F.2 Hash Functions
33.1793GPPRelease 13Security of Mission Critical Push To Talk (MCPTT) over LTETS
F.2.1 Generation of MIKEY-SAKKE UID
Section 3.2 of IETF RFC 6509 [11] defines an identifier for use in MIKEY SAKKE in section 3.2, referred to as the UID in the present document. This requires a Tel-URI as the user’s URI and monthly key periods. As MCPTT IDs may not be Tel-URIs, this UID format cannot be used within MCPTT. This clause defines how the 256-bit MIKEY-SAKKE UID is generated using a generic identifier and generic key period.
The MIKEY-SAKKE UID is generated by hashing a fixed string, the identifier of the user, the identifier of the KMS, the key period length, the current key period number and their respective lengths.
The input to the hash function shall be encoded as specified in clause B.1 of 3GPP TS 33.220 [17]. The hash function shall be SHA-256 as specified in [18]. The full 256-bit output shall be used as the identifier within MIKEY-SAKKE (referred to as ‘ID’ in IETF RFC 6507 [9] and ‘a’ or ‘b’ within IETF RFC 6508 [10].
FC = 0x00
P0 = The fixed string: ”MIKEY-SAKKE-UID”
L0 = Length of P0 value
P1 = Identifier (e.g. MCPTT ID)
L1 = Length of P1 value
P2 = KMS Identifier (e.g. secgroup1.kms.example.org)
L2 = Length of P2 value
P3 = Key Period length in seconds (e.g. 2592000)
L3 = Length of P3 value
P4 = Key Period offset in seconds (e.g. 0)
L4 = Length of P4 value
P5 = Current Key Period No. since 0h on 1 January 1900 (e.g. 553)
L5 = Length of P5 value
NOTE: The key derivation function defined in clause B.1 of 3GPP TS 33.220 [17] is not used, therefore the FC value should only be considered as a dummy value.
P0 is a fixed 15 character string encoded as described in annex B of 3GPP TS 33.220 [17]. P1 is the identifier, which for MCPTT would be the MCPTT ID. P2 is the identifier of the KMS, and uniquely identifies the public key used for encryption and signing. P3 is the integer representing the number of seconds in a key period. P4 is the offset from 0h on 1 January 1900 and shall be less than P3. It sets the time at which keys are changed over. Both P3 and P4 are extracted from the KMS certificate and encoded as integers as described in annex B of 3GPP TS 33.220 [17]. P5 is the integer representing the current key period number since 0h on 1 January 1900, which may be calculated as:
P5 = Floor ( ( TIME – P4 ) / P3 )
Where TIME is a NTP timestamp, i.e., a number in seconds relative to 0h on 1 January 1900. P4 is encoded as described in annex B of 3GPP TS 33.220 [17].
NOTE 1: When used to generate a UID for encrypting using a MIKEY payload, P1 will commonly be the ‘ID Data’ from the IDRr payload, P2 will be the encoded ‘ID Data’ from the IDRkmsr payload, and TIME will be the NTP timestamp within the MIKEY payload.
NOTE 2: When used to generate a UID for signing a MIKEY payload, P1 will commonly be the ‘ID Data’ from the IDRi payload, P2 will commonly be the ‘ID Data’ from the IDRkmsi payload, and TIME will be the NTP timestamp within the MIKEY payload.
Annex G (informative):
Change history
|
Change history |
|||||||
|
Date |
Meeting |
TDoc |
CR |
Rev |
Cat |
Subject/Comment |
New version |
|
2016-06 |
SA#72 |
SP-160383 |
0001 |
2 |
F |
Architectural clarifications and corrections |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0002 |
2 |
F |
Fix KMS reference points |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0004 |
1 |
F |
Technical text clarifications |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0005 |
1 |
C |
Fixing Floor Control Key Management |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0006 |
1 |
F |
Addition of security overview |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0007 |
– |
C |
Sending GMK to unaffilliated users |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0010 |
– |
F |
Correction to integrity protection |
13.1.0 |
|
2016-06 |
SA#72 |
SP-160383 |
0011 |
2 |
F |
Fix off-network provisioning |
13.1.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0012 |
– |
F |
Correction of some implementation errors |
13.2.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0013 |
1 |
F |
Signing of Access Tokens |
13.2.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0014 |
1 |
F |
Fix IdM interfaces |
13.2.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0015 |
1 |
F |
Corrections to 7.2.2.1, 7.2.2.2, 7.2.2.3, 9.1.3.1, 9.1.3.3, 9.1.3.4, 9.3.1 |
13.2.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0016 |
2 |
F |
Clarification on floor control signalling protection |
13.2.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0017 |
– |
F |
Clarifications to 33.179 |
13.2.0 |
|
2016-09 |
SA#73 |
SP-160578 |
0018 |
– |
F |
Correcting GMK revokation |
13.2.0 |
|
2016-12 |
SA#74 |
SP-160785 |
0019 |
– |
F |
Clarification on the use of MKFC |
13.3.0 |
|
2016-12 |
SA#74 |
SP-160785 |
0020 |
– |
F |
Clarifying the protection of media control within 33.179 |
13.3.0 |
|
2016-12 |
SA#74 |
SP-160785 |
0021 |
1 |
F |
Aligning XML encryption mechanism with CT WG agreements |
13.3.0 |
|
2016-12 |
SA#74 |
SP-160785 |
0022 |
1 |
F |
Aligning XML Integrity protection mechanism with CT WG agreements |
13.3.0 |
|
2016-12 |
SA#74 |
SP-160785 |
0023 |
– |
F |
Correction of TS 33.220 references |
13.3.0 |
|
2016-12 |
SA#74 |
SP-160785 |
0024 |
1 |
F |
Protection of MBMS subchannel control messages |
13.3.0 |
|
2017-03 |
SA#75 |
SP-170100 |
0025 |
– |
F |
HTTP-1 Authentication Editor’s note |
13.4.0 |
|
2017-03 |
SA#75 |
SP-170100 |
0026 |
– |
F |
Clarify number of MCPTT IDs per user |
13.4.0 |
|
2017-03 |
SA#75 |
SP-170100 |
0027 |
1 |
F |
Integrity protection and client_id |
13.4.0 |
|
2017-03 |
SA#75 |
SP-170100 |
0028 |
– |
F |
Correction to clause reference in TS 33.179 |
13.4.0 |
|
2018-01 |
SA#78 |
SP-170878 |
0029 |
– |
F |
Correction to MIKEY Key parameters |
13.5.0 |
|
Change history |
|||||||
|
Date |
Meeting |
TDoc |
CR |
Rev |
Cat |
Subject/Comment |
New version |
|
2018-06 |
SA#80 |
SP-180445 |
0030 |
1 |
F |
Add GMK management |
13.6.0 |
|
2018-06 |
SP-180445 |
0031 |
– |
F |
Fix annex E.6.3 reference |
13.6.0 |
|
|
2018-06 |
SA#80 |
SP-180445 |
0032 |
– |
F |
Definition of KMS XML namespace |
13.6.0 |
|
2018-09 |
SA#81 |
SP-180701 |
0033 |
– |
F |
[MCPTT] 33179 R13 Fix XML schema |
13.7.0 |
|
2018-09 |
SA#81 |
SP-180701 |
0095 |
– |
F |
[MCPTT] 33179 R13. Examples of MC service ID shall be URI |
13.7.0 |
|
2018-09 |
SA#81 |
SP-180701 |
0096 |
– |
F |
[MCPTT] 33179 R13. Clarification for MIKEY-SAKKE values |
13.7.0 |
|
2019-03 |
SA#83 |
SP-190100 |
0097 |
– |
F |
[33.179] Annex D.3.4.2 XSD correction |
13.8.0 |
|
2019-03 |
SA#83 |
SP-190100 |
0098 |
– |
F |
[33.179] R13 IdMS interface security |
13.8.0 |
|
2019-06 |
SA#84 |
SP-190355 |
0100 |
1 |
F |
[MCPTT] 33179 R13. Clarification of the references to RFC 3711 |
13.9.0 |
|
2019-06 |
SA#84 |
SP-190355 |
0101 |
– |
F |
[33.179] R13 XSD Corrections |
13.9.0 |
|
2019-06 |
SA#84 |
SP-190355 |
0102 |
1 |
F |
[33.179] R13 Remove IANA editor’s notes |
13.9.0 |
|
2019-12 |
SA#86 |
SP-191134 |
0103 |
– |
F |
[MCPTT] 33179 R13 Missing Abbreviations |
13.10.0 |
|
2019-12 |
SA#86 |
SP-191134 |
0104 |
– |
F |
[MCPTT] 33179 R13 Reference Addition |
13.10.0 |
|
2019-12 |
SA#86 |
SP-191134 |
0105 |
– |
F |
[MCPTT] 33179 R13 Correction concerning IdM client |
13.10.0 |
|
2019-12 |
SA#86 |
SP-200360 |
0106 |
– |
F |
[33.179] R13 token scope fix |
13.11.0 |
|
2022-12 |
SA#98e |
SP-221150 |
0107 |
2 |
F |
[MCPTT] Incorrect example |
13.12.0 |
|
2022-12 |
SA#98e |
SP-221150 |
0108 |
– |
F |
[MCPTT] Incorrect reference |
13.12.0 |