Content for TS 31.102 Word version: 18.5.0

0… 3… 4… 4.2.9… 4.2.17… 4.2.26… 4.2.34… 4.2.44… 4.2.52… 4.2.60… 4.2.68… 4.2.76… 4.2.85… 4.2.93… 4.2.101… 4.2.107… 4.3… 4.4.2… 4.4.2.4… 4.4.3… 4.4.4… 4.4.5… 4.4.6… 4.4.8… 4.4.8.7… 4.4.9… 4.4.11… 4.4.11.7… 4.4.11.17… 4.4.12… 4.5… 4.6… 4.6.5… 4.6.6… 4.7 5… 5.2… 5.3… 5.4… 5.9… 6… 7… 7.1.2… 7.3… A B… D E… G H… I… L… M…

4.4.11 Contents of files at the DF 5GS level 4.4.11.1 Introduction 4.4.11.2 EF_5GS3GPPLOCI (5GS 3GPP location information) 4.4.11.3 EF_5GSN3GPPLOCI (5GS non-3GPP location information) 4.4.11.4 EF_5GS3GPPNSC (5GS 3GPP Access NAS Security Context) 4.4.11.5 EF_5GSN3GPPNSC (5GS non-3GPP Access NAS Security Context) 4.4.11.6 EF_5GAUTHKEYS (5G authentication keys)
...

4.4.11 Contents of files at the DF 5GS level |R15| p. 202

4.4.11.1 Introduction p. 202

This clause describes the files that are specific for 5GS.

DF5GS shall be present at the ADFUSIM level if any of the following services are "available" in EFUST (USIM Service Table):

Service No. 122	5GS Mobility Management Information
Service No. 123	5G Security Parameters
Service No. 124	Subscription identifier privacy support
Service No. 125	SUCI calculation by the USIM
Service No. 126	UAC Access Identities support
Service No. 127	Control plane-based steering of UE in VPLMN
Service No. 128	Call control on PDU Session by USIM
Service No. 129	5GS Operator PLMN List
Service No. 130	Support for SUPI of type NSI or GLI or GCI
Service No. 132	Support for URSP by USIM
Service No. 133	5G Security Parameters extended
Service No. 134	MuD and MiD configuration data
Service No. 135	Support for Trusted non-3GPP access networks by USIM
Service No. 136	Support for multiple records of NAS security context storage for multiple registration
Service No. 137	Pre-configured CAG information list
Service No. 138	SOR-CMCI storage in USIM
Service No. 140	Storage of disaster roaming information in USIM
Service No. 141	Pre-configured eDRX parameters
Service No. 142	5G NSWO support
Service No. 144	Multiplier Coefficient for Higher Priority PLMN search via NG-RAN satellite access
Service No. 145	KAUSF derivation configuration

4.4.11.2 EF_5GS3GPPLOCI (5GS 3GPP location information) p. 203

If service No. 122 is "available" in EFUST, this file shall be present.

This EF contains the following 5GS location information for 3GPP access:

5G-Globally Unique Temporary Identifier (5G-GUTI);
Last visited registered Tracking Area Identity in 5GS (TAI);
5GS update status.

Identifier: '4F01'

Structure: transparent

Optional

SFI: '01'

File size: 20 bytes

Update activity: high

Access Conditions:

READ	PIN
UPDATE	PIN
DEACTIVATE	ADM
ACTIVATE	ADM

Bytes	Description	M/O	Length
1 to 13	5G-GUTI for 3GPP access	M	13 bytes
14 to 19	Last visited registered TAI in 5GS for 3GPP access	M	6 bytes
20	5GS update status for 3GPP access	M	1 byte

5G-GUTI for 3GPP access

Contents:

5G-Globally Unique Temporary Identifier for 3GPP access.

Coding:

as the 5G-GUTI part of the 5GS mobile identity information element defined in TS 24.501. Byte 1 corresponds to "octet 2" of an 5GS mobile identity information element containing a 5G-GUTI. Byte 13 corresponds to "octet 14" of an 5GS mobile identity information element information element containing a 5G-GUTI.

Byte 1:

first byte of 5G-GUTI for 3GPP access

b8	b7	b6	b5	b4	b3	b2	b1
MSB

Last visited registered TAI in 5GS for 3GPP access

Contents:

Last visited registered Tracking Area Identity in 5GS for 3GPP access.

Coding:

as the content of the tracking area identity information element defined in TS 24.501. Byte 14 corresponds to "octet 2" of a tracking area identity information element. Byte 19 corresponds to "octet 7" of a tracking area identity information element.

Byte 14:

first byte of last visited registered TAI for 3GPP access

b8	b7	b6	b5	b4	b3	b2	b1
MSB

5GS update status for 3GPP access

Contents:

status of 5GS update for 3GPP access according to TS 24.501.

Coding:

byte 20:

Bits:	b3 b2 b1
	0 0 0	5U1 UPDATED
	0 0 1	5U2 NOT UPDATED
	0 1 0	5U3 ROAMING NOT ALLOWED
	0 1 1	reserved
	1 0 0	reserved
	1 0 1	reserved
	1 1 0	reserved
	1 1 1	reserved

Bits b4 to b8 are RFU (see TS 31.101).

Unused bytes shall be set to 'FF'.

4.4.11.3 EF_5GSN3GPPLOCI (5GS non-3GPP location information) p. 204

If service No. 122 is "available" in EFUST, this file shall be present.

This EF contains the following 5GS location information for non-3GPP access:

5G-Globally Unique Temporary Identifier (5G-GUTI);
Last visited registered Tracking Area Identity in 5GS (TAI);
5GS update status.

Identifier: '4F02'

Structure: transparent

Optional

SFI: '02'

File size: 20 bytes

Update activity: high

Access Conditions:

READ	PIN
UPDATE	PIN
DEACTIVATE	ADM
ACTIVATE	ADM

Bytes	Description	M/O	Length
1 to 13	5G-GUTI for non-3GPP access	M	13 bytes
14 to 19	Last visited registered TAI in 5GS for non-3GPP access	M	6 bytes
20	5GS update status for non-3GPP access	M	1 byte

For content and coding see clause 4.4.11.2 for EF5GS3GPPLOCI.

4.4.11.4 EF_5GS3GPPNSC (5GS 3GPP Access NAS Security Context) p. 205

If service No. 122 is "available" in EFUST, this file shall be present.

This EF contains the 5GS 3GPP access NAS security context as defined in TS 24.501, consisting of KAMF with the associated key set identifier, the UE security capabilities, and the uplink and downlink NAS COUNT values. This EF also contains the EPS NAS security algorithms to be used when the UE goes to EPS, either by means of connected mode handover in a network that supports N26 interface, or by the means of idle mode mobility performed by the UE from 5GS to EPS, as specified in TS 33.501.

If Service No. 136 is not "available" in EFUST, the file shall contain one record.

If service No. 136 is "available" in EFUST, the file shall contain two records. As specified in clause 6.3.2.1 of TS 33.501, in case of multiple registrations in different PLMNs, each record shall store 5GS 3GPP access NAS security context for each different PLMN (Refer to Annex O for examples),

Identifier: '4F03'

Structure: linear fixed

Optional

SFI: '03'

Record size: X bytes (X≥57)

Update activity: high

Access Conditions:

READ	PIN
UPDATE	PIN
DEACTIVATE	ADM
ACTIVATE	ADM

Bytes	Description	M/O	Length
1 to X	5GS NAS Security Context TLV Object	M	X bytes

5GS NAS Security Context tags

Description	Tag Value
5GS NAS Security Context Tag	'A0'

5GS NAS Security Context information

Description	Value	M/O	Length (bytes)
5GS NAS Security Context Tag	'A0'	M	1
Length (length of all subsequent data)	Y	M	Note 1
ngKSI Tag	'80'	M	1
Length	K	M	Note 1
ngKSI	--	M	K
KAMF Tag	'81'	M	1
Length	L	M	Note 1
KAMF	--	M	L
Uplink NAS count Tag	'82'	M	1
Length	M	M	Note 1
Uplink NAS count	--	M	M
Downlink NAS count Tag	'83'	M	1
Length	N	M	Note 1
Downlink NAS count	--	M	N
Identifiers of selected NAS integrity and encryption algorithms Tag	'84'	M	1
Length	S	M	Note 1
Identifiers of selected NAS integrity and encryption algorithms	--	M	S
Identifiers of selected EPS NAS integrity and encryption algorithms for use after mobility to EPS Tag	'85'	M	1
Length	U	M	Note 1
Identifiers of selected EPS NAS integrity and encryption algorithms for use after mobility to EPS	--	M	U
PLMN identifier tag	'86'	C (see Note 2)	1
Length	3	C (see Note 2)	Note 1
PLMN identifier	--	C (see Note 2)	3
NOTE 1: The length is coded according to ISO/IEC 8825-1 [35] NOTE 2: If service No. 136 is "available", PLMN identifier shall be included to identify the PLMN of the 5GS NAS Security Context stored in record 2 for the access. The PLMN identifier is not applicable for record 1 and is mandatory for record 2.

ngKSI Tag '80'

Contents:

The ngKSI (Key Set Identifier in 5G) as defined in TS 33.501 is coded on 1 byte.

Coding:

b8	b7	b6	b5	b4	b3	b2	b1
bits b4 to b8 are coded 0					ngKSI

KAMF Tag '81'

Contents:

The KAMF as defined in TS 33.501 is coded on 32 bytes. The ME shall treat any KAMF values stored in this EF as invalid if the ngKSI indicates that no KAMF is available or if the length indicated in the KAMF TLV is set to '00',

Coding:

The most significant bit of KAMF is the most significant bit of the 1st byte of this TLV value field. The least significant bit of KAMF is the least significant bit of the last byte of this TLV value field.

Uplink NAS count Tag '82'

Contents:

The uplink NAS count as defined in TS 33.501 is coded on 4 bytes.

Coding:

The most significant bit of the uplink NAS count is the most significant bit of the 1st byte of this TLV value field. The least significant bit of the uplink NAS count is the least significant bit of the last byte of this TLV value field.

Downlink NAS count Tag '83'

Contents:

The downlink NAS count as defined in TS 33.501 is coded on 4 bytes.

Coding:

The most significant bit of the downlink NAS count is the most significant bit of the 1st byte of this TLV value field. The least significant bit of the downlink NAS count is the least significant bit of the last byte of this TLV value field.

Identifiers of selected NAS integrity and encryption algorithms Tag '84'

Contents:

The identifiers of selected NAS integrity and encryption algorithms as defined in TS 33.501 and TS 24.501. In this release the identifiers of selected NAS integrity and encryption algorithms are coded as 4-bit identifiers.

Coding:

Coding is same as the content of the NAS security algorithms information element defined in TS 24.501.

Byte 1 of this TLV value field: first byte of the value part of the NAS security algorithms information element

b8	b7	b6	b5	b4	b3	b2	b1
MSB

Identifiers of selected EPS NAS algorithms for use after mobility to EPS Tag '85'

Contents:

The identifiers of selected EPS NAS integrity and encryption algorithms to be used when the UE goes to EPS, either by means of connected mode handover in a network that supports N26 interface, or by the means of idle mode mobility performed by the UE from 5GS to EPS, as specified in TS 33.501 and TS 24.501. These identifiers are coded as 4-bit identifiers.

Coding:

Coding is same as the content of the EPS NAS security algorithms information element specified in TS 24.301.

Byte 1 of this TLV value field: first byte of the value part of the EPS NAS security algorithms information element in TS 24.301.

b8	b7	b6	b5	b4	b3	b2	b1
MSB

PLMN identifier Tag '86'

Contents:

The PLMN identifier comprising MCC and MNC defined in TS 23.003 is coded on 3 bytes.

Coding:

The PLMN identifier is coded according to TS 24.008.

Unused bytes shall be set to 'FF'.

In order to mark the stored 5GS NAS security context as invalid:

the record bytes shall be set to 'FF', or
the ngKSI is set to '07', or
the length indicated in the KAMF TLV is set to '00'.

4.4.11.5 EF_5GSN3GPPNSC (5GS non-3GPP Access NAS Security Context) p. 208

If Service No. 122 is "available" in EFUST, this file shall be present.

This EF contains the 5GS non-3GPP access NAS security context as defined in TS 24.501, consisting of KAMF with the associated key set identifier, the UE security capabilities, and the uplink and downlink NAS COUNT values. This EF also contains the EPS NAS security algorithms to be used when the UE goes to EPS, either by means of connected mode handover in a network that supports N26 interface, or by the means of idle mode mobility performed by the UE from 5GS to EPS, as specified in TS 33.501.

If Service No. 136 is not "available" in EFUST, the file shall contain one record.

If service No. 136 is "available" in EFUST, the file shall contain two records. As specified in clause 6.3.2.1 of TS 33.501, in case of multiple registrations in different PLMNs, each record shall store 5GS non-3GPP access NAS security context for each different PLMN (Refer to Annex O for examples).

Identifier: '4F04'

Structure: linear fixed

Optional

SFI: '04'

Record size: X bytes (X≥57)

Update activity: high

Access Conditions:

READ	PIN
UPDATE	PIN
DEACTIVATE	ADM
ACTIVATE	ADM

Bytes	Description	M/O	Length
1 to X	5GS NAS Security Context TLV Object	M	X bytes

For content and coding see clause 4.4.11.4 for EF5GS3GPPNSC.

4.4.11.6 EF_5GAUTHKEYS (5G authentication keys) p. 208

If Service No. 123 and Service No. 133 are "available" in EFUST, this file shall be present. This EF contains KSEAF for 3GPP access, KAUSF that are generated on the ME using CK and IK as part of AKA procedures, KSEAF for non-3GPP access, SOR counter and UE parameter update counter as described in TS 33.501. The file size is 110 bytes.

Identifier: '4F05'

Structure: transparent

Optional

SFI: '05'

File size: = 110 bytes

Update activity: high

Access Conditions:

READ	PIN
UPDATE	PIN
DEACTIVATE	ADM
ACTIVATE	ADM

Bytes	Description	M/O	Length
KAUSF Tag	'80'	M	1
Length	K (Note2)	M	Note1
KAUSF	--	M	K (Note2)
KSEAF for 3GPP access Tag	'81'	M	1
Length	L (Note2)	M	Note1
KSEAF for 3GPP access	--	M	L (Note2)
KSEAF for non-3GPP access Tag	'82'	M	1
Length	M (Note2)	M	Note1
KSEAF for non-3GPP access	--	M	M (Note2)
SOR counter Tag	'83'	M	1
Length	N	M	Note 1
SOR counter	--	M	N (Note 3)
UE parameter update counter Tag	'84'	M	1
Length	O	M	Note 1
UE parameter update counter	--	M	O (Note 3)
NOTE 1: The length is coded according to ISO/IEC 8825-1 [35]. NOTE 2: As per TS 33.501, the length of keys KAUSF and KSEAF is 32 bytes each NOTE 3: As per TS 33.501, the length of SOR counter and UE parameter update counter is 2 bytes each

KAUSF Tag '80'.

Contents:

KAUSF as described in TS 33.501).

Coding:

The most significant bit of KAUSF is the most significant bit of the 1st byte of this TLV value field. The least significant bit of KAUSF is the least significant bit of the last byte of this TLV value field.

KSEAF for 3GPP access Tag '81'

Contents:

KSEAF for 3GPP access as described in TS 33.501. If there is no valid KSEAF for 3GPP access, the contents (Value part of the TLV) shall be 'FF…FF'.

Coding:

The most significant bit of KSEAF for 3GPP access is the most significant bit of the 1st byte of this TLV value field. The least significant bit of KSEAF for 3GPP access is the least significant bit of the last byte of this TLV value field.

KSEAF for non-3GPP access Tag '82'

Contents:

KSEAF for non-3GPP access as specified in TS 33.501. If there is no valid KSEAF for non-3GPP access, the contents (Value part of the TLV) shall be 'FF…FF'.

Coding:

The most significant bit of KSEAF for non-3GPP access is the most significant bit of the 1st byte of this TLV value field. The least significant bit of KSEAF for non-3GPP access is the least significant bit of the last byte of this TLV value field.

SOR counter Tag '83'

Contents:

The SOR counter as defined in clause 6.14.2.3 of TS 33.501. In this release the SOR counter is coded on 2 bytes. If there is no valid SOR counter, the contents (Value part of the TLV) shall be 'FFFF'.

Coding:

The most significant bit of the SOR counter is the most significant bit of the 1st byte of this TLV value field. The least significant bit of the SOR counter is the least significant bit of the last byte of this TLV value field.

UE parameter update counter Tag '84'

Contents:

The UE parameter update counter as defined in clause 6.15.2.2 of TS 33.501. In this release the UE parameter update counter is coded on 2 bytes. If there is no valid UE parameter update counter, the contents (Value part of the TLV) shall be 'FFFF'.

Coding:

The most significant bit of the UE parameter update counter is the most significant bit of the 1st byte of this TLV value field. The least significant bit of the UE parameter update counter is the least significant bit of the last byte of this TLV value field.

Content for TS 31.102 Word version: 18.5.0

4.4.11 Contents of files at the DF 5GS level |R15| p. 202

4.4.11.1 Introduction p. 202

4.4.11.2 EF5GS3GPPLOCI (5GS 3GPP location information) p. 203

4.4.11.3 EF5GSN3GPPLOCI (5GS non-3GPP location information) p. 204

4.4.11.4 EF5GS3GPPNSC (5GS 3GPP Access NAS Security Context) p. 205

4.4.11.5 EF5GSN3GPPNSC (5GS non-3GPP Access NAS Security Context) p. 208

4.4.11.6 EF5GAUTHKEYS (5G authentication keys) p. 208

4.4.11.2 EF_5GS3GPPLOCI (5GS 3GPP location information) p. 203

4.4.11.3 EF_5GSN3GPPLOCI (5GS non-3GPP location information) p. 204

4.4.11.4 EF_5GS3GPPNSC (5GS 3GPP Access NAS Security Context) p. 205

4.4.11.5 EF_5GSN3GPPNSC (5GS non-3GPP Access NAS Security Context) p. 208

4.4.11.6 EF_5GAUTHKEYS (5G authentication keys) p. 208