Content for TS 33.503 Word version: 19.0.0

1… 4… 5… 6… 6.1.3.2… 6.1.3.2.2.2 6.1.3.2.3 6.1.3.3… 6.1.3.4… 6.1.3.5… 6.2… 6.3… 6.3.3.2… 6.3.3.3… 6.3.4… 6.3.8… 6.4… 7… A…

6.1.3.2.3 Protection of discovery messages over PC5 interface
...

6.1.3.2.3 Protection of discovery messages over PC5 interface p. 28

There are three types of security that are used to protect the restricted 5G ProSe Direct Discovery messages over the PC5 interface: integrity protection, scrambling protection, and message-specific confidentiality which are defined in clause 6.1.3.4.3 in TS 33.303.

For the discovery messages that do not include HPLMN ID, the protection mechanisms specified in TS 33.303 are reused with the following changes:

Input parameters to integrity protection algorithm as specified in clause A.6 in the present document.
Message-specific confidentiality mechanisms as specified in clause A.7 in the present document.
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, the Message Type is replaced by Message Type and Message content type extensions.
In clause A.5 of TS 33.303, the time-hash-bitsequence keystream is set to L least significant bits of the output of the KDF, where L is the bit length of the discovery message to be scrambled and set to Min (the length of discovery message - 16, 256).
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, in the above Min function the value of 16 is replaced by 24.
Step 3 of clause 6.1.3.4.3.5 of TS 33.303 becomes:
XOR (0x..FFFF || time-hash-bitsequence) with the most significant (L + 16) bits of discovery message, where 0xFF..FF is 16 bits of length.
For Multi-hop UE-to-Nework Relay Discovery and Multi-hop UE-to-UE Relay Discovery, the above value of 16 is replaced by 24.

NOTE 1:
16 is the size of Message Type and UTC-based counter LSB in bit length.

NOTE 1a:
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, 24 is the size of Message Type, Message content type extensions and UTC-based counter LSB in bit length.

NOTE 2:
The maximum length of the discovery message to be scrambled is limited to 256 bits.
Step 2 of clause 6.1.3.4.3.2 of TS 33.303 becomes:
Calculate MIC if a DUIK was provided, otherwise set MIC to a 32-bit random string. Then, set the MIC IE to the MIC.
Step 4 of clause 6.1.3.4.3.2 of TS 33.303 is not processed.

The discovery messages that include HPLMN ID are protected using the protection mechanism described above with the following changes:

Message-specific confidentiality mechanisms as specified in clause A.7 in the present document with the following changes:
The input parameter LENGTH is set to LEN(discovery message) - (LEN(Message Type) + LEN(UTC-based counter LSB) + LEN(HPLMN ID) + LEN(MIC)), where LEN(x) is the length of x in number of bits.
The KEYSTREAM is XORed with the discovery message for message-specific confidentiality protection excluding Message Type, UTC-based counter LSB, HPLMN ID and MIC.
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, the Message Type is replaced by Message Type and Message content type extensions.
In clause A.5 of TS 33.303, the time-hash-bitsequence keystream is set to L least significant bits of the output of the KDF, where L is the bit length of the discovery message to be scrambled and set to Min (the length of discovery message - 16 - the length of HPLMN ID, 256).
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, in the above Min function the value of 16 is replaced by 24.
Step 3 of clause 6.1.3.4.3.5 of TS 33.303 becomes:
XOR (0xFF..FF || time-hash-bitsequence) with the most significant (L + 16 + the length of HPLMN ID) bits of discovery message, where 0xFF..FF is (16 + the length of HPLMN ID) bits of length.
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, the above value of 16 is replaced by 24.

NOTE 3a:
For Multi-hop UE-to-Network Relay Discovery and Multi-hop UE-to-UE Relay Discovery, 24 is the size of Message Type, Message content type extensions and UTC-based counter LSB in bit length.

In 5G ProSe UE-to-UE Relay discovery, the End UE discovery infos to be included in the direct discovery set are protected using the protection mechanism described above with the following changes:

Message-specific confidentiality mechanisms as specified in clause A.7 in the present document with the following changes:
- discovery message is replaced by End UE discovery info
- The length of Message Type is set to zero
In clause A.5 of TS 33.303, the time-hash-bitsequence keystream is set to L least significant bits of the output of the KDF, where L is the bit length of the End UE discovery info to be scrambled and set to Min (the length of End UE discovery info - 16, 256).
Step 3 of clause 6.1.3.4.3.5 of TS 33.303 becomes:
XOR (0xFFFF || time-hash-bitsequence) with the most significant (L + 16) bits of the End UE discovery info.