5G SA注冊過程---AS加密和后續流程

 

 

 

21. gNB發送AS層加密和完整性保護算法給UE。

SecurityModeCommand ::= SEQUENCE {

rrc-TransactionIdentifier RRC-TransactionIdentifier,

criticalExtensions CHOICE {

securityModeCommand SecurityModeCommand-IEs,

criticalExtensionsFuture SEQUENCE {}

}

}

 

SecurityModeCommand-IEs ::= SEQUENCE {

securityConfigSMC SecurityConfigSMC,

 

lateNonCriticalExtension OCTET STRING OPTIONAL,

nonCriticalExtension SEQUENCE{} OPTIONAL

}

 

SecurityConfigSMC ::= SEQUENCE {

securityAlgorithmConfig SecurityAlgorithmConfig,

...

}

 

22. UE確認對應的算法可用后發送確認給gNB，注意，此消息是有完整性保護但是沒有經過加密的，但是從此時開始后續的消息都是加密的。

SecurityModeComplete ::= SEQUENCE {

rrc-TransactionIdentifier RRC-TransactionIdentifier,

criticalExtensions CHOICE {

securityModeComplete SecurityModeComplete-IEs,

criticalExtensionsFuture SEQUENCE {}

}

}

 

SecurityModeComplete-IEs ::= SEQUENCE {

lateNonCriticalExtension OCTET STRING OPTIONAL,

nonCriticalExtension SEQUENCE{} OPTIONAL

}

 

23. gNB發送RRC Reconfiguration消息給UE，此消息典型攜帶信息包括Initial Context Setup Request（可能帶有Registration Accept）， 無線承載建立的相關參數，UE測量參數，如果有CA的話還會攜帶輔小區的相關信息。UE在收到此消息后會開始配置主小區組、無線輔小區組（如果有的話）、配置無線承載、基於收到的測量配置開始做測量、根據收到的NAS消息進行上下文和PDU Session（如果有的話）的相應操作。

RRCReconfiguration ::= SEQUENCE {

rrc-TransactionIdentifier RRC-TransactionIdentifier,

criticalExtensions CHOICE {

rrcReconfiguration RRCReconfiguration-IEs,

criticalExtensionsFuture SEQUENCE {}

}

}

 

RRCReconfiguration-IEs ::= SEQUENCE {

radioBearerConfig RadioBearerConfig OPTIONAL, -- Need M

secondaryCellGroup OCTET STRING (CONTAINING CellGroupConfig) OPTIONAL, -- Need M

measConfig MeasConfig OPTIONAL, -- Need M

lateNonCriticalExtension OCTET STRING OPTIONAL,

nonCriticalExtension RRCReconfiguration-v1530-IEs OPTIONAL

}

 

RRCReconfiguration-v1530-IEs ::= SEQUENCE {

masterCellGroup OCTET STRING (CONTAINING CellGroupConfig) OPTIONAL, -- Need M

fullConfig ENUMERATED {true} OPTIONAL, -- Cond FullConfig

dedicatedNAS-MessageList SEQUENCE (SIZE(1..maxDRB)) OF DedicatedNAS-Message OPTIONAL, -- Cond nonHO

masterKeyUpdate MasterKeyUpdate OPTIONAL, -- Cond MasterKeyChange

dedicatedSIB1-Delivery OCTET STRING (CONTAINING SIB1) OPTIONAL, -- Need N

dedicatedSystemInformationDelivery OCTET STRING (CONTAINING SystemInformation) OPTIONAL, -- Need N

otherConfig OtherConfig OPTIONAL, -- Need M

nonCriticalExtension RRCReconfiguration-v1540-IEs OPTIONAL

}

 

RRCReconfiguration-v1540-IEs ::= SEQUENCE {

otherConfig-v1540 OtherConfig-v1540 OPTIONAL, -- Need M

nonCriticalExtension SEQUENCE {} OPTIONAL

}

 

MasterKeyUpdate ::= SEQUENCE {

keySetChangeIndicator BOOLEAN,

nextHopChainingCount NextHopChainingCount,

nas-Container OCTET STRING             OPTIONAL, -- Cond securityNASC

...

}

關於Initial Context Setup Request所帶IE主要如下

或者

Registration Accept所帶主要IE如下

 

24. UE回復RRC Reconfiguration Complete來確認。

RRCReconfigurationComplete ::= SEQUENCE {

rrc-TransactionIdentifier RRC-TransactionIdentifier,

criticalExtensions CHOICE {

rrcReconfigurationComplete RRCReconfigurationComplete-IEs,

criticalExtensionsFuture SEQUENCE {}

}

}

 

RRCReconfigurationComplete-IEs ::= SEQUENCE {

lateNonCriticalExtension OCTET STRING OPTIONAL,

nonCriticalExtension RRCReconfigurationComplete-v1530-IEs OPTIONAL

}

 

RRCReconfigurationComplete-v1530-IEs ::= SEQUENCE {

uplinkTxDirectCurrentList UplinkTxDirectCurrentList OPTIONAL,

nonCriticalExtension SEQUENCE {} OPTIONAL

}

 

 

25. gNB分配對應TEID供UPF發送下行數據使用。

 

26. gNB發送Initial Context Setup Response給AMF，其中攜帶PDU Session Resource Setup List Cxt Res（也可能在后續用上下行直傳消息來建立PDU Session），PDU Session建立響應消息中會指示對應每一條PDU session的下行數據使用哪個TEID 。

 

 

27. 通過上行直傳消息發送Registration Complete消息到AMF，至此注冊過程完成。

28&29. 可以使用對應的TEID來發送UL/DL data。