G.2 GBA_U NAF Derivation procedure

33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

This procedure is part of the Procedures using bootstrapped Security Association as described in clause 5.3.3

The ME sends NAF_ID and IMPI to the UICC. The UICC then performs Ks_ext_NAF and Ks_int_NAF derivation as described in clause 5.3.2. The UICC uses the RAND and Ks values stored from the previous bootstrapping procedure. The UICC returns Ks_ext_NAF to the ME and stores Ks_int_NAF and associated B-TID together with NAF_Id.

In case that the UICC does not have enough storage available for the generated Ks_int_NAF and associated parameters, the UICC shall overwrite an existing Ks_int_NAF entry (Ks_int_NAF and associated parameters). To determine the Ks_int_NAF to overwrite, the UICC shall construct a list of Ks_int_NAF entry numbers by storing in the list first position the entry number of the last used or derived Ks_int_NAF and by shifting down the remaining list elements. The last Ks_int_NAF entry number in this list corresponds to the Ks_int_NAF to overwrite when the UICC runs out of free records.

If an existing Ks_int_NAF entry in use is overwritten, the application Ks_int_NAF shall not be affected (e.g. in case a Ks_int_NAF was put into use as an MBMS MUK key, the MUK key shall continue to be available for the MBMS application).

NOTE: A previous GBA_U Bootstrap needs to be undertaken before. If Ks is not available in the UICC, the command will answer with the appropriate error message.

The input parameters IMPI and the FQDN part of NAF_ID shall be encoded as specified Annex B.2.1.

Figure G.2: GBA_U NAF derivation procedure

Annex H (normative):
Ua security protocol identifier