Independence of confidentiality and integrity in MAP Layer III and other layer III issues Document for: Discussion and decision Agenda Item:

MAP security layer III, as described in 3G TS 33.102 v3.4.0 (UMTS Security Architecture) uses a well-known method to provide integrity using an encryption function and a hash function. In accordance with what is suggested in the literature, it is proposed here to use a MAC-function (keyed hash function) instead of a keyless hash function so as to provide independence of confidentiality and integrity protection. The impacts on message formats and computation efforts are minor. In protection mode 1, the message even gets somewhat shorter. However, separate keys will be needed for confidentiality and for integrity. The current solution uses only one key for the encryption function. We propose to compensate for this by using the same key for both directions, and distinguish the directions by the sending PLMN Id in the integrity-protected part of the message, without a reduction of the security level. This latter proposal is, however, independent of the rest. We also point out open issues to be resolved.