throbber
3GPP TS 33.501 V15.0.0 (2018-03)
`
`Technical Specification
`
`3rd Generation Partnership Project;
`Technical Specification Group Services and System Aspects;
`Security architecture and procedures for 5G system
`(Release 15)
`
`The present document has been developed within the 3rd Generation Partnership Project (3GPP TM) and may be further elaborated for the purposes of 3GPP..
`The present document has not been subject to any approval process by the 3GPP Organizational Partners and shall not be implemented.
`This Specification is provided for future development work within 3GPP only. The Organizational Partners accept no liability for any use of this Specification.
`Specifications and Reports for implementation of the 3GPP TM system should be obtained via the 3GPP Organizational Partners' Publications Offices.
`
`APPLE 1009
`
`1
`
`

`

`
`Release 15
`
`2
`
`3GPP TS 33.501 V15.0.0 (2018-03)
`
`
`
`
`
`
`
`
`
`Keywords
`security,5G
`
`3GPP
`
`Postal address
`
`
`3GPP support office address
`650 Route des Lucioles – Sophia Antipolis
`Valbonne – France
`Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16
`
`Internet
`http://www.3gpp.org
`
`Copyright Notification
`
`No part may be reproduced except as authorized by written permission.
`The copyright and the foregoing restriction extend to reproduction in all media.
`
`© 2018, 3GPP Organizational Partners (ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC).
`All rights reserved.
`
`
`UMTS™ is a Trade Mark of ETSI registered for the benefit of its members
`3GPP™ is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners
`LTE™ is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners
`GSM® and the GSM logo are registered and owned by the GSM Association
`
`3GPP
`
`2
`
`

`

`
`Release 15
`
`3
`
`3GPP TS 33.501 V15.0.0 (2018-03)
`
`Contents
`
`Foreword............................................................................................................................................................. 9
`1
`Scope ...................................................................................................................................................... 10
`2
`References .............................................................................................................................................. 10
`3
`Definitions and abbreviations ................................................................................................................. 12
`3.1
`Definitions ....................................................................................................................................................... 12
`3.2
`Abbreviations ................................................................................................................................................... 13
`4
`Overview of security architecture .......................................................................................................... 14
`4.1
`Security domains ............................................................................................................................................. 14
`4.2
`Security Edge Protection Proxy (SEPP) .......................................................................................................... 15
`5
`Security requirements and features ........................................................................................................ 16
`5.1
`General security requirements ......................................................................................................................... 16
`5.1.1
`Mitigation of bidding down attacks ............................................................................................................ 16
`5.1.2
`Authentication and Authorization .............................................................................................................. 16
`5.2
`Requirements on the UE .................................................................................................................................. 16
`5.2.1
`General ....................................................................................................................................................... 16
`5.2.2
`User data and signalling data confidentiality ............................................................................................. 16
`5.2.3
`User data and signalling data integrity ....................................................................................................... 17
`5.2.4
`Secure storage and processing of subscription credentials ......................................................................... 17
`5.2.5
`Subscriber privacy ...................................................................................................................................... 18
`5.3
`Requirements on the gNB ................................................................................................................................ 18
`5.3.1
`General ....................................................................................................................................................... 18
`5.3.2
`User data and signalling data confidentiality ............................................................................................. 18
`5.3.3
`User data and signalling data integrity ....................................................................................................... 19
`5.3.4
`Requirements for the gNB setup and configuration ................................................................................... 19
`5.3.5
`Requirements for key management inside the gNB ................................................................................... 19
`5.3.6
`Requirements for handling user plane data for the gNB ............................................................................ 20
`5.3.7
`Requirements for handling control plane data for the gNB ........................................................................ 20
`5.3.8
`Requirements for secure environment of the gNB ..................................................................................... 20
`5.3.9
`Requirements for the gNB F1 interfaces .................................................................................................... 20
`5.3.10
`Requirements for the gNB E1 interfaces .................................................................................................... 20
`5.4
`Requirements on the ng-eNB ........................................................................................................................... 20
`5.5
`Requirements on the AMF ............................................................................................................................... 21
`5.5.1
`Signalling data confidentiality.................................................................................................................... 21
`5.5.2
`Signalling data integrity ............................................................................................................................. 21
`5.5.3
`Subscriber privacy ...................................................................................................................................... 21
`5.6
`Requirements on the SEAF .............................................................................................................................. 21
`5.7
`Requirements on Network Exposure Function (NEF) ..................................................................................... 21
`5.8
`Requirements on the SIDF ............................................................................................................................... 22
`5.9
`Core network security ...................................................................................................................................... 22
`5.9.1
`Trust boundaries ......................................................................................................................................... 22
`5.9.2
`Requirements on service-based architecture .............................................................................................. 22
`5.9.2.1
`Security Requirements for service registration, discovery and authorization ....................................... 22
`5.9.2.2
`NRF security requirements ................................................................................................................... 22
`5.9.3
`Requirements for e2e core network interconnection security .................................................................... 22
`5.9.3.1
`General ................................................................................................................................................. 22
`5.9.3.2
`Requirements for Security Edge Protection Proxy (SEPP) .................................................................. 23
`5.9.3.3
`Protection of attributes.......................................................................................................................... 23
`5.10
`Visibility and configurability ........................................................................................................................... 24
`5.10.1
`Security visibility ....................................................................................................................................... 24
`5.10.2
`Security configurability .............................................................................................................................. 24
`5.11
`Requirements for algorithms, and algorithm selection .................................................................................... 24
`5.11.1
`Algorithm identifier values ........................................................................................................................ 24
`5.11.1.1
`Ciphering algorithm identifier values ................................................................................................... 24
`5.11.1.2
`Integrity algorithm identifier values ..................................................................................................... 25
`
`3GPP
`
`3
`
`

`

`
`Release 15
`
`4
`
`3GPP TS 33.501 V15.0.0 (2018-03)
`
`5.11.2
`6
`6.1
`6.1.1
`6.1.1.1
`6.1.1.2
`6.1.1.3
`6.1.1.4
`6.1.1.4.1
`6.1.1.4.2
`6.1.1.4.3
`6.1.2
`6.1.3
`6.1.3.1
`6.1.3.2
`6.1.3.2.1
`6.1.3.2.2
`6.1.4
`6.1.4.1
`6.1.4.2
`6.2
`6.2.1
`6.2.2
`6.2.2.1
`6.2.2.2
`6.2.3
`6.2.3.1
`6.2.3.2
`6.2.3.3
`6.3
`6.3.1
`6.3.1.1
`6.3.1.2
`6.3.1.3
`6.3.1.4
`
`6.3.2
`6.3.2.0
`6.3.2.1
`6.3.2.2
`6.4
`6.4.1
`6.4.2
`6.4.2.1
`6.4.2.2
`6.4.3
`6.4.3.0
`6.4.3.1
`6.4.3.2
`6.4.3.3
`6.4.4
`6.4.4.0
`6.4.4.1
`6.4.4.2
`6.4.5
`6.4.6
`6.4.7
`6.5
`6.5.1
`6.5.2
`6.6
`
`Requirements for algorithm selection ........................................................................................................ 25
`Security procedures between UE and 5G network functions ................................................................. 26
`Primary authentication and key agreement ...................................................................................................... 26
`Authentication framework .......................................................................................................................... 26
`General ................................................................................................................................................. 26
`EAP framework .................................................................................................................................... 26
`Granularity of anchor key binding to serving network ......................................................................... 27
`Construction of the serving network name ........................................................................................... 27
`Serving network name .................................................................................................................... 27
`Construction of the serving network name by the UE .................................................................... 27
`Construction of the serving network name by the SEAF ................................................................ 27
`Initiation of authentication and selection of authentication method ........................................................... 28
`Authentication procedures .......................................................................................................................... 29
`Authentication procedure for EAP-AKA' ............................................................................................. 29
`Authentication procedure for 5G AKA ................................................................................................ 31
`Synchronization failure or MAC failure on USIM ......................................................................... 33
`RES* verification failure in SEAF or AUSF or both ...................................................................... 34
`Linking increased home control to subsequent procedures ........................................................................ 34
`Introduction .......................................................................................................................................... 34
`Linking authentication confirmation to Nudm_UECM_Registration procedure from AMF ............... 35
`Key hierarchy, key derivation, and distribution scheme .................................................................................. 36
`Key hierarchy ............................................................................................................................................. 36
`Key derivation and distribution scheme ..................................................................................................... 37
`Keys in network entities ....................................................................................................................... 37
`Keys in the UE...................................................................................................................................... 39
`Handling of user-related keys..................................................................................................................... 41
`Key setting ............................................................................................................................................ 41
`Key identification ................................................................................................................................. 41
`Key lifetimes ........................................................................................................................................ 42
`Security contexts .............................................................................................................................................. 43
`Distribution of security contexts ................................................................................................................ 43
`General ................................................................................................................................................. 43
`Distribution of subscriber identities and security data within one 5G serving network domain .......... 43
`Distribution of subscriber identities and security data between 5G serving network domains ............. 43
`Distribution of subscriber identities and security data between 5G and EPS serving network
`domains ................................................................................................................................................ 43
`Multiple registrations in same or different serving networks ..................................................................... 44
`General ................................................................................................................................................. 44
`Multiple registrations in different PLMNs ........................................................................................... 44
`Multiple registrations in the same PLMN ............................................................................................. 44
`NAS security mechanisms ............................................................................................................................... 44
`General ....................................................................................................................................................... 44
`Security for multiple NAS connections ...................................................................................................... 45
`Multiple active NAS connections with different PLMNs ..................................................................... 45
`Multiple active NAS connections in the same PLMN's serving network ............................................. 45
`NAS integrity mechanisms ......................................................................................................................... 45
`General ................................................................................................................................................. 45
`NAS input parameters to integrity algorithm ....................................................................................... 45
`NAS integrity activation ....................................................................................................................... 46
`NAS integrity failure handling ............................................................................................................. 46
`NAS confidentiality mechanisms ............................................................................................................... 46
`General ................................................................................................................................................. 46
`NAS input parameters to confidentiality algorithm .............................................................................. 46
`NAS confidentiality activation ............................................................................................................. 46
`Handling of NAS COUNTs ....................................................................................................................... 46
`Protection of initial NAS message ............................................................................................................. 47
`Security aspects of SMS over NAS ............................................................................................................ 48
`RRC security mechanisms ............................................................................................................................... 48
`RRC integrity mechanisms ......................................................................................................................... 48
`RRC confidentiality mechanisms ............................................................................................................... 49
`UP security mechanisms .................................................................................................................................. 49
`
`3GPP
`
`4
`
`

`

`
`Release 15
`
`5
`
`3GPP TS 33.501 V15.0.0 (2018-03)
`
`6.6.1
`6.6.2
`6.6.3
`6.6.4
`6.7
`6.7.1
`6.7.1.1
`6.7.1.2
`6.7.2
`6.7.3
`6.7.3.0
`6.7.3.1
`6.7.3.2
`6.7.3.3
`6.7.4
`6.8
`6.8.1
`6.8.1.1
`6.8.1.1.0
`6.8.1.1.1
`6.8.1.1.2
`6.8.1.1.2.1
`6.8.1.1.2.2
`6.8.1.1.2.3
`6.8.1.2
`6.8.1.2.0
`6.8.1.2.1
`6.8.1.2.2
`6.8.1.2.3
`6.8.1.2.4
`6.8.1.3
`6.8.2
`6.8.2.1
`6.8.2.2
`6.9
`6.9.1
`6.9.2
`6.9.2.1
`6.9.2.1.1
`6.9.2.1.2
`6.9.2.2
`6.9.2.3
`6.9.2.3.1
`6.9.2.3.2
`6.9.2.3.3
`6.9.2.3.4
`6.9.3
`6.9.4
`6.9.4.1
`6.9.4.2
`6.9.4.3
`6.9.4.4
`6.9.4.5
`6.9.5
`6.9.5.1
`6.9.5.2
`6.10
`6.11
`6.12
`6.12.1
`6.12.2
`6.12.3
`
`UP security policy ...................................................................................................................................... 49
`UP security activation mechanism ............................................................................................................. 50
`UP confidentiality mechanisms .................................................................................................................. 51
`UP integrity mechanisms ........................................................................................................................... 51
`Security algorithm selection, key establishment and security mode command procedure .............................. 51
`Procedures for NAS algorithm selection .................................................................................................... 51
`Initial NAS security context establishment .......................................................................................... 51
`AMF change ......................................................................................................................................... 52
`NAS security mode command procedure ................................................................................................... 52
`Procedures for AS algorithm selection ....................................................................................................... 53
`Initial AS security context establishment ............................................................................................. 53
`Xn-handover ......................................................................................................................................... 54
`N2-handover ......................................................................................................................................... 54
`Intra-gNB-CU handover ....................................................................................................................... 54
`AS security mode command procedure ...................................................................................................... 54
`Security handling in state transitions ............................................................................................................... 56
`Key handling at connection and registration state transitions .................................................................... 56
`Key handling at transitions between RM-DEREGISTERED and RM-REGISTERED states.............. 56
`General ............................................................................................................................................ 56
`Transition from RM-REGISTERED to RM-DEREGISTERED .................................................... 56
`Transition from RM-DEREGISTERED to RM-REGISTERED .................................................... 57
`General ...................................................................................................................................... 57
`Full native 5G NAS security context available ......................................................................... 57
`Full native 5G NAS security context not available ................................................................... 58
`Key handling at transitions between CM-IDLE and CM-CONNECTED states .................................. 58
`General ............................................................................................................................................ 58
`Transition from CM-IDLE to CM-CONNECTED ......................................................................... 58
`Establishment of keys for cryptographically protected radio bearers in 3GPP access .................... 59
`Establishment of keys for cryptographically protected traffic in non-3GPP access ....................... 59
`Transition from CM-CONNECTED to CM-IDLE ......................................................................... 60
`Key handling for the Registration procedure when registered in 5G-RAN .......................................... 60
`Key handling at RRC state transitions........................................................................................................ 60
`Key handling at transitions between RRC-INACTIVE and RRC-CONNECTED states ..................... 60
`Key handling during mobility in RRC-INACTIVE state ..................................................................... 60
`Security handling in mobility........................................................................................................................... 61
`General ....................................................................................................................................................... 61
`Key handling in handover .......................................................................................................................... 61
`General ................................................................................................................................................. 61
`Access stratum ................................................................................................................................ 61
`Non access stratum ......................................................................................................................... 62
`Key derivations for context modification procedure ............................................................................ 62
`Key derivations during handover .......................................................................................................... 62
`Intra-gNB-CU handover ................................................................................................................. 62
`Xn-handover ................................................................................................................................... 63
`N2-Handover .................................................................................................................................. 63
`UE handling .................................................................................................................................... 64
` Key handling in mobility registration update ............................................................................................ 65
`Key-change-on-the-fly ............................................................................................................................... 66
`General ................................................................................................................................................. 66
`NAS key re-keying ............................................................................................................................... 67
`NAS key refresh ................................................................................................................................... 67
`AS key re-keying .................................................................................................................................. 67
`AS key refresh ...................................................................................................................................... 68
`Rules on Concurrent Running of Security Procedures ............................................................................... 68
`Rules related to AS and NAS security context synchronization ........................................................... 68
`Rules related to parallel NAS connections ........................................................................................... 68
`Dual connectivity ............................................................................................................................................. 68
`Security handling for RRC Connection Re-establishment Procedure .............................................................. 69
`Subscription identifier privacy ......................................................................................................................... 70
`Subscription permanent identifier .............................................................................................................. 70
`Subscription concealed identifier ............................................................................................................... 70
`Subscription temporary identifier ............................................................................................................... 71
`
`3GPP
`
`5
`
`

`

`
`Release 15
`
`6
`
`3GPP TS 33.501 V15.0.0 (2018-03)
`
`Subscription identification procedure......................................................................................................... 71
`6.12.4
`Subscription identifier de-concealing function (SIDF) .............................................................................. 72
`6.12.5
`Signalling procedure for periodic local authentication .................................................................................... 72
`6.13
`Security for non-3GPP access to the 5G core network .......................................................................... 73
`7
`General ............................................................................................................................................................. 73
`7.1
`Security procedures.......................................................................................................................................... 73
`7.2
`Authentication for Untrusted non-3GPP Access ........................................................................................ 73
`7.2.1
`Security of interworking ......................................................................................................................... 76
`8
`General ............................................................................................................................................................. 76
`8.1
`Registration procedure for mobility from EPS to 5GS .................................................................................... 76
`8.2
`Handover procedure from 5GS to EPS over N26 ............................................................................................ 76
`8.3
`General ....................................................................................................................................................... 76
`8.3.1
`Procedure ................................................................................................................................................... 76
`8.3.2
`Handover from EPS to 5GS over N26 ............................................................................................................. 79
`8.4
`General ....................................................................................................................................................... 79
`8.4.1
`Procedure ................................................................................................................................................... 79
`8.4.2
`Idle-mode mobility from 5GC to EPC ............................................................................................................. 81
`8.5
`General ....................................................................................................................................................... 81
`8.5.1
`Procedure ................................................................................................................................................... 81
`8.5.2
`Mapping of security contexts ........................................................................................................................... 83
`8.6
`Mapping of a 5G security context to an EPS security context ................................................................... 83
`8.6.1
`Mapping of an EPS security context to a 5G security context ................................................................... 83
`8.6.2
`Interworking without N26 interface in single-registration mode ..................................................................... 83
`8.7
`Security procedures for non-service based interfaces ............................................................................ 83
`9
`General .........................................................................................................................

This document is available on Docket Alarm but you must sign up to view it.


Or .

Accessing this document will incur an additional charge of $.

After purchase, you can access this document again without charge.

Accept $ Charge
throbber

Still Working On It

This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.

Give it another minute or two to complete, and then try the refresh button.

throbber

A few More Minutes ... Still Working

It can take up to 5 minutes for us to download a document if the court servers are running slowly.

Thank you for your continued patience.

This document could not be displayed.

We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.

Your account does not support viewing this document.

You need a Paid Account to view this document. Click here to change your account type.

Your account does not support viewing this document.

Set your membership status to view this document.

With a Docket Alarm membership, you'll get a whole lot more, including:

  • Up-to-date information for this case.
  • Email alerts whenever there is an update.
  • Full text search for other cases.
  • Get email alerts whenever a new case matches your search.

Become a Member

One Moment Please

The filing “” is large (MB) and is being downloaded.

Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.

Your document is on its way!

If you do not receive the document in five minutes, contact support at support@docketalarm.com.

Sealed Document

We are unable to display this document, it may be under a court ordered seal.

If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.


Access Government Site

We are redirecting you
to a mobile optimized page.





Document Unreadable or Corrupt

Refresh this Document
Go to the Docket

We are unable to display this document.

Refresh this Document
Go to the Docket