Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TS 33.163  Word version:  18.0.0

Top   Top   Up   Prev   Next
0…   4…   4.3…   4.6…   5…   6…   6.2.2…   6.2.6…   6.2.7…   7…   A…

 

6.2.2  EMSDP general structurep. 29

This clause details a type 01 control plane EMSDP message and a type 01 user plane EMSDP message.
Figure 6.2.2-1 shows the general structure of the EMSDP type 01 message:
Reproduction of 3GPP TS 33.163, Fig. 6.2.2-1: data stack for the EMSDP transfers
Up
UP / CP Flag:
This is a 1 bit field that when set to '1' means that the data packet is a User Plane message and when set to '0' means that the message is a control plane message.
RFU:
This is a 1 bit field that is reserved for future use. Set to '0'.
Key ID:
This is a 3 bit field that indicates the key being used for encryption and Integrity protection. If no keys have been agreed between the HSE and the UE then this shall be '000'. The Key ID is associated to a specific Session ID.
CP COUNTER:
This is a counter, used for control plane data messages, that is incremented every control plane message. It is used to protect control plane data messages against replay attacks and its length is set based on the counter scheme indicated in the BEST HSE configuration TLV (minimum length is 3 bits). There are separate counter values for UE to HSE and HSE to UE. This counter value is associated to a specific Session ID. There are two independent CP counter values, one for messages from the UE and one for messages to the UE. The HSE shall not check the CP counter value if the incoming message is "EMSDP Session Request " and the Session ID is 0.
UP COUNTER:
This is a counter, used for user plain data messages, that is incremented every user plain data message. It is used to protect user plain data message against replay and its length is set based on the counter scheme indicated in the BEST HSE configuration TLV (minimum length is 3 bits). There are separate counter values for UE to HSE and HSE to UE. This counter value is associated to a specific Session ID. There are two independent UP counter values, one for messages from the UE and one for messages to the UE.
Session ID:
This indicates the identifier for the current session. The value is assigned by the HSE. Its length is determined according to the Session ID scheme that is agreed. For signalling messages sent from the UE, outside of a BEST session, the Session ID length shall be 1 octet and the Session ID value shall be all 0's. Two simultaneously existing sessions shall not have the same Session ID unless they correspond to the same UE.
EMSDP Command:
This is a 1 byte field that contains the signalling command. The defined commands are detailed below.
Cmd Options:
This is a TLV container that contains TLV elements that detail the options for the EMSDP command. The defined options TLVs are detailed below.
MAC:
This contains the truncated integrity result for this data packet calculated using the agreed integrity algorithm. Its length is set in the BEST HSE configuration TLV. For an EMSDP session request command the MAC shall not be present.
Data length:
This holds the length of the following data in this data packet. Its length is set in the EMSDP Session Request message. This is not present if the data length is set to 0 in the BEST HSE configuration TLV.
Data:
This is the data being transferred.
Up

6.2.3  EMSDP Counter and Session ID Schemesp. 31

6.2.3.1  Optimised EMSDP counter schemep. 31

The optimised EMSDP counter scheme has a 3 bit counter length followed by the counter value. This allows the counter length to be changed on a per message basis. The 3 bits are used to indicate the number of octets the counter is on, the value "000" is reserved for future use. So for instance:
Counter value "1" is represented as "001 00000001"
Counter value "257" is represented as "010 00000001 00000001"
Counter values are rejected if the counter value is less than or equal to a valid counter value already received. The HSE and the UE may also reject a message with a counter higher than a specific offset from the last valid counter value received. The HSE shall not check the counter value if the message is EMSDP Session Request and the Session ID is 0.
The optimised EMSDP counter scheme is defined as scheme 01.
Up

6.2.3.2  Optimised EMSDP Session ID schemep. 31

The Optimised EMSDP session ID scheme enables the EMSDP session ID to have a known length that can be as long as the application requires it.
In this scheme the highest bit of every session ID byte is an indication that the following byte is also part of the session ID.
For example the following session IDs are valid under this scheme: '01', 'F469', '82A57F'
This is the default session ID scheme for EMSDP messages and is defined as scheme 01.

6.2.4  EMSDP Integrity protectionp. 31

The integrity protection algorithm to be used and the length of the MAC is selected by the HSE with the EMSDP Session Start message.
Integrity protection is mandatory for all control plane and user plane messages except for the following control plane commands when no valid keyset is agreed between the UE and HSE:
  • an EMSDP session request command originating from the UE or the HSE. For this command the MAC shall not be present.
For an EMSDP start session command, originating from the HSE, if the Key Id for the message is the same as the Key Id indicated in the Key agreement TLV then the MAC shall be calculated using the new keys resulting from the authentication vectors in the Key agreement TLV.
For all other signalling plane and user plane data packets the MAC shall be computed as follows:
First the following fields are calculated (where needed for the chosen algorithm):
INPUT-I
set to the message Counter Value expanded and right padded with 0's to a fixed size of 4 bytes.
COUNT-C
set to the message Counter Value expanded and right padded with 0's to a fixed size of 4 bytes
M (GSM)
set to the length of message in bytes. It is coded on 2 bytes.
LENGTH
set to the length of message in bytes. It is coded on 2 bytes.
MESSAGE
the fields marked for integrity protection in Figure 6.8.2.4.3.1: "data stack for the EMSDP transfers" concatenated in the order they appear in the data packet.
M (LTE)
the fields marked for integrity protection in Figure 6.8.2.4.3.1: "data stack for the EMSDP transfers" concatenated in the order they appear in the data packet.
DIRECTION
The DIRECTION bit shall be "0" for UE to HSE data packets and set to "1" for HSE to UE data packets.
BEARER
For control plane messages this shall be set to "00000" and for user plane messages this shall be set to "10101"
FRAMETYPE
For control plane messages this shall be set to "00" and for user plane messages this shall be set to "AA".
KI128
This is the agreed integrity key value truncated to the lowest 128 bits.
IK
This is the agreed integrity key value truncated to the lowest 128 bits.
If GIA4 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 55.241 shall be used to generate the MAC value. If the MAC length selected by the HSE with the EMSDP Session Start message is less than the length of the MAC produced by the GIA4 function, then the MAC shall be truncated to the correct size from the right.
If GIA5 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 55.251 shall be used to generate the MAC value. If the MAC length selected by the HSE with the EMSDP Session Start message is less than the length of the MAC produced by the GIA5 function, then the MAC shall be truncated to the correct size from the right.
If UIA1 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.201 shall be used to generate the MAC-I value. The MAC shall be set to the MAC-I truncated to the correct size from the right.
If UIA2 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.215 shall be used to generate the MAC-I value. The MAC shall be set to the MAC-I truncated to the correct size from the right.
If 128-EIA1 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.2.2 shall be used to generate the MAC-I value. The MAC shall be set to the MAC-I truncated to the correct size from the right.
If 128-EIA2 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.2.3 shall be used to generate the MAC-I value. The MAC shall be set to the MAC-I truncated to the correct size from the right.
If 128-EIA3 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.221 shall be used to generate the MAC-I value. The MAC shall be set to the calculated MAC-I value truncated to the correct size from the right.
If 128-NIA1 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.2.2 shall be used to generate the MAC-I value. The MAC shall be set to the MAC-I truncated to the correct size from the right.
If 128-NIA2 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.2.3 shall be used to generate the MAC-I value. The MAC shall be set to the MAC-I truncated to the correct size from the right.
If 128-NIA3 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.221 shall be used to generate the MAC-I value. The MAC shall be set to the calculated MAC-I value truncated to the correct size from the right.
Up

6.2.5  EMSDP Encryptionp. 33

The encryption protection algorithm to be used is selected by the HSE with the EMSDP Session Start message. If EEA0 is indicated then the message shall not be encrypted.
Encryption is mandatory for all control plane and user plane messages when an encryption algorithm other than EEA0 is selected by the HSE with the EMSDP Session Start message, except for the following control plane commands when no valid keyset is agreed between the UE and HSE:
  • an EMSDP session request command originating from the UE or the HSE
  • an EMSDP start session command originating from the HSE
For all other messages the following encryption shall be applied the fields indicated in Figure 6.2.1-1: "data stack for the EMSDP transfers" to be encrypted.
First the following are computed (where relevant for the algorithm being used):
INPUT-I
set to the message Counter Value expanded and right padded with 0's to a fixed size of 4 bytes.
COUNT-C
set to the message Counter Value expanded and right padded with 0's to a fixed size of 4 bytes
M (GSM)
set to the length of message in bytes. It is coded on 2 bytes.
LENGTH
set to the length of message in bytes. It is coded on 2 bytes.
MESSAGE
the fields marked for encryption protection in Figure 6.8.2.4.3.1: "data stack for the EMSDP transfers" concatenated in the order they appear in the data packet.
M (LTE)
the fields marked for encryption protection in Figure 6.8.2.4.3.1: "data stack for the EMSDP transfers" concatenated in the order they appear in the data packet.
DIRECTION
The DIRECTION bit shall be "0" for UE to HSE data packets and set to "1" for HSE to UE data packets.
BEARER
For signalling data packets this shall be set to "00000" and for user plane data packets this shall be set to "10101"
FRAMETYPE
For control plane messages this shall be set to "00" and for user plane messages this shall be set to "AA".
KI128
This is the agreed encryption key value truncated to the lowest 128 bits.
CK
This is the agreed encryption key value truncated to the lowest 128 bits.
If GEA4 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 55.241 shall be used to generate the OUTPUT value. The OUTPUT value replaces the fields that are encrypted in the data packet.
If GEA5 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 55.251 shall be used to generate the OUTPUT value. The OUTPUT value replaces the fields that are encrypted in the data packet.
If UEA1 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.201 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If UEA2 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.215 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-EEA0 is indicated in the HSE BEST protocol ID element, then the NULL algorithm as specified in TS 33.401 Annex B.0 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-EEA1 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.1.2 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-EEA2 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.1.3 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-EEA3 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.221 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-NEA1 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.1.2 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-NEA2 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 33.401 Annex B.1.3 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
If 128-NEA3 is indicated in the HSE BEST protocol ID element, then the algorithm specified in TS 35.221 shall be used to generate the OBS value. The OBS value replaces the fields that are encrypted in the data packet.
Up

Up   Top   ToC