F.2 Introduction

24.1093GPPBootstrapping interface (Ub) and network application function interface (Ua)Protocol detailsRelease 17TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

F.2.1 General

A bootstrapping session established using a bootstrapping procedure (cf., clause 4 and annex A) is used between a UE and a NAF. The BSF provides to the NAF a NAF specific key material (Ks_NAF or Ks_ext_NAF and optionally Ks_int_NAF) which is derived from the key material (Ks). The NAF uses this key to authenticate and optionally secure (i.e. integrity protect and encrypt) the communications between it and the UE. The BSF will also provide the NAF the expiration time of the bootstrapping session. When the bootstrapping session becomes invalid the NAF will stop using the session, and indicate to the UE that bootstrapping session has expired and that new session needs to be established.

An example of the signalling flows of the authentication procedure using PSK TLS is given in clause F.3.

F.2.2 Key required to interpret signalling flows

The following key (rules) have been applied to TLS handshake signalling flows to improve readability, reduce errors and increase maintainability:

a) The description of TLS messages and their fields are identified by three fields: "TLS.MESSAGE.FIELD":

– "TLS" identifies that the message is a TLS message;

– "MESSAGE" identifies the name of the TLS message (e.g. ClientHello);

– "FIELD" identifies the name of the TLS message field (e.g. client_version).

An example being "TLS.ClientHello.client_version", which identifies TLS message "ClientHello" and its data field "client_version". The possible TLS message and TLS message field names as well as their encoding to the TLS protocol are specified in IETF TLS related specifications as defined in annex E of 3GPP TS 33.310 [25].

b) If multiple TLS messages are sent in sequence from one entity to another this is described as one step.

– the figures describe the sending of multiple TLS messages in one step by listing the TLS message names in separate lines;

– the description of the step contains the explanation of the messages and their parameters as described in bullet a).

c) In order to differentiate between TLS messages and other protocol messages, the TLS messages are marked with simple arrow line, and all non-TLS messages with block arrows.

d) The flows show the signalling exchanges between the following functional entities:

– User Equipment (UE);

– Bootstrapping Server Function (BSF);

– Network Application Function (NAF).