How Vodafone Turkey keeps its rapidly growing network secure with PKI

With thousands of base stations and a rapidly growing network, Vodafone Turkey made a transition from GSM to LTE technology, using public key infrastructure (PKI) to manage the important encryption of the mobile traffic.

The transition from Global System for Mobiles (GSM) to Long Term Evolution (LTE) was done in April 2016. From then on, traffic through the base stations – that is, the eNodeBs or femtocells – and the gateways behind the evolved packet core (EPC) were encrypted. This is important, as LTE mobile networks are connected with IP-based services. This increases the risk of intrusion, compared to GSM and older technologies from the era when mobile networks were, to a greater extent, isolated.

Avoiding chaos in encryption management

But encryption management can quickly turn into a very complex matter. Issuing certificates for identifying trusted network devices and using a single certificate authority (CA) are keys to avoiding chaos in encryption management. As stated in NIST, in its Guide for LTE Security, “a scalable system such as public key infrastructure (PKI) is likely to be utilized for a commercial LTE network.”

“The encryption part was very important for us and had to be managed by a proper supplier. Issues may arise in any operation if the encryption does not work properly,” says Oncu Inan Yazicioglu, IP planning expert at Vodafone Turkey.

A big and challenging project

The transition from GSM to LTE was by all means a big venture for Vodafone Turkey, involving around 35 people working full-time from September 2015 to April 2016, on a budget of about 500 million dollars. The encryption was part of the main transformation from GSM to LTE and employed around five people for two months. The major challenges were to get the redundancy of the servers right and to get the database running properly with the software installed.

“The biggest challenge was technical. Now everything is running in production and working well,” says Oncu Inan Yazicioglu.

Flexibility in how to expand the network

Vodafone Turkey has a fast-growing network and is experiencing a high increase in traffic volume. The major part of the encryption project is now completed with some minor parts in the network still to be finished. Since Vodafone Turkey now has a certificate authority managing the encryption, Vodafone has flexibility in how to expand the network without changing the encryption management.

“Vodafone Turkey is always expanding its capacity. Traffic is increasing day by day and challenging the capacity, but the certificate authority that we are running is handling that well,” says Onur Önoglu, a network engineer at Bntpro, which is a supplier working closely with Vodafone Turkey.

Published

 

 

"The biggest challenge was technical. Now everything is running in production and working well."

ONCU INAN YAZICIOGLU, IP PLANNING EXPERT



Why encryption in LTE?

In LTE implementations, encryption is recommended by the telecom collaboration organization 3GPP. If one single mast in the mobile network runs without encryption, all the other masts are forced to run without encryption.

LTE in Turkey

In August 2015, Turkey conducted its LTE Spectrum Auction which attracted USD 4.5 billion in bids. The three incumbent operators, Vodafone, Turk Telekom (Avea) and Turkcell all obtained licenses across various frequencies.

Second largest in Turkey

Vodafone Turkey is the second largest mobile communication company in the country. Vodafone Turkey had 21.8 million subscribers in October 2015. Service revenue in Turkey increased 21.3 percent during the third fiscal quarter, to USD 538 million until 31 December 2015.

Choose another case study

Citizen ID Customer Cases PKI

Kenya ushers in a new era of eCitizen services with National PKI

30 July, 2023
Nexus PKI enables ICT Authority to facilitate secure growth of national digital infrastructure and achieve compliance with global standards.
Cards & credentials Customer Cases Online service Workforce

AWT offers smooth and secure workforce identity management as a service

10 July, 2023
AWT delivers integrated workforce ID card administration & global card personalization services in their solutions through a partnership with Nexus...
Customer Cases Workforce

Sigtuna Municipality secures digital identities for their politicians and employees

26 April, 2023
The municipality of Sigtuna has upgraded to Nexus service GO Workforce to issue and handle secure identities for its politicians and employees. GO ...