Level 8

5G Security

Master 5G security — trust domains, SUPI/SUCI privacy, key hierarchy and derivation, 5G-AKA and EAP-AKA' authentication, NAS/AS security activation, slice isolation, SBA OAuth 2.0, SEPP roaming security, threat taxonomy, and lawful interception.

0/15 lessons

This level requires a Pro subscription

Unlock all 7 advanced levels — 200+ lessons, labs, and animations by TELCOMA Global.

Security Architecture

0/7

Understand the 5G security framework — trust domains, SUPI concealment with ECIES, the complete key hierarchy from K to KRRCenc, 5G-AKA vs EAP-AKA' authentication, and NAS/AS security activation.

5G security domains and trust model

The five security domains in 3GPP TS 33.501 — network access, network domain, user domain, application domain, and SBA domain security.

lesson3 min

SUPI concealment → SUCI (ECIES encryption)

How 5G protects subscriber identity — ECIES-based encryption that converts SUPI into SUCI before transmission over the air.

lesson3 min

5G key hierarchy: K → CK/IK → KAUSF → KAMF → KgNB

The complete 5G key derivation tree — from the permanent key K through CK/IK, KAUSF, KAMF, KgNB, to KRRCenc, KRRCint, KUPenc, and KUPint.

lesson3 min

5G-AKA vs EAP-AKA' authentication

Side-by-side comparison of the two primary 5G authentication methods — message flows, key agreements, and when each is used.

animation3 min

NAS and AS security activation

How NAS Security Mode Command and AS Security Mode Command activate encryption and integrity protection between UE and network.

animation3 min

Lab: Trace authentication vectors through the key hierarchy

Step-by-step exercise — derive keys from K through the full hierarchy and verify authentication vectors at each level.

lab5 min

Quiz: Security Architecture

Test your knowledge of 5G security domains, SUPI/SUCI, key hierarchy, and authentication protocols.

quiz3 min

Advanced Security Topics

0/8

Explore advanced 5G security — slice isolation, SBA API security with OAuth 2.0, inter-PLMN SEPP protection, threat taxonomy, lawful interception, and real-world SUCI deployment scenarios.

Network slice security and isolation

Security boundaries between slices — resource isolation, NF isolation, traffic separation, and threat models for cross-slice attacks.

lesson3 min

SBA API security: OAuth 2.0 for NF authorization

How NFs authenticate and authorize API calls — NRF as OAuth 2.0 authorization server, access tokens, and scope-based permissions.

lesson3 min

Inter-PLMN security: SEPP and TLS

Securing roaming traffic — Security Edge Protection Proxy (SEPP), N32 interface, TLS profiles, and PRINS/JOSE message protection.

lesson3 min

5G security threats: false base stations, MitM, DoS

Taxonomy of 5G-specific threats — rogue gNBs, man-in-the-middle attacks, denial-of-service, and protocol exploits.

lesson3 min

Lawful interception in 5G

The LI architecture — ADMF, DF2/DF3 delivery functions, X1/X2/X3 interfaces, and privacy considerations in 5G.

lesson3 min

Real-world: How SUCI prevents IMSI catching

Before and after — how IMSI catchers worked in 4G and why SUCI-based concealment in 5G makes them obsolete.

lesson3 min

Lab: Identify security vulnerabilities in a 5G deployment

Threat assessment exercise — analyze a 5G network diagram and identify security gaps, misconfigurations, and attack surfaces.

lab5 min

Quiz: Advanced Security

Test your knowledge of slice security, OAuth 2.0, SEPP, threats, lawful interception, and SUCI deployment.

quiz3 min