A.9 KgNB, KWAGF, KTNGF, KTWIF and KN3IWF derivation function

A.9 K_gNB, K_WAGF, K_TNGF, K_TWIF and K_N3IWF derivation function

33.5013GPPRelease 18Security architecture and procedures for 5G SystemTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

When deriving the keys K_gNB, K_WAGF, K_TNGF, K_TWIF and K_N3IWF from K_AMF and the uplink NAS COUNT in the UE and the AMF the following parameters shall be used to form the input S to the KDF.

– FC = 0x6E

– P0 = Uplink NAS COUNT

– L0 = length of uplink NAS COUNT (i.e. 0x00 0x04)

– P1 = Access type distinguisher

– L1 = length of Access type distiguisher (i.e. 0x00 0x01)

The values for the access type distinguisher are defined in table A.9-1. The values 0x00 and 0x03 to 0xf0 are reserved for future use, and the values 0xf1 to 0xff are reserved for private use.

The access type distinguisher shall be set to the value for 3GPP (0x01) when deriving KgNB. The access type distinguisher shall be set to the value for non-3GPP (0x02) when deriving K_N3IWF,K_WAGF,K_TWIF or K_TNGF..

Table A.9-1: Access type distinguishers

Access type distinguisher	Value
3GPP access	0x01
Non 3GPP access	0x02

The input key KEY shall be the 256-bit K_AMF.

This function is applied when cryptographically protected 5G radio bearers are established and when a key change on-the-fly is performed.