TLS

Transport Layer Security

Security →
Introduced in Rel-4 Also in: Security, Core Network, Management

TLS is a cryptographic protocol used in 3GPP systems to provide secure, authenticated communication with integrity and confidentiality for signaling and user plane traffic between network functions and user equipment.

Category
Security
Introduced
Rel-4
Where
Services › Codecs
Also touches
3 segments
Specifications
54 specs
TLS Description Purpose Related Classification Detected Changes Specifications

Description

Transport Layer Security (TLS) is a fundamental security protocol adopted by 3GPP to protect data in transit across various network interfaces. It operates above the transport layer (typically TCP), creating a secure tunnel between two endpoints before the application layer protocol (e.g., HTTP, SIP, Diameter) exchanges any sensitive data. The protocol establishes this secure channel through a handshake procedure, where the endpoints negotiate cryptographic algorithms, authenticate each other (often using X.509 digital certificates), and derive shared session keys used for encryption and integrity protection.

The TLS architecture within a 3GPP network is pervasive. It secures web-based interfaces like the T8 reference point used by the Service Capability Exposure Function (SCEF) for IoT services, protecting northbound APIs. It secures Diameter connections between core network elements, such as between the Policy and Charging Rules Function (PCRF) and the Packet Data Network Gateway (PGW). In the IP Multimedia Subsystem (IMS), TLS protects the Mw, Mg, and Mx interfaces carrying SIP signaling. For user equipment, TLS is crucial for securing HTTPS connections to application servers, including those used for device management, authentication (e.g., for EAP-TLS), and accessing IMS services via the Ut reference point.

How TLS works involves distinct phases. The Handshake Protocol manages authentication and key establishment. The client and server exchange 'ClientHello' and 'ServerHello' messages to agree on a TLS version and cipher suite. The server then typically sends its certificate for authentication. For mutual TLS (mTLS), as required in many 3GPP service-based interfaces (SBI) in the 5G Core, the client also presents a certificate. Following authentication, a 'Premaster Secret' is exchanged and used, along with random values, to generate the 'Master Secret' from which symmetric encryption and Message Authentication Code (MAC) keys are derived. Once the handshake completes, the Record Protocol takes over, using the agreed keys to encrypt application data, provide message integrity via MACs (or authenticated encryption like AES-GCM), and optionally compress data.

TLS's role is to mitigate threats like eavesdropping, tampering, and message forgery. By ensuring confidentiality, it prevents attackers from reading sensitive information like user identities, location data, or charging records. Integrity protection ensures that commands or data cannot be altered in transit without detection. Authentication, especially mutual authentication with certificates, is critical in 5G's cloud-native, service-based architecture to prevent unauthorized network functions from interacting with each other. TLS is often combined with underlying IPsec, providing a defense-in-depth strategy, or used independently where IPsec is not feasible, such as for traffic traversing the public internet between an operator's network and a third-party application server.

Purpose & Motivation

TLS was integrated into 3GPP standards to address the critical need for securing packet-based signaling and data traffic as networks evolved from circuit-switched to all-IP architectures. Early mobile networks relied on network-level security within the radio access and core network perimeter. However, with the introduction of IMS in Release 5 and the increasing use of IP-based services, traffic began traversing less-trusted paths, including connections to external application servers and between data centers. This exposed sensitive control plane signaling (e.g., SIP, Diameter) and user data to interception and manipulation.

The protocol solves the problem of providing robust, standards-based security for application-layer protocols that lack native protection. Before its widespread adoption, proprietary or weaker security mechanisms were sometimes used, creating vulnerabilities and interoperability challenges. TLS provides a well-vetted, industry-standard solution for authentication, confidentiality, and integrity. Its creation and evolution (from its predecessor, SSL) were motivated by the broader Internet's security needs, which 3GPP leveraged to secure its own ecosystem.

In later releases, especially with 5G, the purpose of TLS expanded further. The shift to a Service-Based Architecture (SBA) with HTTP/2 APIs (e.g., Nnrf, Nausf) required a transport-agnostic security mechanism that could work efficiently in cloud environments. Mutual TLS (mTLS) became mandatory for many service-based interfaces, solving the problem of machine-to-machine authentication in a dynamic, microservices-based core network where network functions are ephemeral. TLS 1.3, mandated in later 5G releases, addresses limitations of older versions by providing stronger cryptographic algorithms, faster handshakes through 1-RTT and 0-RTT modes, and improved resistance to downgrade attacks, aligning with modern security best practices and performance requirements.

Classification

Part ofIPSec
Specific typesDTLSHTTPSQUICSSLWTLS

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (212 CRs across 6 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Studied in Rel-4, normative work from Rel-15.

Rel-15 65 changes

In Release 15, the TLS function was newly introduced or explicitly mandated for securing specific interfaces and procedures, including the authorization and authentication between Network Functions and the NRF, as well as for providing application layer security on the N32 interface. The release also introduced security mechanisms for non-Service-Based Architecture interfaces in the 5G Core and clarified security protections for API invoker onboarding and offboarding within the CAPIF framework. Furthermore, it defined security procedures for the update of UE parameters via UDM control plane procedures, ensuring these exchanges are protected.

  • Security requirements for API invoker onboarding and offboarding TS 33.122CR0005
  • Clarifications to: Protection at the network or transport layer, Authorization and authentication between network functions and the NRF TS 33.501CR0147
  • Clarifications to security requirements and features (clause 5) TS 33.501CR0161
  • Security Negotiation for RRC INACTIVE TS 33.501CR0183
  • Security Mechanism for Steering of Roaming TS 33.501CR0214
  • CR-slice-management-security TS 33.501CR0290

+ 59 more changes

Rel-16 39 changes

In Release 16, the TLS function was extended to support new security procedures for the CAPIF-3e/4e/5e and CAPIF-7/7e reference points, and its usage was explicitly profiled for the CAPIF framework. Furthermore, TLS was mandated for securing the connection between a Network Function and the SEPP, specifically based on a custom HTTP header, and its application was defined for new service contexts including security for 5GLAN services and for the Inter-PLMN User Plane Security (IPUPS) Function.

  • Exchange IPX security information lists TS 29.573CR0020
  • Transport Harmonization (align 33.108 to 33.128) TS 33.108CR0418
  • Security Requirements for CAPIF-3e/4e/5e reference points TS 33.122CR0019
  • Security aspects of CAPIF-7/7e reference points TS 33.122CR0022
  • Security procedures for CAPIF-7/7e reference points TS 33.122CR0024
  • Security procedures for CAPIF-3e/4e/5e reference points TS 33.122CR0025

+ 33 more changes

Rel-17 44 changes

In Release 17, the TLS function was enhanced with new profiles and capabilities, specifically adding support for TLS 1.3 using keys derived from the Authentication and Key Management for Applications (AKMA) framework and for Generic Bootstrapping Architecture (GBA)-based shared secrets with Pre-Shared Key (PSK) authentication. Furthermore, support for end-to-end application encryption (e2ae) was extended to non-WebRTC sessions using Datagram Transport Layer Security for Secure Real-time Transport Protocol (DTLS-SRTP). These updates also included alignment with the security working group's (SA3) supported TLS profiles.

  • Communication security context when using functional alias TS 23.280CR0257
  • Alignment with SA3 supported TLS profiles TS 23.333CR0144
  • Alignment with SA3 supported TLS profiles TS 23.334CR0176
  • Support of e2ae security using DTLS-SRTP for non WebRTC sessions TS 23.334CR0178
  • Adding profiles of TLS to use AKMA keys TS 24.109CR0070
  • GBA-based shared secret with PSK authentication in TLS 1.3 TS 24.109CR0071

+ 38 more changes

Rel-18 32 changes

In Release 18, TLS enhancements focused on securing new interfaces and procedures, specifically introducing TLS security for the N32-f interface and detailing its handling for roaming scenarios like the V-EASDF discovery procedure. The release also added security for network automation enablers and updated negotiation procedures for security profiles and capabilities.

  • Support the negotiation of security profiles TS 29.573CR0174
  • Security for resource owner aware northbound access to APIs TS 33.122CR0036
  • Security aspects of NG RTC TS 33.328CR0071
  • Security aspects of MSGin5G Service in rel-18 TS 33.501CR1565
  • Security aspects of enhanced support of Non-Public Networks phase 2 TS 33.501CR1671
  • Security of EAS discovery procedure via V-EASDF in roaming Scenario TS 33.501CR1741

+ 26 more changes

Rel-19 31 changes

In Release 19, the TLS function saw new security procedures and requirements introduced for several specific interfaces and services. These included enhanced security for the CAPIF-6, CAPIF-6e, and CAPIF-8 reference points, as well as for the MSGin5G service and IMS capability exposure. Furthermore, new security aspects were defined for Core Network Enhanced Support for AIML and for N6 delay measurements.

  • [AMD_PRO-MED] Security procedures for metrics reporting at M3 TS 26.512CR0100
  • Security requirements and procedures for CAPIF-8 reference point TS 33.122CR0078
  • RNAA and Interconnect aspects in function security model TS 33.122CR0080
  • CAPIF Security requirements on CAPIF-6 and -6e reference points TS 33.122CR0081
  • Security procedures for CAPIF interconnection TS 33.122CR0107
  • Extra IAB information in stage 2 related to Downlink NAS transport and to UE CONTEXT MODIFICATION REQUEST TS 33.127CR0255

+ 25 more changes

Rel-20 1 change

In Release 20, the new TLS-related feature introduced a procedure for making specific security parameters visible to RIs (Registration Intervals). This enhancement explicitly addressed the visibility of security attributes and cipher keys, which are defined as codes used with a security algorithm to encode and decode data, within the framework of transport layer security operations.

  • Procedure to making some security parameters visible to RIs TS 33.501CR2191

Explore further

Broader topics and technologies where TLS plays a role.

Topics
Authentication (5G-AKA, EAP)Service Based ArchitectureIMS & Voice (VoLTE, VoNR)Encryption & IntegrityPrivacy (SUPI, SUCI)MEC (Edge Computing)
Technologies
LTE5G

Defining Specifications

3GPP specifications that define or reference TLS, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TR 21.905 vj00 3GPP Technical Terms and Definitions Rel-19
TS 23.057 vj00 Mobile Execution Environment (MExE) Specification Rel-19
TS 23.179 vd50 MCPTT Functional Architecture Rel-13
TS 23.280 vk10 Common Architecture for Mission Critical Services Rel-20
TS 23.333 vj00 MRFC-MRFP Mp Interface Requirements Rel-19
TS 23.334 vj00 IMS-ALG to IMS-AGW Interface (Iq) Stage 2 Rel-19
TS 23.379 vk00 MCPTT Functional Architecture Rel-20
TS 23.701 vc00 WebRTC Access to IMS Architecture Study Rel-12
TS 23.722 vf10 Common API Framework (CAPIF) for 3GPP Northbound APIs Rel-15
TS 24.109 vj00 HTTP Digest AKA & GAA Stage 3 Rel-19
TS 24.141 vj00 Presence Service Protocol Details Rel-19
TS 24.147 vj00 IMS Conferencing Protocol Details Rel-19
TS 24.229 vj50 IMS call control protocol based on SIP and SDP Rel-19
TS 24.259 vj00 Personal Network Management (PNM) Protocol Details Rel-19
TS 24.322 vj00 IMS Tunneling over Restrictive Networks Rel-19
TS 24.423 v850 PSTN/ISDN Simulation Services XCAP Protocol Rel-8
TS 24.482 vj00 Mission Critical Services Identity Management Rel-19
TS 24.572 vj50 5G LCS User Plane Protocol Specification Rel-19
TS 24.623 vj00 XCAP Protocol for Supplementary Services Rel-19
TS 26.247 vj00 3GPP Progressive Download & DASH over HTTP Rel-19
TS 26.348 vj00 xMB Interface Specification Rel-19
TS 26.512 vj10 5G Media Streaming Protocols & APIs Rel-19
TS 26.804 vj10 5G Media Streaming Extensions Study Rel-19
TR 26.998 vj00 5G AR/MR Glasses Integration Study Rel-19
TS 29.116 vj00 REST-based protocol for xMB reference point Rel-19
TS 29.162 vj00 IMS-IP Network Interworking Rel-19
TS 29.333 vj00 MRFC-MRFP Mp Interface Protocol Rel-19
TS 29.334 vj00 IMS-ALG to IMS-AGW Interface Protocol Rel-19
TS 29.368 vj00 Tsp Reference Point Stage 3 Specification Rel-19
TS 29.573 vj50 PLMN/SNPN Interconnection Interface Stage 3 Rel-19
TS 29.819 vd00 Diameter Base Protocol Update Analysis Rel-13
TS 29.890 vg00 CT3 5G System Technical Report Rel-16
TR 29.893 vi00 Technical Report on QUIC for 5GC SBI Rel-18
TS 32.501 vj00 Self-Configuration of Network Elements Concepts Rel-19
TS 32.583 vj00 HNB OAM&P Procedure Flows for Type 1 Interface Rel-19
TS 32.593 vj00 HeNB OAM&P Procedure Flows for Type 1 Interface Rel-19
TS 33.107 vj00 Lawful Interception Architecture & Functions Rel-19
TS 33.108 vj00 LI Handover Interface Specification Rel-19
TS 33.122 vj20 Security Architecture for CAPIF Rel-19
TS 33.127 vj50 Lawful Interception Architecture and Functions Rel-19
TS 33.141 vj00 Security for Presence Service (Ut reference point) Rel-19
TS 33.203 vj10 IMS Security Specification Rel-19
TS 33.222 vj00 Secure HTTP Access in GAA Rel-19
TS 33.320 vj00 H(e)NB Subsystem Security Architecture Rel-19
TS 33.328 vj10 IMS Media Plane Security Specification Rel-19
TS 33.501 vk00 5G Security Architecture and Procedures Rel-20
TR 33.739 vi10 Study on security enhancement of support for Rel-18
TS 33.823 vc20 GBA Web Browser Integration Study Rel-12
TR 33.841 vg10 Security aspects; Study on 256-bit algorithms for 5G Rel-16
TR 33.848 vi00 Technical Report on Virtualisation Security Rel-18
TS 33.863 ve20 Security for Battery-Efficient IoT Device to Enterprise Rel-14
TR 33.876 vi01 Technical Report on Certificate Management Rel-18
TR 33.938 vj10 3GPP Cryptographic Inventory for 5G Rel-19
TR 33.969 vj00 Security for Public Warning System (PWS) Rel-19