5.5 Key management between MCX servers (SPK)

33.1803GPPRelease 17Security of the Mission Critical (MC) serviceTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Floor control, transmission control, and media control between MCX servers may need to be protected. Additionally, certain values and identifiers transferred in the signalling plane between servers within an MC domain, or between MC domains, may be treated as sensitive by public safety users and therefore may also require protection.

To protect information from all other entities outside of the MC domain(s), a shared 128-bit Signalling Protection Key (SPK) needs to be established between the servers. The SPK is provided along with a 32-bit identifier, the SPK-ID and 128-bit random value SPK-RAND. The most significant four bits of the identifier (the Purpose Tag) of the SPK-ID shall be ‘3’ to denote the purpose of the SPK is for signalling protection, as described in Annex G.

The SPK and associated values shall be directly provisioned into the communicating servers, along with the SPK-ID. With the SPK provisioned, RTCP and XML content (within SIP) may be protected.