F.1 Introduction

3GPP43.020Release 17Security related network functionsTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

F.1.1 Scope

In this Annex the ciphering of the voice group call service (VGCS) TS 42.068 [F1] and voice broadcast service (VBS) TS 42.069 [F4] is described. The following functions are required:

– Key derivation;

– Encryption of voice group/broadcast calls;

– The secure storage of the master group keys.

VGCS and VBS provide no authentication functions, i.e. authentication is performed implicitly via encryption/decryption since only a legitimate subscriber shall be able to encrypt and decrypt the VGCS/VBS speech call when the group call requires confidentiality protection. To include a subscriber into a voice group the required group data (including the 2 master group keys) shall be stored on the USIM, e.g. during the personalisation process or via OTA (over-the-air). To exclude a subscriber from a voice group the group data shall be deleted from the USIM. In case of a stolen or lost USIM, all USIMs of the remaining members of the voice groups that the USIM is a member of, need to be changed (e.g. via OTA or manual provisioning).

A pre-Rel‑6 VGCS/VBS capable mobile shall be able to participate in an un-ciphered group call, if it is part of that group.

NOTE: The only security relevant difference between VBS and VGCS is that in the case of VBS there exists no uplink channel.

F.1.2 References

[F1] 3GPP TS 42.068: "3rd Generation Partnership Project; Technical Specification Group Services and system Aspects; Voice Group Call Service (VGCS) – Stage 1".

[F2] 3GPP TS 43.068: "3rd Generation Partnership Project; Technical Specification Group Services and system Aspects; Voice Group Call Service (VGCS) – Stage 2".

[F3] 3GPP TS 31.102: "3rd Generation Partnership Project; Technical Specification Group Terminals; Characteristics of the USIM application".

[F4] 3GPP TS 42.069: "3rd Generation Partnership Project; Technical Specification Group Services and system Aspects; Voice Broadcast Service (VBS) – Stage 1".

[F5] 3GPP TS 43.069: "3rd Generation Partnership Project; Technical Specification Group Services and system Aspects; Voice Broadcast Service (VBS) – Stage 2".

[F6] 3GPP TS 23.003: "3rd Generation Partnership Project; Technical Specification Group Core Network; Numbering, addressing and identification".

[F7] FIPS PUB 180-1 Secure Hash Standard.

F.1.3 Definitions and Abbreviations

F.1.3.1 Definitions

A5_Id: Identifier of the encryption algorithm which shall be used.

CELL_GLOBAL_COUNT: A counter valid for all voice group calls within a cell.

Group_Id: Unique identifier of a voice call group.

KMF: Key Modification Function. KMF derives from the short term key VSTK, the CGI and the CELL_GLOBAL_COUNT the cipher key V_Kc which is valid for that specific cell.

VSTK: Short Term Key provided by the USIM and the GCR. VSTK is derived from VSTK_RAND and V_Ki (128 bit).

VK_Id: Identifier of the Master Group Key (1 bit) of a group. There are up to 2 V_Ki per group.

VSTK_RAND: The 36-bit value that is used for derivation of a short term key VSTK.

V_Ki (Group_Id, VK_Id, Service_type): Voice Group or Broadcast Group Key (128 bit) number VK_Id of group with Group_Id. This is also called Master Group Key or Group Key in this Annex. There exist different Master Group keys per service type i.e. VGCS and VBS.

V_Kc: Voice Group or Broadcast Ciphering Key (128 bit). V_Kc is derived from VSTK.

F.1.3.2 Abbreviations

The following list describes the abbreviations and acronyms used in this Annex.

CGI Cell Global Identifier

GCR Group Call Register

VBS Voice Broadcast Service

VGCS Voice Group Call Service