DUIK

Discovery User Integrity Key

Security
Introduced in Rel-13
A cryptographic key used in Proximity Services (ProSe) to ensure the integrity and origin authentication of messages exchanged during device-to-device discovery. It protects discovery signaling from tampering and forgery, guaranteeing that discovery information comes from a legitimate source. This key is vital for trustworthy peer discovery in LTE and 5G ProSe.

Description

The Discovery User Integrity Key (DUIK) is a security key defined within the 3GPP Proximity Services (ProSe) framework. It is derived alongside the Discovery User Confidentiality Key (DUCK) and forms the second half of the security pair for protecting direct discovery signaling between User Equipments (UEs). The DUIK's specific role is to provide integrity protection and data origin authentication for discovery messages. This means it allows a receiving UE to verify that a received discovery announcement or solicitation has not been altered in transit and that it indeed originated from the claimed sender.

Technically, the DUIK is derived using a Key Derivation Function (KDF) as specified in 3GPP TS 33.220. The derivation inputs include the root ProSe key (e.g., K_ProSe) and specific parameters tied to the discovery session. When a UE generates a discovery message, it uses the DUIK to compute a Message Authentication Code (MAC), often using an algorithm like HMAC-SHA-256. This MAC is appended to the discovery message (which may itself be encrypted using the DUCK). The receiving UE, possessing the same DUIK, recalculates the MAC on the received message and compares it to the transmitted MAC. A match confirms integrity and authenticates the source.

Architecturally, the DUIK is provisioned and managed in tandem with the DUCK. The network's ProSe Function is responsible for authorizing discovery and ensuring participating UEs can derive the correct keys. The DUIK operates at the ProSe protocol layer, interfacing with the discovery protocol specified in TS 24.334. Its use is critical in preventing discovery-based attacks such as message injection, where a malicious device could send false discovery information to disrupt services or create confusion. In public safety scenarios, the integrity of a "first responder nearby" discovery message is as important as its confidentiality. The DUIK ensures that the discovery framework is resilient against such attacks, forming a trustworthy basis for subsequent device-to-device communication setup.

Purpose & Motivation

The DUIK was introduced in 3GPP Release 13 alongside the DUCK to meet the comprehensive security requirements of Proximity Services (ProSe). While confidentiality (provided by DUCK) protects the content of discovery messages, integrity protection was identified as an equally critical requirement. Without it, an attacker could modify discovery messages or forge them entirely, leading to spoofed identities, service disruption, or malicious redirection of communication—particularly dangerous in public safety and critical communication scenarios.

The purpose of the DUIK is to provide this essential guarantee of message authenticity and integrity for the discovery process. The motivation stems from the adversarial environment of open radio communication; any device within radio range can potentially transmit or interfere with signals. Previous cellular security models assumed a trusted base station as the counterparty. In direct D2D discovery, devices communicate without that intermediary, necessitating a peer-to-peer security mechanism. The DUIK solves the problem of how a UE can trust that a discovery broadcast is genuine and unaltered. By enabling source authentication, it prevents impersonation and ensures that the discovery process, which is the first step in establishing a direct link, is secure and reliable. This was a fundamental innovation that made ProSe viable for security-sensitive applications beyond simple commercial find-and-connect services.

Key Features

  • Provides integrity protection and data origin authentication for ProSe Direct Discovery messages
  • Derived from the ProSe key hierarchy using a standardized Key Derivation Function
  • Used to generate and verify Message Authentication Codes (MACs) on discovery signaling
  • Protects against discovery message tampering, forgery, and replay attacks
  • Works in conjunction with the DUCK for a complete confidentiality-integrity security suite
  • Essential for trustworthy discovery in both network-assisted and autonomous ProSe modes

Evolution Across Releases

Rel-13 Initial

Introduced concurrently with the ProSe feature set. The initial specification defined the DUIK's derivation, its application for integrity protection of discovery messages via MAC calculation, and its mandatory use alongside the DUCK to secure the new direct device-to-device discovery procedures.

TS 24.334TS 24.514TS 24.554TS 24.555TS 29.345TS 31.102TS 33.503TS 33.843

Defining Specifications

SpecificationTitle
TS 24.334 3GPP TS 24.334
TS 24.514 3GPP TS 24.514
TS 24.554 3GPP TS 24.554
TS 24.555 3GPP TS 24.555
TS 29.345 3GPP TS 29.345
TS 31.102 3GPP TR 31.102
TS 33.503 3GPP TR 33.503
TS 33.843 3GPP TR 33.843