diff --git a/srsepc/hdr/mme/s1ap_common.h b/srsepc/hdr/mme/s1ap_common.h
index 6190461e5..496518ca0 100644
--- a/srsepc/hdr/mme/s1ap_common.h
+++ b/srsepc/hdr/mme/s1ap_common.h
@@ -52,7 +52,8 @@ typedef struct{
   uint64_t imsi;
   uint32_t enb_ue_s1ap_id;
   uint32_t mme_ue_s1ap_id;
-  uint8_t  xres[16];
+  uint8_t  xres[8];
+  uint8_t  k_asme[32];
 } ue_ctx_t;
 
 #endif
diff --git a/srsepc/src/mme/s1ap.cc b/srsepc/src/mme/s1ap.cc
index 699e602d4..89b0a24f0 100644
--- a/srsepc/src/mme/s1ap.cc
+++ b/srsepc/src/mme/s1ap.cc
@@ -278,9 +278,10 @@ s1ap::handle_initial_ue_message(LIBLTE_S1AP_MESSAGE_INITIALUEMESSAGE_STRUCT *ini
   //FIXME use this info
   uint8_t eps_bearer_id = pdn_con_req.eps_bearer_id;             //TODO: Unused
   uint8_t proc_transaction_id = pdn_con_req.proc_transaction_id; //TODO: Transaction ID unused
+  m_s1ap_log->console("EPS Bearer id: %d\n", eps_bearer_id);
 
   //Get Authentication Vectors from HSS
-  if(!m_hss->gen_auth_info_answer_milenage(imsi, k_asme, autn, rand, ue_ctx.xres))
+  if(!m_hss->gen_auth_info_answer_milenage(imsi, ue_ctx.k_asme, autn, rand, ue_ctx.xres))
   {
     m_s1ap_log->console("User not found. IMSI %015lu\n",imsi);
     m_s1ap_log->info("User not found. IMSI %015lu\n",imsi);
diff --git a/srsepc/src/mme/s1ap_nas_transport.cc b/srsepc/src/mme/s1ap_nas_transport.cc
index d9b8f5e25..d2212ad2f 100644
--- a/srsepc/src/mme/s1ap_nas_transport.cc
+++ b/srsepc/src/mme/s1ap_nas_transport.cc
@@ -26,6 +26,7 @@
 
 #include "mme/s1ap.h"
 #include "mme/s1ap_nas_transport.h"
+#include "srslte/common/security.h"
 
 namespace srsepc{
 
@@ -233,6 +234,31 @@ s1ap_nas_transport::pack_security_mode_command(srslte::byte_buffer_t *reply_msg,
     return false;
   }
 
+  //Generate MAC for integrity protection
+  //FIXME Write wrapper to support EIA1, EIA2, etc.
+  //TODO which is the RB ID? Standard says a constant, but which?
+  uint8_t mac[4];
+
+  uint8_t k_nas_enc[32];
+  uint8_t k_nas_int[32];
+
+  srslte::security_generate_k_nas( ue_ctx->k_asme,
+                           srslte::CIPHERING_ALGORITHM_ID_EEA0,
+                           srslte::INTEGRITY_ALGORITHM_ID_128_EIA1,
+                           k_nas_enc,
+                           k_nas_int
+                         );
+
+  srslte::security_128_eia1 (&k_nas_int[16],
+                     count,
+                     0,
+                     SECURITY_DIRECTION_DOWNLINK,
+                     &nas_buffer->msg[5],
+                     nas_buffer->N_bytes - 5,
+                     mac
+  ); 
+
+  memcpy(&nas_buffer->msg[1],mac,4);
   //Copy NAS PDU to Downlink NAS Trasport message buffer
   memcpy(dw_nas->NAS_PDU.buffer, nas_buffer->msg, nas_buffer->N_bytes);
   dw_nas->NAS_PDU.n_octets = nas_buffer->N_bytes;