Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 33.401  Word version:  17.3.0

Top   Top   None   None   Next
1…   4   5…   6…   6.2…   7…   7.2.5…   7.2.8   7.2.9…   7.3…   8…   9…   10…   11…   15…   A…   B…   C…   C.1.6   C.2…   C.2.7   C.2.8   C.3…   C.4.7   D…   E…   E.2…   E.3…   F…   G…   H…   I…   K…

 

1  Scopep. 11

The present document specifies the security architecture, i.e., the security features and the security mechanisms for the Evolved Packet System and the Evolved Packet Core, and the security procedures performed within the evolved Packet System (EPS) including the Evolved Packet Core (EPC) and the Evolved UTRAN (E-UTRAN).

2  Referencesp. 11

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
  • References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
  • For a specific reference, subsequent revisions do not apply.
  • For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 23.401: "General Packet Radio Service (GPRS) enhancements for Evolved Universal Terrestrial Radio Access Network (E-UTRAN) access".
[3]
TS 23.003: "Numbering, addressing and identification".
[4]
TS 33.102: "3G security; Security architecture".
[5]
TS 33.210: "3G security; Network Domain Security (NDS); IP network layer security".
[6]
TS 33.310: "Network Domain Security (NDS); Authentication Framework (AF)".
[7]
RFC 4303:  "IP Encapsulating Security Payload (ESP)".
[8]
TS 33.220: "Generic Authentication Architecture (GAA); Generic bootstrapping architecture".
[9]
TS 24.301: "Non-Access-Stratum (NAS) protocol for Evolved Packet System (EPS); Stage 3".
[10]  Void.
[11]  Void.
[12]
TS 36.323: "Evolved Universal Terrestrial Radio Access (E-UTRA); Packet Data Convergence Protocol (PDCP) specification"
[13]
TS 31.102: "Characteristics of the Universal Subscriber Identity Module (USIM) application".
[14]
TS 35.215: "Confidentiality and Integrity Algorithms UEA2 & UIA2; Document 1: UEA2 and UIA2 specifications"
[15]
NIST: "Advanced Encryption Standard (AES) (FIPS PUB 197) "
[16]
NIST Special Publication 800-38A (2001): "Recommendation for Block Cipher Modes of Operation".
[17]
NIST Special Publication 800-38B (2001): "Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication".
[18]  Void.
[19]  Void.
[20]  Void.
[21]
TS 36.331: "Evolved Universal Terrestrial Radio Access (E-UTRA) Radio Resource Control (RRC); Protocol specification".
[22]
TS 23.216: "Single Radio Voice Call Continuity (SRVCC); Stage 2".
[23]
TS 22.101: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Service aspects; Service principles".
[24]
TS 25.331: "3rd Generation Partnership Project; Technical Specification Group Radio Access Network; Radio Resource Control (RRC); Protocol Specification ".
[25]
TS 44.060: "3rd Generation Partnership Project; Technical Specification Group GSM/EDGE Radio Access Network; General Packet Radio Service (GPRS); Mobile Station (MS) - Base Station System (BSS) interface; Radio Link Control/Medium Access Control (RLC/MAC) protocol.
[26]
TS 23.122: "3rd Generation Partnership Project; Technical Specification Group Core Network and Terminals; Non-Access-Stratum (NAS) functions related to Mobile Station (MS) in idle mode".
[27]
TS 33.320: "3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; Security of Home Node B (HNB) / Home evolved Node B (HeNB)".
[28]  Void.
[29]
ETSI TS 102 484 V10.0.0: "Smart Cards; Secure channel between a UICC and an end-point terminal".
[30]
TS 36.300: "Evolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Universal Terrestrial Radio Access Network (E-UTRAN); Overall description; Stage 2".
[31]
TS 31.116: "Remote APDU Structure for (Universal) Subscriber Identity Module (U)SIM Toolkit applications".
[32]
ETSI TS 102 221 V9.2.0: "Smart Cards; UICC-Terminal interface; Physical and logical characteristics".
[33]
TS 35.221: "Confidentiality and Integrity Algorithms EEA3 & EIA3; Document 1: EEA3 and EIA3 specifications".
[34]
RFC 4301:  "Security Architecture for the Internet Protocol".
[35]
TS 22.346: "Isolated Evolved Universal Terrestrial Radio Access Network (E-UTRAN) operation for public safety; Stage 1".
[36]
TS 33.210: "3G security; Network Domain Security (NDS); IP network layer security".
[37]
3GPP TS.33.310: "Network Domain Security (NDS); Authentication Framework (AF)".
[38]
RFC 7296:  " Internet Key Exchange Protocol Version 2 (IKEv2)".
[39]
IEEE 802.11, Part 11: "Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications, IEEE Std.".
[40]
TS 36.463: "Evolved Universal Terrestrial Radio Access Network (E-UTRAN) and Wireless LAN (WLAN); Xw application protocol (XwAP)".
[41]
TS 33.402: "3GPP System Architecture Evolution (SAE); Security aspects of non-3GPP accesses".
[42]
TS 36.413: "Evolved Universal Terrestrial Radio Access Network (E-UTRAN); S1 Application Protocol (S1AP)".
[43]
TS 33.501: "Security architecture and procedures for 5G system".
[44]
TS 38.300: "NR; Overall description; Stage-2".
[45]
TS 36.423: "Evolved Universal Terrestrial Radio Access Network (E-UTRAN); X2 Application Protocol (X2AP)".
Up

3  Definitions, symbols and abbreviationsp. 13

3.1  Definitionsp. 13

For the purposes of the present document, the terms and definitions given in TR 21.905, in TS 33.102 and the following apply. A term defined in the present document takes precedence over the definition of the same term, if any, in TR 21.905.
Access Security Management Entity:
entity which receives the top-level keys in an access network from the HSS. For E-UTRAN access networks, the role of the ASME is assumed by the MME
Activation of security context:
the process of taking into use a security context.
Authentication data:
Data that is part of a security context or of authentication vectors.
Chaining of KeNB:
derivation of a new KeNB from another KeNB (i.e., at cell handover)
Current EPS security context:
The security context which has been activated most recently. Note that a current EPS security context originating from either a mapped or native EPS security context may exist simultaneously with a native non-current EPS security context.
ECM-CONNECTED state:
This is as defined in TS 23.401. The term ECM-CONNECTED state corresponds to the term EMM-CONNECTED mode used in TS 24.301.
ECM-IDLE state:
As defined in TS 23.401. The term ECM-IDLE state corresponds to the term EMM-IDLE mode used in TS 24.301.
EPS-Authentication Vector:
KASME, RAND, AUTN, XRES
EPS security context:
A state that is established locally at the UE and a serving network domain. At both ends "EPS security context data" is stored, that consists of the EPS NAS security context, and the EPS AS security context.
EPS AS security context:
the cryptographic keys at AS level with their identifiers, the Next Hop parameter NH, the Next Hop Chaining Counter parameter NCC used for next hop access key derivation, the identifiers of the selected AS level cryptographic algorithms, counters used for replay protection and SCG Counter used as freshness input into S-KeNB derivations. Note that the EPS AS security context only exists when cryptographically protected radio bearers are established and is otherwise void.
EPS AS Secondary Cell security context:
This context consists of the cryptographic keys for SeNB (KUPenc), the identifier of the selected AS SC level cryptographic algorithm and counters used for replay protection.
EPS NAS security context:
This context consists of KASME with the associated key set identifier, the UE security capabilities, and the uplink and downlink NAS COUNT values. In particular, separate pairs of NAS COUNT values are used for each EPS NAS security contexts, respectively. The distinction between native and mapped EPS security contexts also applies to EPS NAS security contexts. The EPS NAS security context is called "full" if it additionally contains the keys KNASint and KNASenc and the identifiers of the selected NAS integrity and encryption algorithms.
Full native EPS security context:
A native EPS security context for which the EPS NAS security context is full according to the above definition. A full native EPS security context is either in state "current" or state "non-current".
Forward security:
In the context of KeNB key derivation, forward security refers to the property that, for an eNB with knowledge of a KeNB, shared with a UE, it shall be computationally infeasible to predict any future KeNB, that will be used between the same UE and another eNB. More specifically, n hop forward security refers to the property that an eNB is unable to compute keys that will be used between a UE and another eNB to which the UE is connected after n or more handovers (n=1 or 2).
IAB-node:
As defined in TS 23.401.
IAB-donor:
As defined in TS 23.401.
Legacy security context:
A security context which has been established according to TS 33.102.
Mapped security context:
Security context created by converting the current security context in the source system to a security context for the target system in inter-system mobility, e.g., UMTS keys created from EPS keys. The EPS NAS security context of a mapped security context is full and current.
Native EPS security context:
An EPS security context whose KASME was created by a run of EPS AKA.
Non-current EPS security context:
A native EPS security context that is not the current one. A non-current EPS security context may be stored along with a current EPS security context in the UE and the MME. A non-current EPS security context does not contain an EPS AS security context. A non-current EPS security context is either of type "full native" or of type "partial native".
Partial native EPS security context:
A partial native EPS security context consists of KASME with the associated key set identifier, the UE security capabilities, and the uplink and downlink NAS COUNT values, which are initially set to zero before the first NAS SMC procedure for this security context. A partial native EPS security context is created by an EPS AKA, for which no corresponding successful NAS SMC has been run. A partial native context is always in state "non-current".
Re-derivation of NAS keys:
derivation of new NAS keys from the same KASME but including different algorithms (and no freshness parameter)
Refresh of KeNB:
derivation of a new KeNB from the same KASME and including a freshness parameter
Re-keying of KeNB:
derivation of a new KeNB from a new KASME in ECM-CONNECTED (i.e., . to activate a partial native EPS security context, or to re-activate a non-current full EPS security context)
Re-keying of NAS keys:
derivation of new NAS keys from a new KASME
UE security capabilities:
The set of identifiers corresponding to the ciphering and integrity algorithms implemented in the UE. This includes capabilities for EPS AS and NAS, and includes capabilities for UTRAN and GERAN if these access types are supported by the UE.
UE EPS security capabilities:
The UE security capabilities for EPS AS and NAS.
User plane:
Within the context of TS 33.401, this means the data path between UE and Serving Gateway that does NOT go via the MME.
(User) Data via MME:
User Data sent to or from the UE that uses an RRC connection established using the Control Plane CIoT EPS optimisation specified in TS 23.401.
IOPS-capable eNB:
an eNB that has the capability of IOPS mode operation, which provides local IP connectivity and Public Safety services to IOPS-enabled UEs via a Local EPC when the eNB has lost backhaul to the Macro EPC or it has no backhaul to the Macro EPC.
IOPS network:
an IOPS network consists of one or more eNBs operating in IOPS mode and connected to a Local EPC.
Local EPC:
a Local EPC is an entity which provides functionality that eNBs in IOPS mode of operation use, instead of the Macro EPC, in order to support Public Safety services.
Macro EPC:
the EPC which serves an eNB when it is not in IOPS mode of operation.
Nomadic EPS:
a deployable system which has the capability to provide radio access (via deployable IOPS-capable eNB(s)), local IP connectivity and Public Safety services to IOPS-enabled UEs in the absence of normal EPS.IOPS-enabled UE: is an UE that is configured to use networks operating in IOPS mode.
Up

3.2  Symbolsp. 15

For the purposes of the present document, the following symbols apply:
||
Concatenation
Bitwise Exclusive Or (XOR) operation

3.3  Abbreviationsp. 15

For the purposes of the present document, the abbreviations given in TR 21.905 and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905.
AES
Advanced Encryption Standard
AK
Anonymity Key
AKA
Authentication and Key Agreement
AMF
Authentication Management Field
AN
Access Network
AS
Access Stratum
AUTN
Authentication token
AV
Authentication Vector
ASME
Access Security Management Entity
Cell-ID
Cell Identity as used in TS 36.331
CHO
Conditional Handover
CK
Cipher Key
CKSN
Cipher Key Sequence Number
C-RNTI
Cell RNTI as used in TS 36.331
CRL
Certificate Revocation List
DeNB
Donor eNB
DoS
Denial of Service
DSCP
Differentiated Services Code Point
EARFCN-DL
E-UTRA Absolute Radio Frequency Channel Number-Down Link
ECM
EPS Connection Management
EDT
Early Data Transmission
EEA
EPS Encryption Algorithm
EIA
EPS Integrity Algorithm
eKSI
Key Set Identifier in E-UTRAN
EMM
EPS Mobility Management
eNB
Evolved Node-B
EPC
Evolved Packet Core
EPS
Evolved Packet System
EPS-AV
EPS authentication vector
E-UTRAN
Evolved UTRAN
gNB
Next Generation Node-B
GERAN
GSM EDGE Radio Access Network
GUTI
Globally Unique Temporary Identity
HE
Home Environment
HFN
Hyper Frame Number
HO
Hand Over
HSS
Home Subscriber Server
IAB
Integrated Access and Backhaul
IK
Integrity Key
IKE
Internet Key Exchange
IMEI
International Mobile Station Equipment Identity
IMEISV
International Mobile Station Equipment Identity and Software Version number
IMSI
International Mobile Subscriber Identity
IOPS
Isolated E-UTRAN Operation for Public Safety
IRAT
Inter-Radio Access Technology
ISR
Idle Mode Signaling Reduction
KDF
Key Derivation Function
KSI
Key Set Identifier
LWIP
LTE WLAN RAN Level Integration using IPSec
LSB
Least Significant Bit
LSM
Limited Service Mode
LWA
LTE-WLAN Aggregation
MAC-I
Message Authentication Code for Integrity (terminology of TS36.323 [12])
MACT
Message Authentication Code T used in AES CMAC calculation
MeNB
Master eNB
ME
Mobile Equipment
MME
Mobility Management Entity
MME-RN
MME serving the RN
MS
Mobile Station
MSC
Mobile Switching Center
MSIN
Mobile Station Identification Number
NAS
Non Access Stratum
NAS-MAC
Message Authentication Code for NAS for Integrity (called MAC in TS24.301 [9])
NASDVM
Non Access Stratum - Data via MME
NCC
Next hop Chaining Counter
NH
Next Hop
OCSP
Online Certificate Status Protocol
OTA
Over-The-Air (update of UICCs)
PCI
Physical Cell Identity as used in TS 36.331
PDCP
Packet Data Convergence Protocol
PLMN
Public Land Mobile Network
PRNG
Pseudo Random Number Generator
PSK
Pre-shared Key
P-TMSI
Packet- Temporary Mobile Subscriber Identity
RAND
RANDom number
RAU
Routing Area Update
RLOS
Restricted Local Operator Services
RN
Relay Node
RRC
Radio Resource Control
SCG
Secondary Cell Group
SEG
Security Gateway
SGSN
Serving GPRS Support Node
SIM
Subscriber Identity Module
SMC
Security Mode Command
SeNB
Secondary eNB
SgNB
Secondary gNB
SN
Serving Network
SN id
Serving Network identity
SQN
Sequence Number
SRB
Source Route Bridge
SRVCC
Single Radio Voice Call Continuity
S-TMSI
S-Temporary Mobile Subscriber Identity
TAI
Tracking Area Identity
TAU
Tracking Area Update
UE
User Equipment
UEA
UMTS Encryption Algorithm
UIA
UMTS Integrity Algorithm
UICC
Universal Integrated Circuit Card
UMTS
Universal Mobile Telecommunication System
UP
User Plane
USIM
Universal Subscriber Identity Module
UTRAN
Universal Terrestrial Radio Access Network
WT
WLAN Termination as used in TS 36.300
XRES
Expected Response
Up

3.4  Conventionsp. 17

All data variables in the present document are presented with the most significant substring on the left hand side and the least significant substring on the right hand side. A substring may be a bit, byte or other arbitrary length bitstring. Where a variable is broken down into a number of substrings, the leftmost (most significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant.

Up   Top   ToC