RSA

Rivest-Shamir-Adleman

Security
Introduced in Rel-6
RSA is a widely-used public-key cryptosystem for secure data transmission, digital signatures, and key exchange in 3GPP networks. It provides confidentiality, authentication, and integrity, forming a cornerstone of security protocols in cellular systems from 3G to 5G.

Description

RSA (Rivest-Shamir-Adleman) is an asymmetric cryptographic algorithm that forms a fundamental part of security architectures in 3GPP standards. It operates on the principle of a public key and a private key pair, where the public key is used for encryption or signature verification, and the private key is kept secret for decryption or signature generation. In 3GPP systems, RSA is employed in various security mechanisms, including authentication, key agreement, and digital signatures for network elements and user equipment (UE). The algorithm's security relies on the computational difficulty of factoring large integers, which are derived from two large prime numbers.

Within 3GPP networks, RSA works by integrating into higher-layer protocols and interfaces. For example, in the authentication and key agreement (AKA) procedures, RSA may be used for securing the exchange of keys between the UE and network, particularly in early 3G releases. The architecture involves components such as the Home Subscriber Server (HSS), Authentication Centre (AuC), and UE's universal integrated circuit card (UICC) or SIM. RSA keys are generated and managed by certification authorities (CAs) and distributed via public key infrastructure (PKI) systems, ensuring that only authorized entities can participate in secure communications. Specifications like 3GPP TS 33.303 (for PKI) and TS 31.113 (for UICC security) detail the implementation and usage of RSA.

The algorithm's role extends to securing signaling and user plane data. In protocols like IPsec and TLS used for core network interfaces (e.g., N1, N2 in 5G), RSA can be utilized for key exchange during tunnel establishment. Additionally, RSA digital signatures verify the authenticity of software updates, certificates, and network messages, preventing tampering and spoofing. Its integration into 3GPP systems ensures end-to-end security across radio access and core network domains, protecting against eavesdropping, man-in-the-middle attacks, and unauthorized access.

Purpose & Motivation

RSA was adopted in 3GPP standards starting from Release 6 to address the growing need for robust security in cellular networks, especially with the transition to packet-switched services and internet connectivity. Prior asymmetric cryptosystems were less standardized or efficient, and symmetric-key algorithms alone could not provide scalable authentication and key distribution. RSA's introduction enabled secure key exchange without pre-shared secrets, facilitating large-scale deployments and interoperability across different vendors and operators.

The motivation for including RSA stemmed from the limitations of earlier security mechanisms in 2G and early 3G systems, which relied heavily on symmetric cryptography and had vulnerabilities to certain attacks. RSA provided a way to implement digital signatures for network authentication and non-repudiation, enhancing trust in roaming scenarios and service access. It also supported the evolution towards IP-based networks, where public-key infrastructure became essential for securing interfaces like those between network functions.

Furthermore, RSA's role in 3GPP evolved to support advanced features such as secure service provisioning, lawful interception, and device integrity verification. As networks progressed to 4G and 5G, RSA continued to be relevant for certificate-based authentication and backward compatibility, even as newer algorithms like elliptic curve cryptography (ECC) gained prominence for efficiency. Its enduring presence underscores its importance in maintaining a layered security approach within 3GPP architectures.

Key Features

  • Asymmetric encryption using public and private key pairs
  • Supports digital signatures for authentication and integrity
  • Enables secure key exchange without pre-shared secrets
  • Based on the mathematical difficulty of integer factorization
  • Integrates with PKI for certificate management
  • Used in AKA procedures and network interface security

Evolution Across Releases

Rel-6 Initial

Introduced RSA into 3GPP specifications for enhanced security, primarily for digital signatures and key management in packet-switched domains. It was integrated into authentication protocols and PKI frameworks to support secure service access and roaming across UMTS and early HSPA networks.

TS 21.905TS 31.113TS 32.808
Rel-7

Extended RSA usage for securing IMS (IP Multimedia Subsystem) and other IP-based services. Enhanced support for certificate enrollment and revocation in network elements, aligning with broader adoption of internet protocols in cellular networks.

TS 21.905TS 31.113TS 32.808
Rel-8

Incorporated RSA into LTE security architecture for initial attach procedures and evolved packet core (EPC) interfaces. Maintained compatibility with legacy systems while supporting new authentication mechanisms for 4G networks.

TS 21.905TS 31.113TS 32.808
Rel-9

Further refined RSA implementations for lawful interception and home nodeB security. Updated key lengths and algorithm parameters to address evolving cryptographic threats, ensuring continued robustness in LTE deployments.

TS 21.905TS 31.113TS 32.808
Rel-10

Enhanced RSA for carrier aggregation and multi-RAT coordination, ensuring secure signaling across aggregated carriers. Integrated with new key derivation functions and security algorithms in LTE-Advanced.

TS 21.905TS 31.113TS 32.808
Rel-11

Extended RSA support for machine-type communication (MTC) and smart grid applications, focusing on lightweight implementations for IoT devices. Updated specifications for certificate provisioning in constrained environments.

TS 21.905TS 31.113TS 32.808
Rel-12

Maintained RSA for backward compatibility while introducing recommendations for transition to elliptic curve cryptography (ECC). Continued use in legacy authentication and signing for network functions and UE certificates.

TS 21.905TS 31.113TS 32.808
Rel-13

Further optimized RSA for dual connectivity and LTE-U scenarios, ensuring security in unlicensed spectrum operations. Updated guidelines for key management in heterogeneous networks.

TS 21.905TS 31.113TS 32.808
Rel-14

Integrated RSA into enhanced LTE features like massive MIMO and licensed-assisted access. Ensured compatibility with emerging 5G security studies, focusing on migration paths to newer algorithms.

TS 21.905TS 31.113TS 32.808
Rel-15

Supported RSA in 5G NR for legacy interoperability and certain certificate-based authentication methods. Defined its role in secondary authentication and network slice security, alongside newer cryptographic suites.

TS 21.905TS 31.113TS 32.808
Rel-16

Extended RSA usage for 5G non-public networks (NPN) and integrated access and backhaul (IAB). Maintained support for industrial IoT and vertical applications requiring proven cryptographic standards.

TS 21.905TS 31.113TS 32.808
Rel-17

Further evolved RSA for 5G-Advanced, including non-terrestrial networks (NTN) and reduced capability devices. Updated security profiles to balance performance and robustness in diverse deployment scenarios.

TS 21.905TS 31.113TS 32.808
Rel-18

Continued RSA support for network slicing and AI/ML-driven security in 5G-Advanced. Enhanced specifications for quantum-resistant migration, acknowledging its gradual phase-out in favor of post-quantum algorithms.

TS 21.905TS 31.113TS 32.808
Rel-19

Maintained RSA for legacy system compatibility and specific use cases in evolving 6G research. Focused on interoperability with newer security frameworks and hybrid cryptographic approaches.

TS 21.905TS 31.113TS 32.808

Defining Specifications

SpecificationTitle
TS 21.905 3GPP TS 21.905
TS 31.113 3GPP TR 31.113
TS 32.808 3GPP TR 32.808