7.3.8 PDCP ProSe Device to Device
36.523-13GPPEvolved Universal Terrestrial Radio Access (E-UTRA) and Evolved Packet Core (EPC)Part 1: Protocol conformance specificationRelease 17TSUser Equipment (UE) conformance specification
7.3.8.1 Security Aspects / ProSe Direct Communication / Security Information for Confidentiality Protection – Correct Counting and Wrapping
7.3.8.1.1 Test Purpose (TP)
(1)
with { UE served by E-UTRAN PLMN supporting ProSe and intending to use direct communication }
ensure that {
when { the UE sends an encrypted PDCP Data PDU for SLRB }
then { the PDCP SN is incremented by one }
}
(2)
with { PDCP SN counter value being 2^16-1 }
ensure that {
when { UE sends an encrypted PDCP Data PDU for SLRB }
then { the PDCP SN counter is reset to zero }
}
7.3.8.1.2 Conformance requirements
References: The conformance requirements covered in the present TC are specified in: TS 33.303, clause 6.2.3.2 and TS 36.323, clause 6.2.10. Unless otherwise stated these are Rel-12 requirements.
[TS 33.303, clause 6.2.3.2]
To encrypt the data for a PDCP entity, the ME shall calculate PTK (as described in Annex A.3) and then PEK from PTK (as described in Annex A.4). The ME then uses the PEK, LCID, PTK ID and counter to encrypt the next data packet as described in subclause 6.2.3.6.1. Immediately after encrypting the data packet, the ME shall increase the counter associated with the PDCP entity by one. If this causes the counter to wrap, then the ME shall behave as follows:
– If PTK ID < 2^16-1, then the ME shall increase the PTK ID associated with the PDCP entity by one and set the counter associated with this PDCP entity to one. Furthermore for USIM storage of PTK ID, the ME shall increase the PTK ID stored on the USIM by 3 if it is less than 2^16-4 or to 2^16-1 otherwise if the stored PTK ID in USIM would be less than the one about to be used in ME. If non-volatile memory on the ME is used to store the PTK ID, the ME shall increase the PTK ID in non-volatile memory by one.
– If PTK ID = 2^16-1 (i.e. PTK ID would wrap) and if the next PGK is previously unused (i.e. does not have the PTK ID and Counter in either the USIM or non-volatile memory of the ME associated with it), the ME shall act as though it just created a new PDCP entity with a previously unused PGK.
– Otherwise (i.e. PTK ID = 2^16-1 and the next PGK has already been used in some other PDCP entity), the ME shall use the next PGK to generate keys for this PDCP entity and set the PTK ID and counter associated with this PDCP entity to one.
In all case of counter wrap, new PTK shall be derived from the PGK taking the new PTK Identity into use. A new PEK shall be derived from the new PTK as well. The old PTK associated with this PDCP entity shall be deleted together with the corresponding old PEK derived from the old PTK key.
[TS 36.323, clause 6.2.10]
Figure 6.2.10.1 shows the format of the PDCP Data PDU for SLRB where a 16 bit SN length is used.
Figure 6.2.10.1: PDCP Data PDU format for SLRB
7.3.8.1.3 Test description
7.3.8.1.3.1 Pre-test conditions
System Simulator:
SS-NW
– Cell 1
– System information combination 23 as defined in TS 36.508 [18] clause 4.4.3.1 is used in E-UTRA Cell 1.
SS-UE
– SS-UE1: as defined in TS 36.508 [18], configured for and operating as ProSe Direct Communication Reception on the resources which the UE is expected to use for transmission.
UE:
– The UE is authorised to perform ProSe Direct Communication. A timer T4005 is assigned long enough not to expire before the TC is completed, at least 44 min (for Rel-12 this timer cannot be set in the USIM, it is expected that the UE shall provide means for setting the timer e.g. via MMI).
– The UE has pre-configured radio parameters (preconfigComm) as defined in TS 36.508 with an associated geographical area and a UICC with all values equal to the default profile TS 36.508 [18], section 4.9.3.1 except for those listed in Table 7.3.8.1.3.1-1.
Table 7.3.8.1.3.1-1: USIM configuration
|
USIM field |
Priority |
Value |
|
EFPROSE_RADIO_COM |
Is present |
|
|
EFUST |
Service 101 is supported |
|
|
EFAD |
UE is authorized to use pre-configured parameters for ProSe |
|
|
EFPROSE_PLMN |
PLMN of Cell 1 |
|
|
EFPST |
Service n°3 and service n°6 are supported |
|
|
EFPROSE_POLICY |
Group ID = ‘0000 0000 0000 0000 0000 0001’ [BIN] |
|
|
ProSe UE ID = ‘0000 0000 0000 0000 0000 0001’ [BIN] |
||
|
Group related security contents PGK = ‘0000 0000 0000 0000 0000 0000 0000 0001’ [OCT] PGK Id = ‘0000 0001’ [BIN] Algorithm info = ‘0001 0000’ [BIN] Note: equals EPS encryption algorithm 128-EEA1 |
Preamble:
– The UE is in state UE Test Mode Activated (state 3A) with UE TEST LOOP MODE E according to [18] on Cell 1 with the RLC UM bearer configured for PDCP SN size for SLRBs (16 bits).
– Ciphering on SLRB is applied. The security parameters are taken from the USIM. The security lifetime parameter is assigned long enough not to expire before the TC is completed.
7.3.8.1.3.2 Test procedure sequence
Table 7.3.8.1.3.2-1: Main behaviour
|
St |
Procedure |
Message Sequence |
TP |
Verdict |
|
|
U – S |
Message |
||||
|
0 |
Force the UE upper layer application to request transmission of sidelink communication. |
– |
– |
– |
– |
|
– |
EXCEPTION: The following events unless otherwise stated are to be observed in Cell 1. |
– |
– |
– |
– |
|
0A |
The UE transmits a SidelinkUEInformation message indicating the sidelink communication frequency of interest for transmission. |
–> |
SidelinkUEInformation |
– |
– |
|
1 |
The Generic test procedure for ‘Loopback Activation (State 4)’ defined in TS 36.508 [18] clause 4.5.4 takes place (TEST LOOP MODE E, TRIGGER = TRANSMIT). |
– |
– |
– |
– |
|
2 |
Void |
– |
– |
– |
– |
|
2A |
The SS releases the RRC connection. |
– |
– |
– |
– |
|
3 |
The UE sends an encrypted STCH PDCP SDU packet and SS extracts the contained PDCP SN counter value. |
–> |
STCH PDCP SDU packet (Received by simulated UE) |
– |
– |
|
– |
EXCEPTION: Step 4 is executed until PDCP SN counter > 65532. |
– |
– |
– |
– |
|
4 |
UE sends encrypted STCH PDCP SDU packet. |
–> |
STCH PDCP SDU packet (Received by simulated UE) |
– |
– |
|
– |
EXCEPTION: Step 5 is executed until PDCP SN counter = 65535 (2^16-1). |
– |
– |
– |
– |
|
5 |
Check: Does the UE send encrypted STCH PDCP SDU packet with PDCP SN counter incremented by one compared with the previous one? |
–> |
STCH PDCP SDU packet (Received by simulated UE) |
1 |
P |
|
6 |
Check: Does the UE send encrypted STCH PDCP SDU packet with PDCP SN counter value zero? |
–> |
STCH PDCP SDU packet (Received by simulated UE) |
2 |
P |
|
6A |
Generic procedure for Generic Radio Bearer Establishment (State 3) defined in TS 36.508 [18] clause 4.5.3 takes place. |
– |
– |
– |
– |
|
7 |
The SS sends OPEN UE TEST LOOP message to open the UE test loop. |
<– |
OPEN UE TEST LOOP |
– |
– |
|
8 |
The UE responds with an OPEN UE TEST LOOP COMPLETE message. |
–> |
OPEN UE TEST LOOP COMPLETE |
– |
– |
7.3.8.1.3.3 Specific message contents
Table 7.3.8.1.3.3-0: SystemInformationBlockType18 (preamble and all steps)
|
Derivation Path: 36.508 [18] Table 4.4.3.3-17 |
|||
|
Information Element |
Value/remark |
Comment |
Condition |
|
SystemInformationBlockType18-r12 ::= SEQUENCE { |
|||
|
commConfig-r12 SEQUENCE { |
|||
|
commRxPool-r12 SEQUENCE (SIZE (1..maxSL-RxPool-r12)) OF SL-CommResourcePool-r12 { |
|||
|
SL-CommResourcePool-r12[2] |
Not present |
||
|
} |
|||
|
commTxPoolNormalCommon-r12 SEQUENCE (SIZE (1..maxSL-TxPool-r12)) OF SL-CommResourcePool-r12 { |
|||
|
SL-CommResourcePool-r12[2] |
Not present |
||
|
} |
|||
|
commTxPoolExceptional-r12 |
Not present |
||
|
commSyncConfig-r12 |
Not present |
||
|
} |
|||
|
} |
|||
|
Note: SideLink direct communication supported. |
|||
Table 7.3.8.1.3.3-1: ACTIVATE TEST MODE (preamble)
|
Derivation Path: 36.508, Table 4.7A-1, condition UE TEST LOOP MODE E |
Table 7.3.8.1.3.3-2: CLOSE UE TEST LOOP (step 1, Table 7.3.8.1.3.2-1)
|
Derivation Path: 36.508, Table 4.7A-3, condition UE TEST LOOP MODE E |
Table 7.3.8.1.3.3-3: SidelinkUEInformation (step 0A, Table 7.3.8.1.3.2-1)
|
Derivation Path: 36.508 [18], table 4.6.1-21A |
|||
|
Information Element |
Value/remark |
Comment |
Condition |
|
SidelinkUEInformation-r12-IEs ::= SEQUENCE { |
|||
|
commRxInterestedFreq-r12 |
Not Present |
||
|
commTxResourceReq-r12 SEQUENCE { |
Indicates the frequency on which the UE is interested to transmit sidelink communication as well as the sidelink communication transmission destination(s) for which the UE requests E-UTRAN to assign dedicated resources. |
||
|
carrierFreq-r12 |
f1 |
Preconfigured value for the service authorisation (same as the frequency on which the simulated cells operate) |
|
|
destinationInfoList-r12 SEQUENCE (SIZE (1..maxSL-Dest-r12)) OF SL-DestinationIdentity-r12 |
1 entry |
||
|
SL-DestinationIdentity-r12[1] |
the destination which is identified by the ProSe Layer-2 Group ID |
Preconfigured value for the service authorisation |
|
|
} |
|||
|
} |
|||
|
discRxInterest-r12 |
Not Present |
||
|
discTxResourceReq-r12 |
Not Present |
||
|
} |
|||
7.3.8.2 Security Aspects / ProSe Direct Communication / Security Information for no Confidentiality Protection
7.3.8.2.1 Test Purpose (TP)
(1)
with { UE served by E-UTRAN PLMN supporting ProSe and intending to use direct communication }
ensure that {
when { the network configuration (group ID and algorithm info) is not to use confidentiality protection }
then { UE sets the values of the security information (PGK Identity, PTK Identity and Counter) to zero in the header of the PDCP packet }
}
7.3.8.2.2 Conformance requirements
References: The conformance requirements covered in the present TC are specified in: TS 33.303, clause 6.2.3.6.2 and TS 36.323, clause 6.2.10. Unless otherwise stated these are Rel-12 requirements.
[TS 33.303, clause 6.2.3.6.2]
In terms of signalling between the UEs to transfer the relevant security information, e.g. to indicate the correct PTK to use to calculate PEK, the header of the PDCP packet for user plane data shall contain the 5 least significant bits of the PGK Identity, PTK Identity and Counter. This is illustrated in figure 6.2.3.6.2-1.
Figure 6.2.3.6.2-1: Security aspects of the PDCP packet for user plane data
NOTE: The Group Identity and Group Member Identity are carried in layers below the PDCP layer.
If the network configuration is not to use confidentiality protection, then the transmitting UE shall set the values of the security information (PGK Identity, PTK Identity and Counter) to zero in the header of the PDCP packet.
[TS 36.323, clause 6.2.10]
Figure 6.2.10.1 shows the format of the PDCP Data PDU for SLRB where a 16 bit SN length is used.
Figure 6.2.10.1: PDCP Data PDU format for SLRB
7.3.8.2.3 Test description
7.3.8.2.3.1 Pre-test conditions
System Simulator:
SS-NW
– Cell 1
– System information combination 23 as defined in TS 36.508 [18] clause 4.4.3.1 is used in E-UTRA Cell 1.
SS-UE
– SS-UE1: as defined in TS 36.508 [18], configured for and operating as ProSe Direct Communication Reception on the resources which the UE is expected to use for transmission.
UE:
– The UE is authorised to perform ProSe Direct Communication. A timer T4005 is assigned long enough not to expire before the TC is completed, e.g. 5 min (for Rel-12 this timer cannot be set in the USIM, it is expected that the UE shall provide means for setting the timer e.g. via MMI).
– The UE has pre-configured radio parameters (preconfigComm) as defined in TS 36.508 with an associated geographical area and a UICC with all values equal to the default profile TS 36.508 [18], section 4.9.3.1 except for those listed in Table 7.3.8.2.3.1-1.
Table 7.3.8.2.3.1-1: USIM configuration
|
USIM field |
Priority |
Value |
|
EFPROSE_RADIO_COM |
Is present |
|
|
EFUST |
Service 101 is supported |
|
|
EFAD |
UE is authorized to use pre-configured parameters for ProSe |
|
|
EFPROSE_PLMN |
PLMN of Cell 1 |
|
|
EFPST |
Service n°3 and service n°6 are supported |
|
|
EFPROSE_POLICY |
Group ID = ‘0000 0000 0000 0000 0000 0000’ [BIN] |
|
|
ProSe UE ID = ‘0000 0000 0000 0000 0000 0001’ [BIN] |
||
|
Group related security contents PGK = ‘0000 0000 0000 0000 0000 0000 0000 0001’ [OCT] PGK Id = ‘0000 0001’ [BIN] Algorithm info = ‘0001 0000’ [BIN] Note: equals EPS encryption algorithm 128-EEA1 |
Preamble:
– The UE is in state UE Test Mode Activated (state 3A) with UE TEST LOOP MODE E according to [18] with the RLC UM bearer configured for PDCP SN size for SLRBs (16 bits).
– The UE is configured to not provide confidentiality protection.
7.3.8.2.3.2 Test procedure sequence
Table 7.3.8.2.3.2-1: Main behaviour
|
St |
Procedure |
Message Sequence |
TP |
Verdict |
|
|
U – S |
Message |
||||
|
0 |
Force the UE upper layer application to request transmission of sidelink communication. |
– |
– |
– |
– |
|
– |
EXCEPTION: The following events unless otherwise stated are to be observed in Cell 1. |
– |
– |
– |
– |
|
0A |
The UE transmits a SidelinkUEInformation message indicating the sidelink communication frequency of interest for transmission. |
–> |
SidelinkUEInformation |
– |
– |
|
1 |
The Generic test procedure for ‘Loopback Activation (State 4)’ defined in TS 36.508 [18] clause 4.5.4 takes place (TEST LOOP MODE E, TRIGGER = TRANSMIT). |
– |
– |
– |
– |
|
2 |
Void |
– |
– |
– |
– |
|
2A |
The SS releases the RRC connection. |
– |
– |
– |
– |
|
3 |
Check: Does the UE send 250 STCH PDCP SDU packets on the allocated radio resource for SLcommunication? |
–> |
STCH PDCP SDU packets (Received by simulated UE) with PGK Identity, PTK Identity and Counter set to zero |
1 |
P |
|
3A |
Generic procedure for Generic Radio Bearer Establishment (State 3) defined in TS 36.508 [18] clause 4.5.3 takes place. |
– |
– |
– |
– |
|
4 |
The SS sends OPEN UE TEST LOOP message to open the UE test loop. |
<– |
OPEN UE TEST LOOP |
– |
– |
|
5 |
The UE responds with an OPEN UE TEST LOOP COMPLETE message. |
–> |
OPEN UE TEST LOOP COMPLETE |
– |
– |
7.3.8.2.3.3 Specific message contents
Table 7.3.8.2.3.3-0: SystemInformationBlockType18 (preamble and all steps)
|
Derivation Path: 36.508 [18] Table 4.4.3.3-17 |
|||
|
Information Element |
Value/remark |
Comment |
Condition |
|
SystemInformationBlockType18-r12 ::= SEQUENCE { |
|||
|
commConfig-r12 SEQUENCE { |
|||
|
commRxPool-r12 SEQUENCE (SIZE (1..maxSL-RxPool-r12)) OF SL-CommResourcePool-r12 { |
|||
|
SL-CommResourcePool-r12[2] |
Not present |
||
|
} |
|||
|
commTxPoolNormalCommon-r12 SEQUENCE (SIZE (1..maxSL-TxPool-r12)) OF SL-CommResourcePool-r12 { |
|||
|
SL-CommResourcePool-r12[2] |
Not present |
||
|
} |
|||
|
commTxPoolExceptional-r12 |
Not present |
||
|
commSyncConfig-r12 |
Not present |
||
|
} |
|||
|
} |
|||
|
Note: SideLink direct communication supported. |
|||
Table 7.3.8.2.3.3-1: ACTIVATE TEST MODE (preamble)
|
Derivation Path: 36.508, Table 4.7A-1, condition UE TEST LOOP MODE E |
Table 7.3.8.2.3.3-2: CLOSE UE TEST LOOP (step 1, Table 7.3.8.2.3.2-1)
|
Derivation Path: 36.508, Table 4.7A-3, condition UE TEST LOOP MODE E |
Table 7.3.8.2.3.3-3: SidelinkUEInformation (step 0A, Table 7.3.8.2.3.2-1)
|
Derivation Path: 36.508 [18], table 4.6.1-21A |
|||
|
Information Element |
Value/remark |
Comment |
Condition |
|
SidelinkUEInformation-r12-IEs ::= SEQUENCE { |
|||
|
commRxInterestedFreq-r12 |
Not Present |
||
|
commTxResourceReq-r12 SEQUENCE { |
Indicates the frequency on which the UE is interested to transmit sidelink communication as well as the sidelink communication transmission destination(s) for which the UE requests E-UTRAN to assign dedicated resources. |
||
|
carrierFreq-r12 |
f1 |
Preconfigured value for the service authorisation (same as the frequency on which the simulated cells operate) |
|
|
destinationInfoList-r12 SEQUENCE (SIZE (1..maxSL-Dest-r12)) OF SL-DestinationIdentity-r12 |
1 entry |
||
|
SL-DestinationIdentity-r12[1] |
the destination which is identified by the ProSe Layer-2 Group ID |
Preconfigured value for the service authorisation |
|
|
} |
|||
|
} |
|||
|
discRxInterest-r12 |
Not Present |
||
|
discTxResourceReq-r12 |
Not Present |
||
|
} |
|||