5.3.6 Counter check

38.3313GPPNRProtocol specificationRadio Resource Control (RRC)Release 17TS

5.3.6.1 General

Figure 5.3.6.1-1: Counter check procedure

The counter check procedure is used by the network to request the UE to verify the amount of data sent/ received on each DRB. More specifically, the UE is requested to check if, for each DRB, the most significant bits of the COUNT match with the values indicated by the network.

NOTE: The procedure enables the network to detect packet insertion by an intruder (a ‘man in the middle’).

5.3.6.2 Initiation

The network initiates the procedure by sending a CounterCheck message.

NOTE: The network may initiate the procedure when any of the COUNT values reaches a specific value.

5.3.6.3 Reception of the CounterCheck message by the UE

Upon receiving the CounterCheck message, the UE shall:

1> for each DRB that is established:

2> if no COUNT exists for a given direction (uplink or downlink) because it is a uni-directional bearer configured only for the other direction:

3> assume the COUNT value to be 0 for the unused direction;

2> if the drb-Identity is not included in the drb-CountMSB-InfoList:

3> include the DRB in the drb-CountInfoList in the CounterCheckResponse message by including the drb-Identity, the count-Uplink and the count-Downlink set to the value of TX_NEXT – 1 and RX_NEXT – 1 (specified in TS 38.323 [5]), respectively;

2> else if, for at least one direction, the most significant bits of the COUNT are different from the value indicated in the drb-CountMSB-InfoList:

3> include the DRB in the drb-CountInfoList in the CounterCheckResponse message by including the drb-Identity, the count-Uplink and the count-Downlink set to the value of TX_NEXT – 1 and RX_NEXT – 1 (specified in TS 38.323 [5]), respectively;

1> for each DRB that is included in the drb-CountMSB-InfoList in the CounterCheck message that is not established:

2> include the DRB in the drb-CountInfoList in the CounterCheckResponse message by including the drb-Identity, the count-Uplink and the count-Downlink with the most significant bits set identical to the corresponding values in the drb-CountMSB-InfoList and the least significant bits set to zero;

1> submit the CounterCheckResponse message to lower layers for transmission upon which the procedure ends.