5.2.6 Key distribution with identity hiding

33.1803GPPRelease 17Security of the Mission Critical (MC) serviceTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

The key distribution mechanism defined in clauses 5.2.2, 5.2.3, 5.2.4 and 5.2.5 may be extended to allow identities to be masked within the MIKEY payload. This is achieved by adding the UID, rather than the URI to the payload as described in Annex E.7 and shown in figure 5.2.6-1.

Figure 5.2.6-1: Common key distribution mechanism with identity hiding

On receipt of a MIKEY payload with identities hidden, the receiving entity should recognise the receiver UID in the packet. If not, the I_MESSAGE shall be rejected. Based on the initiator UID, the receiver checks the validity of the I_MESSAGE signature. At this point the initiator is anonymous to the receiver. If this check fails, the I_MESSAGE shall be rejected. The receiver then extracts the key K. This may be used to decrypt other parts of the packet and extract the initiator URI. Once the initiator URI is extracted, this shall be used to generate the initiator UID and check that it is the one provided in the I_MESSAGE. If not, the I_MESSAGE shall be rejected. This procedure is shown in figure 5.2.6-2

Figure 5.2.6-2: Common key extraction mechanism with identity hiding