Tdoc List

2018-01-26 14:57

TDoc Title Source Type For Agenda Avail Treated Decision Wdrn Replaced-by Replaces
S3‑180000 Agenda WG Chairman agenda  
2Approval of Agenda and Meeting Objectives
Yes
Yes
approved No    
S3‑180001 Report from SA3#89 MCC report  
4.1Approval of the report from previous SA3 meeting(s)
Yes
YesHuawei commented that S3-173137 had been not treated instead of "rejected".This was fixed.
revised No S3‑180365  
S3‑180002 SA3 Work Plan MCC Work Plan  
9Review and Update of Work Plan
Yes
Yes
noted No    
S3‑180003 Report from last SA meeting WG Chairman report  
4.2Report from SA Plenary
Yes
Yes
noted No    
S3‑180004 SA3 meeting calendar MCC other  
10Future Meeting Dates and Venues
Yes
Yes
revised No S3‑180366  
S3‑180005 Work Plan input from Rapporteurs MCC other  
9Review and Update of Work Plan
Yes
Yes
revised No S3‑180346  
S3‑180006 Corrections to clause 5.3 Requirements on the AMF NEC Telecom MODUS Ltd. pCR Approval
7.2.5.10Editorials
Yes
YesOverlapping with 182 and 183, which had the same changes.
revised No S3‑180422  
S3‑180007 Corrections to clause 5.2 Requirements on the gNB NEC Telecom MODUS Ltd. pCR Approval
7.2.4.5Editorials
Yes
Yes
merged No S3‑180422  
S3‑180008 NAS security conference call notes NEC Telecom MODUS Ltd. report Information
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180009 TCG progress report InterDigital, Inc. other Information
6.7TCG
Yes
Yes
noted No    
S3‑180010 Discussion Paper on the need and ways to make SUPI protection opaque to IMSI sniffers InterDigital, Inc. discussion Decision
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180011 PCR to Annex C for making SUPI protection opaque to IMSI sniffers InterDigital, Inc. pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180012 Authentication for Untrusted Non-3GPP Access using EAP Motorola Mobility, Lenovo, LG Electronics, Nokia, KPN, Broadcom, Brocade pCR Approval
7.2.11.1Miscellaneous
Yes
Yes
revised No S3‑180455 S3‑173251
S3‑180013 Addition of EAP-5G method ID Lenovo, Motorola Mobility CR Approval
7.2.11.1Miscellaneous
Yes
Yes
agreed No    
S3‑180014 Remaining restructuring of Clause 6.9 (Security handling in mobility) Ericsson, NEC Corporation pCR  
7.2.3.6Miscellaneous
Yes
Yes
approved No    
S3‑180015 How AMF and SEAF deal with null-scheme SUCI CATT pCR Agreement
7.2.14.2SUCI and Schemes
No
Yes
withdrawn Yes    
S3‑180016 Privacy requirement improvement related to using non null-scheme CATT pCR Agreement
7.2.14.2SUCI and Schemes
No
Yes
withdrawn Yes    
S3‑180017 Privacy requirement of using SUCI in initial registration procedure CATT pCR Agreement
7.2.14.2SUCI and Schemes
No
Yes
withdrawn Yes    
S3‑180018 Solution for meeting LI and privacy requirements CATT pCR Agreement
7.2.14.1SUPI and LI
No
Yes
withdrawn Yes    
S3‑180019 Solution for raw public key provisioning CATT pCR Agreement
7.2.14.2SUCI and Schemes
No
Yes
withdrawn Yes    
S3‑180020 Security aspects of RESUME REJECT in INACTIVE state in NR ZTE Corporation discussion Discussion
7.2.4.3RRC security
Yes
YesNokia considered that there was a more simple way of doing this. Ericsson: this brings additional overhead and signalling.We have an alternative in 342.
noted No   S3‑173072
S3‑180021 Handling of user-related keys – key setting ZTE Corporation pCR Approval
7.2.2.2Key derivation NAS related
Yes
Yes
merged No    
S3‑180022 Discussion on multi-NAS in same PLMN – structure of 5G security context ZTE Corporation, Huawei, Hisilicon discussion Discussion
7.2.5.7Multi-NAS security
Yes
YesThe group decided to endorse for proposal one the following statement: same NAS keys and NAS algorithms can be used to protect NAS connections terminated in the same AMF. Also endorsed for proposal two: each NAS connection will be assigned an unique identifier. Proposal three was not agreed.
noted No    
S3‑180023 Discussion on multi-NAS in same PLMN – NAS message handling after first registration procedure ZTE Corporation discussion Discussion
7.2.5.7Multi-NAS security
Yes
YesEricsson didn’t agree with the observation. This was ignored. Proposal one: Vodafone commented that more information was needed. Qualcomm: if you have a fulll context you shall use it. Detailed discussions were needed for this document so it was decided to note ir and try to solve it offline.
noted No    
S3‑180024 Discussion on multi-NAS in same PLMN – concurrent NAS message handling ZTE Corporation discussion Discussion
7.2.5.7Multi-NAS security
Yes
YesVodafone: easy DoS attack if according to proposal one. Proposal 2: Ericsson commented that they agreed with the issue but they didn’t agree with the proposals. The issue in this document was valid as agreed by the group but there was no consensus with the proposals.
noted No    
S3‑180025 Discussion on multi-NAS in same PLMN – re-authentication handling ZTE Corporation discussion Discussion
7.2.5.7Multi-NAS security
No
Yes
withdrawn Yes    
S3‑180026 Multi-NAS in same PLMN - structure of 5G security context ZTE Corporation pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180027 Multi-NAS in same PLMN - NAS message handling after first registration procedure ZTE Corporation pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180028 Analysis of different approaches for implementing SBA security over N32 reference point TIM (Telecom Italia) s.p.a. discussion Discussion
7.2.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑180029 Collection of clarifications and editorial changes to BEST TS 33.163 Deutsche Telekom AG CR Approval
7.6.9Security Aspects related to Machine-Type Communication ((e)MTC)
Yes
YesBEST is not part of the agenda of this meeting.
postponed No    
S3‑180030 Reply LS on LTE call redirection to GERAN C1-175377 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑180031 Reply LS on LTE call redirection to GERAN R2-1714121 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑180032 Response LS on LTE call redirection to GERAN R3-175030 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑180033 Reply LS on PLMN and RAT selection policies for roaming C3-176332 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
noted No    
S3‑180034 LS on Use of Subscriber Identity in HTTP URI C4-176395 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
noted No    
S3‑180035 LS on a potential USIM solution for PLMN and RAT selection policies for roaming C6-170696 LS in  
7.2.16PLMN RAT selection
Yes
Yes
postponed No    
S3‑180036 LS on maximum data rate of user plane integrity protected data R2-1714125 LS in  
7.2.15Incoming and outgoing LSes
Yes
YesThis was replied in SA3#89.
noted No    
S3‑180037 LS on Security aspects of supporting LTE connected to 5GC R2-1714244 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
replied to No    
S3‑180038 LS on Removal of 'over LTE' limitation from Mission Critical Specifications S1- 174542 LS in  
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
noted No    
S3‑180039 Reply LS on 5G Identity and Access Management Requirements S1-174557 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
noted No    
S3‑180040 Reply LS on selectively disabling legacy radio access S1-174601 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
noted No    
S3‑180041 Reply LS on clarification on Restricted Operator Services S1-174604 LS in  
6.13GPP Working Groups
Yes
YesVodafone: SA1 is making security assumptions without consulting SA3. BT commented that SA3 had sent an LS to SA1 in March 2017 on this issue and didn't get any response. Vodafone commented that they would check internally with the SA1 colleagues. Qualcomm commented that the intention was that the UE would only accept non integrity protected messages when they wanted to make an RLOS call.
replied to No    
S3‑180042 Response to LS on encrypting broadcasted positioning data and LS on provisioning of positioning assistance data via LPPa for broadcast S2-179617 LS in  
6.13GPP Working Groups
Yes
Yes
noted No    
S3‑180043 LS on end-to-end encryption for mission critical communications between LMR users and 3GPP MC users S6-171838 LS in  
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
noted No    
S3‑180044 Response LS on voice service continuity from 5G to 2/3G SP-171078 LS in  
7.2.15Incoming and outgoing LSes
Yes
YesBT commented that this wasn't a priority as discussed in SA plenary since the work item was going to Rel-16.
noted No    
S3‑180045 LS on secure storage and processing of subscription credentials S1-173475 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
postponed No    
S3‑180046 LS on security during Resume reject in INACTIVE state in NR R2-1712052 LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
replied to No    
S3‑180047 LS on Extension of USAT Application Pairing mechanism C6-170737 LS in  
6.13GPP Working Groups
Yes
YesBT: We can have multiple ISIMs in the same UICC, what’s the impact of this? Qualcomm: what's the use case for the ISIM? Gemalto: VoLTE relying on the IMS would be the use case, not M2M specific. Gemalto proposed to respond that there was no requirement but that SA3 would look at it.
replied to No    
S3‑180048 How AMF and SEAF deal with null-scheme SUCI CATT pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180049 Privacy requirement improvement related to using non null-scheme CATT pCR Approval
7.2.14.2SUCI and Schemes
Yes
YesVodafone disagreed. It’s the ME, not the UE. This was agreed.
revised No S3‑180460  
S3‑180050 Privacy requirement of using SUCI in initial registration procedure CATT pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180051 Solution for meeting LI and privacy requirements CATT pCR Approval
7.2.14.1SUPI and LI
Yes
YesBT: this is far more reliable for LI.
noted No    
S3‑180052 Solution for raw public key provisioning CATT pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180053 Adding context on key setting CATT pCR Approval
7.2.2.2Key derivation NAS related
Yes
Yes
merged No S3‑180430  
S3‑180054 Adding the abbreviations of NF and NFR CATT pCR Approval
7.2.13.7Editorials
Yes
YesDT: NRF is not agreed in SA2 in yet. Agreed to add only NF and wait for SA2 for the other acronym.
revised No S3‑180364  
S3‑180055 Clarification on 5G security context CATT pCR Approval
7.2.6.6Miscellaneous
Yes
Yes
revised No S3‑180446  
S3‑180056 Proposal for UP integrity protection activation CATT pCR Approval
7.2.4.1Userplane open issues
Yes
Yes
noted No    
S3‑180057 Discussion on Identity Request and Registration Procedures in 5G KPN discussion Approval
7.2.14.4Miscellaneous
Yes
Yes
not treated No    
S3‑180058 LS to SA2 on Registration Request and Identity Request with clear text SUPI KPN other Approval
7.2.14.4Miscellaneous
Yes
Yes
not treated No    
S3‑180059 Adding the subscription identification procedure to TS 33.501 KPN, Nokia pCR Approval
7.2.14.4Miscellaneous
Yes
Yes
not treated No    
S3‑180060 Discussion on PC-5 security KPN discussion Endorsement
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
YesHuawei: PC-5 needs to be security protected. This is specified in the solution 8 of the TR. SA2 has concluded their work on this, so no reason to send an LS.
noted No    
S3‑180061 Discussion and pCR on authorization KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180062 Resolving Editor's Note in clause 5.3 KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
noted No    
S3‑180063 Resolving Editor's Note in clause 6.2 KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180064 Resolving Editor's Note and adding evaluation in clause 6.4.3 KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
revised No S3‑180407  
S3‑180065 Evaluation of solution #6 KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
noted No    
S3‑180066 Evaluation of solution #13 KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180067 Miscellaneous editorials to TR 33.843 KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180068 Adding conclusions for key issues 1,4, and 5 and adding an overal conclusions clause KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
merged No S3‑180411  
S3‑180069 PCR to Section 6.12.2 InterDigital, Inc. pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180070 Adding numbers to the figure for EAP AKA prime KPN pCR Approval
7.2.8.7Editorial corrections
Yes
Yes
merged No S3‑180344  
S3‑180071 Adding numbers to the figure for 5G AKA KPN pCR Approval
7.2.8.7Editorial corrections
Yes
Yes
revised No S3‑180396  
S3‑180072 Conclusions from IPX Security Conference calls KPN report Information
7.2.13.1Interconnect (SEPP related)
Yes
YesVodafone commented that this misrepresented what was agreed in the meeting in the first line.
noted No    
S3‑180073 Removing Editor's note on network sharing KPN pCR Approval
7.2.8.6Authentication in Network sharing/limited deployment scenarios
Yes
Yes
approved No    
S3‑180074 Normative text for support of both authentication methods and text clarification to distinguish HN and SN Nokia pCR Decision
7.2.8.7Editorial corrections
Yes
YesVodafone: note 0 is just describing what roaming is. This is not necessary.The phrase with "allows that" is not well written. MCC commented that NOTE 3 was containing a requirement and that wasn't possible as described in the drafting rules. It was decided to reword "mandatory to support" to "shall support" and remove "in the present release".
revised No S3‑180395  
S3‑180075 Editorial clarification in clause on anchor key binding Nokia pCR Decision
7.2.8.7Editorial corrections
Yes
Yes
approved No    
S3‑180076 Resolving editors notes in clause on key hierarchy Nokia pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
revised No S3‑180447  
S3‑180077 UDM requirements - key management and privacy - S3-173121 Nokia pCR Decision
7.2.14.3SIDF
Yes
Yes
not treated No   S3‑173121
S3‑180078 SUCI intro and handling - was S3-173316 Nokia, KPN pCR Decision
7.2.14.5Editorials
Yes
Yes
not treated No   S3‑173316
S3‑180079 HN authorization of serving network actions directed to the UE Nokia, KPN discussion Discussion
7.2.14.2SUCI and Schemes
Yes
YesDocomo: we agreed to have no mechanisms to send the SUPI in the clear. Nokia: this is in 4G. Vodafone: you shouldn’t send the SUPI in 4G.
noted No    
S3‑180080 Privacy related function in UDM - Authorization proof Nokia, KPN pCR Decision
7.2.14.2SUCI and Schemes
Yes
Yes
noted No    
S3‑180081 Requirement on AMF related to HN authorization Nokia, KPN pCR Decision
7.2.14.2SUCI and Schemes
Yes
Yes
noted No    
S3‑180082 Requirement on AMF related to LI Nokia pCR Approval
7.2.14.1SUPI and LI
Yes
Yes
revised No S3‑180458  
S3‑180083 LI conformity when privacy is used - was S3-173124 Nokia, Orange, T-Mobile USA pCR Approval
7.2.14.1SUPI and LI
Yes
Yes
noted No   S3‑173124
S3‑180084 Resolving editors note on emergency call handling Nokia pCR Decision
7.2.14.5Editorials
Yes
Yes
not treated No    
S3‑180085 Authorization of SN by UE - was S3-173125 Nokia, LG Electronics pCR Decision
7.2.7.1Miscellaneous
Yes
YesORANGE: in the case of roaming, if the UE has selected cyphering as compulsory and the visited network has no cyphering, the UE will not connect to any network. This is hard to sell. AT&T: tell the user that they are going to connect in a non-secure way. He can have the choice.
revised No S3‑180454 S3‑173125
S3‑180086 Visibility and configurability supporting serving network authorization - was S3-173126 Nokia, LG Electronics pCR Approval
7.2.7.1Miscellaneous
Yes
YesEricsson: why having a list of countries in the USIM? Countries split and change all the time. Docomo: countries seem to be reasonably stable, it's not so often that they change. Vodafone: this has been in the SIM card since Rel-5. Country codes and network names are already recorded there. This has been used regularly. I don’t agree with having the user turning it off.
merged No S3‑180454 S3‑173126
S3‑180087 Preventing bidding down between 5G releases - was S3-173128 Nokia, KPN, LG Electronics pCR Approval
7.2.5.9Miscellaneous
Yes
Yes
noted No   S3‑173128
S3‑180088 Collection of changes based on feedback from GSMA SECAG - CR to 33.117v1 Rel.14 Nokia CR Agreement
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
YesMCC commented that normative language cannot be used in Notes ("shall", "should"), which are just informative in nature and cannot be used for requirements and recommendations. The content was fine but the distinction of normative/recommendation and informative text had to be worked offline. The editor's note was removed and added to the report as action item: "It is FFS on how details should be added to the SCAS to indicate whether requirements and associated test cases are applicable to all units or boards within a Network Product."
revised No S3‑180419  
S3‑180089 Collection of changes based on feedback from GSMA SECAG - CR to 33.117v1 Rel.15 Nokia CR Agreement
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
YesMCC pointed out that this CR wasn't necessary since the latest version of the spec is in Rel-14.
not pursued No    
S3‑180090 Collection of changes based on feedback from GSMA SECAG - CR to 33.916v1 Rel.14 Nokia CR Agreement
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
revised No S3‑180420  
S3‑180091 Collection of changes based on feedback from GSMA SECAG - CR to 33.916v1 Rel.15 Nokia CR Agreement
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
not pursued No    
S3‑180092 Clause 6 Corrections for 5G AKA over n3gpp access Nokia pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
Yes
approved No    
S3‑180093 Multiple NAS Security Discussion Nokia discussion Agreement
7.2.5.7Multi-NAS security
Yes
YesThese proposals were agreed earlier.
noted No    
S3‑180094 Clause Annex D Nokia pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180095 Clause 6.3.4.2 Multiple Registration in same PLMN Nokia pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
revised No S3‑180399  
S3‑180096 Clause 6.4.2.2 Multiple active NAS connections in same PLMN Nokia pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
revised No S3‑180400  
S3‑180097 Clause 6.4.5 Handling of NAS counts Nokia pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
revised No S3‑180421  
S3‑180098 Clause 6.2.3 Handling of user related keys Nokia pCR Approval
7.2.2.4Miscellaneous
Yes
Yes
merged No S3‑180430  
S3‑180099 Security Algorithms Negotiation for Initial AS security context Huawei; HiSilicon;China Mobile pCR Approval
7.2.4.2Userplane security
Yes
YesDiscussed with 271.
merged No S3‑180425  
S3‑180100 AS Security Negotiation and Activation Huawei; HiSilicon pCR Approval
7.2.4.2Userplane security
Yes
YesNokia: Don’t specify what is cyphered. Huawei agreed to remove this part.
revised No S3‑180426  
S3‑180101 Meeting SUPI privacy and LI Requirements Huawei, Hisilicon, Intel pCR Approval
7.2.14.1SUPI and LI
No
Yes
revised No S3‑180206  
S3‑180102 Moving UE handling SUCI to SUCI clause Huawei, Hisilicon, CMCC pCR Approval
7.2.14.5Editorials
Yes
Yes
not treated No    
S3‑180103 Adding Forward & Backward Security definition Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
YesEricsson had a proposal to generalize these definitions, instead of a KgNB. MCC commented that requirements were not allowed in definitions so the shall had to go.
revised No S3‑180429  
S3‑180104 Flexible retaining AS keys solution Huawei, Hisilicon, CMCC pCR Approval
7.2.3.1Key derivations during handovers
Yes
YesNokia didn’t agree with these changes. The first paragraph was new to them. Ericsson opposed to this as well, so it was finally noted.
noted No    
S3‑180105 Intra-gNB retaining AS keys exception Huawei, Hisilicon, CMCC pCR Approval
7.2.3.1Key derivations during handovers
Yes
YesThis was taken offline as Ericsson had some issues with the changes.
revised No S3‑180433  
S3‑180106 Address EN in requirements for gNB setup and configuration Huawei, Hisilicon, pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
approved No    
S3‑180107 Requirements for UP and CP for the gNB Huawei, Hisilicon, CMCC pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
revised No S3‑180456  
S3‑180108 Security Procedures between 5G Network Functions Huawei, Hisilicon pCR Approval
7.2.12.1Miscellaneous
Yes
YesReworded to "shall be supported".
revised No S3‑180367  
S3‑180109 The impaction of 256 bit keys for NG areas CATT other  
8.4Other study areas
Yes
Yes
withdrawn Yes    
S3‑180110 The clarification of the entropy CK and IK CATT other  
8.4Other study areas
Yes
Yes
withdrawn Yes    
S3‑180111 Adding content to NAS security Huawei, Hisilicon pCR Approval
7.2.5.4NAS integrity and confidentiality mechanisms
Yes
Yes
merged No S3‑180400  
S3‑180112 Adding key issue to Living Document S3-173482 Huawei, Hisilicon; Samsung other Approval
7.2.16PLMN RAT selection
Yes
Yes"..during the registration process" is solution-specific. This was agreed to be removed. Vodafone: 3.1 is a new clause and we don’t think that the title is an issue. Altering and blocking have different solutions; they should not be combined.The requirements need to be reworded. The clause title and requirements were changed as proposed by Vodafone.
revised No S3‑180369  
S3‑180113 Adding potential solution for living document S3-173482 Huawei, Hisilicon; Samsung other Approval
7.2.16PLMN RAT selection
Yes
YesVodafone disagreed: This is a strong financial incentive for the networks to do as little authentication as they can. NTT-Docomo agreed and added that it should be written into the evaluation clause. Huawei: this is a CT1 decision. It was agreed to let CT1 know with an LS (contained in 373) that they should not to continue work on this solution. Samsung didn't find any technical reasons to reject this.
revised No S3‑180372  
S3‑180114 Interworking with EPC without N26 interface in single-registration mode Huawei, Hisilicon pCR Approval
7.2.10.6Miscellaneous
Yes
YesEricsson: too much text; security-wise we just refer to 33.401. Nokia agreed.
revised No S3‑180444  
S3‑180115 Clarification of Introduction of REAR Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
YesVodafone: the introduction is too obscure. The whole clause needs rewriting.ORANGE agreed. Vodafone: it needs to properly introduce the service and be increased in size.
revised No S3‑180405  
S3‑180116 Delete Editor’s notes in clause 5 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180117 Clarification of solution #4 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
merged No S3‑180407  
S3‑180118 Clarification of solution #8 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180119 Add Evaluation for Solution #12 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
revised No S3‑180409  
S3‑180120 Clarification of solution #7 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
YesORANGE: remove "minor" from the impact.
revised No S3‑180408  
S3‑180121 Conclusion for the Key Issues Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
revised No S3‑180411  
S3‑180122 Add Evaluation for Solution #6 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180123 Add Evaluation for Solution #13 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
revised No S3‑180410  
S3‑180124 Discussion on deleting KSEAF from key hierarchy Huawei, Hisilicon discussion Endorsement
7.2.1.1Miscellaneous
Yes
YesQualcomm and DT disagreed.China Mobile supported this contribution. Nokia commented that they assume that SA2 doesn’t want a standalone SEAF. ORANGE: send an LS to SA2, as we are speculating what they are doing with SEAF and AMF in phase two. The Chair asked for a show of hands for this document: In favour of 124: China Mobile, Ericsson, Huawei,ZTE,Nokia Opposed to 124: DT, Qualcomm, Docomo, BT, KPN,NCSC, NEC This had to be taken offline for conversations with SA2. It was finally noted, may be considered later in phase two.
noted No    
S3‑180125 Clarification on security in AMF change within an AMF set Huawei, Hisilicon pCR Approval
7.2.3.3Security in AMF change within an AMF set
Yes
Yes
noted No    
S3‑180126 Removal of the number of AVs requested in Authentication Information Request message Huawei, Hisilicon pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
YesKPN wasn't happy with the 5G HE AV being configured in the UDM. BT supported this point, but there was no other support for this. Only the first change was agreed.
revised No S3‑180391  
S3‑180127 Resolve Editor’s Note in clause 6.1.3.2 of TS 33.501 Huawei, Hisilicon pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
Yes
noted No    
S3‑180128 Adding 5G Authentication Confirmation Answer for 5G-AKA Huawei, Hisilicon pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
Yes
merged No S3‑180393  
S3‑180129 pCR to TS 33.501 Security Handling for RRC Connection Re-establishment Procedure Huawei, Hisilicon pCR Approval
7.2.4.3RRC security
Yes
YesEricsson: postpone this since it's a new feature, different from LTE and may be better to present it in RAN. Nokia agreed. This topic was postponed and it will be brought back in the next meetings after offline discussion.
noted No    
S3‑180130 Draft Reply LS on security during Resume reject in INACTIVE state in NR Huawei, Hisilicon LS out Approval
7.2.4.3RRC security
Yes
Yes
noted No    
S3‑180131 Discussion on security during Resume reject in INACTIVE state in NR Huawei, Hisilicon discussion Endorsement
7.2.4.3RRC security
Yes
YesEricsson: check with RAN2 the signalling of the figure.We cannot require additional signalling for a situation that is not critical. Intel: keep the solution simple.RAN doesn’t want to add integrity check to reduce the additional load in the network. Huawei: we have to tell RAN that there is a security issue and propose a solution. They will decide if there is too much signalling or not. Nokia: don't load the gNodeB with more signalling.
noted No    
S3‑180132 Delete allowed NSSAI in NAS SMC Huawei, Hisilicon pCR Approval
7.2.5.5NAS Security Mode Command
Yes
Yes
approved No    
S3‑180133 Discussion on Protection of initial NAS message Huawei, Hisilicon discussion Endorsement
7.2.5.2Protection of initial NAS message
Yes
YesKPN,Vodafone and Qualcomm disagreed with this contribution.
noted No    
S3‑180134 pCR to TS 33.501 delete protection of initial NAS message Huawei, Hisilicon pCR Approval
7.2.5.2Protection of initial NAS message
Yes
Yes
noted No    
S3‑180135 pCR to TS 33.501 key identification Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
revised No S3‑180430  
S3‑180136 pCR to TS 33.501 key lifetimes Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
merged No S3‑180430  
S3‑180137 Clean up the EN in 6.1.3.1 Huawei, Hisilicon pCR Approval
7.2.8.2EAP AKA’ over 3gpp/non3gpp access
Yes
Yes
revised No S3‑180344  
S3‑180138 Clean up the EN in 6.2.1 Huawei, Hisilicon pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
revised No S3‑180448  
S3‑180139 Procedures for security context transfer in idle mode mobility Huawei, Hisilicon pCR Approval
7.2.3.6Miscellaneous
Yes
YesNokia: this needs a terminology cleanup.
revised No S3‑180435  
S3‑180140 Subscription identification procedure Huawei, Hisilicon pCR Approval
7.2.14.4Miscellaneous
Yes
Yes
not treated No    
S3‑180141 Corrections on NAS security mode command procedure (subclause 6.7.2) Huawei, Hisilicon pCR Approval
7.2.5.10Editorials
Yes
Yes
approved No    
S3‑180142 Scope of CAPIF security Huawei, Hisilicon pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
No
Yes
revised No S3‑180207  
S3‑180143 Security requirements on CAPIF entities Huawei, Hisilicon pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
No
Yes
revised No S3‑180208  
S3‑180144 Additional security requirements for 3rd party API provider Huawei, Hisilicon pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑180392  
S3‑180145 Delete the mandatory implementation of NIA0 in gNB Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
revised No S3‑180431  
S3‑180146 Change the support of NIA0 in SgNB for ENDC Huawei, Hisilicon CR Approval
7.1EPC enhancements to support 5G New Radio via Dual Connectivity (EDCE5) (Rel-15)
Yes
YesVodafone: we had decided to keep this in the last meeting. Nokia commented that there was no need to disable it. Unauthenticated emergency calls may change this based on some LS responses that SA3 is waiting for, so we would have to change this in any case. Better to wait until we get the feedback from SA2 and others. Postponed for the next meeting.
postponed No    
S3‑180147 Idle mode mobility from 5GS to EPS with N26 Huawei, Hisilicon pCR Approval
7.2.10.2Idle mode 5G-4G
Yes
Yes
merged No S3‑180440  
S3‑180148 Handover procedure from 5GS to EPS with N26 Huawei, Hisilicon pCR Approval
7.2.10.3Handover 5GC-EPS
Yes
Yes
merged No S3‑180441  
S3‑180149 pCR to TS 33.501 Key Handing at Transitions between RRC-INACTIVE to RRC-CONNECTED states Huawei, Hisilicon pCR Approval
7.2.4.3RRC security
Yes
Yes
noted No    
S3‑180150 pCR to TS 33.501 Key Handing during mobility in RRC-INACTIVE state Huawei, Hisilicon pCR Approval
7.2.4.3RRC security
Yes
Yes
noted No    
S3‑180151 pCR to TS 33.501 AS algorithm selection in state transitions between RRC-INACTIVE to RRC-CONNECTED states Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
noted No    
S3‑180152 Authentication in the service registration procedure Huawei, Hisilicon pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesNokia preffered to have the authentication to be done in the transport layer (e.g. using certificates) instead of the application layer. Vodafone asked: If using transport level, can we have different levels of service? Huawei replied that this was the case. Ericsson: if there is a proxy in between this might not work. This is not the way to go. Deutsche Telekom: preconfiguring RAND is odd.
noted No    
S3‑180153 [eMCSec] 33180 R15 IWF security Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
merged No S3‑180386  
S3‑180154 Authorization of NF service discovery Huawei, Hisilicon pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesChina Mobile: add an editor's note about NF instance to be releaved to the NRF in HPLMN. Ericsson: this can be summarised in a couple of sentences, it's overly complicated.
revised No S3‑180360  
S3‑180155 Authorization of NF service access Huawei, Hisilicon other Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesContribution to the living document.
approved No    
S3‑180156 [eMCSec] 33.180 R15 Interworking media and signaling Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
revised No S3‑180376  
S3‑180157 Authorization of SCS/AS to send requests for the 3GPP Network Entity Huawei, Hisilicon CR Approval
7.4Northbound APIs Security for SCEF - SCS/AS Interworking (NAPS_Sec) (Rel-15)
Yes
YesORANGE: we cannot adapt to all types of third party networks. You are proposing an authorization mechanism here, not a security procedure. ORANGE wasn't convinced why it is for multiple authorization mechanisms.Keep only the first sentence. We need an authorization mechanism, but which one is not clear. It was clarified that this was a contribution to the draft CR from the previous meeting, so the type had to be changed to "other". It was asked to be minuted that OATH is a good candidate for this. There was no consensus on this so Huawei decided not to pursue this.
not pursued No    
S3‑180158 [eMCSec] 33180 R15 Interworking key mgmt (InterSD) Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
revised No S3‑180413  
S3‑180159 [eMCSec] 33180 R15 Interworking key mgmt (MCData) Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
withdrawn Yes    
S3‑180160 [eMCSec] 33180 R15 Interworking SeGy clarification Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
revised No S3‑180386  
S3‑180161 [FS_MC_Sec] 33880 Interworking eval (InterSD) Motorola Solutions UK Ltd. CR Agreement
8.1Study on Mission Critical Security Enhancements (FS_MC_Sec) (Rel-15)
Yes
Yes
revised No S3‑180414  
S3‑180162 [FS_MC_Sec] 33880 Interworking eval (MCData) Motorola Solutions UK Ltd. CR Agreement
8.1Study on Mission Critical Security Enhancements (FS_MC_Sec) (Rel-15)
Yes
Yes
withdrawn Yes    
S3‑180163 New WID for MONASTERY security Motorola Solutions UK Ltd. WID new Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
YesIt was commented whether it was possible to add a new objective in the existing WID instead of a new WID. MCC commented that for tracking-in-3GPP purposes and given that it was a new topic, it was better to have a separate WID. It was pointed out that this was a Rel-15 WID, so the work would be brought for the next Bis meeting as well.
revised No S3‑180385  
S3‑180164 NF Service Discovery Request Procedure Intel pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
Yes
noted No    
S3‑180165 NF Service Request Procedure Intel other Approval
7.2.13.5NF-NF Authentication & Authorization
Yes
YesDecided to include it in the living document.
revised No S3‑180363  
S3‑180166 ID linkage verification in secondary authentication Huawei & Hisilicon pCR Approval
7.2.9.3Efficiency / security improvement
Yes
YesORANGE: sending the IMSI to a third party? This has privacy issues, it's internal to the network. There wasn't any support for this change.
noted No    
S3‑180167 DN authorization grant and revocation Huawei & Hisilicon pCR Approval
7.2.9.2Incomplete procedure
Yes
YesEricsson: SA2 makes these kind of decisions.What security issues or threats are we addressing here? We cannot redefine PDU procedures. Qualcomm agreed with Ericsson. There wasn't much support for this document, so it was noted. Huawei commented that the procedure was missing and needed to be there.
noted No    
S3‑180168 Secondary Authentication for multiple PDU sessions Huawei & Hisilicon pCR Approval
7.2.9.3Efficiency / security improvement
Yes
Yes
approved No    
S3‑180169 A key issue proposal on security capability for TR33.811 Huawei, Hisilicon, China Moible, China Unicom, CATR, CATT pCR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
YesVodafone had issues with the term "network operator", there are better terms in SA3 terminology. ORANGE: the threats don’t seem to be threats, only the last one. ORANGE: We don’t need to define all security options that are available for a network slice because they are in TS 33.401 already. NCSC: catalog the options that are available instead of relying on 33.401.
revised No S3‑180437  
S3‑180170 A key issue proposal on security level Huawei, Hisilicon, China Moible, China Unicom, CATR, CATT pCR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
YesBT: "level" implies some kind of judgment. Better use "security profile". NCSC: these are the same key issues as the last one. Vodafone didn’t like the idea of standardising different security profiles; it would restrict the market. Better to define the parameters that describe the profile instead of defining the profile. KPN didn’t support this contribution. NCSC: these requirements are not requirements, they need some work. It was decided to note this contribution and work on 169.
noted No    
S3‑180171 A key issue proposal on isolation degree Huawei, Hisilicon, China Moible, China Unicom, CATR, CATT pCR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
YesVodafone: isolation changes second by second in a SBA. It cannot be a criteria. ORANGE supported Vodafone. Huawei commented that the term "isolation" was used by SA5. BT commented that SA5 has a catalog of features; when they are not available this doesn’t mean that there is isolation. Vodafone commented that regardless of what SA5 has worked on, isolation cannot be guaranteed. The Vice Chair (Alf) encouraged Huawei to work on this offline and come back in the next meeting if they had any agreements.
noted No    
S3‑180172 draft LS on the status of work on interfaces Huawei & Hisilicon LS out Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
Yes
revised No S3‑180436  
S3‑180173 Security Procedures for EAP-TLS Huawei, Hisilicon, Ericsson, Qualcomm Incorporated, China Mobile pCR Approval
7.2.8.4Authentication using EAP TLS
Yes
YesORANGE: Add an editor's note about the privacy of the private certificate. Also on how the UDM is involved in this procedure. BT: add that there is no support of roaming. ORANGE: Key hierarchy is FFS.
revised No S3‑180394  
S3‑180174 pCR for overview of 5G security architecture Huawei, Hisilicon, China Mobile, CATR, ZTE pCR Approval
7.2.1.1Miscellaneous
Yes
YesVodafone: it's not readable in black and white. Nokia: not a clear representation and it's misleading. Dragan(IDEMIA) agreed. Huawei: we are just showing the main points. The figure was not clear enough for the companies. Nokia clarified that there was a similar picture in 33.401. The consensus was that such figure could be welcome but some discussions were needed to agree on a figure.
noted No    
S3‑180175 UP policy Huawei, Hisilicon, pCR Approval
7.2.4.1Userplane open issues
Yes
YesDiscussed with 286. Ericsson: some aspects are still ongoing work in SA2 and they can be fixed later. Merged with 286.
revised No S3‑180423  
S3‑180176 Modification of Kausf Huawei, Hisilicon, pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
merged No S3‑180395  
S3‑180177 Merge two procedures of SBA authorization Huawei, Hisilicon, other Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
Yes
approved No    
S3‑180178 Key distribution and key derivation scheme Huawei, Hisilicon, pCR Approval
7.2.1.1Miscellaneous
Yes
YesDocomo: the note is a definition and it needs to be checked if the definition applies to the whole spec. There were some issues as well with the figure 6.2.2-1.
revised No S3‑180450  
S3‑180179 Confidentiality protection of NSST Huawei, Hisilicon, pCR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180180 Confidentiality protection of NSI monitoring data Huawei, Hisilicon, pCR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180181 Replay protection for UP, RRC and NAS Huawei, Hisilicon, pCR Approval
7.2.4.4Miscellaneous
Yes
YesNokia: Replay protection is built-in in the protocol, no need to add this. China Mobile: replay protection is a different requirement so we agree with Huawei.
approved No    
S3‑180182 Integrity for UP, RRC and NAS Huawei, Hisilicon, pCR Approval
7.2.4.5Editorials
Yes
Yes
merged No S3‑180422  
S3‑180183 Confidentiality for UP, RRC and NAS Huawei, Hisilicon, pCR Approval
7.2.4.5Editorials
Yes
Yes
merged No S3‑180422  
S3‑180184 NF Service Register Request Procedure Intel pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesEricsson didn’t support this method. NTT-Docomo and DT: use certificates. Ericsson agreed to use them for authorization, they preferred to use standardised solutions in any case. Intel: registration request and response is coming from SA2, this is not a new method. We are adding protection for that. Intel clarified that this is for authentication.
revised No S3‑180358  
S3‑180185 Security requirements for Service Request Intel pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesChina Mobile argued that there was no need to have the sessions.The communication can be secured by the signalling, no need to have a secure session.Whether it is session based or not, that's another discussion. Ericsson: pre-configured discovery between the two NFs, how is the second requirement fulfilled? Intel: it is assuming that there is no pre-configuration.
revised No S3‑180361  
S3‑180186 Solution to prevent unauthorized access to external Data Network Intel pCR Approval
7.2.9.1MitM
Yes
Yes
noted No    
S3‑180187 Discussion paper on voice service continuity between 5G and 3G China Unicom, Huawei, HiSilicon, ZTE, CATR, OPPO discussion  
8.5New study item proposals
Yes
Yes
noted No    
S3‑180188 New study item on Security aspects of single radio voice continuity from 5G to 3G China Unicom, Huawei, HiSilicon, ZTE, CATR, OPPO SID new  
8.5New study item proposals
Yes
YesAlex (BT): 2G needs to be removed from here. The SA plenary position was to agree to do this for 3G. This could be a WID for Rel-16 instead, and wait for the work done in SA1. KPN:opening a WID, how do we capture our thoughts? Keep it as SID. NTT-Docomo: Remark that this is 5G to UTRAN CS.
revised No S3‑180384  
S3‑180189 Discussion paper on encrypted traffic detection and verification China Unicom, Huawei, HiSilicon, ZTE, CATR, OPPO discussion  
8.5New study item proposals
Yes
Yes
noted No    
S3‑180190 Study on security aspects of encrypted traffic detection and verification China Unicom, ZTE, Huawei, HiSilicon, CATR, OPPO SID new  
8.5New study item proposals
Yes
YesEricsson: wait for SA2 to work further.Nokia agreed. There wasn't much support for this Study item.
noted No    
S3‑180191 Key issue on topology hiding of the service China Unicom, China Mobile pCR  
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑180392  
S3‑180192 ey issue on secure communication between functions in CAPIF China Unicom, China Mobile pCR  
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑180392  
S3‑180193 draft Reply LS on security during Resume reject in INACTIVE state in NR Intel LS out Approval
7.2.4.3RRC security
Yes
Yes
noted No    
S3‑180194 Discussion on Security Issues with RRC Reject for INACTIVE Mode Intel discussion Discussion
7.2.4.3RRC security
Yes
YesEricsson: this doesn’t solve the problem. Intel: proposal 2 is an option, we recommend proposal one. Ericsson didn’t see any viable solution to be sent to RAN2. There are threats and we are aware of them, we can reply with this. Intel: RAN2 is not asking for a solution, it's just asking if there is any concern from SA3. It was decided to go for the reply LS in 349 and note the related documents here.
noted No    
S3‑180195 Binding Primary and Secondary authentication Intel discussion Endorsement
7.2.9.1MitM
Yes
Yes
noted No    
S3‑180196 Secondary Re-Authentication Intel pCR Approval
7.2.9.2Incomplete procedure
Yes
Yes
revised No S3‑180379  
S3‑180197 Discussion on the enhancement of SUCI construction scheme LG Electronics discussion Discussion
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180198 Additional input for SUCI construction - Annex C. LG Electronics pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180199 Draft LS on the security of a known part of plaintext for subscription identifier LG Electronics LS out Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180200 Clarification of security visibility LG Electronics pCR Approval
7.2.7.1Miscellaneous
Yes
Yes
revised No S3‑180453  
S3‑180201 Clarification on network slice access authentication and authorization LG Electronics pCR Approval
7.2.9.5Editorial and clarification
Yes
Yes
noted No    
S3‑180202 Add context for multiple registrations in the same PLMN Huawei, Hisilicon pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180203 Add a new requirement in scenario when UE has multiple registration in different PLMNs Huawei, Hisilicon pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
revised No S3‑180398  
S3‑180204 a new WID for 5G SCAS Huawei, Hisilicon WID new Approval
5Items for early consideration
Yes
Yes
revised No S3‑180334  
S3‑180205 new SID on security of 5WWC Huawei, Hisilicon SID new Agreement
8.5New study item proposals
Yes
YesORANGE: fourth bullet point, replace equipment with UE. The only equipment that can access the public network are the UE. Broadcom: consider the solution/s that SA2 will find. DT: subscription privacy of wired network entity? What's that? Qualcomm: time scales are too tight, the workload is high and this is not realistic. Vodafone: we object to this, we don’t have the time to work on this study item in SA3 given the workload. NTT-Docomo: tell SA that security work in this time scale is not realistic. BT: this work needs to be done, and the interest is evident from the list of supporting companies. The Chair suggested to work on this offline and bring it back for the next meeting. Vodafone commented that the list of supporting companies are coming from the SA2 work, not for this work item.
noted No    
S3‑180206 Meeting SUPI privacy and LI Requirements Huawei, Hisilicon, Intel, China Mobile, CATT pCR Approval
7.2.14.1SUPI and LI
Yes
Yes
noted No   S3‑180101
S3‑180207 Scope of CAPIF security Huawei, Hisilicon, China Mobile pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
YesNEC commented that the scope here was too short and needed more wording. The Vice Chair proposed to accept this and bring more proposals for the next meeting.
approved No   S3‑180142
S3‑180208 Security requirements on CAPIF entities Huawei, Hisilicon, China Mobile pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑180392 S3‑180143
S3‑180209 Reply LS on algorithm selection in E-UTRA-NR Dual Connectivity R2-1714124 LS in  
7.1EPC enhancements to support 5G New Radio via Dual Connectivity (EDCE5) (Rel-15)
No
Yes
withdrawn Yes    
S3‑180210 Inter Operator Signalling Security in 5G Proposal Deutsche Telekom AG discussion Decision
7.2.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑180211 Discussion and pCR for SUCI home routing China Mobile pCR Approval
7.2.14.3SIDF
Yes
YesVodafone: keys stored in something else that the AUSF? Ericsson: SIDF colocated in the UDM was the agreement and this is against that. Vodafone: Add extra bits for routing, no need for SIDF.ORANGE supported this. Nokia: postpone the discussion since this is changing an agreement. Huawei supported this. Nokia, Ericsson didn’t support this change in 5.5.1.Huawei commented that this is a problem that needs to be addressed.
noted No    
S3‑180212 Requirements on SIDF NEC Telecom MODUS Ltd. pCR Approval
7.2.14.3SIDF
Yes
Yes
not treated No    
S3‑180213 Discussion and pCR for privacy calculation in UE side China Mobile, ZTE pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180214 Updates to Clause 6.12.2 regarding protection scheme identification NEC Telecom MODUS Ltd. pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180215 Enhancing the security of the key KAMF China Mobile,Huawei, Hisilicon; Deutsche Telekom AG discussion Discussion
7.2.5.5NAS Security Mode Command
Yes
Yes
noted No    
S3‑180216 Handover from 5GS to EPS NEC Telecom MODUS Ltd. pCR Approval
7.2.10.3Handover 5GC-EPS
Yes
Yes
merged No S3‑180441  
S3‑180217 Enhance the security of the key KAMF in the NAS SMC procedure China Mobile; Huawei; Hisilicon; Deutsche Telekom AG discussion Discussion
7.2.5.5NAS Security Mode Command
Yes
Yes
noted No    
S3‑180218 Handover from EPS to 5GS NEC Telecom MODUS Ltd. pCR Approval
7.2.10.4Handover EPS-5GC
Yes
Yes
merged No S3‑180442  
S3‑180219 Updating NAS security mode command procedure China Mobile,Huawei, Hisilicon, Deutsche Telekom AG pCR Approval
7.2.5.5NAS Security Mode Command
Yes
Yes
noted No    
S3‑180220 Annex-DH usage modes, DH capability identifier and the calculation of KAMF' China Mobile, Huawei, Hisilicon, Deutsche Telekom AG pCR Approval
7.2.5.5NAS Security Mode Command
Yes
Yes
noted No    
S3‑180221 Adding details of K’AMF to clause 6.2.1 NEC Telecom MODUS Ltd. pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
revised No S3‑180449  
S3‑180222 New WID on GBA enhancements for Internet of Things China Mobile, CATR, China Unicom WID new Agreement
7.7New Work Item proposals
Yes
YesEricsson: it should be a study first and wider in scope, considering discussions in IETF. Qualcomm: in the objectives, which protocols other than HTTP? The Chair commented that the overal opinion seemed that the work should start with a study item first. ORANGE: include 5G in the scope, e.g. SSO in 5G. Nokia: there is no time to have a new study item given the workload with 5G. Vodafone expressed their concerns on study items taking out time for 5G items. BT suggested to handle every normative item in 5G as a priority before heading for study item work. The Chair pointed out that prioritization will serve that purpose and that contributions can be always accepted as a 3GPP working procedure. Gemalto: some study items are essential for future normative work, ORANGE: this should be decided each meeting, not as a general rule. The Chair decided to use prioritization in the next meetings. Vodafone wanted their objection recorded if this issue was commented in SA plenary; they preferred to have study items delayed until August. Ericsson asked to delay this study item for the next meeting in order to have internal discussions about it.There may be several studies in here. There was no agreement and the document was noted and expected to come back for the meeting SA3#91.
noted No    
S3‑180223 LS to CT3 CT4 on SBI Design and its Security Implications Deutsche Telekom AG LS out Approval
5Items for early consideration
Yes
YesDT commented that the security is best done at application layer level and tracing data should be protected. This needed a joint discussion with CT4. Vodafone: this release should secure a subset, and secure the whole thing properly in the next release. It is too rushed. Nokia: We don’t want to limit the progress of CT4's work. Nokia also preffered to have discussions with CT4. NTT-Docomo: delaying the work would not be advisable in this case. Vodafone: nobody will use this spec until the end of the next release, as seen with interconnect contacts. A single meeting cannot cover this whole work. The parties involved took the matter offline.
revised No S3‑180389  
S3‑180224 Security requirements on the CAPIF-4 reference point China Mobile, Huawei pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
merged No S3‑180392  
S3‑180225 Discussion and pCR about NF authentication for SBA China Mobile other Approval
7.2.13.5NF-NF Authentication & Authorization
Yes
YesContribution to the living document. NTT-Docomo commented that this will be a problem in the evaluation. BT was concerned that this suggests that whatever the vendors build is depending on the deployment of the operator. Vodafone commented that it was difficult to track what this contribution was affecting and how. The use of living documents was confusing. NTT-Docomo: this document is too vague, not clear what needs to be done. 264 displays Nokia's opinion on this issue.
noted No    
S3‑180226 [eMCSEC] Notifying the use of Security Gateways NCSC CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
agreed No    
S3‑180227 [eMCSEC] LS to SA6 on Security Gateway notification NCSC LS out Approval
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
revised No S3‑180387  
S3‑180228 [eMCSEC] Security Gateway clause update and move to annex NCSC CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
merged No S3‑180386  
S3‑180229 Document showing the changes to SeGy functionality NCSC discussion Discussion
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
noted No    
S3‑180230 KAMF Derivation when AMF set changes during idle mode mobility Huawei; Hisilicon pCR Approval
7.2.3.2Security in AMF change between AMF sets
Yes
Yes
merged No S3‑180434  
S3‑180231 Interworking: Handover from EPS to 5GS Nokia pCR Approval
7.2.10.4Handover EPS-5GC
Yes
Yes
revised No S3‑180442  
S3‑180232 Interworking: Handover from 5GC to EPS Nokia pCR Approval
7.2.10.3Handover 5GC-EPS
Yes
Yes
merged No S3‑180441  
S3‑180233 Interworking: Idle mode mobility from EPS to 5GS Nokia pCR Approval
7.2.10.1Idle mode 4G-5G
Yes
Yes
merged No S3‑180439  
S3‑180234 Interworking; Idle mode mobility from 5G to 4G Nokia pCR Approval
7.2.10.2Idle mode 5G-4G
Yes
Yes
revised No S3‑180440  
S3‑180235 Adding Emergency Services paragraph for Subscription Identification procedure KPN N.V. pCR Approval
7.2.14.4Miscellaneous
Yes
Yes
not treated No    
S3‑180236 Secondary authentication: Clause 12.1.2: Resolve ENs Nokia pCR Approval
7.2.9.5Editorial and clarification
Yes
Yes
approved No    
S3‑180237 Secondary Authentication: Align with SA2 procedure and removal of EN on making the figure updatable Nokia pCR Approval
7.2.9.4Miscellaneous
Yes
Yes
merged No S3‑180380  
S3‑180238 SBA: Prioritization for Phase 1 Nokia pCR Approval
7.2.13.1Interconnect (SEPP related)
Yes
Yes
revised No S3‑180353  
S3‑180239 SBA: Resolve EN on Information Elements that require protection Nokia other Approval
7.2.13.2Protection of Attributes
Yes
Yes
revised No S3‑180354  
S3‑180240 Protecting the IMSI and IMEI in NAS Security Mode Command Qualcomm Incorporated discussion Endorsement
7.2.14.1SUPI and LI
Yes
YesBT: if we are forced to turn NAS encryption off, it's doubtful we can encrypt partially in all scenarios. Verizon: we can protect privacy without having to encrypt the IMSI. IMEI is a device parameter, not an user parameter. Docomo: much cheaper to change the IMSI than the IMEI. Docomo: the question is: are we allowed to protect IMSI even if the encryption is not there? Nokia: ask SA3-LI with an LS if we are allowed to send the IMSI at all in this situation. BT: UE needs to send IMSI in some form. The restriction would be you can’t send it when NAS encryption is off. I wouldn’t like that option as BT. Alex commented that a possible LS would not be answered until after the SA3#90Bis meeting.
noted No    
S3‑180241 Removing allowed NSSAI from NAS Security Mode procedure Qualcomm Incorporated pCR Approval
7.2.5.5NAS Security Mode Command
Yes
Yes
noted No    
S3‑180242 Removal of the hashing method from NAS SMC as security covered by the initial NAS message protection Qualcomm Incorporated pCR Approval
7.2.5.2Protection of initial NAS message
Yes
YesHuawei and Ericsson didn’t support this. Nokia had some issues as well. Vodafone was in favour of this contribution. DT supported this contribution since it protects the information as much as possible. There was no consensus on this contribution hence it was noted.
noted No    
S3‑180243 Adding a generic bid down solution to the 5G TS Qualcomm Incorporated pCR Approval
7.2.5.9Miscellaneous
Yes
Yes
noted No    
S3‑180244 Discussion on the whether there is a need for one NAS SMC to change the security context on both 3GPP and non-3GPP access in the same PLMN Qualcomm Incorporated discussion Endorsement
7.2.5.7Multi-NAS security
Yes
YesEricsson and Nokia commented that there many more details behind. Huawei: it's not clear enough, too generic. The Chair saw that in general people agreed on this but a more detailed statement would be needed.
noted No    
S3‑180245 Discussion on completing the LTE bidding down procedures Qualcomm Incorporated discussion Discussion
7.6.1SAE/LTE Security
Yes
Yes
noted No    
S3‑180246 Discussion on the use of the serving network identity to generate keys that are used in the AUSF Qualcomm Incorporated discussion Discussion
7.2.4.4Miscellaneous
Yes
YesNo one saw an issue in the key derivation in the AUSF. The document was noted.
noted No    
S3‑180247 Adding references to the algorithm test data Qualcomm Incorporated pCR Approval
7.2.17Others
Yes
Yes
revised No S3‑180416  
S3‑180248 Adding requirements on CU-DU split based on the key derivation used Qualcomm Incorporated pCR Approval
7.2.4.4Miscellaneous
Yes
YesEricsson didn’t agree with the requirement. This was taken offline.
noted No    
S3‑180249 Identifying problems with secondary authentication Qualcomm Incorporated pCR Approval
7.2.9.1MitM
Yes
Yes
noted No   S3‑173301
S3‑180250 pCR to update the secondary authentication procedure to include the authentication/authorization confirmation between UE and SMF when a key generating EAP method is used Qualcomm Incorporated pCR Approval
7.2.9.3Efficiency / security improvement
Yes
Yes
noted No   S3‑173302
S3‑180251 pCR to update the secondary EAP authentication clause to take into account the roaming scenario Qualcomm Incorporated pCR Approval
7.2.9.2Incomplete procedure
Yes
Yes
revised No S3‑180380 S3‑173303
S3‑180252 pCR to provide a normative text for handover from 5GC to EPC Qualcomm Incorporated pCR Approval
7.2.10.3Handover 5GC-EPS
Yes
Yes
revised No S3‑180441 S3‑173305
S3‑180253 pCR to provide a normative text for handover from EPC to 5GC Qualcomm Incorporated pCR Approval
7.2.10.4Handover EPS-5GC
Yes
Yes
merged No S3‑180442 S3‑173305
S3‑180254 pCR to provide a text for idle mode mobility from 5GC to EPC Qualcomm Incorporated pCR Approval
7.2.10.2Idle mode 5G-4G
Yes
Yes
merged No S3‑180440 S3‑173305
S3‑180255 pCR to provide a text for idle mode mobility from EPC to 5GC Qualcomm Incorporated pCR Approval
7.2.10.1Idle mode 4G-5G
Yes
Yes
merged No S3‑180439 S3‑173305
S3‑180256 User plane integrity protection granularity Qualcomm Incorporated pCR Approval
7.2.4.1Userplane open issues
Yes
YesNoted as it was simialr to 286.
noted No    
S3‑180257 Keys in the UE Qualcomm Incorporated pCR Approval
7.2.2.4Miscellaneous
Yes
Yes
merged No S3‑180452  
S3‑180258 Support of privacy schemes and profiles by the UE Qualcomm Incorporated pCR Approval
7.2.14.2SUCI and Schemes
Yes
YesVodafone: cool wit this as long as it is not just a single scheme.
noted No    
S3‑180259 pCR: Multiple Registrations in different PLMNs using K_AUSF (Updated) Qualcomm Incorporated pCR Approval
7.2.6.1Multiple registrations
Yes
YesDiscussed together with 284. Ericsson: the whole solution is really complex and totally new, for being optional. Ericsson: this is an optimization that can be used later in phase two. Huawei and Intel supported this view.
noted No    
S3‑180260 SBA: Considerations on applying security on HTTP message payload Nokia discussion Decision
7.2.13.2Protection of Attributes
Yes
Yes
noted No    
S3‑180261 Reply LS on Use of Subscriber Identity in HTTP URI Nokia LS out Approval
7.2.13.2Protection of Attributes
Yes
Yes
noted No    
S3‑180262 Clarification need of CMPv2 in TS 33.310 Ericsson discussion Endorsement
7.6.3Network Domain Security (NDS)
Yes
YesIt was agreed to treat this in the Bis meeting in San Diego. It was commented that it was needed to go back up to Rel-10.
noted No    
S3‑180263 SBA: Resolve EN on use of JOSE with multiple HTTP Sessions between two NFs. Nokia other Approval
7.2.13.2Protection of Attributes
Yes
YesNTT-Docomo: This implies a binding between request and response that needs to be captured in an editor's note.
revised No S3‑180356  
S3‑180264 SBA: Service access authorization Nokia pCR Approval
7.2.13.5NF-NF Authentication & Authorization
Yes
YesNTT-Docomo: this implies a change of all software of all NFs at the same time when it is easier to change the hardware.BT agreed. Huawei agreed with NTT-Docomo. Ericsson preffered a token-based proposal and not this one.
noted No    
S3‑180265 Clause 6.7.2 (NAS SMC, SUPI from UE for LI) Ericsson pCR Approval
7.2.14.1SUPI and LI
Yes
YesVodafone: it was generally agreed that the visited network should not tamper with the information that is passing. NTT-Docomo: requirement of sending the SUPI over the air and protecting it. BT: if SA3 accepts that authentication fails when messing with the SUPI/IMSI, that would work well with the LI group and BT would support this contribution. The Nokia solution is more difficult to live with for LI. Docomo: nobody seems to be objecting to using a hash. In this case the Ericsson proposal would be straightforward. I like the partial protection of the IMEI from the Qualcomm proposal. Combining both would be a good privacy solution. BT: hash based solution is fine if authentication fails. If any possiblity allows the UE to connect, LI will not agree.KPN agreed with this. If the SUPI is not the same in both sides, the connection shall fail. Huawei: LI should just accept the SUPI from the home network and make things easier. ORANGE replied that these are regulatory requirements that operators need to comply with. It looked like the hash-based Ericsson solution seemed to be the most accepted. BT commented that there was no chance to bring back this discussion to the next SA3 meeting.
noted No    
S3‑180266 Clause 5.1.5 (SUCI – on-the-fly indication to use null-scheme) Ericsson pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
noted No    
S3‑180267 NF discovery with SUCI Ericsson pCR Approval
7.2.14.3SIDF
Yes
YesKPN supported this way ahead as opposed to the China Mobile solution in 211. Nokia preferred to further study the new Annex. Noted to give it more time for further study.
noted No    
S3‑180268 Clause 6.12.4 (subscription identification procedure) Ericsson pCR Approval
7.2.14.4Miscellaneous
Yes
Yes
not treated No    
S3‑180269 Clauses 6.12.1 and 6.12.2 (Moving SUCI related text from 6.12.1 to 6.12.2) Ericsson pCR Approval
7.2.14.5Editorials
Yes
Yes
not treated No    
S3‑180270 Clause 6.7.4 (user plane and RRC security - AS SMC procedure) Ericsson pCR Approval
7.2.4.2Userplane security
Yes
Yes
merged No S3‑180426  
S3‑180271 Clause 6.7.3.0 (user plane and RRC security - initial AS security context establishment) Ericsson pCR Approval
7.2.4.2Userplane security
Yes
Yes
revised No S3‑180425  
S3‑180272 Clause 6.8.2.1 (key handling – RRC INACTIVE/CONNECTED state transition) Ericsson pCR Approval
7.2.4.3RRC security
Yes
Yes
noted No    
S3‑180273 Clause 6.8.2.2 (key handling – RRC INACTIVE mobility) Ericsson pCR Approval
7.2.4.3RRC security
Yes
Yes
noted No    
S3‑180274 (Clause 6.3.4) Multiple registrations in the same PLMN’s serving network Ericsson pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180275 (Clause 6.4 ) Multiple active NAS connections in the same PLMN’s serving network Ericsson pCR Approval
7.2.5.4NAS integrity and confidentiality mechanisms
Yes
Yes
merged No S3‑180400  
S3‑180276 New requirements for algorithm selection in TS 33.501 Ericsson pCR Approval
7.2.5.1Requirements
Yes
YesQualcomm: c) is a solution. Ericsson: this is coming from 33.401, but we need to check there to see if it is the same. NTT-Docomo: if it is a solution we don’t need to put it. We endorse it. Qualcomm: what does "endorse" mean here? Just remove it. ORANGE commented that these requirements were not necessary. The Chair decided to note it eventually.
noted No    
S3‑180277 Clause 6.4.6 (rectifying partial protection aspects) Ericsson pCR Approval
7.2.5.2Protection of initial NAS message
Yes
Yes
noted No    
S3‑180278 Exception lists of NAS and RRC message to be integrity protected and encrypted Ericsson pCR Approval
7.2.5.9Miscellaneous
Yes
YesThis was taken offline for discussion with the CT1 colleagues and finally agreed by Qualcomm.
approved No    
S3‑180279 Handover from 5GS to EPS Ericsson pCR Approval
7.2.10.3Handover 5GC-EPS
Yes
Yes
merged No S3‑180441  
S3‑180280 Idle mode mobility from 5GS to EPS Ericsson pCR Approval
7.2.10.2Idle mode 5G-4G
Yes
Yes
merged No S3‑180440  
S3‑180281 Idle mode mobility from EPS to 5GS Ericsson pCR Approval
7.2.10.1Idle mode 4G-5G
Yes
Yes
revised No S3‑180439  
S3‑180282 Handover from EPS to 5GS Ericsson pCR Approval
7.2.10.4Handover EPS-5GC
Yes
Yes
merged No S3‑180442  
S3‑180283 Mapping of security contexts during interworking between EPS and 5GS Ericsson pCR Approval
7.2.10.5Security context mapping
Yes
Yes
revised No S3‑180443  
S3‑180284 Multiple registrations in different PLMNs serving networks Ericsson pCR Approval
7.2.5.7Multi-NAS security
Yes
YesDiscussed together with 259 (Qualcomm).
merged No S3‑180398  
S3‑180285 Clause 6.6.3 (user plane – security activation) Ericsson pCR Approval
7.2.4.2Userplane security
Yes
Yes
merged No S3‑180426  
S3‑180286 Clause 6 (user plane security – security policy) Ericsson pCR Approval
7.2.4.1Userplane open issues
Yes
YesQualcomm preferred this contribution to 175 since it was more detailed. It was decided to merge both contributions.
merged No S3‑180423  
S3‑180287 Clause 6 (user plane security – non-activation of integrity protection) Ericsson pCR Approval
7.2.4.1Userplane open issues
Yes
Yes
approved No    
S3‑180288 Annex D.1 (user plane security – null-integrity not allowed for DRBs) Ericsson pCR Approval
7.2.4.1Userplane open issues
Yes
Yes
approved No    
S3‑180289 Clause 6 (user plane security – conflict between RAN and CN) Ericsson pCR Approval
7.2.4.1Userplane open issues
Yes
YesHuawei didn't agree with this proposal. Integrity protection will be dropped as well in any congestion situation. Ericsson: we don’t mention congestion. Huawei: The RAN will never overrule the security policy coming from the core network. The RAN knows how to deal with the resources in case of congestion. Qualcomm: The core network will tell when to disable the integrity protection. Huawei: what happens when the RAN cannot fulfil the integrity protection during a congestion? Huawei: RAN complies with the user plane policy security and will handle the congestion by itself. No need for negotiation, it will never override the CN policy. Ericsson: agreements don't mention congestion. The discussion was taken offline and the agreements recorded in 424.
revised No S3‑180424  
S3‑180290 On the need for multiple NAS SMC procedures Ericsson discussion Approval
7.2.5.7Multi-NAS security
Yes
Yes
noted No    
S3‑180291 Proposal for way forward on the biding problem in the secondary Ericsson discussion Endorsement
7.2.9.1MitM
Yes
YesIntel: this is man-in-the-middle attack. Ericsson: It's not a man-in-the-middle but an authenticated UE that is misbehaving. China Mobile: this is not related to secondary authentication. ORANGE was supporting Ericsson here. BT supported this paper, there is a threat in the secondary authentication. ORANGE this is not a problem of 3GPP, we provide only the transport. KPN agreed. Nokia pointed out that this was not part of phase one.
noted No    
S3‑180292 On feature set relevance for independent SEAF deployment Ericsson discussion Approval
7.2.1.1Miscellaneous
No
Yes
withdrawn Yes    
S3‑180293 New annex for 3GPP 5G profile on RFC 5448 EAP-AKA’ Ericsson pCR Approval
7.2.8.2EAP AKA’ over 3gpp/non3gpp access
Yes
Yes
approved No    
S3‑180294 Clarifications and clean-up of 5G AKA procedure Ericsson pCR Approval
7.2.8.7Editorial corrections
Yes
YesNTT-Docomo: timer being optional and auth confirmation being optional is against what we had agreed in Singapore. Everybody was agreeing on having the authentication confirmation. Ericsson asked: For 5G AKA, do we need one authentication vector? BT preferred to have several auth vectors, but it was pointed out that long discussions before had led to having just one authentication per request for 5G.
revised No S3‑180393  
S3‑180295 Construction of serving network name with 5G AKA and EAP-AKA’ Ericsson pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
YesKPN didn’t understand the need for this, so it was taken offline.They didn't agree with the separation character either.Vodafone and ORANGE supported this.
revised No S3‑180390  
S3‑180296 Adding forward secrecy for AKA in phase 2 without bidding-down problems Ericsson pCR Approval
7.2.8.5Enhancements to authentication (Diffie-Hellman proposals etc)
Yes
Yes
noted No    
S3‑180297 Signalling procedure for periodic local authentication Samsung pCR Approval
7.2.4.3RRC security
Yes
Yes
revised No S3‑180428  
S3‑180298 LS (S3-180034/CT4-176395) on the Use of Subscriber Identity in HTTP URI Ericsson LS out Approval
7.2.13.2Protection of Attributes
Yes
Yes
noted No    
S3‑180299 LS on protection of HTTP messages between SEPPs Ericsson LS out Approval
7.2.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑180300 Including authentication into authorization aspects Ericsson pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
Yes
revised No S3‑180368  
S3‑180301 TLS mandatory to implement for SBA security Ericsson pCR Approval
7.2.13.3Transport security (intra and inter-PLMN)
Yes
YesBT commented that the meaning of "use" in this case was ambiguous. The first phrase was reworded to clarify this.
revised No S3‑180357  
S3‑180302 Annex C (SUCI – scheme properties) Ericsson pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180303 Clause 6.12.2 (SUCI – behaviours when USIM calculates SUCI) Ericsson pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180304 Clause 6.12.5 (SIDF – size of SUCI) Ericsson pCR Approval
7.2.14.3SIDF
Yes
Yes
not treated No    
S3‑180305 Clause 6.12.5 (SIDF – validating calculation of the SUCI) Ericsson pCR Approval
7.2.14.3SIDF
Yes
Yes
not treated No    
S3‑180306 Annex C (SUCI – ECIES profiles) Ericsson pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
revised No S3‑180451  
S3‑180307 CAPIF Security requirements Samsung, Motorola Solutions pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
revised No S3‑180392  
S3‑180308 Assignment of KSIamf Ericsson pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
merged No S3‑180430  
S3‑180309 Security procedure for CAPIF-1e reference point Samsung pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180310 Registration state transitions in TS 33.501 Ericsson, Huawei, Hisilicon pCR Approval
7.2.5.6NAS security handling during state-transitions
Yes
Yes
revised No S3‑180397  
S3‑180311 Connection state transitions in TS 33.501 Ericsson, Huawei, Hisilicon pCR Approval
7.2.5.6NAS security handling during state-transitions
Yes
Yes
approved No    
S3‑180312 Security Procedure for CAPIF-2e reference point Samsung pCR Agreement
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
YesNEC: it is strange that there are three methods here, which seems like three options. It was clarified that method one and two are authentication and method three is authorization/authentication. BT: how is the method chosen/ negotiated in the fly? Samsung: this is determined in 392. Nokia: method three is fine but the others need some more refinement. Huawei wasn't convinced with the authorization mechanisms for method one and two, so an editor's note was added to address this.
revised No S3‑180403  
S3‑180313 New UE requirement to store two 5G security contexts in TS 33.501 Ericsson, Qualcomm Incorporated pCR Approval
7.2.6.4UE handling
Yes
YesGemalto: why is the storage at the power-off? It’s different from the EPS. Qualcomm: it includes the de-registration, we can clarify it. Gemalto: CT6 defines the different types of services: support of 5G security context and others. Qualcomm disagreed. Dragan (IDEMIA): we need to stay general, not to focus on 5G security context. We need to mention 5G security services. It was agreed to reword this sentence in the revision and text from 33.401.
revised No S3‑180445  
S3‑180314 CAPIF security within PLMN Trust Domain Samsung pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
YesNEC: this is in a solution section and we have two requirements. Huawei: the second line is too broad, you cannot mention that the whole TS 33.310 applies; refer to the right clause. China commented that the first sentence wasn't clear enough and needed to be more specific about what exactly is being taken from TS 33.310. MCC agreed with this.
revised No S3‑180404  
S3‑180315 LS to CT1 on Protected Payload message type NCSC LS out Approval
7.6.18Security of the Mission Critical Service (MCSec)
Yes
Yes
revised No S3‑180388  
S3‑180316 New key issue on UE behaviour on failing integrity check Ericsson other Approval
7.2.16PLMN RAT selection
Yes
YesVodafone: The wording for the key issue looks like a requirement.It's missing here to describe some means of receiving the message correctly (e.g. a request to be resent). Huawei commented that they didn’t agree with the requirements. This had to be taken offline.
revised No S3‑180370  
S3‑180317 New solution: Protected UE configuration update commands Ericsson other Approval
7.2.16PLMN RAT selection
Yes
Yes
revised No S3‑180374  
S3‑180318 New solution: key management via AUSF Ericsson pCR Approval
7.2.16PLMN RAT selection
Yes
YesVodafone: UDM knows everytime that the auth process is being done.Narrow it down to authentication for network access. Sending keys out every time we need an authentication might be a problem.
revised No S3‑180375  
S3‑180319 Addition of soltion to living document (Steering of roaming) Vodafone GmbH other Approval
7.2.16PLMN RAT selection
Yes
YesDT: Take out the DH example. This was agreed. ORANGE: if you are proposing a new secure channel here you should consider the LI aspects with an editor's note.
revised No S3‑180377  
S3‑180320 Clause 6.9.2.3 (horizontal K_AMF derivation at N2-Handover) Ericsson, Huawei, Hisilicon pCR Approval
7.2.3.2Security in AMF change between AMF sets
Yes
Yes
approved No    
S3‑180321 Clause 6.9.3 (horizontal K_AMF derivation at mobility registration update) Ericsson pCR Approval
7.2.3.2Security in AMF change between AMF sets
Yes
Yes
revised No S3‑180434  
S3‑180322 Handling of 5G security contexts in the UE Gemalto, IDEMIA pCR Approval
7.2.2.4Miscellaneous
Yes
YesVodafonel replace UICC with USIM. ORANGE: The same with the related contributions that will merge.
merged No S3‑180452  
S3‑180323 Storage of key material in the UE Gemalto, IDEMIA pCR Approval
7.2.2.4Miscellaneous
Yes
Yes
revised No S3‑180452  
S3‑180324 SUCI calculation Gemalto N.V. pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
not treated No    
S3‑180325 Clarification for TCP connection reuse Ericsson Limited CR Agreement
7.6.2IP Multimedia Subsystem (IMS) Security
Yes
Yes
revised No S3‑180417  
S3‑180326 pCR to 33.501 - SUPI Encryption Protocol: issues identified by ETSI SAGE VODAFONE Group Plc pCR Approval
7.2.14.1SUPI and LI
Yes
YesBT supported this contribution. Vodafone was happy with merging this paper with any solution as long as the fraud part was covered. Change one was not agreed. Ericsson wanted to discuss more deeply the editor's notes on the fraud cases in change two, so it was suggested to have a dedicated conference call to discuss them.
noted No   S3‑173260
S3‑180327 Considerations on Network Function Authorization in 5G SBA Deutsche Telekom AG discussion Discussion
7.2.13.5NF-NF Authentication & Authorization
Yes
Yes
noted No    
S3‑180328 Clause 6.9 (policy dependent horizontal K_AMF derivation) Ericsson pCR Approval
7.2.3.2Security in AMF change between AMF sets
Yes
Yes
approved No    
S3‑180329 Attributes requiring confidentiality protection on the N32 interface Deutsche Telekom AG, KPN pCR Approval
7.2.13.2Protection of Attributes
Yes
YesChina Mobile commented that the confidentiality protection for location data should be optional (not a "shall"). ORANGE commented that this was only for roaming. What's the reason for not having location data confidentiality protected? It was commented that some countries would not allow to have this as a requirement. Vodafone: put it as "shall" unless local regulators don’t allow it.
revised No S3‑180355  
S3‑180330 Clause 6.9 and new Annex (input parameter for horizontal K_AMF derivation) Ericsson pCR Approval
7.2.3.2Security in AMF change between AMF sets
Yes
Yes
merged No S3‑180434  
S3‑180331 Discussion on SUPI privacy proposals NTT DOCOMO INC. discussion Decision
7.2.14.1SUPI and LI
Yes
YesNTT Docomo: Proposal one not needed to be known in the access network. China Mobile: we would like to have the SUPI accessible in the clear, known in the VPLMN including the base station. It was pointed out that there was a requirement on this. BT commented that SA3 would be changing the requirement that's being worked in SA3-LI and that a contribution should be sent to SA3-LI for discussion. BT wanted to have minuted the documentation of this requirement. Vodafone: CMCC wants the requirement on the VPLMN irrespectible of the HPLMN wanting to prevent the encryption of the SUPI. Huawei: HPLMN can decide on the privacy of the SUPI. Qualcomm: on "the SUPI shall be able to be sent clear over the air", What happens with the privacy of the SUPI in this case? We can disregard everything. BT: 3GPP works on requirements that are written down somewhere.If we are coming up with new requirements we need to communicate this with LS. The Chair asked if there was any requirement on "the SUPI should not be in the clear". Qualcomm: this is not a requirement from the LI perspective. ORANGE: is there any TS describing LI activities over the air? There is nothing on lawful interception over the air. This issue had to be taken offline. The Chair commented that if there was no agreement on this issue he would need to know if there was an official regulator requirement or a company requirement.
noted No    
S3‑180332 [eMCSEC] Adding Integrity Key for KMS communications NCSC CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
agreed No    
S3‑180333 Discussion of security visibility NTT DOCOMO INC. discussion Endorsement
7.2.7.1Miscellaneous
Yes
YesBT: API design is not out of scope. Docomo: better an API written in the language of the applications than a 3GPP API. BT: find security features that need to be indicated; e.g. type of authentication, privacy and so on. We cannot do this at this meeting. Docomo clarified that this is visibility of security features from the UE side. Configurability is done elsewhere. Huawei: details of what should be there, will come next meeting. ORANGE supported the contribution, also commented that if there is no support of this there will be no visibility at all. Ericsson: this doesn’t have implications on the network architecture, should we do this in phase two? Qualcomm wasn't sure about the practical value of proposal 2. DT supported this contribution. The group had a general understanding of this issue but was not in the situation to endorse the whole paper.
noted No    
S3‑180334 a new WID for 5G SCAS Huawei, Hisilicon,Ericsson WID new Approval
5Items for early consideration
Yes
Yes
revised No S3‑180335 S3‑180204
S3‑180335 New WID for 5G SCAS Huawei, Hisilicon,Ericsson WID new Agreement
7.7New Work Item proposals
Yes
YesBT: HSS/UDM is a critical element and it should be considered as well. DT:Consider SBA as well? China Mobile: we have concerns about the network functions, they could be virtualised. Study the virtualisation of network functions first. Huawei commented that the work item should focus on the physical elements and focus on the virtualised aspects in a study item. NTT-Docomo supported the first two objectives. Alex (BT): assume that the network will be partly virtualised at least even in early stages. Nokia preferred a study item, but the consensus was to make it as a work item.
revised No S3‑180383 S3‑180334
S3‑180336 Comments on Adding forward secrecy for AKA in phase 2 without bidding-down problems China Mobile; Huawei; Hisilicon discussion Discussion
7.2.8.5Enhancements to authentication (Diffie-Hellman proposals etc)
Yes
YesBT: Diffie-Hellman is not quantum-safe. Better bundled with the crypto upgrade to 256 bits. Mark (National Technical Assistance), Qualcomm,ORANGE, and Nokia supported Ericsson in having it for phase 2. Ericsson: if for phase two, we need to add something to the protocols now. The Chair pointed out that this activity would go for phase two and no hooks would be worked on this phase.
noted No    
S3‑180337 Comments on S3-180306 - Annex C (SUCI – ECIES profiles) Vodafone pCR Agreement
7.2.14.2SUCI and Schemes
Yes
Yes
merged No S3‑180451  
S3‑180338 Business rationale for requirements in “S3-172175: DESS Update and Requirements for Securing Inter-PLMN Signalling Interfaces in 5G” GSMA FASG DESS LS in  
7.2.15Incoming and outgoing LSes
Yes
Yes
noted No    
S3‑180339 Commenting contribution on draft LS to CT3, CT4 (S3-180223) Nokia discussion Approval
5Items for early consideration
Yes
Yes
noted No    
S3‑180340 Comment contribution to S3-180223 (LS to CT3 CT4 on SBI Design and its Security Implications) Ericsson LS out Approval
5Items for early consideration
No
Yes
withdrawn Yes    
S3‑180341 Comment contribution to S3-180223 (LS to CT3 CT4 on SBI Design and its Security Implications) Ericsson LS out Approval
5Items for early consideration
Yes
Yes
noted No    
S3‑180342 Draft reply LS to R2-1712052 = S3-173023 on security during Resume reject in INACTIVE state in NR (to: RAN2; cc: -; contact: Ericsson) Ericsson LS out Approval
7.2.4.3RRC security
Yes
Yes
noted No   S3‑173389
S3‑180343 Comment contribution to S3-180087 and S3-180243 Ericsson Limited discussion Endorsement
7.2.5.9Miscellaneous
Yes
YesNo need for having another mechanism for bidding down attacks. Not clear why the existing mechanisms don’t work for 5G. Docomo: we want to protect network capabilities, not UE capabilities. Ericsson: why does the network need to send to the UE what the support of SEAF? There are no security reasons for this. China Mobile: in phase two SEAF and AMF are co-located so we should postpone this issue for phase two. Qualcomm: SEAF controls what security features are used. Interdigital: if the AMF is trusted, Ericsson is correct. Ericsson: there is a phase one of AMFs connected with SEAF, and in the phae two AMFs will be connected to the SEAF. You’re assuming that the SEAF is introduced totally new without a transition. Docomo: if the AMF+ is not trusted it may not send the correct information to the UE. This had to be taken offline. The Chair queried whether this was a problem to be solved at phase one. This issue was taken to the conference call.
noted No    
S3‑180344 Clean up the EN in 6.1.3.1 Huawei, Hisilicon pCR Approval
7.2.8.2EAP AKA’ over 3gpp/non3gpp access
Yes
Yes
approved No   S3‑180137
S3‑180345 NESAS Pilot Findings and Recommendations to SA3 GSMA SECAG LS in Information
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
replied to No    
S3‑180346 Work Plan input from Rapporteurs MCC other -
9Review and Update of Work Plan
No
Yes
noted No   S3‑180005
S3‑180347 Reply LS on clarification on Restricted Operator Services Vodafone LS out approval
6.13GPP Working Groups
Yes
Yes
approved No    
S3‑180348 Reply to: LS on Security aspects of supporting LTE connected to 5GC Ericsson LS out approval
7.2.15Incoming and outgoing LSes
Yes
Yes
approved No    
S3‑180349 Reply to: LS on security during Resume reject in INACTIVE state in NR Intel LS out approval
7.2.15Incoming and outgoing LSes
Yes
Yes
approved No    
S3‑180350 Reply to: LS on Use of Subscriber Identity in HTTP URI Deutsche Telekom LS out approval
7.2.15Incoming and outgoing LSes
No
Yes
withdrawn Yes    
S3‑180351 NGMN White Paper on Service-based Architecture in 5G NGMN LS in discussion
7.2.15Incoming and outgoing LSes
Yes
YesThe Chair encouraged the delegates to have a look at the white paper.
noted No    
S3‑180352 Living document on SBA China Mobile other discussion
7.2.13.1Interconnect (SEPP related)
Yes
Yes
noted No    
S3‑180353 SBA: Prioritization for Phase 1 Nokia other Approval
7.2.13.1Interconnect (SEPP related)
Yes
Yes
approved No   S3‑180238
S3‑180354 SBA: Resolve EN on Information Elements that require protection Nokia other Approval
7.2.13.2Protection of Attributes
Yes
Yes
approved No   S3‑180239
S3‑180355 Attributes requiring confidentiality protection on the N32 interface Deutsche Telekom AG, KPN pCR Approval
7.2.13.2Protection of Attributes
Yes
Yes
approved No   S3‑180329
S3‑180356 SBA: Resolve EN on use of JOSE with multiple HTTP Sessions between two NFs. Nokia other Approval
7.2.13.2Protection of Attributes
Yes
Yes
approved No   S3‑180263
S3‑180357 TLS mandatory to implement for SBA security Ericsson pCR Approval
7.2.13.3Transport security (intra and inter-PLMN)
Yes
Yes
approved No   S3‑180301
S3‑180358 NF Service Register Request Procedure Intel other Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesAgreed to use the public key for this purpose and remove everything else. It was agreed to add this to the living document.
approved No   S3‑180184
S3‑180359 Adding an editor's note on NF Service Register Request Procedure Intel pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesAdding an editor's note based on the tdoc 358.
approved No    
S3‑180360 Authorization of NF service discovery Huawei, Hisilicon pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesIt was agreed to summarize this contribution into a single sentence.
approved No   S3‑180154
S3‑180361 Security requirements for Service Request Intel pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
YesAgreed to remove the second and third requirements.
approved No   S3‑180185
S3‑180362 Draft TS 33.501 NTT-Docomo draft TS Approval
7.2.17Others
No
YesReady on Wednesday 31st January Comments Thursday 1st February Final version Friday 2nd February KPN: too many editor's notes in this spec, shouldn't we remove some? Vodafone agreed with this. BT volunteered to help KPN with the removal of some editor's notes 33.501 will be sent for approval in the March plenary.
left for email approval No    
S3‑180363 NF Service Request Procedure Intel other Approval
7.2.13.5NF-NF Authentication & Authorization
Yes
Yes
approved No   S3‑180165
S3‑180364 Adding the abbreviations of NF and NFR CATT pCR Approval
7.2.13.7Editorials
Yes
Yes
approved No   S3‑180054
S3‑180365 Report from SA3#89 MCC report -
4.1Approval of the report from previous SA3 meeting(s)
Yes
Yes
approved No   S3‑180001
S3‑180366 SA3 meeting calendar MCC other -
10Future Meeting Dates and Venues
No
YesAd-hoc in July 2018 was removed.
noted No   S3‑180004
S3‑180367 Security Procedures between 5G Network Functions Huawei, Hisilicon pCR Approval
7.2.12.1Miscellaneous
Yes
Yes
approved No   S3‑180108
S3‑180368 Including authentication into authorization aspects Ericsson pCR Approval
7.2.13.4NF-NRF Authentication & Authorization
Yes
Yes
approved No   S3‑180300
S3‑180369 Adding key issue to Living Document S3-173482 Huawei, Hisilicon; Samsung other Approval
7.2.16PLMN RAT selection
Yes
Yes
approved No   S3‑180112
S3‑180370 New key issue on UE behaviour on failing integrity check Ericsson other Approval
7.2.16PLMN RAT selection
Yes
Yes
approved No   S3‑180316
S3‑180371 Living document on PLMN RAT selection ORANGE other Approval
7.2.16PLMN RAT selection
Yes
Yes
noted No    
S3‑180372 Adding potential solution for living document S3-173482 Huawei, Hisilicon; Samsung other Approval
7.2.16PLMN RAT selection
Yes
Yes
approved No   S3‑180113
S3‑180373 Concerns of the use of authentication for steering of roaming Vodafone LS out Approval
7.2.16PLMN RAT selection
Yes
YesThis was sent during the meeting.
approved No    
S3‑180374 New solution: Protected UE configuration update commands Ericsson other Approval
7.2.16PLMN RAT selection
Yes
YesAdding editor's notes addressing the received comments.
approved No   S3‑180317
S3‑180375 New solution: key management via AUSF Ericsson other Approval
7.2.16PLMN RAT selection
Yes
Yes
approved No   S3‑180318
S3‑180376 [eMCSec] 33.180 R15 Interworking media and signaling Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
agreed No   S3‑180156
S3‑180377 Addition of solution to living document (Steering of roaming) Vodafone GmbH other Approval
7.2.16PLMN RAT selection
Yes
Yes
approved No   S3‑180319
S3‑180378 Reply to: LS on a potential USIM solution for PLMN and RAT selection policies for roaming Vodafone LS out approval
7.2.16PLMN RAT selection
No
Yes
withdrawn Yes    
S3‑180379 Secondary Re-Authentication Intel pCR Approval
7.2.9.2Incomplete procedure
Yes
Yes
approved No   S3‑180196
S3‑180380 pCR to update the secondary EAP authentication clause to take into account the roaming scenario Qualcomm Incorporated,Nokia pCR Approval
7.2.9.2Incomplete procedure
Yes
Yes
approved No   S3‑180251
S3‑180381 New SID on GBA enhancements China Mobile, CATR, China Unicom SID new Agreement
7.7New Work Item proposals
No
Yes
withdrawn Yes    
S3‑180382 Presentation for Joint SA3/SA6 meeting NCSC other Presentation
7.8Documents on joint meeting with SA6 regarding eMCSec
Yes
YesSlide 4: SA6 agreed to the assumptions. InterSD vs SDS: who makes the decision? SA3 or SA6? Motorola solutions: InterSD would seem easier for SA6 according to some informal discussions we've had. Motorola Solutions (SA3): we are OK with this in SA3. It was noted that the InterSD message must be identifiable. SA6 will take care of the documentation and flows of these messages. IWF to the client security would be work for SA3. There are no new reference points so we would use existing ones. It was agreed that service independence aspects should be added. Slide 8: Discreet listening/viewing One SA6 opinion was that this should be considered inRel-16. This was agreed. Police of Netherlands: collection and storage? this is real time. Peter (NCSC): it's SA6 who decides how and when this data is stored. Slide 9: Temporary group call/user regroup SA6 recognises the problem and it needs to be discussed further.Downstream groups face the same issue. T-Dek (SA6): There are two models: Group ID pre-alocated before the group is formed. SA3 mechanisms are based on this model. Temporary group call is based on the case when the Group ID is not pre-alocated, that is part of the SA1 requirements. It's not appropriate to discard this for the security. We need to enhance the procedure, it's not complete. This is SA6 perspective. The SA6 Chair commented that it will be decided whether this will go to Rel-15 or Rel-16. Alan (SA6): it's a deployment decision whether they want to use an unsecure call. Adrian (SA6) supported that. It's an operational deployment choice. Peter (NCSC): the media security is mandatory in 3GPP. It's a requirement that wouldn't be applied in this case. The Chair (SA3) commented that this could be enhanced in Rel-16 but SA6. Motorola (SA6): It was also commented from an SA6 delegate that cat-F CRs could be brought to enhance this. Firstnet (SA6): we are ok with having it in Rel-16.
noted No    
S3‑180383 New WID for 5G SCAS Huawei, Hisilicon,Ericsson WID new Agreement
7.7New Work Item proposals
Yes
YesVodafone commented that there isn’t much time to deal with this and that 5G should have preference.
agreed No   S3‑180335
S3‑180384 New study item on Security aspects of single radio voice continuity from 5G to 3G China Unicom, Huawei, HiSilicon, ZTE, CATR, OPPO SID new -
8.5New study item proposals
Yes
Yes
agreed No   S3‑180188
S3‑180385 New WID for MONASTERY security Motorola Solutions UK Ltd. WID new Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
agreed No   S3‑180163
S3‑180386 [eMCSec] 33180 R15 Interworking SeGy clarification Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
agreed No   S3‑180160
S3‑180387 [eMCSEC] LS to SA6 on Security Gateway notification NCSC LS out Approval
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
approved No   S3‑180227
S3‑180388 LS to CT1 on Protected Payload message type NCSC LS out Approval
7.6.18Security of the Mission Critical Service (MCSec)
Yes
Yes
approved No   S3‑180315
S3‑180389 LS to CT3 CT4 on SBI Design and its Security Implications Deutsche Telekom AG LS out Approval
5Items for early consideration
Yes
YesSent to CT3 and CT4 during the meeting. Joint meeting between SA3,CT3 and CT4: SA3 has agreed on securing individual elements in the interconnect with different security levels. No security in the transport layer, as concluded in SA3, hence security in the application layer. Alf: all info stuck in JSON objects would be easier for us, instead of spreading this info. Question: will the SEPP be application/message content aware? RESTful API design you include parameters in the URI, SUPI is one example of such parameters. DT answered that the SEPP will not be content agnostic. Tim (VF): the SUPI will need to be protected separately for example. Nagendra (Nokia): SEPP has to be HTTP aware.If CT4 follows API conventions it should be easy for us. Alf (Docomo): it would be nice to have it as agnostic as possible. It needs help from the interface to know what data is being transported. IPX providers should help with this to the operators, it depends on the business models. CT3/CT4 person: portions of the URI are a parameter, as for REST design. Everytime you update the structure of the API you need to update the SEPP, it's a strong requirement. Ericsson: it's aboutd ynamically informing the SEPP about where the info is and what can be protected. In CT4,UID is a generic element that may contain SUPI in some cases, it’s a very challenging requirement what SA3 needs. CT4 Chair: In the security for interconnection you don’t need to be application aware. Jesus: other info elements like session IDs are parts of the URI that can be subject of potential attacks and need protection. It was asked whether the IPX providers were trustable. KPN answered that they are not necessarily trust entities. Vodafone: even in your network there are different levels of trust. The CT Chair commented that the SEPP being updated all the time with the different applications can cause a bottleneck in the communications.Ericsson replied that the bottleneck would be in the control plane, so the impact would be "less horrific". DT: avoid duplicate IEs in JSON objects. CT Chair: these requirements are pretty restrictive for a RESTful/HTPP approach. It would be good to re-think this. DT: it's still possible to have duplicated IEs but not the same parameter duplicated in the same message. Jesus: we never put two elements of the same name in a flat structure, so this is easy to achieve. Docomo suggested conference calls or SBA meetings between groups since there was some work needed between the groups. Minimize the potential impact and come up with a list of information elements that need to be available for the IPX providers. CT4 Chair: we can the collect the set of requirements and design guidelines for the groups involved in SBA. This would be under control of CT3/CT4. It wa ssuggested to have a list of sensitive items at the end of each release, as it is done with SA5. CT Chair: the document should be in both places, CT4 and CT4, like when it was done with AKA. We are most likely to inform other groups like SA6. Jesus: for IFs designed towards external parties, the security has been taken care of. CT Chair: we need something to report to plenary in March. Conference calls should be set up. CT3 Chair: do we need to answer the questions in the LS before the conference calls? SA3 agreed that this would be helpful. It was agreed to have the LS as a start for the conference calls.
approved No   S3‑180223
S3‑180390 Construction of serving network name with 5G AKA and EAP-AKA’ Ericsson pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
Yes
approved No   S3‑180295
S3‑180391 Removal of the number of AVs requested in Authentication Information Request message Huawei, Hisilicon pCR Approval
7.2.8.15G AKA over 3gpp/non3gpp access
Yes
Yes
approved No   S3‑180126
S3‑180392 CAPIF Security requirements Samsung, Motorola Solutions,China Unico,Huawei,China Mobile, HiSilicon pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180307
S3‑180393 Clarifications and clean-up of 5G AKA procedure Ericsson,Huawei,HiSilicon pCR Approval
7.2.8.7Editorial corrections
Yes
YesContent was approved and merged in 396.
merged No S3‑180396 S3‑180294
S3‑180394 Security Procedures for EAP-TLS Huawei, Hisilicon, Ericsson, Qualcomm Incorporated, China Mobile pCR Approval
7.2.8.4Authentication using EAP TLS
Yes
Yes
approved No   S3‑180173
S3‑180395 Normative text for support of both authentication methods and text clarification to distinguish HN and SN Nokia,Huawei pCR Approval
7.2.8.7Editorial corrections
Yes
Yes
approved No   S3‑180074
S3‑180396 Adding numbers to the figure for 5G AKA KPN pCR Approval
7.2.8.7Editorial corrections
Yes
Yes
approved No   S3‑180071
S3‑180397 Registration state transitions in TS 33.501 Ericsson, Huawei, Hisilicon pCR Approval
7.2.5.6NAS security handling during state-transitions
Yes
Yes
approved No   S3‑180310
S3‑180398 Add a new requirement in scenario when UE has multiple registration in different PLMNs Huawei, Hisilicon pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
approved No   S3‑180203
S3‑180399 Clause 6.3.4.2 Multiple Registration in same PLMN Nokia pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
approved No   S3‑180095
S3‑180400 Clause 6.4.2.2 Multiple active NAS connections in same PLMN Nokia,Ericsson pCR Approval
7.2.5.7Multi-NAS security
Yes
Yes
approved No   S3‑180096
S3‑180401 Draft TS 33.122 Samsung draft TS Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180402 LMR interworking key management summary Harris Corporation other Presentation
7.8Documents on joint meeting with SA6 regarding eMCSec
Yes
Yes
noted No    
S3‑180403 Security Procedure for CAPIF-2e reference point Samsung pCR Agreement
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180312
S3‑180404 CAPIF security within PLMN Trust Domain Samsung pCR Approval
7.5Security Aspects of Common API Framework for 3GPP Northbound APIs (CAPIF_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180314
S3‑180405 Clarification of Introduction of REAR Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180115
S3‑180406 Draft TR 33.843 Huawei draft TR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
YesIt was argued whether this was going for information or approval. KPN commented that definitions and abbreviations clauses are empty in the TR and needed to be filled in. The TR will be sent to the plenary for approval.
approved No    
S3‑180407 Resolving Editor's Note and adding evaluation in clause 6.4.3 KPN,Huawei,HiSilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180064
S3‑180408 Clarification of solution #7 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180120
S3‑180409 Add Evaluation for Solution #12 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180119
S3‑180410 Add Evaluation for Solution #13 Huawei, Hisilicon pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180123
S3‑180411 Conclusion for the Key Issues Huawei, Hisilicon,KPN pCR Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No   S3‑180121
S3‑180412 Cover sheet TR 33.843 Huawei TS or TR cover Approval
8.2Study on security aspects of enhancements to ProSe UE-to-Network Relay (FS_REAR_Sec) (Rel-15)
Yes
Yes
approved No    
S3‑180413 [eMCSec] 33180 R15 Interworking key mgmt (InterSD) Motorola Solutions UK Ltd. CR Agreement
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
agreed No   S3‑180158
S3‑180414 [FS_MC_Sec] 33880 Interworking eval (InterSD) Motorola Solutions UK Ltd. CR Agreement
8.1Study on Mission Critical Security Enhancements (FS_MC_Sec) (Rel-15)
Yes
Yes
agreed No   S3‑180161
S3‑180415 Reply to: LS on Extension of USAT Application Pairing mechanism Gemalto LS out approval
6.13GPP Working Groups
Yes
Yes
approved No    
S3‑180416 Adding references to the algorithm test data Qualcomm Incorporated pCR Approval
7.2.17Others
Yes
Yes
approved No   S3‑180247
S3‑180417 Clarification for TCP connection reuse Ericsson Limited CR Agreement
7.6.2IP Multimedia Subsystem (IMS) Security
Yes
Yes
agreed No   S3‑180325
S3‑180418 Reply to: NESAS Pilot Findings and Recommendations to SA3 Nokia LS out approval
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
approved No    
S3‑180419 Collection of changes based on feedback from GSMA SECAG - CR to 33.117v1 Rel.14 Nokia CR Agreement
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
agreed No   S3‑180088
S3‑180420 Collection of changes based on feedback from GSMA SECAG - CR to 33.916v1 Rel.14 Nokia CR Agreement
7.6.16Security Assurance Specifications (SCAS-SA3, SCAS_PGW, SCAS_eNB)
Yes
Yes
agreed No   S3‑180090
S3‑180421 Clause 6.4.5 Handling of NAS counts Nokia pCR Approval
7.2.5.7Multi-NAS security
Yes
YesSA3 expressed their preference for a token-based solution (instead of a static one).
approved No   S3‑180097
S3‑180422 Corrections to clause 5.3 Requirements on the AMF NEC Telecom MODUS Ltd.,Huawei,HiSilicon pCR Approval
7.2.5.10Editorials
Yes
Yes
approved No   S3‑180006
S3‑180423 UP policy Huawei, Hisilicon,Ericsson pCR Approval
7.2.4.1Userplane open issues
Yes
Yes
approved No   S3‑180175
S3‑180424 Clause 6 (user plane security – conflict between RAN and CN) Ericsson pCR Approval
7.2.4.1Userplane open issues
Yes
Yes
approved No   S3‑180289
S3‑180425 Clause 6.7.3.0 (user plane and RRC security - initial AS security context establishment) Ericsson,Huawei,HiSilicon,China Mobile pCR Approval
7.2.4.2Userplane security
Yes
Yes
approved No   S3‑180271
S3‑180426 AS Security Negotiation and Activation Huawei; HiSilicon,Ericsson pCR Approval
7.2.4.2Userplane security
Yes
YesKPN commented that the SMC AS procedure leads to newly agreed keys and will bring a contribution for the next meeting clarifying this aspect.
approved No   S3‑180100
S3‑180427 Changes to TS 33.180 from SA3#90 NCSC other Information
7.3Mission Critical Security Enhancements (eMCSec) (Rel-15)
Yes
Yes
noted No    
S3‑180428 Signalling procedure for periodic local authentication Samsung pCR Approval
7.2.4.3RRC security
Yes
Yes
approved No   S3‑180297
S3‑180429 Adding Forward & Backward Security definition Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
approved No   S3‑180103
S3‑180430 pCR to TS 33.501 key identification Huawei, Hisilicon,ZTE, CATT,Nokia,Ericsson pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
approved No   S3‑180135
S3‑180431 Delete the mandatory implementation of NIA0 in gNB Huawei, Hisilicon pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
approved No   S3‑180145
S3‑180432 Adding requirements on CU-DU split based on the key derivation used Qualcomm Incorporated pCR Approval
7.2.4.4Miscellaneous
No
Yes
withdrawn Yes    
S3‑180433 Intra-gNB retaining AS keys exception Huawei, Hisilicon, CMCC pCR Approval
7.2.3.1Key derivations during handovers
Yes
Yes
approved No   S3‑180105
S3‑180434 Clause 6.9.3 (horizontal K_AMF derivation at mobility registration update) Ericsson,Huawei pCR Approval
7.2.3.2Security in AMF change between AMF sets
Yes
Yes
approved No   S3‑180321
S3‑180435 Procedures for security context transfer in idle mode mobility Huawei, Hisilicon pCR Approval
7.2.3.6Miscellaneous
Yes
YesAdding an editor's note.
approved No   S3‑180139
S3‑180436 draft LS on the status of work on interfaces Huawei & Hisilicon LS out Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
YesDoing some rewording with the help of Vodafone. ORANGE found strange that SA3 was asking for information that could be found in SA5 specifications.
approved No   S3‑180172
S3‑180437 A key issue proposal on security capability for TR33.811 Huawei, Hisilicon, China Moible, China Unicom, CATR, CATT pCR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
Yes
YesKey issue will verse on the negotiation.
approved No   S3‑180169
S3‑180438 Draft TR 33.811 Huawei draft TR Approval
8.3Study on security aspects of 5G Network Slicing Management (FS_ NETSLICE-MGT_Sec) (Rel-15)
No
Yes
approved No    
S3‑180439 Idle mode mobility from EPS to 5GS Ericsson, Qualcomm,Nokia pCR Approval
7.2.10.1Idle mode 4G-5G
Yes
Yes
approved No   S3‑180281
S3‑180440 Interworking; Idle mode mobility from 5G to 4G Nokia,Qualcomm, Huawei,Ericsson pCR Approval
7.2.10.2Idle mode 5G-4G
Yes
Yes
approved No   S3‑180234
S3‑180441 pCR to provide a normative text for handover from 5GC to EPC Qualcomm Incorporated,Nokia, NEC,Huawei,Ericsson pCR Approval
7.2.10.3Handover 5GC-EPS
Yes
Yes
approved No   S3‑180252
S3‑180442 Interworking: Handover from EPS to 5GS Nokia, Qualcomm, NEC,Ericsson pCR Approval
7.2.10.4Handover EPS-5GC
Yes
Yes
approved No   S3‑180231
S3‑180443 Mapping of security contexts during interworking between EPS and 5GS Ericsson pCR Approval
7.2.10.5Security context mapping
Yes
Yes
approved No   S3‑180283
S3‑180444 Interworking with EPC without N26 interface in single-registration mode Huawei, Hisilicon pCR Approval
7.2.10.6Miscellaneous
Yes
Yes
approved No   S3‑180114
S3‑180445 New UE requirement to store two 5G security contexts in TS 33.501 Ericsson, Qualcomm Incorporated pCR Approval
7.2.6.4UE handling
Yes
Yes
approved No   S3‑180313
S3‑180446 Clarification on 5G security context CATT pCR Approval
7.2.6.6Miscellaneous
Yes
Yes
approved No   S3‑180055
S3‑180447 Resolving editors notes in clause on key hierarchy Nokia pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
approved No   S3‑180076
S3‑180448 Clean up the EN in 6.2.1 Huawei, Hisilicon pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
approved No   S3‑180138
S3‑180449 Adding details of K’AMF to clause 6.2.1 NEC Telecom MODUS Ltd. pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
approved No   S3‑180221
S3‑180450 Key distribution and key derivation scheme Huawei, Hisilicon, pCR Approval
7.2.1.1Miscellaneous
Yes
Yes
approved No   S3‑180178
S3‑180451 Annex C (SUCI – ECIES profiles) Ericsson,Vodafone pCR Approval
7.2.14.2SUCI and Schemes
No
YesQualcomm commented that these are too many profiles: We haven’t heard any argument why one profile is not sufficient. Vodafone: SAGE has trust issues with having a single profile. ORANGE supported Vodafone. Intel supported Qualcomm. KPN preferred multiple curves, but better to have a single decent curve than multiple curves that don’t work as Ericsson. Qualcomm: No reason to mandate multiple curves in the ME. Samsung and NEC supported this at least for phase one.The scheme can be selected by negotiation. Docomo: we cannot retrofit more curves (update all USIMS in the field), we need to have more curves in the beginning if that's the plan for phase two. It was noted that this topic had to be agreed in the next meeting. NCSC: If we can clarify whether more curves can be added in the future, then we can reach an agreement. Ericsson: we will need more curves.
noted No   S3‑180306
S3‑180452 Storage of key material in the UE Gemalto, IDEMIA,Qualcomm pCR Approval
7.2.2.4Miscellaneous
Yes
Yes
approved No   S3‑180323
S3‑180453 Clarification of security visibility LG Electronics pCR Approval
7.2.7.1Miscellaneous
Yes
Yes
approved No   S3‑180200
S3‑180454 Authorization of SN by UE - was S3-173125 Nokia, LG Electronics pCR Approval
7.2.7.1Miscellaneous
Yes
Yes
approved No   S3‑180085
S3‑180455 Authentication for Untrusted Non-3GPP Access using EAP Motorola Mobility, Lenovo, LG Electronics, Nokia, KPN, Broadcom, Brocade pCR Approval
7.2.11.1Miscellaneous
Yes
Yes
approved No   S3‑180012
S3‑180456 Requirements for UP and CP for the gNB Huawei, Hisilicon, CMCC pCR Approval
7.2.4.4Miscellaneous
Yes
Yes
approved No   S3‑180107
S3‑180457 SUPI and LI WG Chair other Endorsement
7.2.14.1SUPI and LI
Yes
YesIt was decided that partial IMEI encryption wasn't an issue here. "SMC must fail cryptographically if the UE and HPLMN responses don’t matcht (leading to no service provisioning to UE)"-> BT favoured this statement to fulfil the LI requirement no matter the solution found. Nokia and Huawei disagreed with the last point ("6") since it was restricting too much the solution. The Chair requested a show of hands: Support of point two ("NAS SMC will include a hash of SUPI + something") --> Docomo, Sony, KPN,BT,ORANGE,Intel,NEC,Samsung,Huawei, Ericson,Ipcom,CATT,Home Office, NIST,Airbus,ZTE, DT,AT&T,ZTE, Vodafone,OTD,French Ministry, NTECH. Support for "Hash of SUPI + something": ORANGE, Nokia, SDT, T-mobile, ORANGE, Interdigital, Gemalto, IDEMIA, Motorola, NIST, AT&T. Objections to sentence in point two: Tmobile, Nokia, Gemalto IDEMIA. NAS SMC was removed from "NAS SMC will include a hash of SUPI + something". Once the basics were agreed, the presentation was endorsed.
endorsed No    
S3‑180458 Requirement on AMF related to LI Nokia pCR Approval
7.2.14.1SUPI and LI
Yes
Yes
approved No   S3‑180082
S3‑180459 Exception Sheet NAPS-Sec Huawei WI exception request Agreement
7.4Northbound APIs Security for SCEF - SCS/AS Interworking (NAPS_Sec) (Rel-15)
Yes
Yes
withdrawn Yes    
S3‑180460 Privacy requirement improvement related to using non null-scheme CATT pCR Approval
7.2.14.2SUCI and Schemes
Yes
Yes
approved No   S3‑180049