8.1.7 Security mode command
34.123-13GPPPart 1: Protocol conformance specificationRelease 15TSUser Equipment (UE) conformance specification
8.1.7.1 Security mode command in CELL_DCH state (CS Domain)
8.1.7.1.1 Definition
8.1.7.1.2 Conformance requirement
1. This procedure is used to trigger or start of ciphering or to command the restart of ciphering with the new ciphering configuration for the signalling radio bearers and any radio bearers of a particular CN Domain. It is also used to start integrity protection or modify integrity protection configuration for the signalling radio bearers.
2. When the UE receives a SECURITY MODE COMMAND message from the UTRAN, which indicates a downlink activation time for each effected SRB and RB, and new ciphering mode configuration, the UE shall apply the old ciphering configuration, for a particular SRB or RB, before the stated downlink activation time. It shall start to decipher using the new ciphering configuration at the downlink activation time.
3. After the UE has transmitted a SECURITY MODE COMPLETE message using the new integrity protection configuration which includes uplink activation time, it shall start to cipher transmission in the uplink using the new configuration at the respective uplink activation time for each SRB or RB.
Reference
3GPP TS 25.331 clauses 8.1.12, 8.6.3.4, 8.6.3.5.
8.1.7.1.3 Test purpose
To confirm that the UE activates the new ciphering configurations after the stated activation time. To confirm that after the UE receives a SECURITY MODE COMMAND message, it transmits a SECURITY MODE COMPLETE message to the UTRAN using the old ciphering configuration together with the application of the new integrity protection configuration. To confirm that UE send SECURITY MODE FAILURE message when SS transmits a SECURITY MODE COMMAND message that causes an invalid configuration. To confirm that the UE sends a SECURITY MODE FAILURE message when the UE receives an invalid SECURITY MODE COMMAND message.
8.1.7.1.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: CELL_DCH (state 6-9) as specified in clause 7.4 of TS 34.108.
Test Procedure
The UE is in CELL_DCH state. The SS initiates an Authentication procedure, which will result in the generation of a new security keyset (CK/IK). The SS transmits a SECURITY MODE COMMAND message which contains an unexpected critical message extension. The UE shall respond by sending SECURITY MODE FAILURE message on the DCCH. Then SS transmits a SECURITY MODE COMMAND message with IE’s "Ciphering mode info" and "Integrity protection mode info both omitted". Again the UE shall not trigger any ciphering algorithm and it shall respond by sending SECURITY MODE FAILURE message on the DCCH. Next, the SS transmits a valid SECURITY MODE COMMAND message which includes the correct downlink activation times and "Integrity check info" IE. Then the UE shall check the integrity check info and shall start to configure ciphering in downlink according to the first valid SECURITY MODE COMMAND message. The UE shall transmit a SECURITY MODE COMPLETE message which contains the correct uplink activation times and also "Integrity check info" IE using the new integrity protection configuration. The SS records the uplink ciphering activation time for RB 2. Next, the SS transmits UE CAPABILITY ENQUIRY message repeatedly on the downlink DCCH using RLC-AM mode. The UE shall respond to each downlink message with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. SS then send UE CAPABILITY INFORMATION CONFIRM message to the UE. This cycle repeats itself until both the uplink and downlink ciphering activation time for RB 2 has elapsed. SS checks all uplink UE CAPABILITY INFORMATION messages are integrity-protected by UIA algorithm, and that the messages contain the correct values for "Integrity check info" IE. This can be verified in the SS through the reception of a correctly ciphered and integrity-protected UE CAPABILITY INFORMATION message.
Expected sequence
|
Step |
Direction |
Message |
Comment |
|
|
UE |
SS |
|||
|
1 |
RRC connected state on DCH_state. |
|||
|
1a |
|
AUTHENTICATION REQUEST |
MM message which will result in the generation of a new security keyset |
|
|
1b |
|
AUTHENTICATION RESPONSE |
MM |
|
|
2 |
|
SECURITY MODE COMMAND |
See message content. |
|
|
3 |
|
SECURITY MODE FAILURE |
IE "Failure Cause" shall be set to "Protocol Error" and IE "Protocol Error Information" shall be set to "Message extension not comprehended". |
|
|
4 |
|
SECURITY MODE COMMAND |
See message content. |
|
|
5 |
|
SECURITY MODE FAILURE |
IE "Failure Cause" shall be set to "invalid configuration". |
|
|
6 |
|
SECURITY MODE COMMAND |
See specific message contents. |
|
|
7 |
Void |
|||
|
8 |
Void |
|||
|
9 |
|
SECURITY MODE COMPLETE |
SS verifies that this message is sent using the old ciphering configuration. SS records the uplink ciphering activation time for RB 2. |
|
|
10 |
|
UE CAPABILITY ENQUIRY |
SS repeats step 10, 11 and 12 until its internal uplink and downlink RLC SN have both surpassed the uplink and downlink ciphering activation time specified for RB2. This message is sent on the downlink DCCH using RLC-AM. |
|
|
11 |
|
UE CAPABILITY INFORMATION |
UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
12 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
Specific Message Contents
SECURITY MODE COMMAND (Step 2)
|
Information Element |
Value/remark |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Critical extensions |
’FF’H |
SECURITY MODE FAILURE (Step 3)
The same message found in TS 34.108, clause 9 shall be transmitted by the UE on the uplink DCCH, with the exception of the following IEs:
|
Information Element |
Value/remark |
|
Failure cause |
|
|
Failure cause |
Protocol error |
|
Protocol error information |
|
|
Protocol error cause |
Message extension not comprehended |
SECURITY MODE COMMAND (Step 4)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
Ciphering mode info |
Not Present |
|
– Ciphering mode command |
|
|
Integrity protection mode info |
Not Present |
|
CN domain identity |
CS Domain |
|
UE system specific security capability |
Not Present in condition A1 |
|
UE system specific security capability |
Present In condition A2 |
|
– Inter-RAT UE security capability |
|
|
– CHOICE system |
GSM |
|
– GSM security capability |
The indicated algorithms must be the same as the algorithms supported by the UE as indicated in the IE " UE system specific capability " in the RRC CONNECTION SETUP COMPLETE message. |
|
Condition |
Explanation |
|
A1 |
UE not supporting GSM |
|
A2 |
UE supporting GSM |
SECURITY MODE FAILURE (Step 5)
The same message found in TS 34.108, clause 9 shall be transmitted by the UE on the uplink DCCH, with the exception of the following IEs:
|
Information Element |
Value/remark |
|
Failure cause |
|
|
Failure cause |
Invalid configuration |
SECURITY MODE COMMAND (Step 6)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
Ciphering mode info |
|
|
Ciphering mode command |
Start/restart |
|
Ciphering algorithm |
UEA1 |
|
Activation time for DPCH |
(256+CFN-(CFN MOD 8 + 8))MOD 256 |
|
Radio bearer downlink ciphering activation time info |
|
|
RB Identity |
1 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
2 |
|
RLC sequence number |
Current RLC SN + 2 |
|
RB Identity |
3 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
4 |
|
RLC sequence number |
Current RLC SN |
|
Integrity protection mode info |
|
|
Integrity protection mode command |
Modify |
|
Downlink integrity protection activation info |
|
|
Current RRC SN for SRB0 |
|
|
Current RRC SN for SRB1 |
|
|
Current RRC SN for SRB2 |
|
|
Current RRC SN for SRB3 |
|
|
Current RRC SN for SRB4 |
|
|
Integrity protection algorithm |
UIA1 |
|
CN domain identity |
CS Domain |
|
UE system specific security capability |
Not Present in condition A1 |
|
UE system specific security capability |
Present In condition A2 |
|
– Inter-RAT UE security capability |
|
|
– CHOICE system |
GSM |
|
– GSM security capability |
The indicated algorithms must be the same as the algorithms supported by the UE as indicated in the IE " UE system specific capability " in the RRC CONNECTION SETUP COMPLETE message. |
|
Condition |
Explanation |
|
A1 |
UE not supporting GSM |
|
A2 |
UE supporting GSM |
SECURITY MODE COMPLETE (Step 9)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
– Message Authentication code |
Checked to see if present. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
– RRC Message sequence number |
Checked to see if present |
|
Uplink integrity protection activation info |
|
|
– RRC message sequence number list |
Check to see if the RRC SN for RB 0 to RB 4 are present |
|
Radio bearer uplink ciphering activation info |
|
|
– RB Identity other than RB2 |
Check to see if the RLC SN for RB1, 3 and 4 are present |
|
– RB Identity |
2 |
|
– RLC sequence number |
SS records this value. See step 10 in ‘expected sequence’ |
8.1.7.1.5 Test requirement
After step 2 the UE shall transmit a SECURITY MODE FAILURE message to report the protocol error detected in the first SECURITY MODE COMMAND message.
After step 4 the UE shall transmit a SECURITY MODE FAILURE message to report on the invalid configuration detected in the second SECURITY MODE COMMAND message.
After step 8 the SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated "integrity check info" IE is correct.
After step 9 SS verifies that all uplink signalling messages on RB2 are integrity protected with UIA1 algorithm.
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received is integrity protected with UIA algorithm and ciphered with the new ciphering configuration and algorithm indicated in the SECURITY MODE COMMAND (Step 6) message.
After downlink ciphering activation time has lapsed, SS shall apply ciphering to all downlink messages using the new configuration. At least one more cycle between step 10 and step 12 shall be repeated correctly after activation time on both directions has lapsed and the messages on both directions shall be ciphered and integrity protected.
8.1.7.1b Security mode command in CELL_DCH state (PS Domain)
8.1.7.1b.1 Definition
8.1.7.1b.2 Conformance requirement
Upon reception of the SECURITY MODE COMMAND message, the UE shall:
1> if neither IE "Ciphering mode info" nor IE "Integrity protection mode info" is included in the SECURITY MODE COMMAND:
2> set the variable INVALID_CONFIGURATION to TRUE.
…
1> prior to sending the SECURITY MODE COMPLETE message:
…
2> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":
3> include and set the IE "Uplink integrity protection activation info" to the value of the variable INTEGRITY_PROTECTION_ACTIVATION_INFO for each signalling radio bearer;
…
2> start applying the new integrity protection configuration in the uplink for signalling radio bearer RB2 from and including the transmitted SECURITY MODE COMPLETE message;
2> transmit the SECURITY MODE COMPLETE message on the uplink DCCH in AM RLC;
…
If the IE "Ciphering mode info" is present and if the IE "Reconfiguration" in the variable CIPHERING_STATUS is set to FALSE, the UE shall:
…
1> apply the new ciphering configuration in the lower layers for all RBs that belong to a CN domain for which the IE "Status" of the variable SECURITY_MODIFICATION is set to "Affected" and all signalling radio bearers:
1> apply the new ciphering configuration as follows:
2> consider an activation time in downlink to be pending:
…
3> for AM-RLC until all AMD PDUs with sequence numbers up to and including activation time –1 have been received;
2> if the IE "Radio bearer downlink ciphering activation time info" is present:
3> apply the following procedure for each radio bearer and signalling radio bearers using RLC-AM or RLC-UM indicated by the IE "RB identity":
…
4> select an "RLC send sequence number" at which (activation) time the new ciphering configuration shall be applied in uplink for that radio bearer according to the following:
…
6> set a suitable value that would ensure a minimised delay in the change to the latest security configuration.
…
5> use the old ciphering configuration for the transmitted and received RLC PDUs with RLC sequence numbers smaller than the corresponding RLC sequence numbers indicated in the IE "Radio bearer uplink ciphering activation time info" sent to UTRAN and in the received IE "Radio bearer downlink ciphering activation time info" received from UTRAN, respectively;
5> use the new ciphering configuration for the transmitted and received RLC PDUs with RLC sequence numbers greater than or equal to the corresponding RLC sequence numbers indicated in the IE "Radio bearer uplink ciphering activation time info" sent to UTRAN and in the received IE "Radio bearer downlink ciphering activation time info" received from UTRAN, respectively;
…
If the IE "Integrity protection mode info" is present and if the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO is set to FALSE, the UE shall:
…
1> if IE "Integrity protection mode command" has the value "modify" and the IE "Status" in the variable INTEGRITY_PROTECTION_INFO has the value "Started" and this IE was included in SECURITY MODE COMMAND:
…
2> start applying the new integrity protection configuration in the downlink at the RRC sequence number, for each signalling radio bearer n, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info", included in the IE "Integrity protection mode info";
…
4> select a value of the RRC sequence number at which (activation) time the new integrity protection configuration shall be applied in uplink for that signalling radio bearer according to the following:
…
6> set a suitable value that would ensure a minimised delay in the change to the latest integrity protection configuration.
…
2> start applying the new integrity protection configuration in the uplink at the RRC sequence number, for each RBn, except for signalling radio bearer RB2, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Uplink integrity protection activation info", included in the variable INTEGRITY_PROTECTION_ACTIVATION_INFO;
2> start applying the new integrity protection configuration in the uplink at the RRC sequence number for signalling radio bearer RB2, as specified for the procedure initiating the integrity protection reconfiguration;
2> start applying the new integrity protection configuration in the downlink at the RRC sequence number, for each RBn, except for signalling radio bearer RB2, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info";
NOTE: For signalling radio bearers that have a pending activation time as set for integrity protection by a previous procedure changing the integrity protection configuration, UTRAN should set this value in IE "Downlink integrity protection activation info".
2> start applying the new integrity protection configuration in the downlink at the RRC sequence number for signalling radio bearer RB2, as specified for the procedure initiating the integrity protection reconfiguration.
Reference
3GPP TS 25.331 clauses 8.1.12.3, 8.6.3.4, 8.6.3.5.
8.1.7.1b.3 Test purpose
To confirm that the UE modifies an integrity protection configuration and applies new keys on reception of a correct SECURITY MODE COMMAND message.
To confirm that the UE modifies a ciphering configuration in the uplink and downlink and applies new keys according to transmitted activation times. Also confirms that the UE accepts a new ciphering configuration for a RB when ciphering is started for SRBs.
To confirm that after the UE receives a SECURITY MODE COMMAND message, it transmits a SECURITY MODE COMPLETE message to the UTRAN using the old ciphering configuration and new integrity protection configuration.
To confirm that UE send SECURITY MODE FAILURE message when SS transmits a SECURITY MODE COMMAND message with a non comprehended critical extension.
To confirm that the UE sends a SECURITY MODE FAILURE message when UE receives an invalid SECURITY MODE COMMAND message.
8.1.7.1b.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: PS-DCCH+DTCH_DCH (state 6-10) as specified in clause 7.4 of TS 34.108.
Test Procedure
The UE is in CELL_DCH state with integrity protection and ciphering started for SRBs. The SS initiates an Authentication and Ciphering procedure, which will result in the generation of a new security keyset (CK/IK).
The SS transmits a SECURITY MODE COMMAND message which contains an unexpected critical message extension. The UE shall respond by sending SECURITY MODE FAILURE message on the DCCH.
Then SS transmits a SECURITY MODE COMMAND message with IEs "Ciphering mode info" and "Integrity protection mode info both omitted". Again the UE shall not trigger any ciphering algorithm and it shall respond by sending SECURITY MODE FAILURE message on the DCCH.
Next, the SS transmits a valid SECURITY MODE COMMAND message which includes the correct downlink activation times and "Integrity check info" IE. The UE shall check the integrity check info and shall start to configure ciphering in downlink according to the SECURITY MODE COMMAND message.
Then UE shall transmit a SECURITY MODE COMPLETE message which contains uplink activation times and also the correct "Integrity check info" IE using the new integrity protection configuration. SS records the uplink ciphering activation time for RB 2.
Next, the SS transmits UE CAPABILITY ENQUIRY message repeatedly on the downlink DCCH using RLC-AM mode. The UE shall respond to each downlink message with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. SS shall send UE CAPABILITY INFORMATION CONFIRM messages to the UE for each received UE CAPABILITY INFORMATION message from the UE.
This cycle repeats itself until both the uplink and downlink ciphering activation time for RB 2 has elapsed. SS checks all uplink UE CAPABILITY INFORMATION messages are integrity-protected by UIA algorithm, and that the messages contain the correct values for "Integrity check info" IE. This can be verified in the SS through the reception of a correctly ciphered and integrity-protected UE CAPABILITY INFORMATION message.
Expected sequence
|
Step |
Direction |
Message |
Comment |
|
|
UE |
SS |
|||
|
1 |
RRC connected state on DCH_state. |
|||
|
1a |
|
AUTHENTICATION AND CIPHERING REQUEST |
GMM message which will result in the generation of a new security keyset |
|
|
1b |
|
AUTHENTICATION AND CIPHERING RESPONSE |
GMM |
|
|
2 |
|
SECURITY MODE COMMAND |
See message content. |
|
|
3 |
|
SECURITY MODE FAILURE |
IE "Failure Cause" shall be set to "Protocol Error" and IE "Protocol Error Information" shall be set to "Message extension not comprehended". |
|
|
4 |
|
SECURITY MODE COMMAND |
See message content. |
|
|
5 |
|
SECURITY MODE FAILURE |
IE "Failure Cause" shall be set to "invalid configuration". |
|
|
6 |
|
SECURITY MODE COMMAND |
See specific message contents. |
|
|
7 |
|
SECURITY MODE COMPLETE |
SS verifies that this message is sent using the old ciphering configuration and with the new integrity protection configuration. SS records the uplink ciphering activation time for RB 2. |
|
|
8 |
|
UE CAPABILITY ENQUIRY |
SS repeats step 8, 9 and 10 until its internal uplink and downlink RLC SN have both surpassed the uplink and downlink ciphering activation time specified for RB2. This message is sent on the downlink DCCH using RLC-AM. |
|
|
9 |
|
UE CAPABILITY INFORMATION |
UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
10 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
Specific Message Contents
SECURITY MODE COMMAND (Step 2)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Critical extensions |
’FF’H |
SECURITY MODE FAILURE (Step 3)
Message content is the same as found in Clause 9 of TS 34.108, with the exception of the following IEs:
|
Information Element |
Value/remark |
|
Failure cause |
|
|
Failure cause |
Protocol error |
|
Protocol error information |
|
|
Protocol error cause |
Message extension not comprehended |
SECURITY MODE COMMAND (Step 4)
Use the same message content as found in clause 9 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
Ciphering mode info |
Not Present |
|
Integrity protection mode info |
Not Present |
|
CN domain identity |
PS Domain |
SECURITY MODE FAILURE (Step 5)
Message content is the same as found in Clause 9 of TS 34.108, with the exception of the following IEs:
|
Information Element |
Value/remark |
|
Failure cause |
|
|
Failure cause |
Invalid configuration |
SECURITY MODE COMMAND (Step 6 )
|
Information Element |
Condition |
Value/remark |
|
RRC transaction identifier |
A1, A2 |
0 |
|
Integrity check info |
||
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
|
RRC Message sequence number |
Next RRC SN |
|
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
|
Ciphering mode info |
||
|
Ciphering mode command |
Start/restart |
|
|
Ciphering algorithm |
UEA1 |
|
|
Activation time for DPCH |
Not Present |
|
|
Radio bearer downlink ciphering activation time info |
||
|
RB Identity |
1 |
|
|
RLC sequence number |
Current RLC SN |
|
|
RB Identity |
2 |
|
|
RLC sequence number |
Current RLC SN + 2 |
|
|
RB Identity |
3 |
|
|
RLC sequence number |
Current RLC SN |
|
|
RB Identity |
4 |
|
|
RLC sequence number |
Current RLC SN |
|
|
RB Identity |
20 |
|
|
RLC sequence number |
Current RLC SN |
|
|
Integrity protection mode info |
||
|
Integrity protection mode command |
Modify |
|
|
Downlink integrity protection activation info |
||
|
Current RRC SN for SRB0 |
||
|
Current RRC SN for SRB1 |
||
|
0 |
||
|
Current RRC SN for SRB3 |
||
|
Current RRC SN for SRB4 |
||
|
Integrity protection algorithm |
UIA1 |
|
|
CN domain identity |
PS Domain |
|
|
UE system specific security capability |
A1 |
Not Present |
|
UE system specific security capability |
A2 |
|
|
– Inter-RAT UE security capability |
||
|
– CHOICE system |
GSM |
|
|
– GSM security capability |
The indicated algorithms must be the same as the algorithms supported by the UE as indicated in the IE " UE system specific capability " in the RRC CONNECTION SETUP COMPLETE message. |
|
Condition |
Explanation |
|
A1 |
UE not supporting GSM |
|
A2 |
UE supporting GSM |
NOTE: "Current RLC SN" is defined as the value of VT(S) in the SS at the time when the SECURITY MODE COMMAND is submitted to RLC for transmission, that is, the RLC send sequence number of the next transmitted RLC PDU on the particular radio bearer. "Current RRC SN" is defined as the RRC message sequence number of the next transmitted RRC message on the particular radio bearer.
SECURITY MODE COMPLETE (Step 7)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
– Message Authentication code |
This IE is checked to see if it is present. The value is compared against the XMAC-I value computed by SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
– RRC Message sequence number |
This IE is checked to see if it is present. The value is used by SS to compute the XMAC-I value. |
|
Uplink integrity protection activation info |
|
|
– RRC message sequence number list |
|
|
-RRC message sequence number |
Check to see if the RRC SN for RB 0 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 1 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 2 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 3 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 4 is present |
|
Radio bearer uplink ciphering activation time info |
|
|
– Radio bearer activation time |
|
|
– RB Identity |
1 |
|
– RLC sequence number |
Check to see if the RLC SN for RB1is present |
|
– RB Identity |
2 |
|
– RLC sequence number |
SS records this value. See step 8 in ‘expected sequence’ |
|
– RB Identity |
3 |
|
– RLC sequence number |
Check to see if the RLC SN for RB3 is present |
|
– RB Identity |
4 |
|
– RLC sequence number |
Check to see if the RLC SN for RB4 is present |
|
– RB Identity |
20 |
|
– RLC sequence number |
Check to see if the RLC SN for RB20 is present |
8.1.7.1b.5 Test requirement
After step 2 the UE shall transmit a SECURITY MODE FAILURE message to report the protocol error detected in the first SECURITY MODE COMMAND message.
After step 4 the UE shall transmit a SECURITY MODE FAILURE message to report on the invalid configuration detected in the second SECURITY MODE COMMAND message.
At step 7 SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated "integrity check info" IE is correct according to the new integrity protection configuration (new key and HFN set to zero).
After step 7 SS verifies that all uplink signalling messages on RB2 are integrity protected with the new integrity protection configuration.
After uplink ciphering activation time has elapsed, SS verifies that the UE CAPABILITY INFORMATION message received is ciphered with the new ciphering configuration as indicated in the SECURITY MODE COMMAND (Step 6) message.
After downlink ciphering activation time has elapsed, SS shall apply ciphering to all downlink messages using the new ciphering configuration. At least one more cycle between step 8 and step 10 shall be repeated correctly after activation time on both directions has elapsed and the messages on both directions shall be ciphered and integrity protected.
8.1.7.1c Security mode control in CELL_DCH state (CN Domain switch and new keys at RRC message sequence number wrap around)
8.1.7.1c.1 Definition
8.1.7.1c.2 Conformance requirement
Upon reception of the SECURITY MODE COMMAND message, the UE shall:
…
2> set the variable LATEST_CONFIGURED_CN_DOMAIN equal to the IE "CN domain identity";
2> set the IE "Status" in the variable SECURITY_MODIFICATION for the CN domain indicated in the IE "CN domain identity" in the received SECURITY MODE COMMAND to the value "Affected";
…
If a new security key set (new ciphering and integrity protection keys) has been received from the upper layers [40] for the CN domain as indicated in the variable LATEST_CONFIGURED_CN_DOMAIN, the UE shall:
1> set the START value for the CN domain indicated in the variable LATEST_CONFIGURED_CN_DOMAIN to zero;
1> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":
2> for integrity protection in the downlink on each signalling radio bearer except RB2:
3> if IE "Integrity protection mode command" has the value "start":
…
3> else:
4> for the first message for which the RRC sequence number in a received RRC message for this signalling radio bearer is equal to or greater than the activation time as indicated in IE "Downlink integrity protection activation info" as included in the IE "Integrity protection mode info":
5> start using the new integrity key;
5> for this signalling radio bearer:
6> set the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to zero.
2> for integrity protection in the uplink on each signalling radio bearer except RB2:
3> for the first message for which the RRC sequence number in a to be transmitted RRC message for this signalling radio bearer is equal to the activation time as indicated in IE "Uplink integrity protection activation info" included in the transmitted SECURITY MODE COMPLETE message:
4> start using the new integrity key;
4> for this signalling radio bearer:
5> set the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to zero.
2> for integrity protection in the downlink on signalling radio bearer RB2:
3> at the received SECURITY MODECOMMAND:
4> start using the new integrity key;
4> set the IE "Downlink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the downlink COUNT-I to zero.
2> for integrity protection in the uplink on signalling radio bearer RB2 :
3> at the transmitted SECURITY MODE COMPLETE:
4> start using the new integrity key;
4> set the IE "Uplink RRC HFN" in the variable INTEGRITY_PROTECTION_INFO of the uplink COUNT-I to zero.
1> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":
2> for each signalling radio bearer and for each radio bearer for the CN domain indicated in the variable LATEST_CONFIGURED_CN_DOMAIN:
3> if the IE "Status" in the variable CIPHERING_STATUS has the value "Started" for this CN domain, then for ciphering on radio bearers using RLC-TM:
4> at the CFN as indicated in the IE "Ciphering activation time for DPCH" in the IE "Ciphering mode info":
5> start using the new key in uplink and downlink;
5> set the HFN component of the COUNT-C to zero.
3> if the IE "Status" in the variable CIPHERING_STATUS has the value "Started" for this CN domain, then for ciphering on radio bearers and signalling radio bearers using RLC-AM and RLC-UM:
4> in the downlink, at the RLC sequence number indicated in IE "Radio bearer downlink ciphering activation time info" in the IE "Ciphering mode info":
5> start using the new key;
5> set the HFN component of the downlink COUNT-C to zero.
4> in the uplink, at the RLC sequence number indicated in IE "Radio bearer uplink ciphering activation time info":
5> start using the new key;
5> set the HFN component of the uplink COUNT-C to zero.
1> consider the value of the latest transmitted START value to be zero.
…
If the IE "Ciphering mode info" is present and if the IE "Reconfiguration" in the variable CIPHERING_STATUS is set to FALSE, the UE shall:
1> apply the new ciphering configuration in the lower layers for all RBs that belong to a CN domain for which the IE "Status" of the variable SECURITY_MODIFICATION is set to "Affected" and all signalling radio bearers:
2> using the ciphering algorithm (UEA [40]) indicated by the IE "Ciphering algorithm" as part of the new ciphering configuration;
2> for each radio bearer that belongs to a CN domain for which the IE "Status" of the variable SECURITY_MODIFICATION is set to "Affected" and all signalling radio bearers:
3> using the value of the IE "RB identity" in the variable ESTABLISHED_RABS minus one as the value of BEARER [40] in the ciphering algorithm.
…
If the IE "Integrity protection mode info" is present and if the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO is set to FALSE, the UE shall:
1> set the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO to TRUE;
1> if IE "Integrity protection mode command" has the value "modify" and the IE "Status" in the variable INTEGRITY_PROTECTION_INFO has the value "Started" and this IE was included in SECURITY MODE COMMAND:
…
2> start applying the new integrity protection configuration in the downlink at the RRC sequence number, for each signalling radio bearer n, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info", included in the IE "Integrity protection mode info";
2> set the content of the variable INTEGRITY_PROTECTION_ACTIVATION_INFO according to the following:
…
2> start applying the new integrity protection configuration in the uplink at the RRC sequence number, for each RBn, except for signalling radio bearer RB2, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Uplink integrity protection activation info", included in the variable INTEGRITY_PROTECTION_ACTIVATION_INFO;
2> start applying the new integrity protection configuration in the uplink at the RRC sequence number for signalling radio bearer RB2, as specified for the procedure initiating the integrity protection reconfiguration;
2> start applying the new integrity protection configuration in the downlink at the RRC sequence number, for each RBn, except for signalling radio bearer RB2, indicated by the entry for signalling radio bearer n in the "RRC message sequence number list" in the IE "Downlink integrity protection activation info";
2> start applying the new integrity protection configuration in the downlink at the RRC sequence number for signalling radio bearer RB2, as specified for the procedure initiating the integrity protection reconfiguration.
Reference
3GPP TS 25.331 clauses 8.1.12.3, 8.6.3.4, 8.6.3.5.
8.1.7.1c.3 Test purpose
To verify that the UE correctly modifies the integrity protection and ciphering configuration with a newly generated PS domain keyset for when previously using the CS domain keyset.
To verify that the UE can handle change of integrity protection key when the RRC message sequence number wraps around when the SECURITY MODE COMMAND is received.
8.1.7.1c.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: has entered PS+CS-DCCH+DTCH_DCH (state 6-14) using procedure P24 as specified in clause 7.4 of TS 34.108.
Test Procedure
The UE is in CELL_DCH state.
The SS transmits UE CAPABILITY ENQUIRY message repeatedly on the downlink DCCH using RLC-UM mode on SRB1. The UE shall respond to each downlink message with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. SS then sends UE CAPABILITY INFORMATION CONFIRM message to the UE using RLC-AM. This procedure is repeated until the RRC message sequence number for SRB 2 in downlink equals 15.
The SS initiates an Authentication procedure, which will result in the generation of a new security keyset (CK/IK). The SS transmits a valid SECURITY MODE COMMAND message which includes the correct downlink activation times and "Integrity check info" IE.
Then the UE shall check the integrity check info and shall start to configure ciphering in downlink according to the first valid SECURITY MODE COMMAND message. The UE shall transmit a SECURITY MODE COMPLETE message which contains the correct uplink activation times and also "Integrity check info" IE using the new integrity protection configuration.
The SS records the uplink ciphering activation time for RB 2.
Next, the SS transmits UE CAPABILITY ENQUIRY message repeatedly on the downlink DCCH using RLC-AM mode. The UE shall respond to each downlink message with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. SS then send UE CAPABILITY INFORMATION CONFIRM message to the UE. This cycle repeats itself until both the uplink and downlink ciphering activation time for RB 2 has elapsed. SS checks all uplink UE CAPABILITY INFORMATION messages are integrity-protected by UIA algorithm, and that the messages contain the correct values for "Integrity check info" IE. This can be verified in the SS through the reception of a correctly ciphered and integrity-protected UE CAPABILITY INFORMATION message.
The SS transmits UE CAPABILITY ENQUIRY message on the downlink DCCH using RLC-UM mode on SRB1. The UE shall respond to this message with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. SS then send UE CAPABILITY INFORMATION CONFIRM message to the UE.
Expected sequence
|
Step |
Direction |
Message |
Comment |
|
|
UE |
SS |
|||
|
1 |
The UE is in CELL_DCH state. |
|||
|
2 |
|
UE CAPABILITY ENQUIRY |
The SS repeats step 2, 3 and 4 until its internal downlink RRC message sequence number for RB 2 has the value 15. |
|
|
3 |
|
UE CAPABILITY INFORMATION |
The UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
4 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
|
5 |
|
AUTHENTICATION and CIPHERING REQUEST |
GMM message which will result in the generation of a new security keyset |
|
|
6 |
|
AUTHENTICATION AND CIPHERING RESPONSE |
GMM |
|
|
7 |
|
SECURITY MODE COMMAND |
See specific message contents. |
|
|
8 |
|
SECURITY MODE COMPLETE |
The SS verifies that this message is sent using the old ciphering configuration. SS records the uplink ciphering activation time for RB 2. |
|
|
9 |
|
UE CAPABILITY ENQUIRY |
The SS repeats step 9, 10 and 11 until its internal uplink and downlink RLC SN have both surpassed the uplink and downlink ciphering activation time specified for RB2. This message is sent on the downlink DCCH using RLC-AM. |
|
|
10 |
|
UE CAPABILITY INFORMATION |
The UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
11 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
|
12 |
|
UE CAPABILITY ENQUIRY |
The SS sends this message with the downlink RRC message sequence number for SRB 1 with the value 0. |
|
|
13 |
|
UE CAPABILITY INFORMATION |
The UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
14 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
Specific Message Contents
SECURITY MODE COMMAND (Step 7)
Use the same message content as found in clause 9 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
Ciphering mode info |
|
|
Ciphering mode command |
Start/restart |
|
Ciphering algorithm |
UEA1 |
|
Radio bearer downlink ciphering activation time info |
|
|
RB Identity |
1 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
2 |
|
RLC sequence number |
Current RLC SN + 2 |
|
RB Identity |
3 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
4 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
20 |
|
RLC sequence number |
Current RLC SN |
|
Integrity protection mode info |
|
|
Integrity protection mode command |
Modify |
|
Downlink integrity protection activation info |
|
|
Current RRC SN for SRB0 |
|
|
Current RRC SN for SRB1 |
|
|
0 |
|
|
Current RRC SN for SRB3 |
|
|
Current RRC SN for SRB4 |
|
|
Integrity protection algorithm |
UIA1 |
|
CN domain identity |
PS Domain |
NOTE: "Current RLC SN" is defined as the value of VT(S) in the SS at the time when the SECURITY MODE COMMAND is submitted to RLC for transmission, that is, the RLC send sequence number of the next transmitted RLC PDU on the particular radio bearer. "Current RRC SN" is defined as the RRC message sequence number of the next transmitted RRC message on the particular radio bearer.
SECURITY MODE COMPLETE (Step 8)
Use the same message content as found in clause 9 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
– Message Authentication code |
This IE is checked to see if it is present. The value is compared against the XMAC-I value computed by SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
– RRC Message sequence number |
This IE is checked to see if it is present. The value is compared against the XMAC-I value computed by SS. |
|
Uplink integrity protection activation info |
|
|
– RRC message sequence number list |
Check to see if the RRC SN for RB 0 to RB 4 are present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 0 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 1 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 2 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 3 is present |
|
-RRC message sequence number |
Check to see if the RRC SN for RB 4 is present |
|
Radio bearer uplink ciphering activation time info |
|
|
– Radio bearer activation time |
|
|
– RB Identity |
1 |
|
– RLC sequence number |
Check to see if the RLC SN for RB1 is present |
|
– RB Identity |
2 |
|
– RLC sequence number |
SS records this value. See step 10 in ‘expected sequence’ |
|
– RB Identity |
3 |
|
– RLC sequence number |
Check to see if the RLC SN for RB3 is present |
|
– RB Identity |
4 |
|
– RLC sequence number |
Check to see if the RLC SN for RB4 is present |
|
– RB Identity |
20 |
|
– RLC sequence number |
Check to see if the RLC SN for RB20 is present |
8.1.7.1c.5 Test requirement
After step 7 the SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated "integrity check info" IE is correct.
After step 8 SS verifies that all uplink signalling messages on RB2 are integrity protected with UIA1 algorithm.
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received is integrity protected with UIA algorithm and ciphered with the new ciphering configuration and algorithm indicated in the SECURITY MODE COMMAND (Step 7) message.
After downlink ciphering activation time has lapsed, SS shall apply ciphering to all downlink messages using the new configuration. At least one more cycle between step 9 and step 11 shall be repeated correctly after activation time on both directions has lapsed and the messages on both directions shall be ciphered and integrity protected..
8.1.7.1d Security mode control in CELL_DCH state interrupted by a cell update
8.1.7.1d.1 Definition
8.1.7.1d.2 Conformance requirement
If:
– a cell update procedure according to subclause 8.3.1 is initiated; and
– the received SECURITY MODE COMMAND message causes either,
– the IE "Reconfiguration" in the variable CIPHERING_STATUS to be set to TRUE; and/or
– the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO to be set to TRUE:
the UE shall:
1> abort the ongoing integrity and/or ciphering reconfiguration;
1> resume data transmission on any suspended radio bearer and signalling radio bearer mapped on RLC-AM or RLC-UM;
1> allow the transmission of RRC messages on all signalling radio bearers with any RRC SN;
1> when the response message has been submitted to lower layers for transmission:
2> if the SECURITY MODE COMMAND message contained the IE "Ciphering mode info":
3> set the IE "Reconfiguration" in the variable CIPHERING_STATUS to FALSE; and
3> clear the variable RB_UPLINK_CIPHERING_ACTIVATION_TIME_INFO;
2> if the SECURITY MODE COMMAND message contained the IE "Integrity protection mode info":
3> set the IE "Reconfiguration" in the variable INTEGRITY_PROTECTION_INFO to FALSE; and
3> clear the variable INTEGRITY_PROTECTION_ACTIVATION_INFO.
2> continue with any ongoing processes and procedures as if the invalid SECURITY MODE COMMAND message has not been received; and
2> clear the variable SECURITY_MODIFICATION;
2> the procedure ends.
Reference
3GPP TS 25.331 clause 8.1.12.4b,
8.1.7.1d.3 Test purpose
To confirm that the UE aborts the ongoing integrity and ciphering configuration and the security mode control procedure in case it is interrupted by a cell update procedure.
8.1.7.1d.4 Method of test
Initial Condition
System Simulator: 1 cell.
SYSTEM INFORMATION BLOCK TYPE 1 (see specific message contents).
UE: PS-DCCH+DTCH_DCH (state 6-10) as specified in clause 7.4 of TS 34.108.
The RRC CONNECTION SETUP message used in the initial setup should be as shown under Specific Message Contents below.
Test Procedure
The UE is in CELL_DCH state. The SS initiates an Authentication and Ciphering procedure, which will result in the generation of a new security keyset (CK/IK).
The SS transmits a valid SECURITY MODE COMMAND message which includes the correct downlink activation times and "Integrity check info" IE..
Then SS turns off the power in the cell after the UE has received the Security Mode Command , but before the UE could complete this security procedure to change over to the new security configuration. The UE will initiate the cell reselection procedure.
The UE shall then abort the Security procedure and is expected to continue to use the old security configuration..
Then after 6 seconds the power is turned on in the cell again.
The UE sends a CELL UPDATE message which includes the value "Radio link failure" set in IE "Cell update cause". The SS verifies that this message is integrity-protected correctly with the old security configuration. The SS shall transmit a CELL UPDATE CONFIRM message which includes "Physical channel information elements", on downlink DCCH after receiving CELL UPDATE message. The UE transmits a PHYSICAL CHANNEL RECONFIGURATION COMPLETE message on the uplink DCCH using RLC-AM. SS verifies that this message is both integrity-protected and ciphered correctly with the old security configuration.
Next, the SS transmits UE CAPABILITY ENQUIRY message on the downlink DCCH using RLC-AM mode. The UE shall respond to with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM using the same old integrity and ciphering configuration as used before the SECURITY MODE COMMAND was received.
Expected sequence
|
Step |
Direction |
Message |
Comment |
|
|
UE |
SS |
|||
|
1 |
The UE is in CELL_DCH state. |
|||
|
2 |
|
AUTHENTICATION AND CIPHERING REQUEST |
GMM message which will result in the generation of a new security keyset |
|
|
3 |
|
AUTHENTICATION AND CIPHERING RESPONSE |
GMM |
|
|
4 |
|
SECURITY MODE COMMAND |
See specific message contents. |
|
|
5 |
SS turns off power in the cell after the UE has received the Security Mode Command , but before the UE could complete this security procedure to change over to the new security configuration. |
|||
|
6 |
The UE starts cell reselection |
|||
|
7 |
After waiting for 6 seconds, the SS turns on power in the cell. |
|||
|
8 |
|
CELL UPDATE |
This message includes the value "Radio link failure" set in IE "Cell update cause". The SS verifies that message is integrity-protected correctly with the old security configuration |
|
|
9 |
|
CELL UPDATE CONFIRM |
This message includes "Physical channel information elements". |
|
|
10 |
|
PHYSICAL CHANNEL RECONFIGURATION COMPLETE |
The UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that message is both integrity-protected and ciphered correctly with the old security configuration |
|
|
11 |
|
UE CAPABILITY ENQUIRY |
The SS repeats step 11, 12 and 13 until its internal uplink and downlink RLC SN have both surpassed the uplink and downlink ciphering activation time specified for RB2. This message is sent on the downlink DCCH using RLC-AM. |
|
|
12 |
|
UE CAPABILITY INFORMATION |
The UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
13 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
Specific Message Contents
RRC CONNECTION SETUP (message used in the initial setup)
Use the same message type and contents as found in clause 9 of TS 34.108 with the following exception:
|
Signalling RB information to setup |
(AM DCCH for RRC) |
|
– RB identity |
Not Present |
|
– CHOICE RLC info type |
|
|
– RLC info |
|
|
– CHOICE Uplink RLC mode |
AM RLC |
|
– Transmission RLC discard |
|
|
– SDU discard mode |
No discard |
|
– MAX_DAT |
15 |
|
– Transmission window size |
32 |
|
– Timer_RST |
500 |
|
– Max_RST |
1 |
|
– Polling info |
|
|
– Timer_poll_prohibit |
200 |
|
– Timer_poll |
OMIT |
|
– Poll_PDU |
Not Present |
|
– Poll_SDU |
1 |
|
– Last transmission PDU poll |
TRUE |
|
– Last retransmission PDU poll |
TRUE |
|
– Poll_Window |
99 |
|
– Timer_poll_periodic |
Not Present |
System Information Block type 1 (FDD)
Use the default system information block with the same type specified in clause 6.1 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
– UE Timers and constants in connected mode |
|
|
– T312 |
2 |
SECURITY MODE COMMAND (Step 4 )
Use the same message content as found in clause 9 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
Ciphering mode info |
|
|
Ciphering mode command |
Start/restart |
|
Ciphering algorithm |
UEA1 |
|
Activation time for DPCH |
Not Present |
|
Radio bearer downlink ciphering activation time info |
|
|
RB Identity |
1 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
2 |
|
RLC sequence number |
Current RLC SN + 2 |
|
RB Identity |
3 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
4 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
20 |
|
RLC sequence number |
Current RLC SN |
|
Integrity protection mode info |
|
|
Integrity protection mode command |
Modify |
|
Downlink integrity protection activation info |
|
|
Current RRC SN for SRB0 |
|
|
Current RRC SN for SRB1 |
|
|
Current RRC SN for SRB2 |
|
|
Current RRC SN for SRB3 |
|
|
Current RRC SN for SRB4 |
|
|
Integrity protection algorithm |
UIA1 |
|
CN domain identity |
PS Domain |
NOTE: "Current RLC SN" is defined as the value of VT(S) in the SS at the time when the SECURITY MODE COMMAND is submitted to RLC for transmission, that is, the RLC send sequence number of the next transmitted RLC PDU on the particular radio bearer. "Current RRC SN" is defined as the RRC message sequence number of the next transmitted RRC message on the particular radio bearer.
CELL UPDATE (Step 8)
The contents of CELL UPDATE message are identical as "Contents of CELL UPDATE message" as found in clause 9 of TS 34.108 Annex A with the following exceptions:
|
Information Element |
Value/remark |
|
U-RNTI |
|
|
– SRNC Identity |
Check to see if set to ‘0000 0000 0001’ |
|
– S-RNTI |
Check to see if set to ‘0000 0000 0000 0000 0000 0001’ |
|
Cell Update Cause |
"Radio link failure" |
CELL UPDATE CONFIRM (Step 9) (FDD)
The contents of CELL UPDATE CONFIRM message is identical as "CELL UPDATE CONFIRM message" as found in Annex A with the following exceptions:
|
Information Element |
Value/remark |
|
U-RNTI |
Same as CELL UPDATE message in step 8 |
|
RRC State indicator |
CELL_DCH |
|
CHOICE channel requirement |
Uplink DPCH info |
|
-UplinkDPCH Info |
Same as RADIO BEARER SETUP message used to move to initial condition |
|
Downlink information common for all radio links |
Same as RADIO BEARER SETUP message used to move to initial condition |
|
Downlink information for each radio links |
Same as RADIO BEARER SETUP message used to move to initial condition |
CELL UPDATE CONFIRM (Step 9) (TDD)
The contents of CELL UPDATE CONFIRM message is identical as "CELL UPDATE CONFIRM message" as found in clause 9 of TS 34.108 Annex A with the following exceptions:
|
Information Element |
Value/remark |
|
U-RNTI |
Same as CELL UPDATE message in step 8 |
|
RRC State indicator |
CELL_DCH |
|
UplinkDPCH timeslots and codes |
Same as RADIO BEARER SETUP message used to move to initial condition |
|
Downlink information for each radio links |
Same as RADIO BEARER SETUP message used to move to initial condition |
8.1.7.1d.5 Test requirement
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received at step 12 is integrity protected with UIA algorithm and ciphered with the old ciphering configuration and algorithm and not the one indicated in the SECURITY MODE COMMAND (Step 4) message.
8.1.7.2 Security mode command in CELL_FACH state
8.1.7.2.1 Definition
8.1.7.2.2 Conformance requirement
1. This procedure is used to trigger the start of ciphering, or to command the restart of ciphering with the new ciphering configuration for the signalling radio bearers and any radio bearers of a particular CN Domain. It is also used to start integrity protection or modify integrity protection configuration for signalling radio bearers.
2. When the UE receives a SECURITY MODE COMMAND message from the UTRAN, which indicates the downlink activation time for each effected SRB and RB, and new ciphering mode configuration, the UE shall apply the old ciphering configuration, for a particular SRB or RB, before the stated downlink activation time. It shall start to decipher using the new ciphering configuration at the downlink activation time.
3. The UE shall transmit SECURITY MODE COMPLETE message using the new integrity protection configuration stated in the received SECURITY MODE COMMAND message. The SECURITY MODE COMPLETE message shall include the ciphering uplink activation time. The UE shall start to apply the new ciphering configuration on the uplink direction, after the uplink activation time has elapsed respectively for each SRB or RB.
Reference
3GPP TS 25.331 clauses 8.1.12, 8.6.3.4, 8.6.3.5.
8.1.7.2.3 Test purpose
To confirm that after the UE receives a SECURITY MODE COMMAND message, it transmits a SECURITY MODE COMPLETE message to the UTRAN using the old ciphering configuration together with the application of the new integrity protection configuration. To confirm that the UE applies the old ciphering configuration in the downlink prior to the activation time; and uses the new ciphering configuration on and after the activation time. To confirm that the UE starts to cipher its uplink transmissions after the uplink activation time stated in SECURITY MODE COMPLETE message is reached. To confirm that the UE sends a SECURITY MODE FAILURE message when the UE receives an invalid SECURITY MODE COMMAND message.
8.1.7.2.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: CELL_FACH (state 6-11) as specified in clause 7.4 of TS 34.108.
Test Procedure
The UE is in CELL_FACH state. The SS initiates an Authentication and Ciphering procedure, which will result in the generation of a new security keyset (CK/IK). The SS transmits a SECURITY MODE COMMAND message which contains an unexpected critical message extension. The UE shall respond by sending SECURITY MODE FAILURE message on the DCCH. Next, SS transmits a valid SECURITY MODE COMMAND message which includes the correct downlink activation times and IE "Integrity check info". The UE shall check the integrity check info. It shall start to configure ciphering in downlink and transmit a SECURITY MODE COMPLETE message, which contains the correct uplink activation times using the new integrity protection configuration. This message shall contain the IE "Integrity check info". SS records the uplink ciphering activation time for RB 2. Next, SS transmits UE CAPABILITY ENQUIRY message repeatedly on the downlink DCCH using RLC-AM mode. The UE shall respond to each downlink message with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. SS checks all uplink messages are integrity-protected by UIA1 algorithm, and that the messages contain the correct values for "Integrity check info" IE by sending a UE CAPABILITY INFORMATION CONFIRM. This cycle repeats itself until both the uplink and downlink ciphering activation time for RB 2 have elapsed. After both the uplink and downlink ciphering activation time for RB 2 have passed, the UE shall be able to communicate with the SS using the new ciphering configurations. This can be verified in SS through the reception of a correctly ciphered and integrity-protected UE CAPABILITY INFORMATION message.
Expected sequence
|
Step |
Direction |
Message |
Comment |
|
|
UE |
SS |
|||
|
1 |
UE is initially in CELL_FACH state. |
|||
|
1a |
|
AUTHENTICATION AND CIPHERING REQUEST |
GMM message which will result in the generation of a new security keyset |
|
|
1b |
|
AUTHENTICATION AND CIPHERING RESPONSE |
GMM |
|
|
2 |
|
SECURITY MODE COMMAND |
See specific message content |
|
|
3 |
|
SECURITY MODE FAILURE |
IE "Failure Cause" shall be set to "Protocol Error" and IE "Protocol Error Information" shall be set to "Message extension not comprehended". |
|
|
4 |
Void |
|||
|
5 |
Void |
|||
|
6 |
Void |
|||
|
7 |
Void |
|||
|
8 |
|
SECURITY MODE COMMAND |
See specific message contents. |
|
|
9 |
|
SECURITY MODE COMPLETE |
SS verifies that this message is sent using the old ciphering configuration. SS records the uplink ciphering activation time for RB 2. |
|
|
10 |
|
UE CAPABILITY ENQUIRY |
SS repeats step 10, 11 and 12 until its internal uplink and downlink RLC SN have both surpassed the uplink and downlink ciphering activation time specified for RB2. This message is sent on the downlink DCCH using RLC-AM. |
|
|
11 |
|
UE CAPABILITY INFORMATION |
UE shall send this message on the uplink DCCH using RLC-AM. SS verifies that the last UE CAPABILITY INFORMATION message is both integrity-protected and ciphered correctly. |
|
|
12 |
|
UE CAPABILITY INFORMATION CONFIRM |
||
Specific Message Contents
SECURITY MODE COMMAND (Step 2)
|
Information Element |
Value/remark |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Critical extensions |
’FF’H |
SECURITY MODE COMMAND (Step 8)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
Message authentication code |
Calculated result in SS. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
RRC Message sequence number |
Next RRC SN |
|
Security Capability |
Same as originally sent by UE (and stored in SS) |
|
Ciphering mode info |
|
|
Ciphering mode command |
Start/restart |
|
Ciphering algorithm |
UEA1 |
|
Activation time for DPCH |
Not Present |
|
Radio bearer downlink ciphering activation time info |
|
|
RB Identity |
1 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
2 |
|
RLC sequence number |
Current RLC SN + 2 |
|
RB Identity |
3 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
4 |
|
RLC sequence number |
Current RLC SN |
|
RB Identity |
20 |
|
RLC sequence number |
Current RLC SN |
|
Integrity protection mode info |
|
|
Integrity protection mode command |
Modify |
|
Downlink integrity protection activation info |
|
|
Current RRC SN for SRB0 |
|
|
Current RRC SN for SRB1 |
|
|
Current RRC SN for SRB2 |
|
|
Current RRC SN for SRB3 |
|
|
Current RRC SN for SRB4 |
|
|
Integrity protection algorithm |
UIA1 |
|
CN domain identity |
PS Domain |
|
UE system specific security capability |
Not Present in condition A1 |
|
UE system specific security capability |
Present In condition A2 |
|
– Inter-RAT UE security capability |
|
|
– CHOICE system |
GSM |
|
– GSM security capability |
The indicated algorithms must be the same as the algorithms supported by the UE as indicated in the IE "UE system specific capability" in the RRC CONNECTION SETUP COMPLETE message. |
|
Condition |
Explanation |
|
A1 |
UE not supporting GSM |
|
A2 |
UE supporting GSM |
SECURITY MODE COMPLETE (Step 9)
|
Information Element |
Value/remark |
|
RRC transaction identifier |
0 |
|
Integrity check info |
|
|
– Message Authentication code |
Checked to see if present. The first/ leftmost bit of the bit string contains the most significant bit of the MAC-I. |
|
– RRC Message sequence number |
Checked to see if present |
|
Uplink integrity protection activation info |
|
|
– RRC message sequence number list |
Check to see if it the RRC SN for RB 0 to RB 4 are present |
|
Radio bearer uplink ciphering activation info |
|
|
– RB Identity other than RB2 |
Check to see if the RLC SN for RB1, 3 , 4 and 20 are present |
|
– RB Identity |
2 |
|
– RLC sequence number |
SS records this value. See step 10 in ‘expected sequence’ |
8.1.7.2.5 Test requirement
After step 2 the UE shall transmit a SECURITY MODE FAILURE message to report the protocol error detected in the first SECURITY MODE COMMAND message.
After step 8 the SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated MAC-I values in "integrity check info" IE is correct.
After step 9 SS verifies that all uplink signalling messages on RB2 are integrity protected with UIA1 algorithm.
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received is integrity protected with UIA algorithm and ciphered with the new ciphering configuration and algorithm indicated in the SECURITY MODE COMMAND (Step 8) message.
After downlink ciphering activation time has lapsed, SS shall apply ciphering to all downlink messages using the new configuration. At least one more cycle between step 10 and step 12 shall be repeated correctly after activation time on both directions has lapsed and the messages on both directions shall be ciphered and integrity protected.
8.1.7.3 Security mode command in CELL_DCH state (UEA2/UIA2, CS Domain)
8.1.7.3.1 Definition
Applicable to all Rel-7 UEs which support FDD and CS domain services.
8.1.7.3.2 Conformance requirement
Same conformance requirement as clause 8.1.7.1.2.
8.1.7.3.3 Test purpose
Same test purpose as clause 8.1.7.1.3 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
8.1.7.3.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: CELL_DCH (state 6-9) as specified in clause 7.4 of TS 34.108.
Test Procedure
Same test procedure as clause 8.1.7.1.4 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
Expected sequence
Same expected sequence as clause 8.1.7.1.4
Specific Message Contents
Same specific message contents as clause 8.1.7.1.4 except for the following:
SECURITY MODE COMMAND (Step 6)
|
Information Element |
Value/remark |
|
Ciphering mode info |
|
|
Ciphering algorithm |
UEA2 |
|
Integrity protection mode info |
|
|
Integrity protection algorithm |
UIA2 |
8.1.7.3.5 Test requirement
After step 2 the UE shall transmit a SECURITY MODE FAILURE message to report the protocol error detected in the first SECURITY MODE COMMAND message.
After step 4 the UE shall transmit a SECURITY MODE FAILURE message to report on the invalid configuration detected in the second SECURITY MODE COMMAND message.
After step 8 the SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated "integrity check info" IE is correct.
After step 9 SS verifies that all uplink signalling messages on RB2 are integrity protected using UIA2 algorithm.
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received is integrity protected with UIA2 algorithm and ciphered with the new ciphering configuration and algorithm UEA2 indicated in the SECURITY MODE COMMAND (Step 6) message.
After downlink ciphering activation time has lapsed, SS shall apply ciphering to all downlink messages using the new configuration using UEA2. At least one more cycle between step 10 and step 12 shall be repeated correctly after activation time on both directions has lapsed and the messages on both directions shall be ciphered using UEA2 and integrity protected using UIA2.
8.1.7.3b Security mode command in CELL_DCH state (UEA2/UIA2, PS Domain)
8.1.7.3b.1 Definition
Applicable to all Rel-7 UEs which support FDD and PS domain services.
8.1.7.3b.2 Conformance requirement
Same conformance requirement as clause 8.1.7.1b.2.
8.1.7.3b.3 Test purpose
Same test purpose as clause 8.1.7.1b.3 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
8.1.7.3b.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: PS-DCCH+DTCH_DCH (state 6-10) as specified in clause 7.4 of TS 34.108.
Test Procedure
Same test procedure as clause 8.1.7.1b.4 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
Expected sequence
Same expected sequence as clause 8.1.7.1b.4
Specific Message Contents
Same specific message contents as clause 8.1.7.1b.4 except for the following:
SECURITY MODE COMMAND (Step 6)
|
Information Element |
Value/remark |
|
Ciphering mode info |
|
|
Ciphering algorithm |
UEA2 |
|
Integrity protection mode info |
|
|
Integrity protection algorithm |
UIA2 |
8.1.7.3b.5 Test requirement
After step 2 the UE shall transmit a SECURITY MODE FAILURE message to report the protocol error detected in the first SECURITY MODE COMMAND message.
After step 4 the UE shall transmit a SECURITY MODE FAILURE message to report on the invalid configuration detected in the second SECURITY MODE COMMAND message.
At step 7 SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated "integrity check info" IE is correct according to the new integrity protection configuration (new key and HFN set to zero).
After step 7 SS verifies that all uplink signalling messages on RB2 are integrity protected with the new integrity protection configuration using UIA2.
After uplink ciphering activation time has elapsed, SS verifies that the UE CAPABILITY INFORMATION message received is ciphered with the new ciphering configuration using UEA2 as indicated in the SECURITY MODE COMMAND (Step 6) message.
After downlink ciphering activation time has elapsed, SS shall apply ciphering to all downlink messages using the new ciphering configuration using UEA2. At least one more cycle between step 8 and step 10 shall be repeated correctly after activation time on both directions has elapsed and the messages on both directions shall be ciphered using UEA2 and integrity protected using UIA2.
8.1.7.3c Security mode control in CELL_DCH state (UEA2/UIA2, CN Domain switch and new keys at RRC message sequence number wrap around)
8.1.7.3c.1 Definition
Applicable to all Rel-7 UEs which support FDD and CS domain services and PS domain services.
8.1.7.3c.2 Conformance requirement
Same conformance requirement as clause 8.1.7.1c.2.
8.1.7.3c.3 Test purpose
Same test purpose as clause 8.1.7.1c.3 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
8.1.7.3c.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: has entered PS+CS-DCCH+DTCH_DCH (state 6-14) using procedure P24 as specified in clause 7.4 of TS 34.108, UEA2 and UIA2 are configured.
Test Procedure
Same test procedure as clause 8.1.7.1c.4 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
Expected sequence
Same expected sequence as clause 8.1.7.1c.4
Specific Message Contents
Same specific message contents as clause 8.1.7.1c.4 except for the following:
SECURITY MODE COMMAND (Step 7)
Use the same message content as found in clause 9 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
Ciphering mode info |
|
|
Ciphering algorithm |
UEA2 |
|
Integrity protection mode info |
|
|
Integrity protection algorithm |
UIA2 |
8.1.7.3c.5 Test requirement
After step 7 the SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated "integrity check info" IE is correct.
After step 8 SS verifies that all uplink signalling messages on RB2 are integrity protected with UIA2 algorithm.
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received is integrity protected with UIA2 algorithm and ciphered with the new ciphering configuration and algorithm UEA2 indicated in the SECURITY MODE COMMAND (Step 7) message.
After downlink ciphering activation time has lapsed, SS shall apply ciphering to all downlink messages using the new configuration using UEA2. At least one more cycle between step 9 and step 11 shall be repeated correctly after activation time on both directions has lapsed and the messages in both directions shall be ciphered using UEA2 and integrity protected using UIA2.
8.1.7.3d Security mode control in CELL_DCH state interrupted by a cell update (UEA2/UIA2)
8.1.7.3d.1 Definition
Applicable to all Rel-7 UEs which support FDD and PS domain services.
8.1.7.3d.2 Conformance requirement
Same conformance requirement as clause 8.1.7.1d.2.
8.1.7.3d.3 Test purpose
Same test purpose as clause 8.1.7.1d.3 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
8.1.7.3d.4 Method of test
Initial Condition
System Simulator: 1 cell.
SYSTEM INFORMATION BLOCK TYPE 1 (see specific message contents).
UE: PS-DCCH+DTCH_DCH (state 6-10) as specified in clause 7.4 of TS 34.108.
The RRC CONNECTION SETUP message used in the initial setup should be as shown under Specific Message Contents in clause 8.1.7.1d.4.
Test Procedure
Same test procedure as clause 8.1.7.1d.4 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
Expected sequence
Same expected sequence as clause 8.1.7.1d.4
Specific Message Contents
Same specific message contents as clause 8.1.7.1d.4 except for the following:
SECURITY MODE COMMAND (Step 4)
Use the same message content as found in clause 9 of TS 34.108, with the following exceptions:
|
Information Element |
Value/remark |
|
Ciphering mode info |
|
|
Ciphering algorithm |
UEA2 |
|
Integrity protection mode info |
|
|
Integrity protection algorithm |
UIA2 |
8.1.7.3d.5 Test requirement
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received at step 12 is integrity protected with UIA2 algorithm and ciphered with the old ciphering configuration and algorithm UEA2 and not the one indicated in the SECURITY MODE COMMAND (Step 4) message.
8.1.7.4 Security mode command in CELL_FACH state (UEA2/UIA2)
8.1.7.4.1 Definition
Applicable to all Rel-7 UEs which support FDD and PS domain services.
8.1.7.4.2 Conformance requirement
Same conformance requirement as clause 8.1.7.2.2.
8.1.7.4.3 Test purpose
Same test purpose as clause 8.1.7.2.3.
8.1.7.4.4 Method of test
Initial Condition
System Simulator: 1 cell.
UE: CELL_FACH (state 6-11) as specified in clause 7.4 of TS 34.108.
Test Procedure
Same test procedure as clause 8.1.7.2.4 except that ciphering algorithm used is UEA2 and integrity protection algorithm used is UIA2.
Expected sequence
Same expected sequence as clause 8.1.7.2.4
Specific Message Contents
Same specific message contents as clause 8.1.7.2.4 except for the following:
SECURITY MODE COMMAND (Step 8)
|
Information Element |
Value/remark |
|
Ciphering mode info |
|
|
Ciphering algorithm |
UEA2 |
|
Integrity protection mode info |
|
|
Integrity protection algorithm |
UIA2 |
8.1.7.4.5 Test requirement
After step 2 the UE shall transmit a SECURITY MODE FAILURE message to report the protocol error detected in the first SECURITY MODE COMMAND message.
After step 8 the SS checks that the SECURITY MODE COMPLETE message is received ciphered using the old configuration and that the calculated MAC-I values in "integrity check info" IE is correct.
After step 9 SS verifies that all uplink signalling messages on RB2 are integrity protected with UIA2 algorithm.
After uplink ciphering activation time has lapsed, SS verifies that the UE CAPABILITY INFORMATION message received is integrity protected with UIA2 algorithm and ciphered with the new ciphering configuration and algorithm using UEA2 indicated in the SECURITY MODE COMMAND (Step 8) message.
After downlink ciphering activation time has lapsed, SS shall apply ciphering using UEA2 to all downlink messages using the new configuration. At least one more cycle between step 10 and step 12 shall be repeated correctly after activation time on both directions has lapsed and the messages on both directions shall be ciphered using UEA2 and integrity protected using UIA2.