15 Authentication procedure and NAS security context handling for 5G

31.1213GPPRelease 16TSUICC-terminal interfaceUniversal Subscriber Identity Module (USIM) application test specification

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

15.1 Authentication procedure for EAP-AKA’

15.1.1 Authentication procedure for EAP-AKA’ – Authentication is successful

15.1.1.1 Definition and applicability

The purpose of the primary authentication and key agreement procedure is to enable mutual authentication between the UE and the network and to provide keying material that can be used between the UE and network in subsequent security procedures. The UE and the AMF shall support the EAP based primary authentication and key agreement procedure.

In order to initiate the EAP based primary authentication and key agreement procedure using EAP-AKA’, the AUSF shall send an EAP message IE with EAP-request/AKA’-challenge message in the AUTHENTICATION REQUEST message.

The EF_5GS3GPPNSCcontains the 5GS 3GPP access NAS security context as defined in 3GPP TS 24.501 [42], consisting of K_AMF with the associated key set identifier, the UE security capabilities, and the uplink and downlink NAS COUNT values. This file shall contain one record.

The EF_5GAUTHKEYS contains K_AUSF and K_SEAF that are generated on the ME using CK and IK as part of AKA procedures as described in 3GPP TS 33.501 [41].

15.1.1.2 Conformance requirement

1) The UE shall support the EAP based primary authentication and key agreement procedure.

2) The ME shall forward the RAND and AUTN received in EAP message IE with EAP-request/AKA’-challenge within the AUTHENTICATION REQUEST message to the USIM.

3) The ME shall return the EAP message IE with EAP-response/AKA’-challenge in AUTHENTICATION RESPONSE message.

4) As a result of successful authentication procedure and upon receipt of the EAP Success message, the 5G NAS security context parameters shall be stored on the USIM if the corresponding file is present on the USIM when entering state 5GMM-DEREGISTERED.

5) If service n°122 is "available", the ME shall store K_AMF with the associated key set identifier, the UE security capabilities, and the uplink and downlink NAS COUNT values in EF_5GS3GPPNSC on the USIM.

6) If service n°123 is "available", the ME shall store the K_AUSF and K_SEAF in EF_5GAUTHKEYS on the USIM.

Reference:

– 3GPP TS 31.102 [4], clauses 4.4.11.3, 4.4.11.4 and 4.4.11.6;

– 3GPP TS 33.501 [41], clause 6.1.3.1;

– 3GPP TS 24.501 [42], clause 5.4.1.2 and Annex C.

15.1.1.3 Test purpose

1) To verify that the ME forwards the RAND and AUTN received in EAP-request/AKA’-challenge within EAP message IE to the USIM.

2) To verify that the ME returns the EAP message IE with EAP-response/AKA’-challenge in AUTHENTICATION RESPONSE message indicating the response calculated in the USIM (RES).

3) To verify that the ME stores 5G NAS security context parameters, consisting of K_AMF with the associated key set identifier in EF_5GS3GPPNSC on the USIM if service n°122 is "available".

4) To verify that the ME stores the K_AUSF and K_SEAF in EF_5GAUTHKEYS on the USIM if service n°123 is "available".

15.1.1.4 Method of test

15.1.1.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default 5G-NR UICC is used and the UICC is installed into the ME and the UE is powered on.

15.1.1.4.2 Procedure

a) Bring up Cell A and the UE is switched on.

b) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

c) After receipt of a REGISTRATION REQUEST message from the UE during registration, the NG-SS initiates the EAP-AKA’ authentication procedure and sends EAP message IE with EAP-request/AKA’-challenge message in the AUTHENTICATION REQUEST message and it uses:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

EAP message: EAP-request/AKA’-challenge

d) Using the EAP-request/AKA’-challenge data received in AUTHENTICATION REQUEST message the ME passes the RAND and AUTN to the USIM.

e) The UE shall return the EAP message IE with EAP-response/AKA’-challenge in AUTHENTICATION RESPONSE message.

f) After reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends EAP-success in SECURITY MODE COMMAND message, the UE sends a SECURITY MODE COMPLETE message.

g) The NG-SS sends a REGISTRATION ACCEPT message.

5G-GUTI: 24408300010266436587

TAI: 42 34 80 00 00 01

h) The UE sends a REGISTRATION COMPLETE message.

i) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure.

15.1.1.5 Acceptance criteria

1) After step a) the ME shall read EF_UST, EF_5GS3GPPNSC and EF_5GAUTHKEYS.

2) During step c) the UE shall indicate within the REGISTRATION REQUEST for the NAS key set identifier that no key is available.

3) In step d) the ME forwards the RAND and AUTN received in EAP message IE with EAP-request/AKA’-challenge message to the USIM.

4) In step e) the ME shall send AUTHENTICATION RESPONSE message with EAP message IE with EAP-response/AKA’-challenge containing the response calculated in the USIM (RES):

– Authentication response message identity: ‘0101 0111’

– Authentication response parameter: 4 – 16 octets RES value calculated according to 3GPP TS 24.501 [42]

5) In step f) the UE shall send SECURITY MODE COMPLETE message.

6) After step f) the ME updates EF_5GAUTHKEYS as shown below.

EF_5GAUTHKEYS(5G authentication keys)

Logically:

K_AUSF: 32 bytes, value not checked

K_SEAF:32 bytes, value not checked

Coding:	B1	B2	B3	Bx	Bx+1	Bx+2	Bx+3	..	Bxx
Hex	80	L1	Xx	..	81	L2	xx	..	xx

7) After step i) the ME updates EF_5GS3GPPNSC as shown below.

EF_5GS3GPPNSC (5GS 3GPP Access NAS Security Context)

Logically:

5GS NAS Security Context:

ngKSI: 00

K_AMF:32 bytes, value not checked

Uplink NAS count: any value

Downlink NAS count: any value

Identifiers of selected NAS integrity
and encryption algorithms: any value

Identifiers of selected EPS NAS
integrity and encryption algorithms
for use after mobility to EPS: any value

Coding:	B1	B2	B3	B4	B5	B6	B7	B8	B9	Bx
Hex	A0	XX	80	01	00	81	xx	xx	…	xx

15.1.2 Authentication procedure for EAP-AKA’ – Authentication is successful – GSM UICC

15.1.2.1 Definition and applicability

During the authentication procedure if the USIM computes a Kc (i.e. GPRS Kc) from CK and IK using conversion function c3 as described in 3GPP TS 33.102 [45], and sends it to the ME, then the ME shall ignore such GPRS Kc and not store the GPRS Kc on USIM or in ME.

15.1.2.2 Conformance requirement

1) The ME shall ignore the GPRS Kc and not store the GPRS Kc on USIM or in ME if the USIM computes a Kc (i.e. GPRS Kc) from CK and IK using conversion function c3 as described in TS 33.102 [45].

2) If Service n°122 and Service n°123 are not available on the USIM, the 5GS 3GPP access NAS security context parameters and the 5G authentication keys shall be stored in the non-volatile memory of the ME.

Reference:

– 3GPP TS 33.501 [41], clause 6.1.3.1;

– 3GPP TS 24.501 [42], clause 5.4.1.2 and Annex C.

15.1.2.3 Test purpose

1) To verify that the ME will ignore the GPRS Kc and will not store the GPRS Kc on USIM or in ME when the USIM computes a Kc (i.e. GPRS Kc) from CK and IK.

2) To verify that the ME stores the 5GS 3GPP access NAS security context parameters and the 5G authentication keys inside the ME non-volatile memory when Service n°122 and Service n°123 are not available on the USIM.

15.1.2.4 Method of test

15.1.2.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default UICC is used and installed into the ME.

15.1.2.4.2 Procedure

a) Bring up Cell A and the UE is switched on.

b) The UE sends REGISTRATION REQUEST to NG-SS. Further NG-SS responds with REGISTRATION REJECT (cause: Roaming not allowed in this tracking area), and then UE is switched off.

c) The UE is switched on.

d) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

e) After receipt of a REGISTRATION REQUEST message from the UE during registration, the NG-SS initiates the EAP-AKA’ authentication procedure and sends EAP message IE with EAP-request/AKA’-challenge message in the AUTHENTICATION REQUEST message, uses:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

EAP message: EAP-request/AKA’-challenge

f) Using the 5G authentication challenge data received in AUTHENTICATION REQUEST message the ME passes the RAND and AUTN to the USIM, the USIM calculates the response parameter K_C (i.e. GPRS Kc) from CK and IK using conversion function c3.

g) After the reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message. The UE sends a SECURITY MODE COMPLETE message.

h) The NG-SS sends a REGISTRATION ACCEPT message.

5G-GUTI: 24408300010266436587

i) The UE sends a REGISTRATION COMPLETE message.

j) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure, then the NG-SS sends the RRCRelease message.

k) The UE is switched on.

l) The UE sends REGISTRATION REQUEST message in protected mode using the last calculated K_AMF, indicates the 5GS mobile identity information element type "5G-GUTI"

m)The NG-SS sends REGISTRATION ACCEPT to the UE.

n) The UE sends a REGISTRATION COMPLETE message.

o) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure.

15.1.2.5 Acceptance criteria

1) After step c) the ME shall read EF_UST

2) During step e) the UE shall indicate in the REGISTRATION REQUEST that no key is available for the NAS key set identifier.

3) In step f) the ME forwards the RAND and AUTN received in AUTHENTICATION REQUEST message to the USIM.

4) In step g) the ME shall send AUTHENTICATION RESPONSE message contains:

– Authentication response message identity: ‘0101 0111’

– Authentication response parameter: 16 octets RES value calculated according to 3GPP TS 24.501 [42]

5) During steps g) to i) the ME does not store GPRS Kc on the USIM.

6) In step l) the UE shall indicate in the protected mode REGISTRATION REQUEST that NAS key set identifier is set to ‘000’ and TSC is set to ‘0’ and uses the 5GS mobile identity information element type "5G-GUTI" with value:

5G-GUTI: 24408300010266436587.

15.1.3 Authentication procedure for EAP-AKA’ – AUTN fails on the USIM

15.1.3.1 Definition and applicability

At receipt of the RAND and AUTN, the USIM shall verify the freshness of the AV’ by checking whether AUTN can be accepted as described in 3GPP TS 33.102 [45]. If so, the USIM computes a response RES. The USIM shall return RES, CK, IK to the ME. The ME shall derive CK’ and IK’. If the verification of the AUTN fails on the USIM, then the USIM and ME shall proceed as described in clause 6.1.3.3 in 3GPP TS 33.501 [41].

15.1.3.2 Conformance requirement

1) The ME shall forward the RAND and AUTN received in the EAP message IE with EAP-request/AKA’-challenge in the AUTHENTICATION REQUEST message to the USIM.

2) If the verification of the AUTN fails on the USIM, then the USIM and ME shall proceed as described in clause 6.1.3.3 in 3GPP TS 33.501 [41].

3) The ME shall return the EAP-Response/AKA-Synchronization-Failure, when the sequence number in the AUTN parameter is incorrect as described in clause 9.6 of RFC 4187 [47].

Reference:

– 3GPP TS 33.501 [41], clause 6.1.3.1 and 6.1.3.3;

– 3GPP TS 24.501 [42], clauses 5.4.1.2.2.1.

– RFC 4187 [47], clause 9.6.

15.1.3.3 Test purpose

1) To verify that the ME forwards the RAND and AUTN received in EAP-request/AKA’-challenge message to the USIM.

2) To verify that the ME returns the EAP-Response/AKA-Synchronization-Failure if the verification of AUTN failed on the USIM due to a synchronisation failure.

15.1.3.4 Method of test

15.1.3.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default 5G-NR UICC is used and installed into the ME and the UE is powered on.

15.1.3.4.2 Procedure

a) Bring up Cell A and the UE is switched on.

b) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

EAP message: EAP-request/AKA’-challenge

d) Using the EAP-request/AKA’-challenge data received in AUTHENTICATION REQUEST message the ME pass the RAND and AUTN to the USIM and starts the timer T3520.

e) The UICC returns AUTS parameter to the ME indicating that the verification of AUTN failed due to a synchronisation failure.

f) The UE transmits the AUTHENTICATION RESPONSE message including the EAP-response/AKA’-synchronization-failure message and stops the timer T3520, the NG-SS sends an AUTHENTICATION REQUEST message.

g) After the reception of AUTHENTICATION REQUEST message from the NG-SS, the ME forwards the received RAND, AUTN to the UICC.

h) After reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message, the UE sends a SECURITY MODE COMPLETE message

i) Upon reception of REGISTRATION ACCEPT message with a new 5G-GUTI, the UE sends a REGISTRATION COMPLETE message.

15.1.3.5 Acceptance criteria

1. In step d) the ME forwards the RAND and AUTN received in AUTHENTICATION REQUEST message to the USIM.

2. In step f) the UE sends AUTHENTICATION RESPONSE message, including the AT AUTS attribute.

3. After step h) ME shall send AUTHENTICATION RESPONSE message contains the response calculated in the USIM (RES).

15.1.4 Authentication procedure for EAP-AKA’ – after SUPI is changed

15.1.4.1 Definition and applicability

The 5G NAS security context parameters from a full native 5G NAS security context shall be stored on the USIM if the corresponding file is present on the USIM as specified in 3GPP TS 31.102 [4]. If the corresponding file is not present on the USIM, this 5GMM parameters is stored in a non-volatile memory in the ME together with the SUPI from the USIM. These 5GMM parameters can only be used if the SUPI from the USIM matches the SUPI stored in the non-volatile memory; else the UE shall delete the 5GMM parameters.

15.1.4.2 Conformance requirement

1) The UE shall support the EAP based primary authentication and key agreement procedure.

2) The 5G NAS security context parameters shall be stored on the USIM or in a non-volatile memory in the ME together with the SUPI from the USIM.

3) The UE shall delete the 5GMM parameters if the SUPI from the USIM does not match the SUPI stored in the non-volatile memory.

Reference:

– 3GPP TS 33.501 [41], clause 6.1.3.1;

– 3GPP TS 24.501 [42], clauses 5.4.1.2 and Annex C.

15.1.4.3 Test purpose

1) To verify that the UE generates the 5G NAS security context parameters and stores them inside the non-volatile memory in the ME together with the SUPI from the USIM.

2) To verify that the UE rejects the SECURITY MODE COMMAND with the existing 5G NAS security context parameters if the SUPI is changed.

15.1.4.4 Method of test

15.1.4.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default 5G-NR UICC is used with the following exception and installed into the ME.

EF_UST (USIM Service Table)

Logically:

5GS Mobility Management Information not available

5G Security Parameters not available

Byte:	B1	…	B16
Binary:	…	…	xxx0 100x

15.1.4.4.2 Procedure

a) Bring up Cell A and the UE is switched on with default IMSI.

b) The UE sends REGISTRATION REQUEST to NG-SS. Further NG-SS responds with REGISTRATION REJECT (cause: Roaming not allowed in this tracking area), and then UE is switched off.

c) The UE is switched on, with IMSI set as 246081685533963.

d) The UE sends REGISTRATION REQUEST to NG-SS. Further NG-SS responds REGISTRATION REJECT (cause: Roaming not allowed in this tracking area), and then UE is switched off.

e) The UE is switched on with default IMSI.

f) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

g) After receipt of a REGISTRATION REQUEST message from the UE during registration, the NG-SS initiates the EAP-AKA’ authentication procedure and sends EAP message IE with EAP-request/AKA’-challenge message in the AUTHENTICATION REQUEST message, uses:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

EAP message: EAP-request/AKA’-challenge

h) After receipt of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message, then the UE sends a SECURITY MODE COMPLETE message.

i) The NG-SS sends a REGISTRATION ACCEPT message.

5G-GUTI: 24408300010266436587

TAI: 42 34 80 00 00 01

j) The UE sends a REGISTRATION COMPLETE message.

k) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure.

l) Change the UICC configuration (by setting the IMSI to 246081685533963), then switch the UE on.

m) After the receipt of REGISTRATION REQUEST message from the UE during registration, the NG-SS performs AUTHENTICATION procedure and transmits a SECURITY MODE COMMAND message using the last calculated K_AMF (at step ‘g’) indicated by the ngKSI to activate NAS security.

n) The UE is switched off.

15.1.4.5 Acceptance criteria

1) In step h) the UE sends a SECURITY MODE COMPLETE message.

2) In step m) the UE shall not use the 5G-GUTI or the Last visited registered TAI parameters in the REGISTRATION REQUEST message, instead it shall use SUCI as 5GS mobile identity IE.

3) During step m) the UE shall indicate within the REGISTRATION REQUEST for the NAS key set identifier that no key is available.

4) After step m) and before step n) the UE sends SECURITY MODE REJECT message.

15.2 Authentication procedure for 5G AKA

15.2.1 Authentication procedure for 5G AKA – Authentication is successful

15.2.1.1 Definition and applicability

The purpose of the 5G AKA based primary authentication and key agreement procedure is to provide mutual authentication between the UE and the network and to agree on the keys K_AUSF, K_SEAF and K_AMF. The UE and the AMF shall support the 5G AKA based primary authentication and key agreement procedure.

The EF_5GAUTHKEYS contains K_AUSF and K_SEAF that are generated on the ME using CK and IK as part of AKA procedures as described in TS 33.501[41]

15.2.1.2 Conformance requirement

1) The UE shall support the 5G AKA based primary authentication and key agreement procedure.

2) The ME shall forward the RAND and AUTN received in AUTHENTICATION REQUEST message to the USIM.

3) The ME shall compute RES* from RES according to Annex A.4 TS 33.501[41] and return it in AUTHENTICATION RESPONSE message.

4) As a result of successful authentication procedure if service n°122 is "available", the 5G NAS security context parameters shall be stored on the USIM.

5) If service n°123 is "available", the ME shall store the K_AUSF and K_SEAF in EF_5GAUTHKEYS on the USIM.

Reference:

– TS 31.102 [4], clauses 4.4.11.3, 4.4.11.4 and 4.4.11.6;

– 3GPP TS 33.501 [41], clause 6.1.3.2;

– 3GPP TS 24.501 [42], clause 5.4.1.3 and Annex C.

15.2.1.3 Test purpose

1) To verify that the ME forwards the RAND and AUTN received in 5G authentication challenge data within AUTHENTICATION REQUEST message to the USIM.

2) To verify that the ME sends AUTHENTICATION RESPONSE message contains the calculated RES* in response to AUTHENTICATION REQUEST message.

3) To verify that the ME stores 5G NAS security context parameters when entering state 5GMM-DEREGISTERED, consisting of K_AMF with the associated key set identifier in EF_5GS3GPPNSC on the USIM if service n°122 is "available".

4) To verify that the ME stores the K_AUSF and K_SEAF in EF_5GAUTHKEYS on the USIM if service n°123 is "available".

15.2.1.4 Method of test

15.2.1.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default 5G-NR UICC is and the UICC is installed into the ME.

15.2.1.4.2 Procedure

a) Bring up Cell A and the UE is switched on.

b) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

c) After receipt of a REGISTRATION REQUEST message from the UE during registration, the UE, NG-SS initiates the 5G AKA authentication procedure and sends 5G AKA-Challenge message in the AUTHENTICATION REQUEST message, uses:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

Authentication parameter RAND (5G authentication challenge): 128 bits value

Authentication parameter AUTN (5G Authentication challenge). 128 bits value

d) Using the 5G authentication challenge data received in AUTHENTICATION REQUEST message the ME pass the RAND and AUTN to the USIM.

e) Upon reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message. The UE sends a SECURITY MODE COMPLETE message.

f) The NG-SS sends a REGISTRATION ACCEPT message.

5G-GUTI: 24408300010266436587

TAI: 42 34 80 00 00 01

g) The UE sends a REGISTRATION COMPLETE message.

h) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure.

15.2.1.5 Acceptance criteria

1) After step a) the ME shall read EF_UST, EF_5GS3GPPNSC and EF_5GAUTHKEYS.

2) During step c) the UE shall indicate within the REGISTRATION REQUEST for the NAS key set identifier that no key is available.

3) In step d) the ME forwards the RAND and AUTN received in AUTHENTICATION REQUEST message to the USIM.

4) During step e) the UE sends an AUTHENTICATION RESPONSE message contains:

Authentication response parameter: 16 octets RES* value calculated according to 3GPP TS 24.501 [42]

5) In step e) the UE shall send SECURITY MODE COMPLETE message.

6) After step e) the ME updates EF_5GAUTHKEYS as shown below.

EF_5GAUTHKEYS(5G authentication keys)

Logically:

K_AUSF: value not checked

K_SEAF:value not checked

Coding:	B1	B2	B3	Bx	Bx+1	Bx+2	Bx+3	..	Bxx
Hex	80	L1	xx	..	81	L2	xx	..	xx

7) After step h) the ME updates EF_5GS3GPPNSC as shown below.

EF_5GS3GPPNSC (5GS 3GPP Access NAS Security Context)

Logically:

5GS NAS Security Context:

ngKSI: 00

K_AMF:value not checked

Uplink NAS count: any value

Downlink NAS count: any value

Identifiers of selected NAS integrity
and encryption algorithms: any value

Identifiers of selected EPS NAS
integrity and encryption algorithms
for use after mobility to EPS: any value

Coding:	B1	B2	B3	B4	B5	B6	B7	B8	B9	Bx
Hex	A0	xx	80	01	00	81	xx	xx	…	xx

15.2.2 Authentication procedure for 5G AKA – Authentication is successful – GSM UICC

15.2.2.1 Definition and applicability

During the authentication procedure if the USIM computes a Kc (i.e. GPRS Kc) from CK and IK using conversion function c3 as described in TS 33.102 [45], and sends it to the ME, then the ME shall ignore such GPRS Kc and not store the GPRS Kc on USIM or in ME.

15.2.2.2 Conformance requirement

1) The ME shall ignore the GPRS Kc and not store the GPRS Kc on USIM or in ME if the USIM computes a Kc (i.e. GPRS Kc) from CK and IK using conversion function c3 as described in TS 33.102 [45].

Reference:

– 3GPP TS 33.501 [41], clause 6.1.3.1;

– 3GPP TS 24.501 [42], clause 5.4.1.2 and Annex C.

15.2.2.3 Test purpose

1) To verify that the ME will ignore the GPRS Kc and will not store the GPRS Kc on USIM or in ME when the USIM computes a Kc (i.e. GPRS Kc) from CK and IK.

15.2.2.4 Method of test

15.2.2.4.1 Initial conditions

The NR-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default UICC is used and installed into the ME.

15.2.2.4.2 Procedure

a) Bring up Cell A and the UE is switched on.

b) The UE sends REGISTRATION REQUEST to NG-SS. Further NG-SS responds with REGISTRATION REJECT (cause: Roaming not allowed in this tracking area), and then UE is switched off.

c) The UE is switched on.

d) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

e) After receipt of a REGISTRATION REQUEST message from the UE during registration, the NG-SS initiates the 5G AKA authentication procedure and sends 5G-AKA-Challenge message in the AUTHENTICATION REQUEST message, uses:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

Authentication parameter RAND (5G authentication challenge): 128 bits value

Authentication parameter AUTN (5G Authentication challenge). 128 bits value

f) Using the 5G authentication challenge data received in AUTHENTICATION REQUEST message the ME pass the RAND and AUTN to the USIM, the USIM calculates the response parameter KC (i.e. GPRS Kc) from CK and IK using conversion function c3.

g) Upon reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message. The UE sends a SECURITY MODE COMPLETE message.

h) The NG-SS sends a REGISTRATION ACCEPT message contains:

5G-GUTI: 24408300010266436587

TAI: 42 34 80 00 00 01

i) The UE sends a REGISTRATION COMPLETE message.

j) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure, then the NG-SS sends the RRCRelease message.

k) he UE is switched on.

l) The UE sends REGISTRATION REQUEST message in protected mode using the last calculated K_AMF, indicates the 5GS mobile identity information element type "5G-GUTI"

m) The NG-SS sends REGISTRATION ACCEPT to the UE with:

5G-GUTI: 24408300010266436555

TAI: 42 34 80 00 00 01

n) The UE sends a REGISTRATION COMPLETE message.

o) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure.

15.2.2.5 Acceptance criteria

1) After step c) the ME shall read EF_UST.

2) During step e) the UE shall indicate within the REGISTRATION REQUEST for the NAS key set identifier that no key is available.

3) In step f) the ME forwards the RAND and AUTN received in AUTHENTICATION REQUEST message to the USIM.

4) During step g) the UE sends an AUTHENTICATION RESPONSE message contains:

Authentication response parameter: 16 octets RES* value calculated according to 3GPP TS 24.501 [42].

5) During steps g) to i) the ME does not store GPRS Kc on the USIM.

6) In step l) the UE shall indicate in protected mode the REGISTRATION REQUEST that NAS key set identifier is set to ‘000’ and TSC is set to ‘0’ and uses the 5GS mobile identity information element type "5G-GUTI" with value:

5G-GUTI: 24408300010266436587.

15.2.3 Authentication procedure 5G AKA – AUTN fails on the USIM

15.2.3.1 Definition and applicability

At receipt of the RAND and AUTN, the USIM shall verify the freshness of the AV’ by checking whether AUTN can be accepted as described in TS 33.102 [45]. If so, the USIM computes a response RES. The USIM shall return RES, CK, IK to the ME. If the verification of the AUTN fails on the USIM, then the USIM and ME shall proceed as described in clause 6.1.3. 3 in 3GPP TS 33.501 [41].

15.2.3.2 Conformance requirement

1) The ME shall forward the RAND and AUTN received in 5G authentication challenge data within AUTHENTICATION REQUEST message.

2) If the verification of the AUTN fails on the USIM, then the USIM and ME shall proceed as described in clause 6.1.3. 3 in 3GPP TS 33.501 [41].

3) The ME shall return Synchronization-Failure of AUTH in the AUTHENTICATION FAILURE message.

Reference:

– 3GPP TS 33.501 [41], clause 6.1.3.2 and 6.1.3.3;

– 3GPP TS 24.501 [42], clause 5.4.1.3.7

15.2.3.3 Test purpose

1) To verify that the ME forwards the RAND and AUTN received in the 5G authentication challenge message to the USIM.

2) To verify that the ME returns the Synchronization-Failure in the AUTHENTICATION FAILURE message if the verification of AUTN failed on the USIM due to a synchronisation failure.

15.2.3.4 Method of test

15.2.3.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default 5G-NG UICC is used and installed into the ME.

15.2.3.4.2 Procedure

a) Bring up Cell A and the UE is switched on.

b) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

c) After reception of a REGISTRATION REQUEST message from the UE during registration, the NG-SS initiates the 5G AK’ authentication procedure and sends 5G AKA challenge data in the AUTHENTICATION REQUEST message contains:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

Authentication parameter RAND (5G Authentication challenge): 128 bits value

Authentication parameter AUTN (5G Authentication challenge): 128 bits value

d) Using the data received in AUTHENTICATION REQUEST message the ME passes the RAND and AUTN to the USIM.

e) The UICC returns AUTS parameter to the ME indicating that the verification of AUTN failed due to a synchronisation failure.

f) The UE transmits the AUTHENTICATION FAILURE message and starts the timer T3520, the NG-SS sends an AUTHENTICATION REQUEST message.

g) After the reception of AUTHENTICATION REQUEST message from the NG-SS, the ME forwards the received RAND, AUTN to the UICC and stops the timer T3520.

h) After reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message, the UE sends a SECURITY MODE COMPLETE message

i) Upon reception of REGISTRATION ACCEPT message with a new 5G-GUTI, the UE sends a REGISTRATION COMPLETE message.

15.2.3.5 Acceptance criteria

1) In step d) the ME forwards the RAND and AUTN received in AUTHENTICATION REQUEST message to the USIM.

2) In step f) the UE sends AUTHENTICATION FAILURE message indicating:

5GMM cause: #21 "Synch failure"

Authentication Failure parameter: AUTS (see 3GPP TS 33.102 [45]

3) In step g) after the reception of AUTHENTICATION REQUEST message the UE shall stop the timer T3520.

4) In step h) ME shall send AUTHENTICATION RESPONSE message containing the response calculated in the USIM (RES).

15.2.4 Authentication procedure for 5G AKA – after SUPI is changed

15.2.4.1 Definition and applicability

15.2.4.2 Conformance requirement

1) The UE shall support the 5G AKA based primary authentication and key agreement procedure.

2) The 5G NAS security context parameters shall be stored on the USIM if the corresponding file is present on the USIM, else the 5GMM parameters shall be stored in the non-volatile memory in the ME together with the SUPI from the USIM.

3) The UE shall delete the 5GMM parameters if the SUPI from the USIM does not match the SUPI stored in the non-volatile memory.

Reference:

– 3GPP TS 33.501 [41], clause 6.1.3.2;

– 3GPP TS 24.501 [42], clauses 5.4.1.3, Annex C.

15.2.4.3 Test purpose

1) To verify that the UE generates the 5G NAS security context parameters and stores them inside the non-volatile memory in the ME together with the SUPI from the USIM.

2) To verify that the UE rejects the SECURITY MODE COMMAND with the existing 5G NAS security context parameters if the SUPI is changed.

15.2.4.4 Method of test

15.2.4.4.1 Initial conditions

The NG-SS transmits on the BCCH, with the following network parameters:

– TAI (MCC/MNC/TAC): 244/083/000001.

– Access control: unrestricted.

The default 5G-NR UICC is used with the following exceptions and installed into the ME.

EF_UST (USIM Service Table)

Logically:

5GS Mobility Management Information not available

5G Security Parameters not available

Byte:	B1	…	B16
Binary:	…	…	xxx0 100x

15.2.4.4.2 Procedure

a) Bring up Cell A and the UE is switched on with default IMSI.

b) The UE sends REGISTRATION REQUEST to NG-SS. Further NG-SS responds with REGISTRATION REJECT (cause: Roaming not allowed in this tracking area), and then UE is switched off.

c) The UE is switched on, with IMSI set as 246081685533963.

d) The UE sends REGISTRATION REQUEST to NG-SS. Further NG-SS responds REGISTRATION REJECT (cause: Roaming not allowed in this tracking area), and then UE is switched off.

e) The UE is switched on with default IMSI.

f) Upon reception of an RRCSetupRequest message from the UE, NG-SS transmits an RRCSetup message to the UE followed by reception of an RRCSetupComplete message from the UE.

g) After receipt of a REGISTRATION REQUEST message from the UE during registration, the NG-SS initiates the 5G AKA authentication procedure and sends 5G AKA challenge message in the AUTHENTICATION REQUEST message, uses:

ngKSI:

NAS key set identifier: ‘000’

TSC: ‘0’

Authentication parameter RAND (5G Authentication challenge): 128 bits value

Authentication parameter AUTN (5G Authentication challenge). 128 bits value

h) After reception of AUTHENTICATION RESPONSE message from the UE, the NG-SS sends a SECURITY MODE COMMAND message, then the UE sends a SECURITY MODE COMPLETE message.

i) The NG-SS sends a REGISTRATION ACCEPT message.

5G-GUTI: 24408300010266436587

TAI: 42 34 80 00 00 01

j) The UE sends a REGISTRATION COMPLETE message.

k) The UE is switched off or the UE’s radio interface is switched off to perform the DEREGISTRATION procedure, then the NG-SS sends RRCRelease message.

l) Change the UICC configuration (by setting the IMSI to 246081685533963), then switch the ME on.

n) The UE is switched off.

15.2.4.5 Acceptance criteria

1) In step h) the UE sends a SECURITY MODE COMPLETE message.

2) In step m) the UE shall not use the 5G-GUTI or the Last visited registered TAI parameters in the REGISTRATION REQUEST message, instead it shall use SUCI as 5GS mobile identity IE.

3) During step m) the UE shall indicate within the REGISTRATION REQUEST for the NAS key set identifier that no key is available.

4) After step m) and before step n) the UE sends SECURITY MODE REJECT message.