8.1.12 Security mode control

25.3313GPPProtocol specificationRadio Resource Control (RRC)Release 17TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Figure 8.1.12-1: Security mode control procedure

8.1.12.1 General

The purpose of this procedure is to trigger the start of ciphering or to command the restart of the ciphering with a new ciphering configuration, for the radio bearers of one CN domain and for all signalling radio bearers.

It is also used to start integrity protection or to modify the integrity protection configuration for all signalling radio bearers.

8.1.12.2 Initiation

8.1.12.2.1 Ciphering configuration change

To start/restart ciphering, UTRAN sends a SECURITY MODE COMMAND message on the downlink DCCH in AM RLC using the most recent ciphering configuration. If no such ciphering configuration exists then the SECURITY MODE COMMAND is not ciphered. UTRAN should not transmit a SECURITY MODE COMMAND to signal a change in ciphering algorithm.

When configuring ciphering, UTRAN should ensure that the UE needs to store at most two different ciphering configurations (keyset and algorithm) per CN domain, in total over all radio bearers at any given time. For signalling radio bearers the total number of ciphering configurations that need to be stored is at most three. Prior to sending the SECURITY MODE COMMAND, for the CN domain indicated in the IE "CN domain identity" in the SECURITY MODE COMMAND, UTRAN should:

1> suspend all radio bearers using RLC-AM or RLC-UM and all signalling radio bearers using RLC-AM or RLC-UM, except the signalling radio bearer used to send the SECURITY MODE COMMAND message on the downlink DCCH in RLC-AM, and except signalling radio bearer RB0, according to the following:

2> not transmit RLC PDUs with sequence number greater than or equal to the number in IE "Radio bearer downlink ciphering activation time info" on all suspended radio bearers and all suspended signalling radio bearers.

1> set, for the signalling radio bearer used to send the SECURITY MODE COMMAND, the "RLC sequence number" in IE "Radio bearer downlink ciphering activation time info" in the IE "Ciphering mode info", at which time the new ciphering configuration shall be applied;

NOTE: The UTRAN should avoid the situation that the UE is aware of more than one pending downlink ciphering activation times for SRB2. In such a case the UE behaviour is unspecified.

1> if a transparent mode radio bearer for this CN domain exists:

2> include the IE "Ciphering activation time for DPCH" in IE "Ciphering mode info", at which time the new ciphering configuration shall be applied and specify a CFN value for this IE that is a multiple of 8 frames (CFN mod 8 = 0).

NOTE: UTRAN should chose the value for the IE "Ciphering activation time for DPCH" such that the new ciphering configuration will occur after all the pending ciphering activation times have been reached for the transparent mode radio bearers of this CN domain.

1> consider a ciphering activation time in downlink to be pending until the RLC sequence number of the next RLC PDU to be transmitted for the first time is equal to or larger than the selected activation time;

1> set, for each suspended radio bearer and signalling radio bearer that has no pending ciphering activation time set by a previous security mode control procedure, an "RLC sequence number" in IE "Radio bearer downlink ciphering activation time info" in the IE "Ciphering mode info", at which time the new ciphering configuration shall be applied;

1> set, for each suspended radio bearer and signalling radio bearer that has a pending ciphering activation time set by a previous security mode control procedure, the "RLC sequence number" in IE "Radio bearer downlink ciphering activation time info" in the IE "Ciphering mode info" to the value used in the previous security mode control procedure, at which time the latest ciphering configuration shall be applied;

1> if Integrity protection has already been started for the UE:

2> if for the CN domain indicated in the IE "CN domain identity" in the SECURITY MODE COMMAND, a new security key set (new ciphering and integrity protection keys) has been received from upper layers since the transmission of the last SECURITY MODE COMMAND message for that CN domain:

3> include the IE "Integrity protection mode info" in the SECURITY MODE COMMAND.

2> if the IE "CN domain identity" in the SECURITY MODE COMMAND is different from the IE "CN domain identity" that was sent in the previous SECURITY MODE COMMAND message to the UE:

3> include the IE "Integrity protection mode info" in the SECURITY MODE COMMAND.

1> transmit the SECURITY MODE COMMAND message on RB2.

8.1.12.2.2 Integrity protection configuration change

To start or modify integrity protection, UTRAN sends a SECURITY MODE COMMAND message on the downlink DCCH in AM RLC using the new integrity protection configuration. UTRAN should not "modify" integrity protection for a CN domain to which a SECURITY MODE COMMAND configuring integrity protection has been previously sent for an ongoing signalling connection unless the application of new integrity keys needs to be signalled to the UE. UTRAN should not transmit a SECURITY MODE COMMAND to signal a change in integrity protection algorithm.

In case of Inter-RAT handover to UTRAN, after the reception of the HANDOVER TO UTRAN COMPLETE message and a key set is received, UTRAN should transmit a SECURITY MODE COMMAND message containing IE "Integrity protection mode info" in order to initiate integrity protection with the integrity key of the key set used in the other RAT (see subclause 8.3.6.3).

When configuring Integrity protection, UTRAN should:

1> ensure that the UE needs to store at most three different Integrity protection configurations (keysets) at any given time. This includes the total number of Integrity protection configurations for all signalling radio bearers;

1> if Ciphering has already been started for the UE for the CN domain to be set in the IE "CN domain identity" in the SECURITY MODE COMMAND:

3> include the IE "Ciphering mode info" in the SECURITY MODE COMMAND.

1> if Ciphering has already been configured for the UE for a CN domain different from the CN domain to be set in the IE "CN domain identity" in the SECURITY MODE COMMAND:

2> include the IE "Ciphering mode info" in the SECURITY MODE COMMAND.

Prior to sending the SECURITY MODE COMMAND, for the CN domain indicated in the IE "CN domain identity" in the SECURITY MODE COMMAND, UTRAN should:

1> if this is the first SECURITY MODE COMMAND sent for this RRC connection:

2> if new keys have been received:

3> initialise the hyper frame numbers as follows:

4> set all bits of the hyper frame numbers of the COUNT-I values for all signalling radio bearers to zero.

2> else (if new keys have not been received):

3> use the value "START" in the most recently received IE "START list" or IE "START" that belongs to the CN domain indicated in the IE "CN domain identity" to initialise all hyper frame numbers of COUNT-I for all the signalling radio bearers by:

4> setting the 20 most significant bits of the hyper frame numbers for all signalling radio bearers to the value "START" in the most recently received IE "START list" or IE "START" for that CN domain;

4> setting the remaining bits of the hyper frame numbers equal to zero.

1> else (this is not the first SECURITY MODE COMMAND sent for this RRC connection):

2> if new keys have been received:

3> initialise the hyper frame number for COUNT-I for RB2 as follows:

4> set all bits of the HFN of the COUNT-I value for RB2 to zero.

2> if new keys have not been received:

3> initialise the hyper frame number for COUNT-I for RB2 as follows:

4> set the 20 most significant bits of the HFN of the downlink and uplink COUNT-I to the value of the most recently received IE "START" or IE "START list" for the CN domain to be set in the IE "CN Domain Identity";

4> set the remaining bits of the HFN of the downlink and uplink COUNT-I to zero.

1> if the IE "Integrity protection mode command" has the value "Start":

2> prohibit the transmission of signalling messages with any RRC SN on all signalling radio bearers, except RB2;

2> set the FRESH value in the IE "Integrity protection initialisation number", included in the IE "Integrity protection mode info".

1> if the IE "Integrity protection mode command" has the value "Modify":

2> for each signalling radio bearer RBn, except RB2:

3> prohibit the transmission of signalling messages with RRC SN greater or equal to the RRC sequence number in entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info", included in the IE "Integrity protection mode info".

2> consider an integrity protection activation time in downlink to be pending until the selected activation time is equal to the next RRC sequence number to be used, which means that the last RRC message using the old integrity protection configuration has been submitted to lower layers;

2> set, for each signalling radio bearer RBn, that has no pending integrity protection activation time set by a previous security mode control procedure, an RRC sequence number in entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info", included in the IE "Integrity protection mode info", at which time the new integrity protection configuration shall be applied;

2> set, for each signalling radio bearer RBn, that has a pending integrity protection activation time set by a previous security mode control procedure, the RRC sequence number in entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info", included in the IE "Integrity protection mode info", to the value used in the previous security mode control procedure, at which time the latest integrity protection configuration shall be applied.

1> transmit the SECURITY MODE COMMAND message on RB2 using the new integrity protection configuration.

NOTE1: In the case of re-initialisation of Integrity Protection at HFN wrap around, the network should take into account the UE actions as described in subclauses 8.5.10.1 and 8.5.10.2.

NOTE2: After the SECURITY MODE COMMAND message is transmitted, the network should ensure that it can revert back to old integrity protection until it receives the SECURITY MODE COMPLETE message, to take into account the UE actions when security mode control procedure is unsuccessful. The network should also be aware that the UE may revert to old configuration when waiting for the acknowledgement from L2 for the SECURITY MODE COMPLETE message, and act accordingly.

NOTE3: In the case of the first SECURITY MODE COMMAND message following an SRNS relocation, the network should set the IE "Downlink integrity protection activation info" for SRB3 and SRB4 to at least "the current downlink RRC sequence number +2". As a consequence, at least the first message sent on SRB3 and SRB4 by the Target RNC will use the old integrity protection configuration.

8.1.12.3 Reception of SECURITY MODE COMMAND message by the UE

Upon reception of the SECURITY MODE COMMAND message, the UE shall:

1> if neither IE "Ciphering mode info" nor IE "Integrity protection mode info" is included in the SECURITY MODE COMMAND:

2> set the variable INVALID_CONFIGURATION to TRUE.

1> if the IE "Security capability" is the same as indicated by variable UE_CAPABILITY_TRANSFERRED, and the IE "GSM security capability" (if included in the SECURITY MODE COMMAND) is the same as indicated by the variable UE_CAPABILITY_TRANSFERRED:

2> set the variable LATEST_CONFIGURED_CN_DOMAIN equal to the IE "CN domain identity";

2> set the IE "Status" in the variable SECURITY_MODIFICATION for the CN domain indicated in the IE "CN domain identity" in the received SECURITY MODE COMMAND to the value "Affected";

2> set the IE "Status" in the variable SECURITY_MODIFICATION for all CN domains other than the CN domain indicated in the IE "CN domain identity" to "Not affected";

2> set the IE "RRC transaction identifier" in the SECURITY MODE COMPLETE message to the value of "RRC transaction identifier" in the entry for the SECURITY MODE COMMAND message in the table "Accepted transactions" in the variable TRANSACTIONS; and

2> clear that entry;

2> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":

3> perform the actions as specified in subclause 8.6.3.4.

2> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":

3> perform the actions as specified in subclause 8.6.3.5.

1> prior to sending the SECURITY MODE COMPLETE message:

2> use the old ciphering configuration for this message;

2> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":

3> include and set the IE "Radio bearer uplink ciphering activation time info" to the value of the variable RB_UPLINK_CIPHERING_ACTIVATION_TIME_INFO;

3> for each radio bearer and signalling radio bearer that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN:

4> start or continue incrementing the COUNT-C values for all RLC-AM and RLC-UM signalling radio bearers at the ciphering activation time as specified in the procedure;

4> start or continue incrementing the COUNT-C values common for all transparent mode radio bearers for this CN domain at the ciphering activation time as specified in the procedure;

4> continue incrementing the COUNT-C values for all RLC-AM and RLC-UM radio bearers.

3> if no new security key set (new ciphering and integrity protection keys) has been received from the upper layers [40] for the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN:

4> for ciphering on signalling radio bearers using RLC-AM and RLC-UM in the downlink, at the RLC sequence number indicated in IE "Radio bearer downlink ciphering activation time info" in the IE "Ciphering mode info" included in the SECURITY MODE COMMAND, for each signalling radio bearer:

5> set the 20 most significant bits of the HFN component of the downlink COUNT-C to the value "START" in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

5> set the remaining bits of the hyper frame numbers to zero.

3> if new keys have been received:

4> perform the actions in subclause 8.1.12.3.1.

2> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":

3> include and set the IE "Uplink integrity protection activation info" to the value of the variable INTEGRITY_PROTECTION_ACTIVATION_INFO for each signalling radio bearer;

3> if no new security key set (new ciphering and integrity protection keys) has been received from the upper layers [40] for the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN, for RB2:

4> in the downlink, for the received SECURITY MODE COMMAND message:

5> set the 20 most significant bits of the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to the value "START" in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

5> set the remaining bits of the IE "Downlink RRC HFN" to zero.

4> in the uplink, for the transmitted response message, SECURITY MODE COMPLETE:

5> set the 20 most significant bits of the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to the value "START" in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

5> set the remaining bits of the IE "Uplink RRC HFN" to zero.

3> if no new security key set (new ciphering and integrity protection keys) has been received from the upper layers [40] for the CN domain indicated in the variable LATEST_CONFIGURED_CN_DOMAIN, for each signalling radio bearer other than RB2:

4> if the IE "Integrity protection mode command" has the value "start":

5> in the downlink, for this signalling radio bearer:

6> set the 20 most significant bits of IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to the value START transmitted in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

6> set the remaining bits of the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to zero.

4> else:

5> in the downlink, for the first message for which the RRC sequence number in a received RRC message for this signalling radio bearer is equal to or greater than the activation time as indicated in IE "Downlink integrity protection activation info" as included in the IE "Integrity protection mode info", for this signalling radio bearer:

6> set the 20 most significant bits of the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to the value "START" in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

6> set the remaining bits of the IE "Downlink RRC HFN" to zero.

3> if new keys have been received:

4> perform the actions in subclause 8.1.12.3.1.

2> start applying the new integrity protection configuration in the uplink for signalling radio bearer RB2 from and including the transmitted SECURITY MODE COMPLETE message;

2> transmit the SECURITY MODE COMPLETE message on RB2.

NOTE 1: After submission of the SECURITY MODE COMPLETE message to the lower layers, the UE should accept messages received in the DL which require the new security configuration to be applied on them. If the received message is successfully integrity checked, the UE should not discard the message due to lack of completion of the security procedure, caused by the successful delivery of the SECURITY MODE COMPLETE not having yet been confirmed by lower layers, unless the security configuration to be applied has been aborted and the message received requires integrity protection [5].

NOTE 2: After submission of the SECURITY MODE COMPLETE message to the lower layers, if the UE successfully integrity checks an RRC message received on SRB3 using the new integrity protection configuration, the UE may behave as if the successful delivery of the SECURITY MODE COMPLETE message has been confirmed by RLC.

1> when the successful delivery of the SECURITY MODE COMPLETE message has been confirmed by RLC:

2> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":

3> if no new security key set (new ciphering and integrity protection keys) has been received from the upper layers [40] for the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN:

4> for ciphering on signalling radio bearers using RLC-AM and RLC-UM in the uplink, at the RLC sequence number indicated in IE "Radio bearer uplink ciphering activation time info" included in the SECURITY MODE COMPLETE, for each signalling radio bearer:

5> set the 20 most significant bits of the HFN component of the uplink COUNT-C to the value "START" in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

5> set the remaining bits of the hyper frame numbers to zero.

3> if new keys have been received:

4> perform the actions in subclause 8.1.12.3.1.

3> resume data transmission on any suspended radio bearer and signalling radio bearer mapped on RLC-AM or RLC-UM;

3> set the IE "Reconfiguration" in the variable CIPHERING_STATUS to FALSE; and

3> clear the variable RB_UPLINK_CIPHERING_ACTIVATION_TIME_INFO.

2> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":

4> if the IE "Integrity protection mode command" has the value "start":

5> in the uplink, for this signalling radio bearer:

6> set the 20 most significant bits of IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to the value START transmitted in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

6> set the remaining bits of the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to zero.

4> else:

5> in the uplink, for the first transmitted RRC message for this signalling radio bearer with RRC sequence number equal to the activation time as indicated in IE "Uplink integrity protection activation info" included in the transmitted SECURITY MODE COMPLETE, for this signalling radio bearer:

6> set the 20 most significant bits of the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to the value "START" in the most recently transmitted IE "START list" or IE "START", at the reception of the SECURITY MODE COMMAND, that belongs to the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN;

6> set the remaining bits of the IE "Uplink RRC HFN" to zero.

3> if new keys have been received:

4> perform the actions in subclause 8.1.12.3.1.

3> allow the transmission of RRC messages on all signalling radio bearers with any RRC SN;

3> set "Uplink RRC Message sequence number" for signalling radio bearer RB0 in the variable INTEGRITY_PROTECTION_INFO to a value such that next RRC message to be sent on uplink RB0 will use the new integrity protection configuration and the "RRC Message sequence number" in the IE "Integrity check info" in the next RRC message will equal to the activation time for RB0 as indicated in IE "Uplink integrity protection activation info" included in the transmitted SECURITY MODE COMPLETE;

3> set the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO to FALSE; and

3> clear the variable INTEGRITY_PROTECTION_ACTIVATION_INFO.

2> clear the variable SECURITY_MODIFICATION;

2> notify upper layers upon change of the security configuration;

2> and the procedure ends.

1> if the IE "Security capability" is not the same as indicated by the variable UE_CAPABILITY_TRANSFERRED, or the IE "GSM security capability" (if included in the SECURITY MODE COMMAND) is not the same as indicated by the variable UE_CAPABILITY_TRANSFERRED, or if the IE "GSM security capability" is not included in the SECURITY MODE COMMAND and is included in the variable UE_CAPABILITY_TRANSFERRED:

2> release all its radio resources;

2> indicate the release of the established signalling connections (as stored in the variable ESTABLISHED_SIGNALLING_CONNECTIONS) and established radio access bearers (as stored in the variable ESTABLISHED_RABS) to upper layers;

2> clear the variable ESTABLISHED_SIGNALLING_CONNECTIONS;

2> clear the variable ESTABLISHED_RABS;

2> clear the variable SECURITY_MODIFICATION;

2> enter idle mode;

2> perform actions when entering idle mode as specified in subclause 8.5.2;

2> and the procedure ends.

8.1.12.3.1 New ciphering and integrity protection keys

NOTE: The actions in this subclause are to be performed only if the new keys were received for an ongoing RRC connection while in UTRA.

If a new security key set (new ciphering and integrity protection keys) has been received from the upper layers [40] for the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN, the UE shall:

1> set the START value for the CN domain indicated in the variable LATEST_CONFIGURED_CN_DOMAIN to zero;

1> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":

2> for integrity protection in the downlink on each signalling radio bearer except RB2:

3> if IE "Integrity protection mode command" has the value "start":

4> for the first received message on this signalling radio bearer:

5> start using the new integrity key;

5> for this signalling radio bearer:

6> set the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to zero.

3> else:

4> for the first message for which the RRC sequence number in a received RRC message for this signalling radio bearer is equal to or greater than the activation time as indicated in IE "Downlink integrity protection activation info" as included in the IE "Integrity protection mode info":

5> start using the new integrity key;

5> for this signalling radio bearer:

6> set the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to zero.

2> for integrity protection in the uplink on each signalling radio bearer except RB2:

3> for the first message for which the RRC sequence number in a to be transmitted RRC message for this signalling radio bearer is equal to the activation time as indicated in IE "Uplink integrity protection activation info" included in the transmitted SECURITY MODE COMPLETE message:

4> start using the new integrity key;

4> for this signalling radio bearer:

5> set the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to zero.

2> for integrity protection in the downlink on signalling radio bearer RB2:

3> at the received SECURITY MODECOMMAND:

4> start using the new integrity key;

4> set the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to zero.

2> for integrity protection in the uplink on signalling radio bearer RB2 :

3> at the transmitted SECURITY MODE COMPLETE:

4> start using the new integrity key;

4> set the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to zero.

1> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":

2> for each signalling radio bearer and for each radio bearer for the CN domain indicated in the variable LATEST_CONFIGURED_CN_DOMAIN:

3> if the IE "Status" in the variable CIPHERING_STATUS has the value "Started" for this CN domain, then for ciphering on radio bearers using RLC-TM:

4> at the CFN as indicated in the IE "Ciphering activation time for DPCH" in the IE "Ciphering mode info":

5> start using the new key in uplink and downlink;

5> set the HFN component of the COUNT-C to zero.

3> if the IE "Status" in the variable CIPHERING_STATUS has the value "Started" for this CN domain, then for ciphering on radio bearers and signalling radio bearers using RLC-AM and RLC-UM:

4> in the downlink, at the RLC sequence number indicated in IE "Radio bearer downlink ciphering activation time info" in the IE "Ciphering mode info":

5> start using the new key;

5> set the HFN component of the downlink COUNT-C to zero.

4> in the uplink, at the RLC sequence number indicated in IE "Radio bearer uplink ciphering activation time info":

5> start using the new key;

5> set the HFN component of the uplink COUNT-C to zero.

1> consider the value of the latest transmitted START value to be zero.

8.1.12.4 Void

8.1.12.4a Incompatible simultaneous security reconfiguration

If the variable INCOMPATIBLE_SECURITY_RECONFIGURATION becomes set to TRUE of the received SECURITY MODE COMMAND message, the UE shall:

1> transmit a SECURITY MODE FAILURE message on the uplink DCCH using AM RLC, using the ciphering and integrity protection configurations prior to the reception of this SECURITY MODE COMMAND;

1> set the IE "RRC transaction identifier" in the SECURITY MODE FAILURE message to the value of "RRC transaction identifier" in the entry for the SECURITY MODE COMMAND message in the table "Accepted transactions" in the variable TRANSACTIONS; and

1> clear that entry;

1> set the IE "failure cause" to the cause value "incompatible simultaneous reconfiguration";

1> when the response message has been submitted to lower layers for transmission:

2> set the variable INCOMPATIBLE_SECURITY_RECONFIGURATION to FALSE;

2> continue with any ongoing processes and procedures as if the invalid SECURITY MODE COMMAND message has not been received;

2> only accept a message on SRB 2, with a COUNT-I that:

3> is higher than the COUNT-I used prior to receiving the SECURITY MODE COMMAND message incremented by one; and

3> does not take into account the HFN from the received SECURITY MODE COMMAND message.

2> and the procedure ends.

8.1.12.4b Cell update procedure during security reconfiguration

If:

– a cell update procedure according to subclause 8.3.1 is initiated; and

– the received SECURITY MODE COMMAND message causes either,

– the IE "Reconfiguration" in the variable CIPHERING_STATUS to be set to TRUE; and/or

– the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO to be set to TRUE:

the UE shall:

1> abort the ongoing integrity and/or ciphering reconfiguration;

1> resume data transmission on any suspended radio bearer and signalling radio bearer mapped on RLC-AM or RLC-UM;

1> allow the transmission of RRC messages on all signalling radio bearers with any RRC SN;

1> when the CELL UPDATE message has been submitted to lower layers for transmission:

2> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":

3> set the IE "Reconfiguration" in the variable CIPHERING_STATUS to FALSE; and

3> clear the variable RB_UPLINK_CIPHERING_ACTIVATION_TIME_INFO.

2> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":

3> set the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO to FALSE; and

3> clear the variable INTEGRITY_PROTECTION_ACTIVATION_INFO.

2> continue with any ongoing processes and procedures as if the SECURITY MODE COMMAND message has not been received;

2> only accept a message on SRB 2, with a COUNT-I that:

3> is higher than the COUNT-I used prior to receiving the SECURITY MODE COMMAND message incremented by one; and

3> does not take into account the HFN from the received SECURITY MODE COMMAND message.

2> if the UE has already submitted the SECURITY MODE COMPLETE message, use a COUNT-I value for transmission of the next message on SRB2 as stated below:

3> take the COUNT-I used prior to the transmission of the SECURITY MODE COMPLETE message;

3> increment that COUNT-I with 2;

3> apply that COUNT-I on the next message to transmit.

2> clear the variable SECURITY_MODIFICATION;

2> the procedure ends.

8.1.12.4c Invalid configuration

If the variable INVALID_CONFIGURATION is set to TRUE due to the received SECURITY MODE COMMAND message, the UE shall:

1> transmit a SECURITY MODE FAILURE message on the DCCH using AM RLC after setting the IEs as specified below:

2> set the IE "RRC transaction identifier" in the SECURITY MODE FAILURE message to the value of "RRC transaction identifier" in the entry for the SECURITY MODE COMMAND message in the table "Accepted transactions" in the variable TRANSACTIONS; and

2> clear that entry;

2> set the IE "failure cause" to the cause value "invalid configuration".

1> when the response message has been submitted to lower layers for transmission:

2> set the variable INVALID_CONFIGURATION to FALSE;

2> set the IE "Reconfiguration" in the variable CIPHERING_STATUS to FALSE;

2> continue with any ongoing processes and procedures as if the invalid SECURITY MODE COMMAND message has not been received;

2> only accept a message on SRB 2, with a COUNT-I that:

3> is higher than the COUNT-I used prior to receiving the SECURITY MODE COMMAND message incremented by one; and

3> does not take into account the HFN from the received SECURITY MODE COMMAND message.

2> and the procedure ends.

8.1.12.5 Reception of SECURITY MODE COMPLETE message by the UTRAN

UTRAN should apply integrity protection on the received SECURITY MODE COMPLETE message and all subsequent messages with the new integrity protection configuration, if changed. When UTRAN has received a SECURITY MODE COMPLETE message and the integrity protection has successfully been applied, UTRAN should:

1> if the IE "Ciphering mode info" was included in the SECURITY MODE COMMAND message:

2> if new keys were received for the CN domain set in the IE "CN Domain Identity" in the SECURITY MODE COMMAND:

3> set, at the downlink and uplink activation time, all the bits of the hyper frame numbers of the downlink and uplink COUNT-C values respectively for all radio bearers for this CN domain and all signalling radio bearers to zero.

2> else (if new keys were not received):

3> use, at the downlink and uplink activation time, the value "START" in the most recently received IE "START list" or IE "START" that belongs to the CN domain as indicated in the IE "CN domain identity" to initialise all hyper frame numbers of the downlink and uplink COUNT-C values respectively for all the signalling radio bearers as follows:

4> set the 20 most significant bits of the hyper frame numbers of the COUNT-C for all signalling radio bearers to the value "START" in the most recently received IE "START list" or IE "START" for that CN domain;

4> set the remaining bits of the hyper frame numbers equal to zero.

1> if the IE "Integrity protection mode info" was included in the SECURITY MODE COMMAND message:

2> if this was not the first SECURITY MODE COMMAND message for this RRC connection:

3> if new keys have been received for the CN domain set in the IE "CN Domain Identity" included in the transmitted SECURITY MODE COMMAND message:

4> initialise, at the downlink and uplink activation time, all hyper frame numbers of the downlink and uplink COUNT-I values respectively for all the signalling radio bearers other than RB2 as follows:

5> set all bits of the hyper frame numbers of the uplink and downlink COUNT-I to zero.

3> if no new keys have been received for the CN domain set in the IE "CN Domain Identity" included in the transmitted SECURITY MODE COMMAND message:

4> use, at the downlink and uplink activation time, the value "START" in the most recently received IE "START list" or IE "START" that belongs to the CN domain as indicated in the IE "CN domain identity" to initialise all hyper frame numbers of the downlink and uplink COUNT-I values respectively for all the signalling radio bearers other than RB2 as follows:

5> set the 20 most significant bits of the hyper frame numbers of the downlink and uplink COUNT-I respectively for all signalling radio bearers to the value "START" in the most recently received IE "START list" or IE "START" for that CN domain;

5> set the remaining bits of the hyper frame numbers equal to zero.

1> send an indication to upper layers that the new security configuration has been activated;

1> resume, in the downlink, all suspended radio bearers and all signalling radio bearers;

1> allow the transmission of RRC messages on all signalling radio bearers with any RRC SN;

1> if the IE "Integrity protection mode command" included in the SECURITY MODE COMMAND had the value "Start":

2> start applying integrity protection in the downlink for all signalling radio bearers.

1> if the IE "Integrity protection mode command" included in the SECURITY MODE COMMAND had the value "Modify":

2> start applying the new integrity protection configuration in the downlink at the RRC sequence number, for each signalling radio bearers RBn, except for signalling radio bearer RB2, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info";

2> continue applying the new integrity configuration for signalling radio bearer RB2;

2> apply the new integrity protection configuration on the received signalling messages with RRC SN greater than or equal to the number associated with the signalling radio bearer in IE "Uplink integrity protection activation info".

1> apply the old ciphering configuration for the transmission of RLC PDUs with RLC sequence number less than the number indicated in the IE "Radio bearer downlink ciphering activation time info" included in the IE "Ciphering mode info";

1> apply the new ciphering configuration for the transmission of RLC PDUs with RLC sequence number greater than or equal to the number indicated in IE "Radio bearer downlink ciphering activation time info" included in the IE "Ciphering mode info";

1> apply the old integrity protection configuration on the received signalling messages with RRC SN smaller than the number associated with the signalling radio bearer in IE "Uplink integrity protection activation info";

1> for radio bearers using RLC-AM or RLC-UM:

2> use the old ciphering configuration for received RLC PDUs with RLC sequence number less than the RLC sequence number indicated in the IE "Radio bearer uplink ciphering activation time info" sent by the UE;

2> use the new ciphering configuration for received RLC PDUs with RLC sequence number greater than or equal to the RLC sequence number indicated in the IE "Radio bearer uplink ciphering activation time info" sent by the UE;

2> if an RLC reset or re-establishment of the transmitting side of an RLC entity occurs after the SECURITY MODE COMPLETE message has been received by UTRAN before the downlink activation time for the new ciphering configuration has been reached, ignore the activation time and apply the new ciphering configuration in downlink immediately after the RLC reset or RLC re-establishment;

2> if an RLC reset or re-establishment of the receiving side of an RLC entity occurs after the SECURITY MODE COMPLETE message has been received by UTRAN before the uplink activation time for the new ciphering configuration has been reached, ignore the activation time and apply the new ciphering configuration in uplink immediately after the RLC reset or RLC re-establishment.

1> for radio bearers using RLC-TM:

2> use the old ciphering configuration for the received RLC PDUs before the CFN as indicated in the IE "Ciphering activation time for DPCH" in the IE "Ciphering mode info" as included in the SECURITY MODE COMMAND;

2> use the new ciphering configuration for the received RLC PDUs at the CFN as indicated in the IE "Ciphering activation time for DPCH" in the IE "Ciphering mode info" as included in the SECURITY MODE COMMAND.

1> and the procedure ends.

8.1.12.6 Invalid SECURITY MODE COMMAND message

If the SECURITY MODE COMMAND message contains a protocol error causing the variable PROTOCOL_ERROR_REJECT to be set to TRUE according to clause 9, the UE shall perform procedure specific error handling as follows:

1> transmit a SECURITY MODE FAILURE message on the uplink DCCH using AM RLC;

1> set the IE "RRC transaction identifier" in the SECURITY MODE FAILURE message to the value of "RRC transaction identifier" in the entry for the SECURITY MODE COMMAND message in the table "Rejected transactions" in the variable TRANSACTIONS; and

1> clear that entry;

1> set the IE "failure cause" to the cause value "protocol error";

1> include the IE "Protocol error information" with contents set to the value of the variable PROTOCOL_ERROR_INFORMATION;

1> when the response message has been submitted to lower layers for transmission:

2> continue with any ongoing processes and procedures as if the invalid SECURITY MODE COMMAND message has not been received;

2> only accept a message on SRB 2, with a COUNT-I that:

3> is higher than the COUNT-I used prior to receiving the SECURITY MODE COMMAND message incremented by one; and

3> does not take into account the HFN from the received SECURITY MODE COMMAND message.

2> and the procedure ends.