SSK

Secret Signing Key

Security
Introduced in Rel-14
A cryptographic key used for generating digital signatures to ensure message integrity and authenticity in 3GPP networks. It is a core component in security protocols for protecting signaling and user data, preventing tampering and spoofing.

Description

The Secret Signing Key (SSK) is a symmetric or asymmetric cryptographic key utilized within 3GPP security architectures to create digital signatures. Its primary function is to provide data origin authentication and integrity protection for various network messages and signaling procedures. In practice, the SSK is typically generated and stored securely within a network entity, such as a Home Subscriber Server (HSS), Authentication Server Function (AUSF), or within a Universal Integrated Circuit Card (UICC) on the user equipment side. The key is used in conjunction with a signing algorithm (e.g., based on RSA or ECC) to produce a signature over a specific data set, which can then be verified by a receiving entity possessing the corresponding public key or a shared secret.

The architectural role of the SSK is often defined within the context of specific service enablers or authentication frameworks. For instance, in the context of service capability exposure or authentication for non-3GPP access, the SSK may be employed to sign tokens or assertions. The key management lifecycle—including generation, distribution, storage, usage, and eventual revocation or renewal—is critical and is specified in relevant 3GPP security specifications to prevent compromise. The use of an SSK helps establish a chain of trust between network functions, ensuring that commands or authorization grants have not been altered and originate from a legitimate source.

From an operational perspective, when a network function needs to assert a claim (e.g., user authentication status or service authorization), it uses its private SSK to generate a signature over the claim data. This signed object is then transmitted to a consuming function. The consumer, which must have a trust relationship established (often through pre-shared public keys or a Public Key Infrastructure), verifies the signature using the corresponding public key. Successful verification confirms both the integrity of the message and the identity of the signer, forming a foundation for secure service interactions. This mechanism is vital in modern service-based architectures where network functions communicate over HTTP-based interfaces that may traverse less trusted domains.

Purpose & Motivation

The SSK was introduced to address the growing need for robust security mechanisms in increasingly open and service-oriented 3GPP network architectures. As networks evolved towards cloud-native, decomposed functions communicating via APIs, traditional link-level security became insufficient for end-to-end message assurance between applications and network functions. The SSK provides a standardized method for implementing digital signatures, solving problems related to message tampering, replay attacks, and impersonation within signaling flows.

Historically, earlier 3GPP releases relied more on cryptographic keys for ciphering and integrity protection within specific radio or core network protocols (e.g., in NAS or RRC). However, with the exposure of network capabilities to third-party applications and the interconnection of diverse network functions in 5G, there was a clear motivation to define a key type explicitly dedicated to non-repudiation and source authentication. The SSK fills this gap, enabling functionalities like secure service authorization, signed policy updates, and verifiable audit trails. Its creation was motivated by requirements for trusted data exchange in scenarios such as network slicing, edge computing, and authentication across heterogeneous access networks, where the origin and integrity of management commands or user context data must be cryptographically guaranteed.

Key Features

  • Enables generation of digital signatures for data origin authentication
  • Provides cryptographic integrity protection for signaling messages and user data
  • Can be implemented using symmetric or asymmetric cryptography as per specification
  • Integrates with 3GPP security key management and storage frameworks
  • Supports non-repudiation services for critical network operations
  • Used in authentication and authorization protocols for service exposure

Evolution Across Releases

Rel-14 Initial

Initially introduced as the Secret Signing Key within the context of service capability exposure and authentication enhancements. Specified for use in generating signatures for security tokens and assertions, particularly for securing communication between network functions and external application servers. The architecture defined its generation and usage within the Home Subscriber Server (HSS) and other security proxy functions.

TS 24.582TS 33.885

Defining Specifications

SpecificationTitle
TS 24.582 3GPP TS 24.582
TS 33.885 3GPP TR 33.885