B.4 Derivation of TMPI

33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Derivation of TMPI follows the same procedure as NAF specific key derivation in GBA and GBA_U (see clause B.3). As the TMPI is stored in ME, for GBA_U the procedure for derivation of Ks_ext_NAF is followed.

NOTE: This procedure was chosen to avoid any changes to existing UICCs in case of GBA_U.

The BSF_Id defined in this clause consists of the full DNS name of the BSF as used for B-TID generation (see clause 4.5.2), concatenated with the Ua security protocol identifier for TMPI as specified in Annex H.

In GBA and GBA_U, the input parameters for the key derivation function to derive the TMPI shall be the following:

– FC = 0x01,

– P0 = "gba-me" (i.e. 0x67 0x62 0x61 0x2d 0x6d 0x65) (see clause B.3 for Ks_NAF and Ks_ext_NAF),

– L0 = length of P0 is 6 octets (i.e., 0x00 0x06).

– P1 = RAND,

– L1 = length of RAND is 16 octets (i.e. 0x00 0x10),

– P2 = IMPI encoded to an octet string using UTF-8 encoding (see clause B.2.1),

– L2 = length of IMPI is variable (not greater that 65535),

– P3 = the BSF_Id encoded to an octet string using UTF-8 encoding (see clause B.2.1), and

– L3 = length of P3 is variable (not greater that 65535).

The Key to be used in derivation of TMPI shall be:

– Ks (i.e. CK || IK concatenated) as specified in clauses 4 and 5.

The TMPI is then computed as TEMP@tmpi.bsf.3gppnetwork.org where TEMP is the base64-encoding [60] of the 24 most significant octets of the output of KDF.