E.2 MIKEY message structure for GMK distribution
33.1793GPPRelease 13Security of Mission Critical Push To Talk (MCPTT) over LTETS
The MIKEY-SAKKE message shall include the Common Header payload, Timestamp payload, RAND payload, IDRi payload, IDRr payload, IDRkmsi payload, IDRkmsr payload, SAKKE payload and a SIGN (ECCSI) payload. It is recommended that the message also includes a Security Properties payload. Optionally, the message may include a General Extension payload containing a second SAKKE message as described in clause E.5.
In the Common Header payload, the CSB ID field of MIKEY common header shall be the GUK-ID.
The Security Policy (SP) payload is used to specify the security properties of group communications using the GMK. Where no security profile is provided, the following default security profile shall be used.
Table E.2-1: MIKEY Group call SRTP Default Profile
|
SRTP Type |
Meaning |
Value |
Meaning |
|
0 |
Encryption Algorithm |
6 |
AES-GCM |
|
1 |
Session encryption key length |
16 |
16 octets |
|
2 |
Authentication algorithm |
4 |
RCCm3 (Use of unauthenticated ROC) |
|
4 |
Session salt key length |
12 |
12 octets |
|
5 |
SRTP PRF |
0 |
AES-CM |
|
6 |
Key derivation rate |
0 |
No session key refresh. |
|
13 |
ROC transmission rate |
1 |
ROC transmitted in every packet. |
|
18 |
SRTP Authentication tag length |
4 |
4 octets for transmission of ROC |
|
19 |
SRTCP Authentication tag length |
0 |
ROC need not be transmitted in SRTCP. |
|
20 |
AEAD authentication tag length |
16 |
16 octets |
Identity payloads shall be IDR payloads as defined in section 6.6 of IETF RFC 6043 [25]. The IDRi payload shall contain the MCPTT identifier associated with the group management server. The IDRr payload shall contain the MCPTT ID associated to the group management client. The message shall also include IDRkmsi and IDRkmsr that contains the URI of the MCPTT KMS used by the group management server and MCPTT user respectively.
NOTE: In some deployments MCPTT IDs within these payloads may be treated as private. In this case, the group management server and group management client should substitute these private identities for public identities via a privately-defined mapping.
The SAKKE payload shall encapsulate the GMK to the UID generated from the MCPTT ID of the group management client. Only one GMK key shall be transported in the SAKKE payload. The same GMK shall be encapsulated to each member of the group. The ID Scheme in the SAKKE payload shall be ‘3GPP MCX hashed UID ‘ to reflect the generation scheme defined in clause F.2.1.
The ID Scheme ‘3GPP MCX hashed UID’ takes on the IANA assigned value of ‘2’ [41].
The entire MIKEY message shall be signed by including an SIGN payload providing authentication of the group management server. The signature shall be of type 2 (ECCSI). The signature shall use the UID generated from the identifier associated with the group management server.