Content for  TS 33.503  Word version:  17.2.0

The unicast mode 5G ProSe Direct Communication procedures are described in TS 23.304. Unicast mode 5G ProSe Direct Communication is used by two UEs that directly exchange traffic for the ProSe applications running between the peer UEs. PC5 security policy provisioning by 5G DDNMF for unicast mode 5G Prose Direct Communication during the restricted 5G ProSe Discovery procedure is specified in clause 6.1.3.2. PC5 direct communication security for relay services is specified in clause 6.3. If the UE receives PC5 security policies from 5G DDNMF as specified in clause 6.1.3.2.2, the UE uses the PC5 security policies from 5G DDNMF to establish PC5 unicast communication security instead of the PC5 security policies provisioned by PCF or pre-configured in UE as defined in TS 23.304.

The initiating UE shall establish a different security context for each peer UE during the PC5 unicast establishment if the security is activated. It shall be possible to establish security context also when either one or both the 5G ProSe-enabled UEs are out of coverage. The mutual authentication between two 5G ProSe-enabled UEs during PC5 unicast shall be supported. The PC5 unicast signalling shall support confidentiality protection, integrity protection and anti-replay protection. The PC5 unicast user plane shall support confidentiality protection, integrity protection and anti-replay protection. The PCF shall be able to provision the PC5 security policies to the UE per ProSe application during service authorization and information provisioning procedure as defined in TS 23.304. The system shall support means for a secure refresh of the UE security context. The 5G System should provide means for mitigating trackability attacks on a UE during PC5 unicast communications. The 5G System should provide means for mitigating link ability attacks on a UE during PC5 unicast communications.

The unicast mode security mechanism defined in clause 5.3 of TS 33.536 is reused in 5G ProSe to provide unicast mode 5G ProSe Direct Communication security.

The privacy protection procedures defined in clause 5.3.3.2 of TS 33.536 are reused in 5G ProSe to provide unicast mode 5G ProSe Direct Communication security.