GPI

GBA Push Information

Security →
Introduced in Rel-8 Also in: Services

GPI is a GBA security mechanism that enables a network application server to securely push bootstrap information to a UE to initiate communication setup.

Category
Security
Introduced
Rel-8
Where
Security
Also touches
1 segments
Specifications
9 specs
GPI Description Purpose Related Classification Detected Changes Specifications

Description

GBA Push Information (GPI) is a component of the 3GPP Generic Bootstrapping Architecture (GBA), which provides a standardized method for mutual authentication and key agreement between a User Equipment (UE) and a Network Application Function (NAF). While standard GBA relies on the UE initiating the bootstrapping procedure, GPI enables a 'push' model. In this model, a NAF (e.g., a service provider's server) can proactively send essential bootstrapping information to the UE, allowing the UE to subsequently establish a secure connection with that NAF. This information is contained within a GPI message, which is itself a secure object.

Architecturally, GPI involves several key entities defined in GBA: the UE, the Bootstrapping Server Function (BSF), the NAF, and the Home Subscriber Server (HSS). The process begins when a NAF determines it needs to push information to a specific UE. The NAF requests a GPI from the BSF. The BSF, which shares a trust relationship with the HSS, generates the GPI. This GPI contains critical data such as a Bootstrapping Transaction Identifier (B-TID), the NAF's identity, key lifetime information, and potentially other parameters. Crucially, this GPI is cryptographically protected using keys derived from the subscriber's long-term credentials stored in the HSS, ensuring its integrity and authenticity. The BSF sends the GPI to the NAF, which then delivers it to the UE via a push channel, which could be an IP-based push mechanism like SIP Push or an SMS bearer.

Upon receiving the GPI, the UE processes it. The UE can verify the GPI's authenticity because it can derive the same cryptographic keys from its own identity module (USIM/ISIM) and the parameters in the GPI. Once verified, the UE extracts the B-TID and other information. The UE can then contact the BSF using this B-TID to perform a standard GBA bootstrapping run, resulting in the establishment of shared session keys (Ks_NAF) specifically for use with that NAF. Finally, the UE establishes a secure connection (e.g., using TLS) with the NAF using these keys. This mechanism allows services like firmware updates over-the-air (FOTA), instant messaging service activation, or emergency alert systems to securely initiate contact with a device that has not previously interacted with the service server.

Purpose & Motivation

GPI was created to address a limitation in the original GBA model, which was purely 'pull'-based, requiring the UE to always initiate contact with the BSF. Many emerging mobile services, however, are server-initiated (push services). For example, a service provider may need to send a configuration update or an alert to a device. Without a pre-established security context, initiating such communication securely is challenging. GPI solves this by allowing the server to securely push the initial bootstrap 'invitation' to the UE.

Historically, before standardized push security mechanisms, services used less secure methods like plain SMS for activation or relied on pre-provisioned keys, which were difficult to manage at scale. Introduced in 3GPP Release 8 alongside GBA enhancements, GPI leveraged the existing, robust security of the GBA infrastructure (rooted in the USIM) to enable secure server-initiated services. It filled a critical gap in the service enablement ecosystem, allowing for secure, scalable, and standardised push-based service delivery without requiring modifications to the UE's SIM card for each new service.

Classification

Part ofGBA
Related approachesBSFNAFUSIM

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (30 CRs across 4 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Studied in Rel-8, normative work from Rel-15.

Rel-15 1 change

In Release 15, the specification for the GBA Push Information (GPI) function was corrected, specifically addressing the GPI Information Element (IE) type. This correction ensures the proper definition and handling of the GPI data element used within the GPI Request and GPI Response procedures between the Push-NAF and the Bootstrapping Server Function (BSF). The update maintains the defined interfaces, Zpn for GPI retrieval and Upa for GPI transfer to the UE, without introducing new transport methods or procedural steps.

Rel-17 8 changes

In Release 17, the GBA Push Information (GPI) function was newly introduced for the 5G ProSe direct link security mode control procedure. This addition defined the specific interfaces Zpn and Upa for transferring the GPI from the Push-NAF to the BSF and then to the UE, respectively. Furthermore, the release detailed the complete GPI procedure, including the generation of a GPI Request by the Push-NAF and the establishment of a shared NAF SA for Push service subscribers.

  • Introducing the GBA Push Info (GPI) in the 5G ProSe direct link security mode control procedure TS 24.554CR0067
  • Charging information collection for 5G ProSe Direct Discovery TS 24.554CR0078
  • Usage information reporting configuration in the UE TS 24.554CR0073
  • Applicability of Key establishment information container IE to the security of the UE-to-network relay TS 24.554CR0096
  • Correction on the name of the interface for usage information collection TS 24.554CR0137
  • Requesting UE policies for 5G ProSe usage information reporting TS 24.554CR0118

+ 2 more changes

Rel-18 6 changes

In Release 18, the enhancements for the GBA Push Information (GPI) function included the formal definition of the Zpn interface for GPI retrieval by the Push-NAF from the BSF and the Upa interface for transferring the GPI from the Push-NAF to the UE. The release also introduced support for 5G ProSe UE-to-UE relay within multiple information elements relevant to the GPI procedure.

  • Introducing the User info ID information element for PC5 signalling messages TS 24.554CR0271
  • Removing obsolete information about not supporting emergency services in ProSe TS 24.554CR0362
  • Correction of two Information Element Ids and the format of one IE in two of the PC5 signalling messages TS 24.554CR0442
  • Correcting multiple signalling messages and information elements TS 24.554CR0467
  • Adding the support of 5G ProSe UE-to-UE relay to multiple information elements TS 24.554CR0566
  • Correction of erroneous length of a mandatory information element TS 24.554CR0376
Rel-19 15 changes

In Release 19, the GPI (GBA Push Information) function itself saw no new capabilities or procedural changes specified within the provided context. The listed Change Requests for this release focus exclusively on enhancements for 5G ProSe, such as multi-hop relay path information and SNPN support, which are unrelated to the GPI procedures defined for the Upa and Zpn interfaces. Therefore, for the specific GPI function involving the Push-NAF, BSF, and UE, there were no updates compared to the previous release.

  • Update on 5G ProSe configuration information to support 5G ProSe in SNPN TS 24.554CR0643
  • Adding the Multi-hop path info information element TS 24.554CR0617
  • Update on usage information report list sending procedure to support 5G ProSe in SNPN TS 24.554CR0660
  • Adding the information element to deliver the Remote UE parameters through the Direct Link Modification procedure TS 24.554CR0671
  • Introducing the QoS mapping information in the configuration parameters for 5G ProSe multi-hop UE-to-network relay TS 24.554CR0684
  • Adding the path information in the direct link establishment request/Accept messages for the multi-hop UE-to-UE relay for Ethernet and Unstructured data unit type TS 24.554CR0769

+ 9 more changes

Explore further

Broader topics and technologies where GPI plays a role.

Topics
Authentication (5G-AKA, EAP)Encryption & IntegrityMEC (Edge Computing)Emergency ServicesLawful InterceptSMS & Messaging

Defining Specifications

3GPP specifications that define or reference GPI, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TS 24.109 vj00 HTTP Digest AKA & GAA Stage 3 Rel-19
TS 24.334 vj00 ProSe Protocols and Procedures Rel-19
TS 24.554 vj40 5G Proximity Services (ProSe) Protocols Rel-19
TS 29.109 vj00 GAA Bootstrapping Interfaces (Zh, Dz, Zn, Zpn) Rel-19
TS 33.223 vj00 GBA Push Function Specification Rel-19
TS 33.224 vj00 Generic Push Layer (GPL) Specification Rel-19
TS 33.503 vj20 Security for Proximity Services (ProSe) in 5G Rel-19
TS 33.843 vf10 Security Study for ProSe UE-to-Network Relay Rel-15
TR 33.924 vj00 GBA-OpenID Interworking Specification Rel-19