SUPI, SUCI, SUCI encryption, 5G-AKA, EAP-AKA-prime, SQN resync, roaming security, SEPP — the identity and authentication layer of 5GC
1. What Are UDM and AUSF — The Simple Version
The UDM (Unified Data Management) is the subscriber database of 5GC. It stores everything about a subscriber: their permanent identity (SUPI), authentication credentials (long-term key K), subscription data (allowed slices, DNN access, QoS entitlements), and current serving NF registrations. Every session and registration in the 5GC eventually touches the UDM.
The AUSF (Authentication Server Function) is the entity that runs the authentication algorithm. When a UE registers, the AMF asks the AUSF to authenticate it. The AUSF asks the UDM for authentication vectors (the cryptographic material derived from the subscriber’s K), runs 5G-AKA or EAP-AKA’, and confirms to the AMF whether the UE is genuine. If either UDM or AUSF is unavailable, nobody can register — not a single subscriber.
| 3GPP Reference |
| 3GPP TS 33.501 — Security Architecture and Procedures for 5G System (definitive auth reference) |
| 3GPP TS 29.503 — UDM Services: Nudm_SDM, Nudm_UECM, Nudm_UEAuthentication |
| 3GPP TS 29.509 — AUSF Services: Nausf_UEAuthentication |
| 3GPP TS 23.501 Section 5.9 — Security aspects of 5GC (SUPI, SUCI, keys) |
2. Architecture — Identity and Auth in 5GC
The Identity Stack
| Identity | Full Name | Format | Privacy Protection |
| SUPI | Subscription Permanent Identifier | IMSI format: MCC(3)+MNC(2-3)+MSIN — or NAI format | Never transmitted over air in plaintext. Always protected as SUCI. |
| SUCI | Subscription Concealed Identifier | SUPI with MSIN encrypted using home network public key (ECIES) | Sent in Registration Request. Ephemeral — different ciphertext every registration. Unlinkable. |
| 5G-GUTI | 5G Globally Unique Temporary Identifier | GUAMI + 5G-TMSI (32-bit) | Temporary identity assigned after first successful auth. Refreshed regularly by AMF. |
| GUAMI | Globally Unique AMF Identifier | MCC+MNC+AMF Region ID (8-bit)+AMF Set ID (10-bit)+AMF Pointer (6-bit) | Identifies the specific AMF serving the UE. Embedded in 5G-GUTI. |
Table 1 — 5G identity types. SUCI protects subscriber privacy over the air. 5G-GUTI provides a temporary identity after authentication. IMSI catchers that plagued 4G cannot harvest 5G SUPIs.
UDM Internal Components
| Component | Role | Notes |
| UDR (Unified Data Repository) | Stores all subscriber data: profiles, authentication credentials, policy data. | Backend database. UDM accesses UDR via N35. UDR is the actual data store — UDM is the service layer. |
| ARPF (Authentication Credential Repository and Processing Function) | Stores the long-term key K and computes authentication vectors. | Part of UDM/UDR. Generates RAND, AUTN, XRES*, KAUSF from K. |
| SIDF (Subscription Identifier De-concealing Function) | Decrypts SUCI to recover SUPI using home network private key. | Also part of UDM. Called by AUSF during authentication. Home network private key must never leave the operator network. |
| UECM (UE Context Management) | Tracks which NFs are currently serving each SUPI (serving AMF, serving SMF, etc.) | SMF and AMF register with UECM on session/registration start. Used for charging correlation and handover. |
Table 2 — UDM internal components. The SIDF is the decryptor for SUCI — it holds the home network private key. This key is the most sensitive cryptographic material in the operator network.
3. Step-by-Step — 5G-AKA Authentication
Here is the complete 5G-AKA flow when a UE registers for the first time on an SA network:
Step 1 — UE computes its SUCI. The USIM encrypts the MSIN portion of the SUPI using the home network’s public key (loaded on the USIM at manufacturing time). The encryption uses ECIES (Elliptic Curve Integrated Encryption Scheme) with Protection Scheme Profile A (x25519) or Profile B (P-256). The result is a fresh ciphertext every time — linking two SUCI values to the same subscriber is computationally infeasible.
Step 2 — UE sends NAS: Registration Request with SUCI. gNB forwards in NGAP Initial UE Message to AMF.
Step 3 — AMF discovers the AUSF for this home network (from SUCI MCC/MNC) via NRF. Sends N12: Nausf_UEAuthentication_Authenticate Request with SUCI and serving network name.
Step 4 — AUSF sends N13: Nudm_UEAuthentication_Get Request to UDM with SUCI and serving network name. UDM SIDF decrypts SUCI → recovers SUPI. UDM ARPF computes 5G Home Environment Authentication Vector (5G HE AV): RAND (random challenge), AUTN (authentication token — proves network is legitimate), HXRES* (hashed expected response — what the UE should return), KAUSF (root key for AUSF). Returns 5G HE AV to AUSF.
Step 5 — AUSF derives XRES* from HXRES* and computes HXRES*. Returns 5G SE AV (RAND, AUTN, HXRES*) to AMF. AUSF retains KAUSF — it never leaves AUSF.
Step 6 — AMF sends NAS: Authentication Request to UE containing RAND and AUTN.
Step 7 — UE/USIM verifies AUTN: checks MAC (proves the challenge came from the legitimate home network, not an attacker), checks SQN (sequence number — prevents replay attacks). If AUTN is valid, USIM computes RES* (the UE’s response to the challenge). Sends NAS: Authentication Response with RES*.
Step 8 — AMF forwards RES* to AUSF via N12. AUSF hashes RES* to compute HRES*. Compares HRES* to stored HXRES*. If they match: authentication successful. AUSF sends confirmation to AMF. AMF derives KAMF from KSEAF (provided by AUSF). Security context established.
Step 9 — AMF sends NAS: Security Mode Command to UE to activate NAS security (ciphering and integrity protection) using KAMF-derived keys. UE confirms with Security Mode Complete. Registration continues.
| Pro Tip |
| If AUTN verification fails at Step 7: the UE sends Authentication Failure with cause AUTN_FAILURE to AMF. |
| If SQN is out of range: UE sends SYNCH_FAILURE with AUTS parameter. AMF forwards to AUSF/UDM. |
| UDM resynchronises the SQN counter to match the USIM. This is the SQN resync procedure — see Section 5. |
4. Key Parameters and Technical Terms
| Term | Definition | Operational Significance |
| SUPI | Subscription Permanent Identifier. The 5G equivalent of IMSI. MCC+MNC+MSIN or NAI format. | Never transmitted in cleartext. Always concealed as SUCI. Recovered by UDM SIDF during authentication. |
| SUCI | Subscription Concealed Identifier. SUPI with MSIN encrypted by ECIES using home network public key. | Sent in initial Registration Request. Different every time (ephemeral). Defeats IMSI catchers. |
| ECIES | Elliptic Curve Integrated Encryption Scheme. Used for SUCI encryption. | Profile A: x25519 curve. Profile B: NIST P-256. Profile A is computationally lighter — preferred for low-power devices. |
| 5G-AKA | 5G Authentication and Key Agreement. Primary 3GPP authentication method. | Used for 3GPP access (NR). Challenge-response based on shared key K in USIM and ARPF. |
| EAP-AKA’ | EAP-based authentication. Alternative to 5G-AKA. | Used primarily for non-3GPP access (Wi-Fi via N3IWF) or when operator prefers EAP framing. Cryptographically similar to 5G-AKA. |
| RAND | Random challenge generated by ARPF. 128-bit random value. | Fresh RAND every authentication. Together with K and SQN: generates AUTN, XRES*, and root keys. |
| AUTN | Authentication Token. Proves to UE that the challenge came from the legitimate home network. | Contains: AMF (Authentication Management Field), MAC (integrity proof), SQN (XOR with AK). UE verifies MAC using K. |
| XRES* | Expected Response. Hashed version of what UE should return as RES*. Computed by ARPF, stored by AUSF. | Compared against UE’s RES* (hashed by AMF to HRES*). Match = UE is authentic. |
| KAUSF | Root key at AUSF layer. Derived by ARPF and passed to AUSF. Never shared further. | KAUSF → KSEAF → KAMF → KgNB → per-bearer keys. The full 5G key hierarchy. |
| SQN | Sequence Number. 48-bit counter shared between USIM and ARPF. Prevents replay attacks. | If SQN in network (ARPF) > SQN in USIM + delta: USIM rejects AUTN. Triggers SQN resync. |
| SEPP | Security Edge Protection Proxy. Sits at PLMN boundary. Protects N32 inter-PLMN signalling. | Implements PRINS: signs and optionally encrypts individual JSON fields in HTTP/2 messages crossing PLMN boundary. |
| N32 | Interface between home SEPP and visited SEPP for roaming signalling. | Carries HTTP/2 SBI messages across PLMN boundary. Protected by TLS outer + PRINS body signing. |
Table 3 — UDM/AUSF key parameters. SQN management and SUCI decryption are the two most operationally sensitive areas — failures here affect all registrations.
5. Common Issues in the Field
Mass SQN Desynchronisation — After USIM Batch Deployment
The SQN (Sequence Number) in the USIM and in the UDM ARPF must stay within a synchronisation window (typically ±2^28 from the current ARPF value). If they diverge, the USIM rejects the AUTN — it sees the SQN as invalid and returns SYNCH_FAILURE. The UDM then runs the SQN resynchronisation procedure, updating its counter to match the USIM.
| Field Note: 50,000 SIM Cards — 30% Auth Failure Rate on Day 1 |
| GCC operator deployed new USIM batch from a different vendor. Within 24 hours: 30% of new SIMs failing auth. |
| AUSF logs: mass SYNCH_FAILURE events. UDM ARPF processing AUTS resync requests at 500/second. |
| Root cause: new USIM vendor pre-initialised USIMs with SQN starting at 2^40. UDM ARPF initial SQN was 1. |
| Gap > synchronisation window: every initial auth triggered SYNCH_FAILURE before succeeding on retry. |
| Fix: UDM bulk SQN reset for affected IMSI range to match USIM initial SQN. |
| Auth success rate recovered from 68% to 99.7% within 2 hours of fix. |
SIDF Private Key Management — The Most Sensitive Key in the Network
The home network private key used by SIDF to decrypt SUCI must never leave the operator’s UDM. If this key is compromised, an attacker can decrypt all SUCI values from air interface captures and recover subscriber identities permanently — defeating the entire SUCI privacy mechanism. In Kubernetes deployments, this key must be stored in a Hardware Security Module (HSM) or at minimum in Kubernetes Secrets with encryption at rest enabled and RBAC restricting access to SIDF pods only.
| Field Note: SIDF Private Key in Plain ConfigMap — Security Audit Finding |
| During a 5GC security audit, the home network private key was found stored in a Kubernetes ConfigMap |
| — readable by any pod in the namespace with kubectl get configmap privileges. |
| No breach occurred, but the exposure was classified as critical. |
| Fix: migrate key to Kubernetes Secret with encryption at rest; restrict access via RBAC to SIDF pod only. |
| Longer-term: deploy HSM integration for UDM SIDF key storage. |
6. Troubleshooting
| Symptom | Root Cause | Check | Fix |
| High auth failure rate for a batch of SIMs | SQN desync — USIMs pre-initialised with different SQN than UDM | AUSF: SYNCH_FAILURE counter spike; UDM ARPF: AUTS processing rate | Bulk SQN reset in UDM for affected IMSI range; coordinate with USIM vendor |
| Individual subscriber cannot register — repeating AUTN failure | Long-term key K mismatch between USIM and UDM ARPF | UDM: subscriber K value; USIM vendor: K value for that ICCID | Re-provision UDM with correct K; or replace USIM — key cannot be changed in USIM after manufacturing |
| All registrations fail suddenly | AUSF or UDM unavailable — pod crash or N12/N13 connectivity | AMF logs: Nausf auth timeout; AUSF/UDM pod health in K8s | Restart pods; verify N12 and N13 SBI connectivity; check NRF registration |
| Roaming subscriber cannot authenticate | SEPP N32 failure or PRINS verification error | SEPP logs: N32 TLS or PRINS signature failure; home SEPP reachability | Check SEPP TLS certificate validity; verify N32 IPX connectivity |
| Authentication slow — registration latency high | UDM N13 high response latency | AUSF: N13 response time P95; UDM ARPF CPU | Scale UDM; check UDR database query latency; enable auth vector pre-computation |
Table 4 — UDM/AUSF troubleshooting. SQN desync and K mismatch are the two hardware/provisioning failures that software cannot fix — they require database corrections or physical SIM replacement.
7. Design Recommendations
Deploy UDM and AUSF as the highest-priority HA NFs in the 5GC — even above AMF. A crashed AMF affects one geographic area. A crashed UDM affects all registrations globally. Minimum: 3 UDM replicas across 2 DCs. UDR database must be geo-replicated with < 5ms replication lag between primary and replica. Test UDM pod failure recovery before go-live.
Store the SIDF home network private key in an HSM from day one. Retrofitting HSM integration after go-live is painful. If HSM is not available for the initial deployment, use Kubernetes Secrets with encryption at rest, strict RBAC, and audit logging. Document this as a known security risk to be remediated within 6 months.
Validate SQN initialisation with every new USIM batch before mass deployment. Test with 10 SIMs from the batch: provision in UDM, attempt registration, check for SYNCH_FAILURE. If any SYNCH_FAILURE occurs on a fresh SIM: escalate to USIM vendor before deploying the batch. A 30% auth failure rate discovered on go-live day is not recoverable without a UDM bulk update operation.
For roaming: deploy SEPP before enabling roaming for any PLMN. N32 without SEPP is a serious security exposure — inter-PLMN HTTP/2 traffic carries subscriber authentication data. SEPP PRINS signing is non-negotiable. Establish SEPP certificate exchange with roaming partners at least 4 weeks before roaming enablement date — certificate exchange takes time through IPX providers.
8. Summary — Key Takeaways
| Topic | Key Takeaway |
| SUCI | Encrypts SUPI (MSIN portion) using home network public key (ECIES). Ephemeral — unlinkable across registrations. Defeats IMSI catchers. Requires 5G USIM. |
| 5G-AKA | 9-step mutual authentication. Both network and UE are authenticated. AUTN proves network legitimacy to UE (preventing fake base station attacks). RES* proves UE is genuine. |
| SQN | 48-bit counter preventing replay attacks. Must stay in sync between USIM and UDM ARPF. Desync → SYNCH_FAILURE → resync procedure. Validate every new USIM batch. |
| SIDF private key | Most sensitive key in the operator network. Must never leave UDM. Use HSM. If SIDF key is compromised: all SUCI privacy is retroactively defeated. |
| UDM/AUSF HA | Higher priority than AMF for HA. Failure = all registrations stop globally. 3 replicas minimum. Geo-replicated UDR. Test failure recovery before launch. |
| SEPP | Mandatory for roaming. Implements PRINS body signing so subscriber auth data is protected even from IPX intermediaries. Deploy before roaming goes live. |
| EAP-AKA’ | Used for non-3GPP access (Wi-Fi via N3IWF). Cryptographically similar to 5G-AKA. Operator choice for 3GPP access — some prefer EAP framing for converged auth infrastructure. |
Table 5 — Post 05 summary. UDM and AUSF are the security foundation of 5GC. Every subscriber interaction starts here.
Next: Post 06 — COTS & Virtualisation
Muhammad Tahir Riaz
Data Analytics & Automation Consultant | 17+ years telecom | trmtelcocloudai.com