5G key hierarchy: K → CK/IK → KAUSF → KAMF → KgNB

Hierarchical Key Derivation

5G derives all security keys from a single permanent master key called K, stored in the USIM and the UDM/ARPF. Rather than using K directly for encryption, each layer of the network receives a derived key specific to its role. Key Derivation Functions take a parent key and additional inputs like the serving network name or algorithm identifiers, producing a child key that cannot be reversed to reveal its parent. This hierarchy means that compromising a key at a lower level, such as at the gNB, does not reveal keys at higher levels. Cryptographic isolation is built into the architecture by…