Diameter Protocol
What is Diameter Protocol?
Diameter ProtocolAn AAA (authentication, authorisation, accounting) protocol standardised in RFC 6733 that replaced RADIUS in IMS, LTE EPC, and roaming/IPX networks.
Diameter, defined in RFC 6733 (which obsoletes RFC 3588), is the successor to RADIUS for AAA functions in carrier networks. Unlike RADIUS, it runs over TCP or SCTP, mandates TLS or DTLS hop-by-hop protection, and supports peer-to-peer agent forwarding, redirects, and capability negotiation. Diameter is the signalling backbone of the LTE Evolved Packet Core (S6a, S6d, Gx, Rx, Sh interfaces), IMS (Cx, Dx), and roaming via IPX. Despite the mandated transport security, real-world deployments have repeatedly shown SS7-style abuse: location tracking via Update-Location, denial-of-service via Cancel-Location, SMS interception, and roaming-edge spoofing. The GSMA FS.19 and 3GPP TS 33.117 frameworks provide hardening recommendations.
● Examples
- 01
An LTE MME issuing an Update-Location-Request to the HSS over the S6a interface during a tracking-area update.
- 02
A signalling firewall blocking a cross-border Diameter Cancel-Location-Request sourced from an untrusted IPX peer.
● Frequently asked questions
What is Diameter Protocol?
An AAA (authentication, authorisation, accounting) protocol standardised in RFC 6733 that replaced RADIUS in IMS, LTE EPC, and roaming/IPX networks. It belongs to the Network Security category of cybersecurity.
What does Diameter Protocol mean?
An AAA (authentication, authorisation, accounting) protocol standardised in RFC 6733 that replaced RADIUS in IMS, LTE EPC, and roaming/IPX networks.
How does Diameter Protocol work?
Diameter, defined in RFC 6733 (which obsoletes RFC 3588), is the successor to RADIUS for AAA functions in carrier networks. Unlike RADIUS, it runs over TCP or SCTP, mandates TLS or DTLS hop-by-hop protection, and supports peer-to-peer agent forwarding, redirects, and capability negotiation. Diameter is the signalling backbone of the LTE Evolved Packet Core (S6a, S6d, Gx, Rx, Sh interfaces), IMS (Cx, Dx), and roaming via IPX. Despite the mandated transport security, real-world deployments have repeatedly shown SS7-style abuse: location tracking via Update-Location, denial-of-service via Cancel-Location, SMS interception, and roaming-edge spoofing. The GSMA FS.19 and 3GPP TS 33.117 frameworks provide hardening recommendations.
How do you defend against Diameter Protocol?
Defences for Diameter Protocol typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Diameter Protocol?
Common alternative names include: RFC 6733.
● Related terms
- network-security№ 635
LTE Security
The security architecture for 4G/LTE mobile networks, defined in 3GPP TS 33.401, covering EPS-AKA authentication and ciphering of RRC, NAS, and user-plane traffic.
- network-security№ 004
5G Security
The security architecture for 5G mobile networks, defined in 3GPP TS 33.501, covering subscriber privacy, mutual authentication, and protection of signalling and user-plane traffic.
- network-security№ 1211
VoLTE Security
Voice-over-LTE security: the set of IMS authentication, signalling, and media protections that secure voice calls carried as SIP/RTP over 4G or 5G data bearers.
- network-security№ 896
RADIUS
A widely deployed AAA protocol used by network devices to authenticate, authorize, and account for user or device access.
- attacks№ 521
IMSI Catcher
A fake cell-site that tricks nearby phones into revealing their IMSI/IMEI and, on weak networks, intercepting calls and SMS.