How Vodafone Turkey keeps its rapidly growing network secure with PKI

With thousands of base stations and a rapidly growing network, Vodafone Turkey made a transition from GSM to LTE technology, using public key infrastructure (PKI) to manage the important encryption of the mobile traffic.

The transition from Global System for Mobiles (GSM) to Long Term Evolution (LTE) was done in April 2016. From then on, traffic through the base stations – that is, the eNodeBs or femtocells – and the gateways behind the evolved packet core (EPC) were encrypted. This is important, as LTE mobile networks are connected with IP-based services. This increases the risk of intrusion, compared to GSM and older technologies from the era when mobile networks were, to a greater extent, isolated.

Avoiding chaos in encryption management

But encryption management can quickly turn into a very complex matter. Issuing certificates for identifying trusted network devices and using a single certificate authority (CA) are keys to avoiding chaos in encryption management. As stated in NIST, in its Guide for LTE Security, “a scalable system such as public key infrastructure (PKI) is likely to be utilized for a commercial LTE network.”

“The encryption part was very important for us and had to be managed by a proper supplier. Issues may arise in any operation if the encryption does not work properly,” says Oncu Inan Yazicioglu, IP planning expert at Vodafone Turkey.

A big and challenging project

The transition from GSM to LTE was by all means a big venture for Vodafone Turkey, involving around 35 people working full-time from September 2015 to April 2016, on a budget of about 500 million dollars. The encryption was part of the main transformation from GSM to LTE and employed around five people for two months. The major challenges were to get the redundancy of the servers right and to get the database running properly with the software installed.

“The biggest challenge was technical. Now everything is running in production and working well,” says Oncu Inan Yazicioglu.

Flexibility in how to expand the network

Vodafone Turkey has a fast-growing network and is experiencing a high increase in traffic volume. The major part of the encryption project is now completed with some minor parts in the network still to be finished. Since Vodafone Turkey now has a certificate authority managing the encryption, Vodafone has flexibility in how to expand the network without changing the encryption management.

“Vodafone Turkey is always expanding its capacity. Traffic is increasing day by day and challenging the capacity, but the certificate authority that we are running is handling that well,” says Onur Önoglu, a network engineer at Bntpro, which is a supplier working closely with Vodafone Turkey.

Published

"The biggest challenge was technical. Now everything is running in production and working well."

ONCU INAN YAZICIOGLU, IP PLANNING EXPERT



Why encryption in LTE?

In LTE implementations, encryption is recommended by the telecom collaboration organization 3GPP. If one single mast in the mobile network runs without encryption, all the other masts are forced to run without encryption.

LTE in Turkey

In August 2015, Turkey conducted its LTE Spectrum Auction which attracted USD 4.5 billion in bids. The three incumbent operators, Vodafone, Turk Telekom (Avea) and Turkcell all obtained licenses across various frequencies.

Second largest in Turkey

Vodafone Turkey is the second largest mobile communication company in the country. Vodafone Turkey had 21.8 million subscribers in October 2015. Service revenue in Turkey increased 21.3 percent during the third fiscal quarter, to USD 538 million until 31 December 2015.

Choose another case study

Customer Cases PKI

Bangladesh Bank selects Nexus Smart ID for management of trusted identities

20 February, 2020
Bangladesh Bank selects Nexus Smart ID for management of trusted digital identities We are pleased to announce that the Bangladesh Bank has select...
Customer Cases PKI

Trusted electronic identities for IT devices secures the future of democracy in Stockholm

27 January, 2020
Trusted electronic identities for IT devices secures the future of democracy in Stockholm We are proud and pleased to announce that Region Stockho...
Customer Cases PKI

LFV selects Atea and Nexus Smart ID to enable SWIM

8 January, 2020
LFV, Sweden's leading provider of air traffic control and associated services for civil and military aviation selected Atea and Nexus Smart ID to e...