7.3.3 PDCP ciphering and deciphering

36.523-13GPPEvolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Packet Core (EPC)Part 1: Protocol conformance specificationRelease 17TSUser Equipment (UE) conformance specification

7.3.3.1 Ciphering and deciphering / Correct functionality of EPS AS encryption algorithms / SNOW 3G

7.3.3.1.1 Test Purpose (TP)

(1)

with { UE in RRC_IDLE/E-UTRA RRC_CONNECTED state }

ensure that {
when
{ Functionality of EPS AS encryption algorithms with SNOW 3G is taken into use }

then { UE performs correct AS ciphering function in PDCP entities associated with SRBs. }

}

7.3.3.1.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 36.323, clause 5.6 , TS 33.401, clause 5.1.3.2 and TS 36.331, clause 6.3.3.

[TS 36.323, clause 5.6]

The ciphering function includes both ciphering and deciphering and is performed in PDCP. For the control plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3) and the MAC-I (see subclause 6.3.4). For the user plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3); ciphering is not applicable to PDCP Control PDUs.

The ciphering algorithm and key to be used by the PDCP entity are configured by upper layers [3] and the ciphering method shall be applied as specified in [6].

The ciphering function is activated by upper layers [3]. After security activation, the ciphering function shall be applied to all PDCP PDUs indicated by upper layers [3] for the downlink and the uplink, respectively.

The parameters that are required by PDCP for ciphering are defined in [6] and are input to the ciphering algorithm. The required inputs to the ciphering function include the COUNT value, and DIRECTION (direction of the transmission: set as specified in [6]).The parameters required by PDCP which are provided by upper layers [3] are listed below:

– BEARER (defined as the radio bearer identifier in [6]. It will use the value RB identity –1 as in [3]);

– KEY (the ciphering keys for the control plane and for the user plane are KRRCenc and KUPenc, respectively).

[TS 33.401, clause 5.1.3.2]

All algorithms specified in this subclause are algorithms with a 128-bit input key except Null ciphering algorithm.

NOTE: Deviations from the above requirement have to be indicated explicitly in the algorithm identifier list below.

Each EPS Encryption Algorithm (EEA) will be assigned a 4-bit identifier. Currently, the following values have been defined for NAS, RRC and UP ciphering:

"00012" 128-EEA1 SNOW 3G based algorithm

The remaining values have been reserved for future use.

UEs and eNBs shall implement EEA0, 128-EEA1 and 128-EEA2 for both RRC signalling ciphering and UP ciphering. UEs and eNBs may implement 128-EEA3 for both RRC signalling ciphering and UP ciphering.

[TS 36.331, clause 6.3.3]

The IE SecurityAlgorithmConfig is used to configure AS integrity protection algorithm (SRBs) and AS ciphering algorithm (SRBs and DRBs). For RNs, the IE SecurityAlgorithmConfig is also used to configure AS integrity protection algorithm for DRBs between the RN and the E-UTRAN.

SecurityAlgorithmConfig field descriptions

cipheringAlgorithm

Indicates the ciphering algorithm to be used for SRBs and DRBs, as specified in TS 33.401 [32, 5.1.3.2].

integrityProtAlgorithm

Indicates the integrity protection algorithm to be used for SRBs, as specified in TS 33.401 [32, 5.1.4.2]. For RNs, also indicates the integrity protection algorithm to be used for integrity protection-enabled DRB(s).

7.3.3.1.3 Test description

7.3.3.1.3.1 Pre-test conditions

System Simulator:

– Cell 1.

UE:

– None.

Preamble:

– The UE shall be in Registered Idle Mode (State 2) according to [18].

7.3.3.1.3.2 Test procedure sequence

Table 7.3.3.1.3.2-1: Main Behaviour

St

Procedure

Message Sequence

TP

Verdict

U – S

Message

1

The SS sends a Paging message to the UE on the appropriate paging block, and including the UE identity in one entry of the IE pagingRecordLists.

<–

Paging (PCCH)

2

Check: Does The UE transmit a RRCConnectionRequest message without related PDCP Data PDU being ciphered?

–>

RRCConnectionRequest

1

P

3

The SS transmits an RRCConnectionSetup message. This message related PDCP Data PDU should not be integrity protected and ciphered.

<–

RRCConnectionSetup

4

Check: Does the UE transmit a RRCConnectionSetupComplete message to confirm the successful completion of the connection establishment and to initiate the session management procedure by including the SERVICE REQUEST message (State3), and without related PDCP Data PDU being ciphered?

–>

RRCConnectionSetupComplete

1

P

5

The SS transmits a SecurityModeCommand message to activate EPS AS encryption algorithm security. The message related PDCP Data PDU should be integrity protected but not ciphered.

<–

SecurityModeCommand

6

Check: Does the UE transmit a SecurityModeComplete message and establishes the initial security configuration without the message related PDCP Data PDU being ciphered?

–>

SecurityModeComplete

1

P

7

The SS configures a new data radio bearer, associated with the default EPS bearer context. This message related PDCP Data PDU should be integrity protected and ciphered. The COUNT of this message related PDCP Data PDU can be used for deciphering.

<–

RRCConnectionReconfiguration

8

The UE transmits a RRCConnectionReconfigurationComplete message to confirm the establishment of the new data radio bearer, associated with the default EPS bearer context. This message related PDCP Data PDU should be integrity protected and ciphered. The COUNT of this message related PDCP Data PDU can be used for deciphering.

–>

RRCConnectionReconfigurationComplete

1

P

7.3.3.1.3.3 Specific message contents

Table 7.3.3.1.3.3-1 SecurityModeCommand (step 6, Table 7.3.3.1.3.2-1)

Derivation Path: TS36.508 clause 4.6.1 table 4.6.1-19

Information Element

Value/remark

Comment

Condition

SecurityModeCommand ::= SEQUENCE {

rrc-TransactionIdentifier

RRC-TransactionIdentifier-DL

criticalExtensions CHOICE {

c1 CHOICE{

securityModeCommand-r8 SEQUENCE {

securityConfigSMC SEQUENCE {

securityAlgorithmConfig SEQUENCE {

cipheringAlgorithm

eea1

integrityProtAlgorithm

Default value specified in TS 36.508

}

nonCriticalExtension SEQUENCE {}

Not present

}

}

}

}

}

7.3.3.2 Ciphering and deciphering / Correct functionality of EPS UP encryption algorithms / SNOW 3G

7.3.3.2.1 Test Purpose (TP)

(1)

with { UE in E-UTRA RRC_CONNECTED state }

ensure that {
when
{ UE is requested to achieve functionality of EPS UP encryption algorithms with SNOW 3G }

then { UE performs correct UP ciphering function in PDCP entities associated with DRBs. }

}

7.3.3.2.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 36.323, clause 5.6, TS 33.401, clause 5.1.3.2 and TS 36.331, clause 6.3.3.

[TS 36.323, clause 5.6]

The ciphering function includes both ciphering and deciphering and is performed in PDCP. For the control plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3) and the MAC-I (see subclause 6.3.4). For the user plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3); ciphering is not applicable to PDCP Control PDUs.

The ciphering algorithm and key to be used by the PDCP entity are configured by upper layers [3] and the ciphering method shall be applied as specified in [6].

The ciphering function is activated by upper layers [3]. After security activation, the ciphering function shall be applied to all PDCP PDUs indicated by upper layers [3] for the downlink and the uplink, respectively.

The parameters that are required by PDCP for ciphering are defined in [6] and are input to the ciphering algorithm. The required inputs to the ciphering function include the COUNT value, and DIRECTION (direction of the transmission: 0 for uplink, 1 for downlink).The parameters required by PDCP which are provided by upper layers [3] are listed below:

– BEARER (defined as the radio bearer identifier in [6]. It will use the value RB identity –1 as in [3]);

– KEY (the ciphering keys for the control plane and for the user plane are KRRCenc and KUPenc, respectively).

[TS 33.401, clause 5.1.3.2]

All algorithms specified in this subclause are algorithms with a 128-bit input key except Null ciphering algorithm.

NOTE: Deviations from the above requirement have to be indicated explicitly in the algorithm identifier list below.

Each EPS Encryption Algorithm (EEA) will be assigned a 4-bit identifier. Currently, the following values have been defined for NAS, RRC and UP ciphering:

"00012" 128-EEA1 SNOW 3G based algorithm

The remaining values have been reserved for future use.

UEs and eNBs shall implement EEA0, 128-EEA1 and 128-EEA2 for both RRC signalling ciphering and UP ciphering. UEs and eNBs may implement 128-EEA3 for both RRC signalling ciphering and UP ciphering.

[TS 36.331, clause 6.3.3]

The IE SecurityAlgorithmConfig is used to configure AS integrity protection algorithm (SRBs) and AS ciphering algorithm (SRBs and DRBs). For RNs, the IE SecurityAlgorithmConfig is also used to configure AS integrity protection algorithm for DRBs between the RN and the E-UTRAN.

SecurityAlgorithmConfig field descriptions

cipheringAlgorithm

Indicates the ciphering algorithm to be used for SRBs and DRBs, as specified in TS 33.401 [32, 5.1.3.2].

integrityProtAlgorithm

Indicates the integrity protection algorithm to be used for SRBs, as specified in TS 33.401 [32, 5.1.4.2]. For RNs, also indicates the integrity protection algorithm to be used for integrity protection-enabled DRB(s).

7.3.3.2.3 Test description

7.3.3.2.3.1 Pre-test conditions

System Simulator:

– Cell 1.

UE:

– None.

Preamble

– The UE shall be in Loopback Activation state (State 4) according to TS36.508.

7.3.3.2.3.2 Test procedure sequence

Table 7.3.3.2.3.2-1: Main Behaviour

St

Procedure

Message Sequence

TP

Verdict

U – S

Message

1

SS Transmits PDCP PDU on DRB ciphered.

<–

PDCP PDU

2

Check: Does the UE transmit loop backed PDCP PDU ciphered.

–>

PDCP PDU

1

P

7.3.3.2.3.3 Specific message contents

Table 7.3.3.2.3.3-1 SecurityModeCommand (in the preamble)

Derivation Path: TS36.508 clause 4.6.1 table 4.6.1-19

Information Element

Value/remark

Comment

Condition

SecurityModeCommand ::= SEQUENCE {

criticalExtensions CHOICE {

c1 CHOICE{

rrc-TransactionIdentifier

RRC-TransactionIdentifier-DL

securityModeCommand-r8 SEQUENCE {

securityConfigSMC SEQUENCE {

cipheringAlgorithm

eea1

}

nonCriticalExtension SEQUENCE {}

Not present

}

}

}

}

7.3.3.3 Ciphering and deciphering / Correct functionality of EPS AS encryption algorithms / AES

7.3.3.3.1 Test Purpose (TP)

(1)

with { UE in E-UTRA RRC_CONNECTED state }

ensure that {
when
{ UE is requested to achieve functionality of EPS AS encryption algorithms with AES }

then { UE performs correct AS ciphering function in PDCP entities associated with SRBs. }

}

7.3.3.3.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 36.323, clause 5.6 , TS 33.401, clause 5.1.3.2 and TS 36.331, clause 6.3.3.

[TS 36.323, clause 5.6]

The ciphering function includes both ciphering and deciphering and is performed in PDCP. For the control plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3) and the MAC-I (see subclause 6.3.4). For the user plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3); ciphering is not applicable to PDCP Control PDUs.

The ciphering algorithm and key to be used by the PDCP entity are configured by upper layers [3] and the ciphering method shall be applied as specified in [6].

The ciphering function is activated by upper layers [3]. After security activation, the ciphering function shall be applied to all PDCP PDUs indicated by upper layers [3] for the downlink and the uplink, respectively.

The parameters that are required by PDCP for ciphering are defined in [6] and are input to the ciphering algorithm. The required inputs to the ciphering function include the COUNT value, and DIRECTION (direction of the transmission: set as specified in [6]).The parameters required by PDCP which are provided by upper layers [3] are listed below:

– BEARER (defined as the radio bearer identifier in [6]. It will use the value RB identity –1 as in [3]);

– KEY (the ciphering keys for the control plane and for the user plane are KRRCenc and KUPenc, respectively).

[TS 33.401, clause 5.1.3.2]

All algorithms specified in this subclause are algorithms with a 128-bit input key except Null ciphering algorithm.

NOTE: Deviations from the above requirement have to be indicated explicitly in the algorithm identifier list below.

Each EPS Encryption Algorithm (EEA) will be assigned a 4-bit identifier. Currently, the following values have been defined for NAS, RRC and UP ciphering:

"00102" 128-EEA2 AES based algorithm

The remaining values have been reserved for future use.

UEs and eNBs shall implement EEA0, 128-EEA1 and 128-EEA2 for both RRC signalling ciphering and UP ciphering. UEs and eNBs may implement 128-EEA3 for both RRC signalling ciphering and UP ciphering.

[TS 36.331, clause 6.3.3]

The IE SecurityAlgorithmConfig is used to configure AS integrity protection algorithm (SRBs) and AS ciphering algorithm (SRBs and DRBs). For RNs, the IE SecurityAlgorithmConfig is also used to configure AS integrity protection algorithm for DRBs between the RN and the E-UTRAN.

SecurityAlgorithmConfig field descriptions

cipheringAlgorithm

Indicates the ciphering algorithm to be used for SRBs and DRBs, as specified in TS 33.401 [32, 5.1.3.2].

integrityProtAlgorithm

Indicates the integrity protection algorithm to be used for SRBs, as specified in TS 33.401 [32, 5.1.4.2]. For RNs, also indicates the integrity protection algorithm to be used for integrity protection-enabled DRB(s).

7.3.3.3.3 Test description

7.3.3.3.3.1 Pre-test conditions

Same Pre-test conditions as in clause 7.3.3.1.3.1.

7.3.3.3.3.2 Test procedure sequence

Same Test procedure sequence as in Table 7.3.3.1.3.2.

7.3.3.3.3.3 Specific message contents

Table 7.3.3.3.3.3-1 SecurityModeCommand (step 6)

Derivation Path: TS36.508 clause 4.6.1 table 4.6.1-19

Information Element

Value/remark

Comment

Condition

SecurityModeCommand ::= SEQUENCE {

rrc-TransactionIdentifier

RRC-TransactionIdentifier-DL

criticalExtensions CHOICE {

c1 CHOICE{

securityModeCommand-r8 SEQUENCE {

securityConfigSMC SEQUENCE {

securityAlgorithmConfig SEQUENCE {

cipheringAlgorithm

eea2

}

nonCriticalExtension SEQUENCE {}

Not present

}

}

}

}

7.3.3.4 Ciphering and deciphering / Correct functionality of EPS UP encryption algorithms / AES

7.3.3.4.1 Test Purpose (TP)

(1)

with { UE in E-UTRA RRC_CONNECTED state }

ensure that {
when
{ UE is requested to achieve functionality of EPS UP encryption algorithms with AES }

then { UE performs correct UP ciphering function in PDCP entities associated with DRBs. }

}

7.3.3.4.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 36.323, clause 5.6 , TS 33.401, clause 5.1.3.2 and TS 36.331, clause 6.3.3.

[TS 36.323, clause 5.6]

The ciphering function includes both ciphering and deciphering and is performed in PDCP. For the control plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3) and the MAC-I (see subclause 6.3.4). For the user plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3); ciphering is not applicable to PDCP Control PDUs.

The ciphering algorithm and key to be used by the PDCP entity are configured by upper layers [3] and the ciphering method shall be applied as specified in [6].

The ciphering function is activated by upper layers [3]. After security activation, the ciphering function shall be applied to all PDCP PDUs indicated by upper layers [3] for the downlink and the uplink, respectively.

The parameters that are required by PDCP for ciphering are defined in [6] and are input to the ciphering algorithm. The required inputs to the ciphering function include the COUNT value, and DIRECTION (direction of the transmission: set as specified in [6]).The parameters required by PDCP which are provided by upper layers [3] are listed below:

– BEARER (defined as the radio bearer identifier in [6]. It will use the value RB identity –1 as in [3]);

– KEY (the ciphering keys for the control plane and for the user plane are KRRCenc and KUPenc, respectively).

[TS 33.401, clause 5.1.3.2]

All algorithms specified in this subclause are algorithms with a 128-bit input key except Null ciphering algorithm.

NOTE: Deviations from the above requirement have to be indicated explicitly in the algorithm identifier list below.

Each EPS Encryption Algorithm (EEA) will be assigned a 4-bit identifier. Currently, the following values have been defined for NAS, RRC and UP ciphering:

"00102" 128-EEA2 AES based algorithm

The remaining values have been reserved for future use.

UEs and eNBs shall implement EEA0, 128-EEA1 and 128-EEA2 for both RRC signalling ciphering and UP ciphering. UEs and eNBs may implement 128-EEA3 for both RRC signalling ciphering and UP ciphering.

[TS 36.331, clause 6.3.3]

The IE SecurityAlgorithmConfig is used to configure AS integrity protection algorithm (SRBs) and AS ciphering algorithm (SRBs and DRBs). For RNs, the IE SecurityAlgorithmConfig is also used to configure AS integrity protection algorithm for DRBs between the RN and the E-UTRAN.

SecurityAlgorithmConfig field descriptions

cipheringAlgorithm

Indicates the ciphering algorithm to be used for SRBs and DRBs, as specified in TS 33.401 [32, 5.1.3.2].

integrityProtAlgorithm

Indicates the integrity protection algorithm to be used for SRBs, as specified in TS 33.401 [32, 5.1.4.2]. For RNs, also indicates the integrity protection algorithm to be used for integrity protection-enabled DRB(s).

7.3.3.4.3 Test description

7.3.3.4.3.1 Pre-test conditions

Same Pre-test conditions as in clause 7.3.3.2.3.1.

7.3.3.4.3.2 Test procedure sequence

Same Test procedure sequence as in Table 7.3.3.2.3.2.

7.3.3.4.3.3 Specific message contents

Table 7.3.3.4.3.3-1 SecurityModeCommand (in the preamble)

Derivation Path: TS36.508 clause 4.6.1 table 4.6.1-19

Information Element

Value/remark

Comment

Condition

rrc-TransactionIdentifier

RRC-TransactionIdentifier-DL

SecurityModeCommand ::= SEQUENCE {

criticalExtensions CHOICE {

c1 CHOICE{

securityConfigSMC SEQUENCE { securityModeCommand-r8 SEQUENCE {

securityAlgorithmConfig SEQUENCE {

cipheringAlgorithm

eea2

Not present

}

nonCriticalExtension SEQUENCE {}

Not present

}

}

}

}

7.3.3.5 Ciphering and deciphering / Correct functionality of EPS AS encryption algorithms / ZUC

7.3.3.5.1 Test Purpose (TP)

(1)

with { UE in E-UTRA RRC_CONNECTED state }

ensure that {
when
{ UE is requested to achieve functionality of EPS AS encryption algorithms with ZUC }

then { UE performs correct AS ciphering function in PDCP entities associated with SRBs. }

}

7.3.3.5.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 36.323, clause 5.6, TS 33.401, clause 5.1.3.2 and TS 36.331, clause 6.3.3.

[TS 36.323, clause 5.6]

The ciphering function includes both ciphering and deciphering and is performed in PDCP. For the control plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3) and the MAC-I (see subclause 6.3.4). For the user plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3); ciphering is not applicable to PDCP Control PDUs.

The ciphering algorithm and key to be used by the PDCP entity are configured by upper layers [3] and the ciphering method shall be applied as specified in [6].

The ciphering function is activated by upper layers [3]. After security activation, the ciphering function shall be applied to all PDCP PDUs indicated by upper layers [3] for the downlink and the uplink, respectively.

The parameters that are required by PDCP for ciphering are defined in [6] and are input to the ciphering algorithm. The required inputs to the ciphering function include the COUNT value, and DIRECTION (direction of the transmission: set as specified in [6]).The parameters required by PDCP which are provided by upper layers [3] are listed below:

– BEARER (defined as the radio bearer identifier in [6]. It will use the value RB identity –1 as in [3]);

– KEY (the ciphering keys for the control plane and for the user plane are KRRCenc and KUPenc, respectively).

[TS 33.401, clause 5.1.3.2]

All algorithms specified in this subclause are algorithms with a 128-bit input key except Null ciphering algorithm.

NOTE: Deviations from the above requirement have to be indicated explicitly in the algorithm identifier list below.

Each EPS Encryption Algorithm (EEA) will be assigned a 4-bit identifier. Currently, the following values have been defined for NAS, RRC and UP ciphering:

"00112" 128-EEA3 ZUC based algorithm

The remaining values have been reserved for future use.

UEs and eNBs shall implement EEA0, 128-EEA1 and 128-EEA2 for both RRC signalling ciphering and UP ciphering. UEs and eNBs may implement 128-EEA3 for both RRC signalling ciphering and UP ciphering.

[TS 36.331, clause 6.3.3]

The IE SecurityAlgorithmConfig is used to configure AS integrity protection algorithm (SRBs) and AS ciphering algorithm (SRBs and DRBs). For RNs, the IE SecurityAlgorithmConfig is also used to configure AS integrity protection algorithm for DRBs between the RN and the E-UTRAN.

SecurityAlgorithmConfig field descriptions

cipheringAlgorithm

Indicates the ciphering algorithm to be used for SRBs and DRBs, as specified in TS 33.401 [32, 5.1.3.2].

integrityProtAlgorithm

Indicates the integrity protection algorithm to be used for SRBs, as specified in TS 33.401 [32, 5.1.4.2]. For RNs, also indicates the integrity protection algorithm to be used for integrity protection-enabled DRB(s).

7.3.3.5.3 Test description

7.3.3.5.3.1 Pre-test conditions

Same Pre-test conditions as in clause 7.3.3.1.3.1.

7.3.3.5.3.2 Test procedure sequence

Same Test procedure sequence as in Table 7.3.3.1.3.2.

7.3.3.5.3.3 Specific message contents

Table 7.3.3.5.3.3-1: SecurityModeCommand (step 6)

Derivation Path: TS36.508 clause 4.6.1 table 4.6.1-19

Information Element

Value/remark

Comment

Condition

SecurityModeCommand ::= SEQUENCE {

rrc-TransactionIdentifier

RRC-TransactionIdentifier-DL

criticalExtensions CHOICE {

c1 CHOICE{

securityModeCommand-r8 SEQUENCE {

securityConfigSMC SEQUENCE {

securityAlgorithmConfig SEQUENCE {

cipheringAlgorithm

eea3-v11xy

}

nonCriticalExtension SEQUENCE {}

Not present

}

}

}

}

7.3.3.6 Ciphering and deciphering / Correct functionality of EPS UP encryption algorithms / ZUC

7.3.3.6.1 Test Purpose (TP)

(1)

with { UE in E-UTRA RRC_CONNECTED state }

ensure that {
when
{ UE is requested to achieve functionality of EPS UP encryption algorithms with ZUC }

then { UE performs correct UP ciphering function in PDCP entities associated with DRBs. }

}

7.3.3.6.2 Conformance requirements

References: The conformance requirements covered in the present TC are specified in: TS 36.323, clause 5.6, TS 33.401, clause 5.1.3.2 and TS 36.331, clause 6.3.3.

[TS 36.323, clause 5.6]

The ciphering function includes both ciphering and deciphering and is performed in PDCP. For the control plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3) and the MAC-I (see subclause 6.3.4). For the user plane, the data unit that is ciphered is the data part of the PDCP PDU (see subclause 6.3.3); ciphering is not applicable to PDCP Control PDUs.

The ciphering algorithm and key to be used by the PDCP entity are configured by upper layers [3] and the ciphering method shall be applied as specified in [6].

The ciphering function is activated by upper layers [3]. After security activation, the ciphering function shall be applied to all PDCP PDUs indicated by upper layers [3] for the downlink and the uplink, respectively.

The parameters that are required by PDCP for ciphering are defined in [6] and are input to the ciphering algorithm. The required inputs to the ciphering function include the COUNT value, and DIRECTION (direction of the transmission: 0 for uplink, 1 for downlink).The parameters required by PDCP which are provided by upper layers [3] are listed below:

– BEARER (defined as the radio bearer identifier in [6]. It will use the value RB identity –1 as in [3]);

– KEY (the ciphering keys for the control plane and for the user plane are KRRCenc and KUPenc, respectively)

[TS 33.401, clause 5.1.3.2]

All algorithms specified in this subclause are algorithms with a 128-bit input key except Null ciphering algorithm.

NOTE: Deviations from the above requirement have to be indicated explicitly in the algorithm identifier list below.

Each EPS Encryption Algorithm (EEA) will be assigned a 4-bit identifier. Currently, the following values have been defined for NAS, RRC and UP ciphering:

"00112" 128-EEA3 ZUC based algorithm

The remaining values have been reserved for future use.

UEs and eNBs shall implement EEA0, 128-EEA1 and 128-EEA2 for both RRC signalling ciphering and UP ciphering. UEs and eNBs may implement 128-EEA3 for both RRC signalling ciphering and UP ciphering.

UEs and MMEs shall implement EEA0, 128-EEA1 and 128-EEA2 for NAS signalling ciphering. UEs and MMEs may implement 128-EEA3 for NAS signalling ciphering.

[TS 36.331, clause 6.3.3]

The IE SecurityAlgorithmConfig is used to configure AS integrity protection algorithm (SRBs) and AS ciphering algorithm (SRBs and DRBs). For RNs, the IE SecurityAlgorithmConfig is also used to configure AS integrity protection algorithm for DRBs between the RN and the E-UTRAN.

SecurityAlgorithmConfig field descriptions

cipheringAlgorithm

Indicates the ciphering algorithm to be used for SRBs and DRBs, as specified in TS 33.401 [32, 5.1.3.2].

integrityProtAlgorithm

Indicates the integrity protection algorithm to be used for SRBs, as specified in TS 33.401 [32, 5.1.4.2]. For RNs, also indicates the integrity protection algorithm to be used for integrity protection-enabled DRB(s).

7.3.3.6.3 Test description

7.3.3.6.3.1 Pre-test conditions

Same Pre-test conditions as in clause 7.3.3.2.3.1.

7.3.3.6.3.2 Test procedure sequences

Same Test procedure sequence as in Table 7.3.3.2.3.2.

7.3.3.6.3.3 Specific message contents

Table 7.3.3.6.3.3-1: SecurityModeCommand (in the preamble)

Derivation Path: TS36.508 clause 4.6.1 table 4.6.1-19

Information Element

Value/remark

Comment

Condition

SecurityModeCommand ::= SEQUENCE {

criticalExtensions CHOICE {

c1 CHOICE{

rrc-TransactionIdentifier

RRC-TransactionIdentifier-DL

securityModeCommand-r8 SEQUENCE {

securityConfigSMC SEQUENCE {

CipheringAlgorithm

eea3-v11xy

}

nonCriticalExtension SEQUENCE {}

Not present

}

}

}

}