Difference between revisions of "My 3GPP 33.501 notes"
m |
|||
| Line 19: | Line 19: | ||
=== 5G AS Secondary Cell security context === | === 5G AS Secondary Cell security context === | ||
The cryptographic keys at AS level for secondary cell with their identifiers, the identifier of the selected AS level cryptographic algorithms for secondary cell, the UP Security Policy at the network side, and counters used for replay protection. | The cryptographic keys at AS level for secondary cell with their identifiers, the identifier of the selected AS level cryptographic algorithms for secondary cell, the UP Security Policy at the network side, and counters used for replay protection. | ||
=== Home Network Public Key Identifier === | |||
An identifier used to indicate which public/private key pair is used for SUPI protection and de-concealment of the SUCI. | |||
=== subscription credential(s) === | |||
The set of values in the USIM and in the home operator's network, consisting of at least the long-term key(s) and the subscription identifier SUPI, used to uniquely identify a subscription and to mutually authenticate the UE and 5G core network. | |||
<center>[[Telecommunications_info|To Telecommunications Info]]</center> | <center>[[Telecommunications_info|To Telecommunications Info]]</center> | ||
Revision as of 12:52, 9 September 2022
Definitions
5G security context
The state that is established locally at the UE and a serving network domain and represented by the "5G security context data" stored at the UE and a serving network.
NOTE 1: The "5G security context data" consists of the 5G NAS security context, and the 5G AS security context for 3GPP access and/or the 5G AS security context for non-3GPP access.
NOTE 2: A 5G security context has type "mapped", "full native" or "partial native". Its state can either be "current" or "non-current". A context can be of one type only and be in one state at a time. The state of a particular context type can change over time. A partial native context can be transformed into a full native. No other type transformations are possible.
5G AS security context for 3GPP access
The cryptographic keys at AS level with their identifiers, the Next Hop parameter (NH), the Next Hop Chaining Counter parameter (NCC) used for next hop access key derivation, the identifiers of the selected AS level cryptographic algorithms, the UE security capabilities, and the UP Security Policy at the network side, UP security activation status and the counters used for replay protection.
NOTE 3: NH and NCC need to be stored also at the AMF during connected mode.
NOTE 4: UP security activation status is sent from gNB/ng-eNB in step 1b in clause 6.6.2 corresponding to the active PDU session(s).
5G AS security context for non-3GPP access
The key KN3IWF, the cryptographic keys, cryptographic algorithms and tunnel security association parameters used at IPsec layer for the protection of IPsec SA.
5G AS Secondary Cell security context
The cryptographic keys at AS level for secondary cell with their identifiers, the identifier of the selected AS level cryptographic algorithms for secondary cell, the UP Security Policy at the network side, and counters used for replay protection.
Home Network Public Key Identifier
An identifier used to indicate which public/private key pair is used for SUPI protection and de-concealment of the SUCI.
subscription credential(s)
The set of values in the USIM and in the home operator's network, consisting of at least the long-term key(s) and the subscription identifier SUPI, used to uniquely identify a subscription and to mutually authenticate the UE and 5G core network.