4 Preliminary information

35.2313GPPDocument 1: Algorithm specificationRelease 17Specification of the TUAK algorithm set: A second example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

4.1 Introduction

Within the security architecture of the 3GPP system there are seven security functions related to authentication and key agreement: f1, f1*, f2, f3, f4, f5 and f5*. The operation of these functions falls within the domain of one operator, and the functions are therefore to be specified by each operator rather than being fully standardized. The algorithms specified in the present document are examples that may be used by an operator who does not wish to design his own.

The algorithm specified is called Tuak (pronounced "too-ack").

It is not mandatory that the particular algorithms specified in the present document are used.

The inputs and outputs of all seven algorithms are defined in clause 4.4.

4.2 Notation

4.2.1 Radix

The prefix 0x is used to indicate hexadecimal numbers.

4.2.2 Bit-numbering for inputs and outputs

3GPP TS 33.102 [1] includes the following convention. (There is similar text in the specification of MILENAGE, as defined in 3GPP TS 35.206 [2]):

All data variables in the present document are presented with the most significant substring on the left hand side and the least significant substring on the right hand side. A substring may be a bit, byte or other arbitrary length bit string. Where a variable is broken down into a number of substrings, the left-most (most significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant.

So, for example, RAND[0] is the most-significant bit of RAND and RAND[127] is the least significant bit of RAND.

This convention applies to all inputs and outputs to Tuak, as listed in tables 1 to 9 below.

However, internally to the Tuak specification variables are simply treated as indexed bit strings, without a specific indication of bit, byte or word order.

4.2.3 Assignment operations

The assignment operator ‘=’is used in many programming languages. Thus:

<variable> = <expression>

It means that <variable> assumes the value that <expression> had before the assignment took place. For instance,

x = x + y + 3

means:

(new value of x) becomes (old value of x) + (old value of y) + 3.

Also

<variables> = <expressions>

for lists of variables and expressions, then the left-most variable assumes the value the left-most expression had before the assignment took place, the next left-most variable assumes the value the next left-most expression had before the assignment took place, and so on.

For instance,

x[0]..x[2] = 3, 4, 5

means

(new value of x[0]) becomes 3,

(new value of x[1]) becomes 4,

(new value of x[2]) becomes 5.

Whereas:

x[0]..x[2] = y[2]..y[0]

means

(new value of x[0]) becomes (old value of y[2]),

(new value of x[1]) becomes (old value of y[1]),

(new value of x[2]) becomes (old value of y[0]).