How Vodafone Turkey keeps its rapidly growing network secure with PKI

With thousands of base stations and a rapidly growing network, Vodafone Turkey made a transition from GSM to LTE technology, using public key infrastructure (PKI) to manage the important encryption of the mobile traffic.

The transition from Global System for Mobiles (GSM) to Long Term Evolution (LTE) was done in April 2016. From then on, traffic through the base stations – that is, the eNodeBs or femtocells – and the gateways behind the evolved packet core (EPC) were encrypted. This is important, as LTE mobile networks are connected with IP-based services. This increases the risk of intrusion, compared to GSM and older technologies from the era when mobile networks were, to a greater extent, isolated.

Avoiding chaos in encryption management

But encryption management can quickly turn into a very complex matter. Issuing certificates for identifying trusted network devices and using a single certificate authority (CA) are keys to avoiding chaos in encryption management. As stated in NIST, in its Guide for LTE Security, “a scalable system such as public key infrastructure (PKI) is likely to be utilized for a commercial LTE network.”

“The encryption part was very important for us and had to be managed by a proper supplier. Issues may arise in any operation if the encryption does not work properly,” says Oncu Inan Yazicioglu, IP planning expert at Vodafone Turkey.

A big and challenging project

The transition from GSM to LTE was by all means a big venture for Vodafone Turkey, involving around 35 people working full-time from September 2015 to April 2016, on a budget of about 500 million dollars. The encryption was part of the main transformation from GSM to LTE and employed around five people for two months. The major challenges were to get the redundancy of the servers right and to get the database running properly with the software installed.

“The biggest challenge was technical. Now everything is running in production and working well,” says Oncu Inan Yazicioglu.

Flexibility in how to expand the network

Vodafone Turkey has a fast-growing network and is experiencing a high increase in traffic volume. The major part of the encryption project is now completed with some minor parts in the network still to be finished. Since Vodafone Turkey now has a certificate authority managing the encryption, Vodafone has flexibility in how to expand the network without changing the encryption management.

“Vodafone Turkey is always expanding its capacity. Traffic is increasing day by day and challenging the capacity, but the certificate authority that we are running is handling that well,” says Onur Önoglu, a network engineer at Bntpro, which is a supplier working closely with Vodafone Turkey.




"The biggest challenge was technical. Now everything is running in production and working well."


Why encryption in LTE?

In LTE implementations, encryption is recommended by the telecom collaboration organization 3GPP. If one single mast in the mobile network runs without encryption, all the other masts are forced to run without encryption.

LTE in Turkey

In August 2015, Turkey conducted its LTE Spectrum Auction which attracted USD 4.5 billion in bids. The three incumbent operators, Vodafone, Turk Telekom (Avea) and Turkcell all obtained licenses across various frequencies.

Second largest in Turkey

Vodafone Turkey is the second largest mobile communication company in the country. Vodafone Turkey had 21.8 million subscribers in October 2015. Service revenue in Turkey increased 21.3 percent during the third fiscal quarter, to USD 538 million until 31 December 2015.

Choose another case study

Cards & credentials Customer Cases GO Cards Online services

SAS streamlines and automates identity processes with Nexus GO Cards

24 November, 2023
Scandinavian Airlines (SAS) has chosen Nexus GO Cards to efficiently and securely manage its corporate identity and access cards.
Citizen ID Customer Cases PKI

Fortifying digital trust with Nexus: POS Digicert success story

21 November, 2023
POS Digicert stands tall as Malaysia’s first licensed Certification Authority (CA) and the largest Trust Center, propelled by the Nexus Smart ID PK...
Customer Cases Online service Workforce

ScandStick selects Nexus for seamless access card management

10 October, 2023
ScandStick, a Beontag company, selects Nexus for seamless access card management ScandStick, a Beontag company, is one of Europe’s leading self-ad...