D.3 Integrity algorithms
33.5013GPPRelease 18Security architecture and procedures for 5G SystemTS
D.3.1 128-Bit integrity algorithms
D.3.1.1 Inputs and outputs
The input parameters to the integrity algorithm are a 128-bit integrity key named KEY, a 32-bit COUNT, a 5-bit bearer identity called BEARER, the 1-bit direction of the transmission i.e. DIRECTION, and the message itself i.e. MESSAGE. The DIRECTION bit shall be 0 for uplink and 1 for downlink. The bit length of the MESSAGE is LENGTH.
Figure D.3.1.1-1 illustrates the use of the integrity algorithm NIA to authenticate the integrity of messages.
Figure D.3.1.1-1: Derivation of MAC-I/NAS-MAC (or XMAC-I/XNAS-MAC)
Based on these input parameters the sender computes a 32-bit message authentication code (MAC-I/NAS-MAC) using the integrity algorithm NIA. The message authentication code is then appended to the message when sent. For integrity protection algorithms, the receiver computes the expected message authentication code (XMAC-I/XNAS-MAC) on the message received in the same way as the sender computed its message authentication code on the message sent and verifies the data integrity of the message by comparing it to the received message authentication code, i.e. MAC-I/NAS-MAC.
D.3.1.2 128-NIA1
128-NIA1 is identical to 128-EIA1 as specified in Annex B of TS 33.401 [10].
D.3.1.3 128-NIA2
128-NIA2 is identical to 128-EIA2 as specified in Annex B of TS 33.401 [10].
D.3.1.4 128-NIA3
128-NIA3 is identical to 128-EIA3 as specified in Annex B of TS 33.401 [10].