F.1 KDF interface and input parameter construction

33.1793GPPRelease 13Security of Mission Critical Push To Talk (MCPTT) over LTETS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

F.1.1 General

This annex specifies the use of the Key Derivation Function (KDF) specified in 3GPP TS 33.220 [17] for the current specification. This annex specifies how to construct the input string, S, to the KDF (which is input together with the relevant key). For each of the distinct usages of the KDF, the input parameters S are specified below.

F.1.2 FC value allocations

The FC number space used is controlled by 3GPP TS 33.220 [17].

F.1.3 Calculation of the User Salt for GUK-ID generation

When calculating a User Salt using the GMK for generating the GUK-ID from the GMK-ID, the following parameters shall be used to form the input S to the KDF that is specified in annex B of 3GPP TS 33.220 [17]:

– FC = 0x50.

– P0 = MCPTT ID.

– L0 = length of above (i.e. 0x00 0x17).

The GMK and MCPTT ID follow the encoding also specified in annex B of 3GPP TS 33.220 [17]. The 28 least significant bits of the 256 bits of the KDF output shall be used as the User Salt.

F.1.4 Calculation of keys for application data protection

The two keys used to protect either signalling plane confidentiality, or signalling plane integrity are derived from the XPK, using the KDF that is specified in annex B of 3GPP TS 33.220 [17].

The following parameters shall be used to form the input S to the KDF that is specified in annex B of 3GPP TS 33.220 [27]. The key used by the KDF shall be the XPK:

– FC = 0x51, (for signalling plane confidentiality), or

– FC = 0x52 (for signalling plane integrity).

– P0 = MCPTT ID.

– L0 = length of above, expressed in number of bytes (i.e. 0x00 0x17).

– P1 = XPK-ID.

– L1 = length of above, expressed in number of bytes (i.e. 0x00 0x17).

The MCPTT ID and XPK-ID follow the encoding also specified in annex B of 3GPP TS 33.220 [17].

Where the XPK is 128-bits, the output keys shall be 128-bits and hence the 128 least significant bits of the 256 bits of the KDF output shall be used as the signalling protection key. Where the XPK is 256-bits, the output keys shall be 256-bits and hence the entire output of the KDF shall be used.