In the modern advanced information society, importance of confidentiality and integrity between a user equipment and a network is being increased. To this end, according to the 3 generation project partnership (3GPP), a packet data convergence protocol (PDCP) layer performs a security function.
The security function has two kinds of functions, i.e., ciphering and integrity protection. A code varied depending on each packet is generated by these two functions, and ciphering and integrity check are performed for original data using the generated code.
The code varied depending on each packet is generated using a PDCP sequence number (SN) and added to each PDCP PDU header. For example, the code varied depending on each packet is generated using COUNT which includes PDCP SN. The COUNT has a length of 32 bits, of which the least significant bit (LSB) has a PDCP SN and the most significant bit (MSB) has a hyper frame number (HFN). The PDCP SN has a length of 5 bits, 7 bits, or 12 bits depending on a radio bearer (RB). Accordingly, the HFN has a length of 27 bits, 25 bits or 20 bits.
FIG. 1 is a diagram illustrating an example of a method of performing ciphering in a PDCP layer. A PDCP layer of a transmitting side generates ciphered data by covering original data with a MASK. The MASK is a code varied for each of the aforementioned packets. Covering original data with a MASK means that XOR operation for each bit is performed for the original data with respect to MASK. A PDCP layer of a receiving side, which has received the ciphered data, deciphers the original data by again covering the original data with a MASK. The MASK has 32 bits and is generated from several input parameters. In particular, in order to generate different values for respective packets, COUNT is generated using PDCP SN varied depending on PDCP PDU. The COUNT is used as one of MASK generation input parameters. In addition to the COUNT, examples of the MASK generation input parameters include ID value (bearer of FIG. 1) of a corresponding RB, Direction having an uplink or downlink value, and a ciphering key (CK) exchanged between a user equipment and a network during RB establishment.
FIG. 2 is a diagram illustrating an example of a method of performing integrity protection in a PDCP layer. Similarly to the aforementioned ciphering procedure, in an integrity protection procedure, parameters, such as COUNT based on PDCP SN, bearer which is ID value of RB, Direction having an uplink or downlink value, and integrity protection key (IK) exchanged between a user equipment and a network during RB establishment, are used. A specific code, i.e., MAC-I (Message Authentication Code-Integrity) is generated using the above parameters. The integrity protection procedure is different from the aforementioned ciphering procedure in that the generated MAC-I is added to PDCP PDU not undergoing XOR operation with original data. The PDCP layer of the receiving side, which has received the MAC-I, generates XMAC-I using the same input parameter as that used in the PDCP layer of the transmitting side. Afterwards, XMAC-I is compared with MAC-I, and if two values are equal to each other, it is determined that the data have integrity. If not so, it is determined that the data have been changed.
If a security error occurs for some reason, since the receiving side cannot recover the original data even if it receives the data from the transmitting side, the received data continue to come into disuse. RB of a user plane (i.e., data RB: DRB) performs header compression after deciphering the received PDCP PDUs. At this time, if deciphering is performed using a wrong MASK, error continues to occur during header decompression, whereby the received PDCP PDUs continue to come into disuse. RB of a control plane (i.e., signaling RB: SRB) performs integrity verification after deciphering the received PDCP PDUs. At this time, if deciphering is performed using a wrong MASK or comparison is performed using a wrong XMAC-I, error continues to occur during integrity verification, whereby the received PDCP PDUs continue to come into disuse.
Accordingly, if a security error occurs, the user equipment and/or the network regards it as a serious problem and thus re-establishes RRC connection between them and re-establishes security. If RRC connection is re-established, all SRBs and all DRBs are also re-established.