Home | Reports | Technical Documents | Tech-Blog | One-Shot Gallery | Korea ICT News | Korea Communication Market Data | List of Contributors | Become a Contributor |    
Section 5G 4G LTE C-RAN/Fronthaul Gigabit Internet IPTV/Video Streaming IoT SDN/NFV Wi-Fi KT SK Telecom LG U+ Network Protocol Samsung   Korean Vendors
Real World Private 5G Cases   4 Deployment Models On-Premise Cases 5G Core Control Plane Sharing Cases

5G Core Sharing Cases

Private 5G Deployment   • Private 5G Frequency Allocation Status in Korea  South Korean government's regulations on private 5G and KT's strategy for entering the market
Cases in Korea   Private 5G Operators |   SK Networks Service (SI) Sejong Telecom (Wire-line Carrier) KT MOS (Affiliate of KT) • Newgens (SI) • NAVER Cloud more >>  
    Enterprise DIY |   Korea Hydro & Nuclear Power (Power Plant) Korea Electric Power Corporation (Energy) • Republic of Korea Navy more >>
CHANNELS     HFR Private 5G Solution (my5G)       my5G Solution Components       my5G Key Features        my5G Resources        my5G News          
LTE: User Identifiers - IMSI and GUTI
July 10, 2013 | By Dr. Michelle M. Do (tech@netmanias.com)
Online viewer:
Comments (7)

Today's topic is IMSI (International Mobile Subscriber Identity) and GUTI (Globally Unique Temporary Identifier). These two are parameters (identifiers) used in identifying UEs in LTE networks.

What is IMSI?


IMSI is a unique ID that globally identifies a mobile subscriber. It is composed of two parts, PLMN ID and MSIN, as shown in Figure below. A PLMN ID is an ID that globally identifies a mobile operator (e.g. combination of MCC (450) and MNC (05) for SK Telecom in Korea). MSIN is a unique ID that identifies a mobile subscriber within a mobile operator.

Then, why do mobile operators need to identify its mobile subscribers?
First because that way the operators can tell whether to allow a subscriber attempting to access their network (LTE network) or not. Second they need to identify their subscribers to decide which QoS policy (bandwidth, priority, etc.) to apply to each of them, and finally to charge for the services rendered to each subscriber.  

When a user subscribes to a mobile network, the user gets a device and a USIM card (SIM card) that has an IMSI in it.
By then, the LTE network should already have the same IMSI registered as well. IMSIs are stored in an HSS and an SPR, the LTE entities. In the HSS, a key to be used along with an IMSI in authenticating subscribers, and QoS profile to be used by the user are stored. So, when users attempt to access (i.e. who send Attach Request message), the HSS (the MME on behalf of the HSS, to be accurate. See LTE Authentication for further explanation) denies the users with an unregistered IMSI, but allows ones with a valid registered IMSI by delivering authentication information and QoS profile to the MME. An SPR works with an PCRF to apply a policy to a subscriber. We will revisit SPRs and PCRFs later sometime.




What is GUTI?

Now, we know what IMSI is. But, what is GUTI then?

As mentioned above, IMSI is one of the most important parameters that identify a subscriber. So, if it is exposed over radio link, serious security problem can be caused. Let's say, a hacker somehow finds out your IMSI over the radio link and uses the IMSI in his device. He can disguise himself as you and use LTE services without paying a penny. Then, you will end up paying for the services that you don't use. (Of course, you can fix this problem through device authentication (using the unique serial number). We will not talk about how you fix it now, though. 


So, to keep an IMSI secure, an alternate value that a subscriber (UE) can use instead of the IMSI (whenever possible) to access the LTE network was needed. That is why GUTI is used. Unlike an IMSI, a GUTI is not permanent and is changed into a new value whenever generated.


When a UE initially attaches to an LTE network (e.g. turning on the UE), it sends its IMSI to the network for authentication to have itself identified. In other words, it uses the IMSI as its ID. Once connection is established (i.e. once successfully authenticated),  the network (MME) delivers a GUTI value through Attach Accept message to the UE, which then remembers the value to use it as its ID instead of the IMSI when it re-attaches to the network (i.e. when it is turned off and then on again later). 


The network (MME) can also allocate a GUTI to a UE during TAU process. That is, the GUTI, the temporary ID that identifies the UE, can be changed into a new value even while the UE stays attached to the network.
The network also remembers the GUTI value it allocated to the UE, and thus can recognize the UE even when it requests access using the GUTI, not the IMSI. 


As such, since "GUTIs that are temporary values and can be changed as needed" are used as IDs for UEs, they have a greater chance of staying secure even when exposed frequently over the radio link.

The format of a GUTI is illustrated in the lower part of the following figure. Since a GUTI is allocated by an MME, it contains an MME identifier (MMEI) that shows which MME allocates the GUTI and an M-TMSI, a temporary value that uniquely identifies a subscriber in that particular MME.



jagadish 2015-05-06 20:31:14

Cant we use the same IP address allocated for a UE to connect multiple PDNs? Why different IPs for each PDN?

Brian Lee 2015-05-10 03:27:19

No, IP address shall be different for each PDN connection because there should be ONLY ONE default bearer per PDN.


TS 23.401

5.3.1 IP address allocation
The IP address allocated for the default bearer shall also be used for the dedicated bearers within the same PDN connection. IP address allocation for PDN connections, which are activated by the UE requested PDN connectivity procedure, is handled with the same set of mechanisms as those used within the Attach procedure.
* Default Bearer: The EPS bearer which is first established for a new PDN connection and remains established throughout the lifetime of the PDN connection.

George Nicolaides 2015-05-09 02:41:33

I hope this will be helpful for you. (source: http://lteuniversity.com/ask_the_expert/f/59/t/2435.aspx)

Why multiple IP addresses are needed, if at all. This is more of a practical implementation discussion. IF the UE asks to be connected to two different APNs (Access Point Name) (please note the emphasis on the If) AND IF the Service Provider has implemented the APNs on two different PGWs then the UE will be setup with two PDN Connections and each of the PGWs will give the UE a different IP address. Remember, as far as the external routers are concerned the packets are coming from a PGW and the IP addresses are at the PGW and the packets destined for the UE must be sent to the PGW. It is the PGW that knows which EPS bearer to tunnel these packets through. Does the Service Provider have to configure the APNs in two separate PGWs - NO. But, for larger networks and as an example networks who serve multiple end user clients the Service Providers are almost required through their Service Level Agreements (SLAs) to take this approach.

pankaj 2018-10-12 20:40:39

can you explain me GUTI concept and ghummi concept in lte attach 

goofy_kp 2020-02-19 18:10:29

can you explain usim and usim secret key

srijan 2020-03-27 19:44:54

Refer to the LTE Authentication section of Netmanias  https://www.netmanias.com/en/?m=view&id=techdocs&no=5902. For details of the Auth algorithms refer to spec 33205, 33206 and 33208

robert down 2020-04-01 07:55:23

That helped me in understanding the concept. Thank's!!

Thank you for visiting Netmanias! Please leave your comment if you have a question or suggestion.

[HFR Private 5G: my5G]


Details >>







Subscribe FREE >>

Currently, 55,000+ subscribed to Netmanias.

  • You can get Netmanias Newsletter

  • You can view all netmanias' contents

  • You can download all netmanias'

    contents in pdf file







View All (858)
4.5G (1) 5G (102) AI (8) AR (1) ARP (3) AT&T (1) Akamai (1) Authentication (5) BSS (1) Big Data (2) Billing (1) Blockchain (3) C-RAN/Fronthaul (18) CDN (4) CPRI (4) Carrier Ethernet (3) Charging (1) China (1) China Mobile (2) Cisco (1) Cloud (5) CoMP (6) Connected Car (4) DHCP (5) EDGE (1) Edge Computing (1) Ericsson (2) FTTH (6) GSLB (1) GiGAtopia (2) Gigabit Internet (19) Google (7) Google Global Cache (3) HLS (5) HSDPA (2) HTTP Adaptive Streaming (5) Handover (1) Huawei (1) IEEE 802.1 (1) IP Routing (7) IPTV (21) IoST (3) IoT (56) KT (43) Korea (20) Korea ICT Market (1) Korea ICT Service (13) Korea ICT Vendor (1) LG U+ (18) LSC (1) LTE (78) LTE-A (16) LTE-B (1) LTE-H (2) LTE-M (3) LTE-U (4) LoRa (7) MEC (4) MPLS (2) MPTCP (3) MWC 2015 (8) NB-IoT (6) Netflix (2) Network Protocol (21) Network Slice (1) Network Slicing (4) New Radio (9) Nokia (1) OSPF (2) OTT (3) PCRF (1) Platform (2) Private 5G (11) QoS (3) RCS (4) Railway (1) Roaming (1) SD-WAN (17) SDN/NFV (71) SIM (1) SK Broadband (2) SK Telecom (35) Samsung (5) Security (16) Self-Driving (1) Small Cell (2) Spectrum Sharing (2) Switching (6) TAU (2) UHD (5) VR (2) Video Streaming (12) VoLTE (8) VoWiFi (2) Wi-Fi (31) YouTube (6) blockchain (1) eICIC (1) eMBMS (1) iBeacon (1) security (1) telecoin (1) uCPE (2)
Password confirmation
Please enter your registered comment password.