The purpose of this tutorial is to show you how to configure ECC and test. ECC stands for Eliptic Curve Cryptography.  It is the algorithm being used for SUPI <--> SUCI conversion. To improve security, it is not recommended to exchange UE IDs (e.g, IMSI) in plain text over the air. It is recommended to be encrypted before it is sent over the air. ECC is the algorithm that is used to convert the non-encrypted UE ID(SUPI) to encrypted UE ID(SUCI) and back and forth. Overall signaling flow for UE ID exchange is as illustrated below. In short, UE encrypt the SUPI into SUCI and send it to network via RegistrationRequest (or IdentityResponse when requested by Network) and it is get decrypted by UDM on corenetwork.


NR SA ECC Overview 01

NOTE : SUPI stands for Subscription Permanent Identifier, SUCI stands for Subscription Concealed Information

NOTE : The details of the encryption and decryption process is described in 33.501. Refer to Figure C.3.2-1: Encryption based on ECIES at UE and Figure C.3.3-1: Decryption based on ECIES at home network in 33.501 for the overall algorithm.



Table of Contents



Test Setup


Test setup for this tutorial is as shown below.

TestSetup Callbox UEsim 1sdr 01




Key Configuration Parameters


Followings are important configuration parameters for this tutorial. You may click on the items for the descriptions from Amarisoft documents.




Test 1 :  ECIES scheme profile A 


This test is to test ECIES scheme profile A





I used the mme-ims-ecc.cfg on gNB which is copied and modified from mme-ims.cfg (NOTE : only mme.cfg is changed for this tutorial and all other configurations are default files)

NR SA ECC Test 1 Configuration 01


I used the ue-nr-sa-ecc.cfg on gNB which is copied and modified from ue-nr-sa.cfg

NR SA ECC Test 1 Configuration 02



The mme configuration  mme-ims-ecc.cfg  is configured as follows.

NR SA ECC Test 1 Configuration 03

In ue-nr-sa-ecc.cfg , the configuration is done as follows.

NR SA ECC Test 1 Configuration 04




Perform the Test


Check if the cell is configured as intended.

NR SA PDSCH Aggregation Test 1 Run 01

Power on UE on UE sim.

NR SA PDSCH Aggregation Test 1 Run 02

Confirm that the UE completes the attach and check the throughput.

NR SA PDSCH Aggregation Test 1 Run 03




Log Analysis

sample log-r20230215(n78)   

NR SA ECC Test 1 Log 01

NR SA ECC Test 1 Log 02

NR SA ECC Test 1 Log 03

NR SA ECC Test 1 Log 04




RRC / NAS Signaling


RegistraionRequest (SA)

: This is the RegistrationRequest sent by UE that should be decoded by Network (NOTE : You would see some IEs that has a specific assigned value here, but consider it as just an example value. Those values should vary depending on test requirement)

Protocol discriminator = 0x7e (5GS Mobility Management)

Security header = 0x0 (Plain 5GS NAS message, not security protected)

Message type = 0x41 (Registration request)

5GS registration type:

  Follow-on request bit = 1

  Value = 1 (initial registration)


  TSC = 0

  NAS key set identifier = 7

5GS mobile identity:


    SUPI format = 0 (IMSI)

    MCC = 001

    MNC = 01

    Routing indicator = 0

    Protection sheme id = 1 (ECIES scheme profile A)

    Home network public key identifier = 2

    ECC ephemeral public key = 0x1dce5f7e5a1b9138e919e5fd0c1676be79bef2695b5a8933802705aa09d85f7d

    Ciphertext = 0x11affc0551

    MAC tag = 0x7e12cb821b2d980a

UE security capability:

  0xe0 (5G-EA0=1, 128-5G-EA1=1, 128-5G-EA2=1, 128-5G-EA3=0, 5G-EA4=0, 5G-EA5=0, 5G-EA6=0, 5G-EA7=0)

  0xe0 (5G-IA0=1, 128-5G-IA1=1, 128-5G-IA2=1, 128-5G-IA3=0, 5G-IA4=0, 5G-IA5=0, 5G-IA6=0, 5G-IA7=0)