401 vj10 | EPS Security Architecture | Rel-19 |
| TS 33.501 vk00 | 5G Security Architecture and Procedures | Rel-20 |
| TS 33.859 vb10 | UTRAN Key Hierarchy Enhancement Study | Rel-11 |