DUCK

Discovery User Confidentiality Key

Security
Introduced in Rel-13
A cryptographic key used in Proximity Services (ProSe) to ensure the confidentiality of messages exchanged during device-to-device discovery. It protects user identity and discovery-related information from eavesdroppers, enabling private discovery in LTE and 5G networks. This key is essential for secure peer discovery in public safety and commercial ProSe applications.

Description

The Discovery User Confidentiality Key (DUCK) is a security key defined within the 3GPP architecture for Proximity-based Services (ProSe). It is derived as part of a key hierarchy specifically for the protection of discovery-related communication between User Equipments (UEs) operating in direct device-to-device (D2D) mode or via a network. The primary purpose of the DUCK is to provide confidentiality protection for discovery messages, which are signals or announcements broadcast by a UE to make its presence or services known to other nearby UEs. Without such protection, these messages could reveal sensitive information about the user's identity, location, or intent.

The DUCK is generated through a key derivation function (KDF) specified in 3GPP TS 33.220. Its derivation typically uses a root key shared between the UE and the network (such as the K_ProSe key) along with other input parameters like the ProSe Application Code and the key purpose identifier. Once derived, the DUCK is used within the UE's ProSe protocol stack. When a UE wishes to send a secured discovery message, it uses the DUCK to encrypt the payload of the discovery announcement or solicitation. The corresponding receiving UEs, which have derived the same DUCK (based on shared network-provided parameters or direct establishment), can decrypt the message to process the discovery information. This process ensures that only authorized UEs participating in the same discovery session can understand the content.

Architecturally, the DUCK is managed by the ProSe function in the network and securely provisioned to authorized UEs. It operates alongside the Discovery User Integrity Key (DUIK), which provides integrity protection. The combination of DUCK and DUIK forms a complete security suite for discovery signaling. The key's lifecycle is tied to the discovery session or the validity of the higher-layer root key. Its use is detailed in specifications governing the ProSe protocol layers (24.334) and the security architecture (33.503). The DUCK is a critical enabler for secure commercial find-and-connect services and, more importantly, for public safety communications where discovery between first responders must be both reliable and confidential.

Purpose & Motivation

The DUCK was introduced in 3GPP Release 13 to address the security requirements of the newly standardized Proximity Services (ProSe). ProSe enables direct device-to-device communication, a paradigm shift from traditional cellular networks where all traffic routes through a base station. One of the foundational operations in ProSe is discovery—the process by which devices find each other. Early ProSe work identified that discovery messages, if sent in plaintext, would pose significant privacy and security risks, potentially exposing user identities and enabling tracking or spoofing attacks.

The creation of the DUCK was motivated by the need to provide confidentiality for these discovery procedures, particularly for applications like public safety where communication must be secure from eavesdropping. Prior to ProSe, cellular security focused on the UE-to-network link. D2D discovery required a new security model for the direct UE-to-UE link. The DUCK, as part of a dedicated ProSe key hierarchy, solved the problem of how to efficiently and securely encrypt discovery payloads without requiring a prior direct secure connection between the discovering devices. It allowed the network to delegate cryptographic capability to devices for off-network operation, a crucial feature for public safety scenarios where network infrastructure might be unavailable. The DUCK thus filled a critical gap in the security architecture, enabling trustworthy discovery as a precursor to secure D2D communication.

Key Features

  • Provides confidentiality protection for ProSe Direct Discovery messages
  • Derived from a root key in the ProSe key hierarchy using a standardized KDF
  • Used to encrypt the payload of discovery announcements and solicitations
  • Enables privacy by protecting user identity and service information from unauthorized devices
  • Operates in both network-coordinated and standalone (off-network) ProSe scenarios
  • Managed and provisioned by the network-based ProSe Function

Evolution Across Releases

Rel-13 Initial

Introduced as part of the foundational Proximity Services (ProSe) security architecture. The initial specification defined the DUCK's derivation method, its role in encrypting discovery message payloads, and its integration with the ProSe protocol stack for both public safety and commercial use cases.

TS 24.334TS 24.514TS 24.554TS 24.555TS 29.345TS 31.102TS 33.503TS 33.843

Defining Specifications

SpecificationTitle
TS 24.334 3GPP TS 24.334
TS 24.514 3GPP TS 24.514
TS 24.554 3GPP TS 24.554
TS 24.555 3GPP TS 24.555
TS 29.345 3GPP TS 29.345
TS 31.102 3GPP TR 31.102
TS 33.503 3GPP TR 33.503
TS 33.843 3GPP TR 33.843