A.5 Calculation of DCR confidentiality keystream

33.5033GPPRelease 17Security Aspects of Proximity based Services (ProSe) in the 5G System (5GS)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

When calculating the message-specific confidentiality keystream, the following parameters shall be used to form the input S to the KDF that is specified in Annex B of TS 33.220 [8]:

– FC = 0x88

– P0 = UTC-based counter

– L0 = length of UTC-based counter (i.e. 0x00 0x04)

– P1 = RSC

– L1 = length of RSC (i.e. 0x00 0x03).

The input key shall be the 256-bit selected key in Step 1 of clause 6.3.5.2.

The DCR confidentiality keystream is set to L least significant bits of the output of the KDF, where L = the length of the RSC + the length of the UP-PRUK ID.

NOTE: If UP-PRUK ID is in NAI format, the length of the UP-PRUK ID is determined by the username part of the UP-PRUK ID.