A.7 Message-specific confidentiality mechanisms for discovery

33.5033GPPRelease 17Security Aspects of Proximity based Services (ProSe) in the 5G System (5GS)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Message-specific confidentiality protection is provided by ProSe layer between ProSe UEs.

The use and mode of operation of the ciphering algorithms are specified in Annex D in TS 33.501 [3].

The input parameters to the ciphering algorithms as described in Annex D in TS 33.501 [3] are:

– KEY: 128 least significant bits of the output of the KDF (DUCK, UTC-based counter, MIC)

– COUNT: UTC-based counter

– BEARER: 0x00

– DIRECTION: 0x00

– LENGTH: LEN(discovery message) – (LEN(Message Type) + LEN(UTC-based counter LSB) + LEN(MIC)), where LEN(x) is the length of x in number of bits

KEY is set to as such to generate message-specific keystream as in TS 33.303 [4].

The output keystream of the ciphering algorithm (output_keystream) is then masked with the Encrytped_bits_mask to produce the final keystream for the message-specific confidentiality protection (KEYSTREAM):

KEYSTREAM = output_keystream AND (Encrypted_bits_mask || 0xFF..FF)

The KEYSTREAM is XORed with the discovery message for message-specific confidentiality protection.