A.9 Calculation of MIC value for Direct Communication Request
33.5033GPPRelease 17Security Aspects of Proximity based Services (ProSe) in the 5G System (5GS)TS
When calculating a MIC using the DUIK to integrity protect Direct Communication Request (DCR) message, the following parameters shall be used to form the input S to the KDF that is specified in Annex B of TS 33.220 [8]:
– FC = 0x8B.
– P0 = UTC-based counter.
– L0 = length of above (i.e. 0x00 0x04).
– P1 = DCR message with the MIC value field set to all zeros.
– L1 = length of above.
The MIC is set to the 32 least significant bits of the output of the KDF.
The DUIK, UTC-based counter and DCR message follow the encoding also specified in Annex B of TS 33.220 [8].
Annex B (informative):
Source authenticity of discovery messages
To achieve source authenticity of discovery messages, the third security requirement in clause 6.1.2, a UE receiving a discovery message can verify the source authenticity of the received discovery message by using the provisioned DUIK under the assumption that the UEs provisioned with the same DUIK are trusted.
Alternatively, if receiving UEs are not provisioned with the DUIK, the network can verify the source authenticity of discovery messages via match report procedure.
Annex C (informative):
Change history
|
Change history |
|||||||
|---|---|---|---|---|---|---|---|
|
Date |
Meeting |
TDoc |
CR |
Rev |
Cat |
Subject/Comment |
New version |
|
2022-06 |
SA#96 |
SP-220541 |
Presented for information and approval |
1.0.0 |
|||
|
2022-06 |
SA#96 |
Upgrade to change control version |
17.0.0 |
||||
|
2022-06 |
SA#96 |
EditHelp review |
17.0.1 |
||||
|
2022-06 |
SA#97e |
SP-220876 |
0001 |
– |
F |
Clarification on NAI format for PRUK ID |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0002 |
F |
HPLMN ID of Remote UE in Remote UE Report message |
17.1.0 |
|
|
2022-06 |
SA#97e |
SP-220876 |
0003 |
1 |
F |
Implementation correction of S3-221294 |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0006 |
– |
F |
Updates on Open 5G ProSe Direct Discovery |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0010 |
1 |
F |
Correction to authorization based on RSC |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0011 |
1 |
F |
Clarifications of general description to Restricted 5G ProSe Direct Discovery |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0012 |
1 |
F |
Rename 5GPRUK ID and 5GPRUK in CP based solution and rename PRUK and PRUK ID in UP based solution |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0013 |
F |
Clarification for ProSe UE-to-Network Relay security procedure over Control Plane |
17.1.0 |
|
|
2022-06 |
SA#97e |
SP-220876 |
0014 |
F |
Correction figure in 5G ProSe discovery in TS33.503 |
17.1.0 |
|
|
2022-06 |
SA#97e |
SP-220876 |
0015 |
1 |
F |
Correction figure in ProSe UE-to-Network Relay security procedure over Control Plane in TS33.503 –> not implemented due to clash with 0012r1 (MCC) in the figure. |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0017 |
– |
F |
Clean up clause 6.1.3.2.2 |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0019 |
– |
F |
Define reference point for PAnF |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0020 |
-1 |
F |
Remove secondary authentication related content |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0021 |
– |
F |
Update Abbreviations |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0023 |
1 |
F |
Resolution of the issue of authentication mechanism selection |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0025 |
1 |
F |
Clarification on 5G ProSe Remote UE specific authentication mechanism |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0026 |
1 |
F |
Remote UE Report when security procedure over Control Plane is performed |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0028 |
F |
Add clause of Broadcast mode 5G ProSe Direct Communication |
17.1.0 |
|
|
2022-06 |
SA#97e |
SP-220876 |
0029 |
F |
Add clause of Groupcast mode 5G ProSe Direct Communication |
17.1.0 |
|
|
2022-06 |
SA#97e |
SP-220876 |
0030 |
– |
F |
Correction to Nausf_UEAuthentication_Authenticate service |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0033 |
– |
F |
Modify clause and figure titles for U2N relay clauses |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0034 |
1 |
F |
Updates to U2N Relay Discovery Security Procedure |
17.1.0 |
|
2022-06 |
SA#97e |
SP-220876 |
0041 |
1 |
F |
Corrections in TS 33.503 |
17.1.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0042 |
1 |
F |
Alignment of Link Identifier Update (LIU) procedure |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0043 |
– |
F |
Handling of PRUK desynchronization issue with 5G ProSe UE-to-Network Relay |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0046 |
1 |
F |
Corrections in privacy protection of 5G ProSe UE-to-Network relay procedure |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0049 |
1 |
F |
Add functionality description of PAnF |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0050 |
1 |
F |
Clarification of subscription information in PAnF |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0051 |
– |
F |
Add FC Value in 33.503 |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0058 |
1 |
F |
Correction to security mechanism selection |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0059 |
1 |
F |
Renaming 5GPRUK, 5GPRUK ID, PRUK and PRUK ID |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0060 |
1 |
F |
Correcting the handling of synchronisation error |
17.2.0 |
|
2022-12 |
SA#98e |
SP-221152 |
0062 |
F |
CP-PRUK refresh |
17.2.0 |
|
|
2022-12 |
SA#98e |
SP-221152 |
0064 |
1 |
F |
Match Report in U2N Relay Discovery Security Procedure |
17.2.0 |