Content for TS 33.163 Word version: 17.0.0

0… 4… 4.3… 4.6… 5… 6… 6.2.2… 6.2.6… 6.2.7… 7… A…

6.2.6 EMSDP Control Plane Commands 6.2.6.1 Overview 6.2.6.1.1 EMSDP Session Request 6.2.6.1.2 EMSDP Session Start 6.2.6.1.3 EMSDP Session Start Confirmation message 6.2.6.1.4 EMSDP Session Terminate Request and Response 6.2.6.1.5 EMSDP Manage Keys Request 6.2.6.1.6 EMSDP Manage Keys Response 6.2.6.1.7 EMSDP Message Reject command
...

6.2.6 EMSDP Control Plane Commands p. 34

6.2.6.1 Overview p. 34

The following EMSDP commands are proposed in Table 6.2.6.1-1:

Table 6.2.6.1-1: EMSDP commands

Code (Hex)	Command
10	EMSDP Session Request
11	EMSDP Session Start
12	EMSDP Session Start Confirmation
20	EMSDP Session Terminate Request
21	EMSDP Session Terminate Response
30	EMSDP Manage Keys Request
31	EMSDP Manage Keys Response
80	EMSDP Message Reject

In defining the EMSDP commands the following convention is used for categorising parameters:

the inclusion of the parameter is mandatory.

the inclusion of the parameter is optional.

the inclusion of the parameter is conditional.

6.2.6.1.1 EMSDP Session Request p. 34

The EMSDP Session Request command shall be used by the UE to trigger a new BEST session from the HSE. This message shall include an identification of the UE, an indication of its BEST support Optionally, the EMSDP Session Request command may include information on the end enterprise service that this data is a part of. The UE may also include a 'BEST confidential service requested' indication in the EMSDP Session Request command to indicate the UE is requesting a 'BEST user plane confidential service'. For UEs not supporting 5G authentication, if the UE is requesting a 'BEST user plane confidential service' then the Serving network information shall be present, else this information is optional. For UEs supporting 5G authentication, the Serving network information shall be present.

This message may be sent after a PDP context has been setup.

The cmd options for the EMSDP session request command are as follows:

Table 6.2.6.1.1-1: EMSDP session request command options

Name	M / C / O
IMSI TLV or SUCI TLV	M
BEST UE configuration TLV	M
Enterprise Setup Information Element TLV	M
Serving Network TLV	C

IMSI TLV: This is a TLV that contains the IMSI as follows:

Table 6.2.6.1.1-2: IMSI TLV

Name	Size	M / C / O	Value
IMSI TLV Tag	1 byte	M	01
Length	1 byte	M	Length of IMSI value (X)
IMSI value	X bytes	M	according to clause 4.2.2 of TS 31.102 bytes 2 to 9.

SUCI TLV: This is a TLV that contains the 5G SUCI as follows:

Table 6.2.6.1.1-3: SUCI TLV

Name	Size	M / C / O	Value
SUCI TLV Tag	1 byte	M	0x
Length	1 byte	M	Length of SUCI value (X)
SUCI value	X bytes	M	according to TS 33.501.

The SUCI TLV shall be used if SUCI is supported by the UE, otherwise the IMSI TLV shall be used.

BEST configuration TLV: This is a TLV that contains the BEST configuration details for the UE as follows:

Table 6.2.6.1.1-3a: BEST UE configuration TLV

Bit 8	Bit 7	Bit 6	Bit 5	Bit 4	Bit 3	Bit 2	Bit 1
BEST UE configuration TLV Tag = '02'
Length of Best protocol ID contents = x bytes
BEST release supported by the UE				BEST counter schemes supported by the UE	Reserved for future use (set to 000)
BEST protocols supported for control plane messages	Reserved for future use (set to 000)			BEST protocols supported for user plane messages	Reserved for future use (set to 000)
User data push to UE Supported	BEST encryption algorithm GEA4 supported	BEST encryption algorithm GEA5 supported	BEST encryption algorithm UEA1 supported	BEST encryption algorithm UEA2 supported	BEST encryption algorithm EEA0 supported	BEST encryption algorithm 128-EEA1 supported	BEST encryption algorithm 128-EEA2 supported
BEST encryption algorithm 128-EEA3 supported	BEST integrity algorithm GIA4 supported	BEST integrity algorithm GIA5 supported	BEST integrity algorithm UIA1 supported	BEST integrity algorithm UIA2 supported	BEST integrity algorithm 128-EIA1 supported	BEST integrity algorithm 128-EIA2 supported	BEST integrity algorithm 128-EIA3 supported
Reserved for future use (set to 00)		BEST encryption algorithm 128-NEA1 supported	BEST encryption algorithm 128-NEA2 supported	BEST encryption algorithm 128-NEA3 supported	BEST integrity algorithm 128-NIA1 supported	BEST integrity algorithm 128-NIA2 supported	BEST integrity algorithm 128-NIA3 supported
BEST key agreement - EPS authentication supported	BEST key agreement - 5G authentication supported	BEST key agreement - GBA supported	BEST key agreement - 5G GBA supported	BEST key agreement - AKMA supported	BEST key agreement - Proprietary key agreement supported	Reserved for future use (set to 00) BEST confidential service requested	Reserved for future use (set to 0)

Where:

BEST release supported by the UE - an indicator the release of the BEST solution that the UE has been designed to. If no release is indicated this means that the BEST service is not supported.
- Value: This shall be a 4 bit field where "0000" = Rel.14 , "0001" = Release 15, "0010" = Release 16, "0011" = Release 17 and " 0100 " to "1111" are RFU,
BEST counter schemes supported by the UE - a flag for each supported scheme. At least one scheme must be supported and indicated.
- Value: '1' - Optimised EMSDP counter scheme.
BEST protocols supported for control plane messages - a flag for each BEST control plane protocol that is supported by the UE. At least one scheme must be supported and indicated.
- Value: '1' - EMSDP.
BEST protocols supported for user plane messages - a flag for each BEST control plane protocol that is supported by the UE. At least one scheme must be supported and indicated.
- Value: '1' - EMSDP.
- This flag is set to '0' if only the BEST Key agreement service is used
User data push to UE Supported - a flag to indicate whether the UE supports user data pushed to the UE without a request for user data from the UE.
- Values:
  '1' = User data push to UE supported,
  '0' = User data push to UE not supported.
BEST encryption algorithms supported by the UE - a flag for each supported algorithm: GEA4, GEA5, UEA1, UEA2, EEA0, 128-EEA1, 128-EEA2, 128-EEA3, 128-NEA1, 128-NEA2 and 128-NEA3. EEA0 shall always be supported and means no encryption.
- Values:
  '1' = Algorithm supported,
  '0' = Algorithm not supported.
BEST integrity algorithms supported by the UE - a flag for each supported algorithm: GIA4, GIA5, UIA1, UIA2, 128-EIA1, 128-EIA2, 128-EIA3, 128-NIA1, 128-NIA2 and 128-NIA3.
- Values:
  '1' = Algorithm supported,
  '0' = Algorithm not supported.
BEST Key agreement mechanisms supported by the UE: a flag for each supported key agreement method: EPS authentication, 5G authentication, GBA, 5G GBA, AKMA and proprietary key agreement.
- Values:
  '1' = Algorithm supported,
  '0' = Algorithm not supported.
BEST confidential service requested - an indication from the UE that it would like the BEST user plane data to be confidentiality protected.
- Values:
  '1' = BEST confidential service requested,
  '0' = BEST confidential service not requested.

Enterprise Setup Information Element TLV: This is a TLV element that contains information from the UE that is used by the HSE to setup the HSE to enterprise connection as follows:

Table 6.2.6.1.1-4: Enterprise Setup Information Element TLV

Name	Size	M / C / O	Value
Enterprise Setup Information Element TLV Tag	1 byte	M	03
Length	1 byte	M	Length of Enterprise URL (X+1)
UE-to-EAS flag	1 byte	M
Enterprise Id	X bytes	O

UE-to-EAS flag:

If set to 0 it indicates that the UE requests a UE-to-HSE BEST secure session. If set to 1, it means that the UE requests a UE-to-EAS BEST secure session. This flag is not used if BEST User plane security services are not used.

Enterprise Id:

The enterprise Id is used by the HSE to identify the enterprise and the service that the data belongs to. These services are out of scope of this specification. As an example, a URL may be used to identify the enterprise.

Serving network TLV: This is a TLV that contains information on the serving network.

Table 6.2.6.1.1-5: Serving Network TLV

Name	Size	M / C / O	Value
Serving Network Element TLV Tag	1 byte	M	0B
Length	1 byte	M	Length of MCC/MNC value (3)
MCC/MNC	3 bytes	M	MCC/MNC as defined in TS 24.008

Response:

If the HSE agrees to setup the session, it shall respond with an EMSDP Session Start command.

If the HSE does not agree to setup a BEST session, it may respond with a EMSDP Message Reject command. This command may include the reason that the request has been rejected.

6.2.6.1.2 EMSDP Session Start p. 38

The EMSDP Session Start command is used by the HSE to setup a new BEST session. This message shall contain information on the BEST service setup, key agreement details, a hash of the information sent by the UE in the prior EMSDP Session Request command and optionally, the HSE identity.

On receipt of this command the UE shall:

If no indication is given, perform a UTMS security context authentication with the USIM using the RAND and AUTN combination from the Key Agreement TLV. If the USIM returns IK and CK values, the UE uses these keys and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5. If the USIM determines re-synchronisation is required and returns an AUTS then the UE sends a EMSDP Message Reject command containing the AUTS to the HSE.
If indicated, perform an EPS security context authentication with the USIM using the RAND and AUTN combination from the Key Agreement TLV. If the USIM returns IK and CK values, the UE uses these keys to derive KASME and subsequently use KASME and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5. If the USIM determines re-synchronisation is required and returns an AUTS then the UE sends a EMSDP Message Reject command containing the AUTS to the HSE.
If indicated, perform a 5G security context authentication with the USIM using the RAND and AUTN combination from the Key Agreement TLV. If the USIM returns IK and CK values, the UE uses these keys to derive KHSE (depending on the authentication method selected) and subsequently use KHSE and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5. The derivation of KHSE is described in clause 5.1.0a. If the USIM determines re-synchronisation is required and returns an AUTS then the UE sends a EMSDP Message Reject command containing the AUTS to the HSE.
If indicated, perform a GBA based authentication. After establishing the agreed key (see clause 5.1.1), the UE uses this key and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5.
If indicated, perform a 5G GBA based authentication. After establishing the agreed key (see clause 5.1.1), the UE uses this key and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5.
If indicated, perform a AKMA based authentication. After establishing the agreed key (see clause 5.1.1), the UE uses this key and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5.
If indicated, perform a proprietry based authentication. After establishing the agreed key (see clause 5.1.1), the UE uses this key and the HSE identity supplied (if the HSE Identity TLV is present) to generate the session keys for the EMSDP messages as detailed in clause 5.
Verify that the UE supports the BEST service indicated in the BEST Service configuration TLV.
Verify the received message format, the CP COUNTER value and the message MAC value.
Verify that the MAC supplied in the MAC TLV matches the MAC that would be produced for the previous EMSDP Session Request message if the BEST configuration in the BEST Service configuration TLV had been applied using the integrity key calculated from the Key agreement TLV.

The EMSDP Session Start command has the following cmd options:

Table 6.2.6.1.2-1: EMSDP Session Start command options

Name	M / C / O
BEST Service configuration TLV	M
Key agreement TLV	M
EMSDP session request MAC TLV	C
HSE Identity TLV	O
EAS Container	O

BEST Service configuration TLV: The BEST Service configuration TLV sets the BEST service parameters to be used in this session as follows:

Table 6.2.6.1.2-2: BEST Service configuration TLV

Bit 8	Bit 7	Bit 6	Bit 5	Bit 4	Bit 3	Bit 2	Bit 1
BEST HSE configuration TLV Tag = '04'
Length of Best protocol ID contents = x bytes
BEST Service Activated	BEST encryption algorithm GEA4 to be used	BEST encryption algorithm GEA5 to be used	BEST encryption algorithm UEA1 to be used	BEST encryption algorithm UEA2 to be used	BEST encryption algorithm EEA0 to be used	BEST encryption algorithm 128-EEA1 to be used	BEST encryption algorithm 128-EEA2 to be used
BEST signalling plane protocol identifier
BEST user plane protocol identifier
BEST encryption algorithm 128-EEA3 to be used	BEST integrity algorithm GIA4 to be used	BEST integrity algorithm GIA5 to be used	BEST integrity algorithm UIA1 to be used	BEST integrity algorithm UIA2 to be used	BEST integrity algorithm 128-EIA1 to be used	BEST integrity algorithm 128-EIA2 to be used	BEST integrity algorithm 128-EIA3 to be used
Reserved for future use (set to 00)		UE triggered key refresh supported	Local BEST configuration management allowed	Reserved for future use (set to 0000)
New Session Required	Use EAS UP Keys	EMSDP MAC length		Size of EMSDP Data Length
Reserved for future use (set to 0)	Authentication method	BEST encryption algorithm 128-NEA1 to be used	BEST encryption algorithm 128-NEA2 to be used	BEST encryption algorithm 128-NEA3 to be used	BEST integrity algorithm 128-NIA1 to be used	BEST integrity algorithm 128-NIA2 to be used	BEST integrity algorithm 128-NIA3 to be used
BEST key agreement - EPS authentication required	BEST key agreement - 5G authentication required	BEST key agreement - GBA required	BEST key agreement - 5G GBA required	BEST key agreement - AKMA required	BEST key agreement - Proprietary key agreement required	Reserved for future use (set to 00)

BEST Service Activated - a bit flag that when set instructs the UE to use the BEST service and when clear instructs the UE not to use the BEST service,
BEST signalling plane protocol identifier - 1 octet that is used to determine the BEST signalling protocol to be used from the following list (only one shall be indicated): 01 = type 01 signalling plane EMSDP message. All other values are reserved for future use.
BEST user plane protocol identifier - 1 octet that is used to determine the BEST signalling protocol to be used from the following list (only one shall be indicated): 01 = type 01 user plane EMSDP message. All other values are reserved for future use.
BEST encryption algorithm to be used - 1 octet that is used to define which of the following algorithms to use for encryption: GEA0, GEA4, GEA5, UEA0, UEA1, UEA2, EEA0, 128-EEA1, 128-EEA2, 128-EEA3, 128-NEA1, 128-NEA2, and 128-NEA3. Only one algorithm from this list shall be indicated. If the Visited network indicated that BEST encryption is restricted, then the HSE shall indicate EEA0.
BEST integrity algorithm to be used - 1 octet that is used to define which one of the following algorithms to use for integrity: GIA4, GIA5, UIA1, UIA2, 128-EIA1, 128-EIA2, 128-EIA3, 128-NIA1, 128-NIA2, and 128-NIA3. Only one algorithm from this list shall be indicated.
Local BEST configuration management allowed - a flag to indicate that the software connected to the UE is allowed to manage the BEST service.
UE triggered key refresh supported - The HSE indicating to the UE whether key refresh requests will be ignored or responded.
New Session Required - 1 bit that indicates if a new session is required. If this bit is set to 0 then the details agreed for the last session can be used and a new session is not required to be setup.
Use EAS UP keys - If set to 0 it indicates that the UE should not derive the UE-to-EAS keys. If set to 1 it means that the UE shall derive UE-to-EAS keys to be used in a UE-to-EAS BEST secure session.
EMSDP MAC length - 2 bits that indicates how many octets in the EMSDP data packet the integrity checksum (MAC) will be on, as follows: "00"=4 octets, "01"=8 octets, "10"=12 octets and "11"= 16 octets. This value shall not be set to a size that is greater than MAC size produced by the chosen algorithm.
Size of EMSDP Data Length - 4 bits that indicate how many octets are used for the EMSDP Data Length. "0000" is reserved for future use.
Authentication method - 1 bit that indicates which authentication method was selected by the UDM.
- Values: '0' = 5G AKA was selected,
  '1' = EAP-AKA' was selected.
BEST Key Agreement Method - 6 bits that indicate which one of the key agreement methods to use, the bit set indicates the relevant method from the following methods: EPS authentication, 5G authentication, GBA, 5G GBA, AKMA and proprietary key agreement. At most one of the BEST Key Agreement Method values shall be set to 1 and the BEST Key Argeement Method set shall be one of the supported BEST Key Agreement Methods indicated in the preceeding Sesssion Request.

Any remaining bits are reserved for future use and are set to "0..0".

Key agreement TLV:

Table 6.2.6.1.2-3: Key Agreement TLV

Name	Size	M/C/O	Value
Key Agreement TLV	1 byte	M	05
Length	1 byte	M	1 or 36
Additional Information	1 Byte	M	Additional Keys to be generated
RAND IE	17 bytes	C	See clause 10.5.3.1 in TS 24.008
AUTN IE	18 bytes	C	See clause 10.5.3.1.1 in TS 24.008
B-TID	X bytes	C	See clause 4.4.7 in TS 33.220
A-TID	Y bytes	C	See clause 4.4.2 in TS 33.220
Pre-Agreed Key Identifier	XZ bytes	C	Alphanumeric string
For UMTS/EPS/5G key agreement, RAND IE and AUTN IE shall be present, B-TID, A-KID, and Pre-Agreed Key Identifier shall not be present. For GBA and 5G GBA, B-TID shall be present, RAND IE, AUTN IE, A-KID, and Pre-Agreed Key Identifier shall not be present. For AKMA, A-KID shall be present, RAND IE, AUTN IE, B-TID, and Pre-Agreed Key Identifier shall not be present. For proprietary key agreement, Pre-Agreed Key Identifier shall be present, RAND IE, AUTN IE, B-TID, and A-KID shall not be present.

If the 'Length of the Key agreement' is set to 1 then this means use current keyset agreed for this KEY ID. In this case the RAND IE and AUTN IE shall not be present.

If BEST key agreement - EPS authentication required is indicated in the BEST HSE configuration TLV and if the Length is not set to 1 then RAND IE and AUTN IE shall be present in the Key Agreement TLV. In this case, B-TID, A-KID, and Pre-Agreed Key Identifier shall not be present in the Key Agreement TLV.

If BEST key agreement - 5G authentication required is indicated in the BEST HSE configuration TLV and if the Length is not set to 1 then RAND IE and AUTN IE shall be present in the Key Agreement TLV. In this case, B-TID, A-KID, and Pre-Agreed Key Identifier shall not be present in the Key Agreement TLV.

If BEST key agreement - GBA required is indicated in the BEST HSE configuration TLV and if the Length is not set to 1 then B-TID shall be present in the Key Agreement TLV set to a value that identifies the key generated by the GBA key agreement used for this purpose. In this case, RAND IE, AUTN IE, A-KID, and Pre-Agreed Key Identifier shall not be present in the Key Agreement TLV.

If BEST key agreement - 5G GBA required is indicated in the BEST HSE configuration TLV and if the Length is not set to 1 then B-TID shall be present in the Key Agreement TLV set to a value that identifies the key generated by the 5G GBA key agreement used for this purpose. In this case, RAND IE, AUTN IE, A-KID, and Pre-Agreed Key Identifier shall not be present in the Key Agreement TLV.

If BEST key agreement - AKMA required is indicated in the BEST HSE configuration TLV and if the Length is not set to 1 then A-KID shall be present in the Key Agreement TLV set to a value that identifies the key generated by the AKMA key agreement used for this purpose. In this case, RAND IE, AUTN IE, B-TID, and Pre-Agreed Key Identifier shall not be present in the Key Agreement TLV.

If BEST key agreement - Proprietary Key agreement required is indicated in the BEST HSE configuration TLV and if the Length is not set to 1 then Pre-Agreed Key Identifier shall be present in the Key Agreement TLV set to a value that identifies the Proprietary key to be used. In this case, RAND IE, AUTN IE, B-TID, and A-KID shall not be present in the Key Agreement TLV.

The Additional information are as follows:

Table 6.2.6.1.2-4: Additional information

Bit 8	Bit 7	Bit 6	Bit 5	Bit 4	Bit 3	Bit 2	Bit 1
Confirm Authentication flag	RFU	RFU	RFU	RFU	Key ID

b8: Confirm Authentication flag:

1 = Confirmation message required.

0 = Confirmation message not required.

b7 to b4: RFU (set to 0)

b3 to b1: Key ID

Key ID to be used for this keyset.

EMSDP Session Request MAC TLV: The EMSDP session request MAC TLV shall be present if the previous command was an EMSDP session request message. Its contents are as follows:

Table 6.2.6.1.2-5: EMSDP session request MAC TLV

Name	Size	M / C / O	Value
EMSDP session request MAC Tag	1 byte	M	06
Length	1 byte	M	Length of MAC (X)
EMSDP session request MAC	X bytes	M	Result of MAC calculation on previous EMSDP session request message using current keys and BEST configuration in this message.

HSE Identity TLV: this contains a 4 octet numeric identifier for the HSE. This should be unique to the HSE being used within the home network. It is formatted as follows:

Table 6.2.6.1.2-6: HSE Identity TLV

Name	Size	M / C / O	Value
HSE Identity Tag	1 byte	M	07
Length	1 byte	M	Length of HSE Identity (04)
HSE Identity	4 bytes	M	4 octet numeric identifier for the HSE

The EAS Container TLV: this contains a 4 octet numeric identifier for the Enterprise Key ID.

Table 6.2.6.1.2-7: EAS Container TLV

Name	Size	M / C / O	Value
EAS Container Tag	1 byte	M	08
Length	1 byte	M	Length of Enterprise Key ID
Enterprise Key ID	4 bytes	M	numeric identifier for the Enterprise Key

Response:

If the Confirmation message required flag in the Key agreement TLV is set and the message verifies, then the UE shall send an EMSDP start session confirmation message.

If the Confirmation message required flag in the Key agreement TLV is set and the message verifies, then the UE may send an EMSDP start session confirmation message.

If the message does not verify, then the UE shall respond with a Request Rejected command. This command may include the reason that the request has been rejected.

If the USIM returns a AUTS as a result of the authentication, the UE shall respond with a Request Rejected command with the reason "Authentication ReSync required" and including the AUTS.

6.2.6.1.3 EMSDP Session Start Confirmation message p. 43

The EMSDP Session Start conformation message is sent by the UE to confirm a previous EMSDP Session Start command.

This message is optional for the UE to send unless the "Confirmation message required" flag is set in the EMSDP start Session Start command in which case this message shall be sent.

This command has the following cmd options:

Table 6.2.6.1.3-1: EMSDP start session confirmation command options

Name	M / C / O
AUTHENTICATION RESPONSE TLV	M

AUTHENTICATION RESPONSE TLV: This TLV contains the authentication response for a successful authentication as follows:

Table 6.2.6.1.3-2: AUTHENTICATION RESPONSE TLV

Name	Size	M / C / O	Value
AUTHENTICATION RESPONSE Tag	1 byte	M	0C
Length	1 byte	M	Length of HSE Identity (X+1)
Key Information	1 byte	M	Key identifier
RES	X bytes	C	As returned by the USIM.
XRES	X bytes	C	As returned by the USIM.
Proprietary Key agreement response	X bytes	O	Proprietary response

If the response is associated with an EPS key agreement from the HSE then RES shall be present.

If the response is associated with a 5G key agreement from the HSE then XRES shall be present.

If the response is associated with a Proprietary key agreement from the HSE then Proprietary Key agreement response may be present.

Where:

Key Information is coded:

Table 6.2.6.1.3-3: Key Information

Bit 8	Bit 7	Bit 6	Bit 5	Bit 4	Bit 3	Bit 2	Bit 1
RFU	RFU	RFU	RFU	RFU	Key ID

b8 to b4: RFU (set to 0)

b3 to b1: Key ID

Key ID to be used for this keyset.

6.2.6.1.4 EMSDP Session Terminate Request and Response p. 44

The EMSDP Session Terminate Request may be sent by either the UE or the HSE to terminate an existing EMSDP session.

The sending party shall close their session on sending this command and the receiving party shall close the session upon reception of this command. All future BEST User Plane messages and BEST control plane messages for the session indicated in the session ID shall be either refused or ignored.

This command has no cmd options.

6.2.6.1.5 EMSDP Manage Keys Request p. 44

The EMSDP Manage Keys request command shall be sent by the UE to request the HSE to negotiate new key material.

If the BEST session requested includes cyphering then the UE shall send a Serving Network TLV (as defined in clause 6.2.6.1.1).

6.2.6.1.6 EMSDP Manage Keys Response p. 44

The EMSDP Manage Keys command is used by the HSE to agree new keys,replace a key and delete existing keys.

When the HSE indicates "Add new key" and the key ID indicated in the Key Agreement TLV is not currently used in the UE, then the UE shall use the information in the Key Agreement TLV to create a new key that can be used in this EMSDP session. If the Key ID is already in use then the UE shall send a EMSDP Message Reject command.

When the HSE indicates "Update key" and the Key ID in the Key Agreement TLV is the same as the Key ID in the in the Key Management TLV, then the UE shall delete the key indicated in the Key Management TLV and then create a new key use the information in the Key Agreement TLV that can be used in this EMSDP session. If the Key ID of the key to be deleted is no longer valid then the UE shall silently ignore this request.

When the HSE indicates " Update key" and the Key ID in the Key Agreement TLV is different to the Key ID in the in the Key Management TLV, then the UE shall create a new key using the information in the Key Agreement TLV that can be used in this EMSDP session. The key indicated in the Key Management TLV shall be deleted when the UE receives the first EMSDP message using the new key ID. If the Key ID of the key to be created is already in use then the UE shall send a EMSDP Message Reject command. If the Key ID of the key to be deleted is no longer valid then the UE shall silently ignore this request.

When the HSE indicates "delete key" then the UE shall delete the key indicated in the Key Management TLV. If the Key ID of the key to be deleted is no longer valid then the UE shall silently ignore this request.

The EMSDP Manage Keys command has the following cmd options:

Table 6.2.6.1.6-1: EMSDP Manage Keys command options

Name	M / C / O
Key Management TLV	M
Key agreement TLV	C

Key management TLV:

Table 6.2.6.1.6-2: Key Management TLV

Name	Size	M / C / O	Value
Key Management Tag	1 byte	M	0D
Length	1 byte	M	01
Key Management Information	1 byte	M	Key Management Information

Where:

Key Management Information is coded:

Table 6.2.6.1.6-3: Key Information

Bit 8	Bit 7	Bit 6	Bit 5	Bit 4	Bit 3	Bit 2	Bit 1
Key Action		RFU	RFU	RFU	Key ID

b8 and b7: Action to be performed

'00' - RFU

'01' - add new key or update existing key (Key ID set in Key agreement TLV)

'11' - Update Key (Key to be added is Key ID set in Key agreement TLV, key to be deleted is indicated in b3 to b1).

'10' - Delete key (key to be deleted is indicated in b3 to b1).

b6 to b4: RFU (set to 0)

b3 to b1: Key ID

Key ID for this operation.

Key agreement TLV: As detailed in clause 6.2.6.1.2.

6.2.6.1.7 EMSDP Message Reject command p. 45

The EMSDP Message Reject command may be used by either the UE or the HSE to reject messages, data or control plane.

The EMSDP Message Reject command has the following cmd options:

Table 6.2.6.1.7-1: Request Rejected command options

Name	M / C / O
Rejection details TLV	M
AUTS TLV	C

Where:

Rejection details TLV:

Contains the rejection reason. If the rejection reason is "Authentication ReSync required" and the key agreement method used is either EPS key agreement or 5G key agreement, then the Rejection details TLV and the AUTS TLV shall be present. For all other reasons only the rejection details TLV may be present.

Table 6.2.6.1.7-2: Rejection details TLV

Name	Size	M / C / O	Value
Rejection details Tag	1 byte	M	09
Length	1 byte	M	Length of HSE Identity (X+1)
Rejection reason	1 byte	M	See below

Rejection reason:

'00' = "Best session refused by the HSE"

'01' = "HSE not compatible with configuration request"

'02' = "UE not compatible with configuration request"

'03' = "HSE temporary error - try again later"

'04' = "Command Message error"

'05' = "Command message counter error"

'06' = "Authentication ReSync required"

'07' = "EMSDP session request MAC incorrect"

'08' = "Sesion ID not valid"

'09' = "Command not allowed"

'0A' = "No pre-agreed key available using the indicated key agreement method and identifier"

'0B' = "Key agreement method not supported"

'0C' = "Key agreement error - unspecified reason"

'0D' = "UE temporary error - try again later"

Table 6.2.6.1.7-3: AUTS TLV

Name	Size	M / C / O	Value
AUTS Tag	1 byte	M	0A
Length	1 byte	M	Length of HSE Identity (X)
AUTS	1 byte	M	AUTS as returned by the USIM