Description
The Generic Security Functionality (GSF) is a security architecture defined in 3GPP, primarily within the security specification TS 33.805 and related documents. It is designed to provide a generic, reusable set of security functions for protecting the confidentiality and integrity of user plane data streams. Unlike security protocols tied to specific radio access technologies (like NAS or RRC security in the control plane), GSF is application-agnostic and transport-agnostic. It operates as a security layer that can be applied to various data flows, such as media streams in IMS or data intercepted for lawful interception purposes.
Architecturally, GSF is built around a modular concept of cryptographic transforms and a key management framework. The core components include the GSF Entity, which implements the cryptographic functions, and a Key Management Entity (KME) responsible for secure key derivation and distribution. The GSF Entity uses cryptographic algorithms (e.g., AES in CTR mode for encryption, HMAC-SHA-256 for integrity) to process the data. It works by taking plaintext user data and a set of security keys (e.g., CK, IK derived from AKA, or specifically provisioned keys) and applying the configured cryptographic transform to generate a protected data packet, which includes potential integrity tags. The receiving GSF Entity performs the reverse operation using the same keys.
How it works involves several layers. First, key establishment occurs, often leveraging existing 3GPP security contexts (from AKA) or through a separate key agreement protocol. Once keys are established, the data flow is processed. For each data packet (e.g., an IP packet or a media frame), the GSF applies the ciphering and/or integrity algorithm according to a defined packet format, which includes necessary headers like sequence numbers to prevent replay attacks. The specification defines packet formats (like the GSF-PDU) to carry this secured payload. This process is independent of whether the data is transported over UDP, TCP, or other means.
Its role in the network is particularly prominent in two areas: Lawful Interception (LI) and secure media delivery. In LI (specified in TS 33.805), GSF is used to encrypt the intercepted content between the network's Mediation Function and the Law Enforcement Monitoring Facility, ensuring the intercepted data remains confidential during transmission. For services like Multimedia Broadcast/Multicast Service (MBMS) or IMS media, GSF can provide an additional layer of end-to-end security beyond the access network protection. It provides a standardized way to achieve algorithm agility, allowing networks to update cryptographic algorithms without changing the core service logic.
Purpose & Motivation
The Generic Security Functionality (GSF) was created to address the need for a flexible, standardized security mechanism for user plane data that is not inherently tied to the specific security of the radio access bearer. Prior to GSF, securing application data often required proprietary or service-specific security solutions, leading to fragmentation, increased complexity, and potential vulnerabilities. There was a clear gap for a generic, reusable security layer that could be applied across different 3GPP services and network interfaces.
A primary driver was the evolving requirements for Lawful Interception (LI). Regulators demanded secure delivery of intercepted communications from the operator's network to law enforcement agencies. This transmission needed strong, standardized encryption to protect the sensitive intercepted data itself. GSF provided a 3GPP-standardized solution for this link, ensuring interoperability between different vendors' interception systems and meeting regulatory security assurances. It solved the problem of how to securely transport intercepted content over potentially untrusted networks between the operator and authorities.
Furthermore, the rise of IP-based multimedia services (IMS) and broadcast services (MBMS) created a need for consistent content protection. While access security (e.g., LTE's AS and NAS security) protects the link to the UE, it does not provide end-to-end security for the media stream itself. GSF offered a modular framework to apply confidentiality and integrity to these streams, independent of the underlying transport protocol (RTP, UDP, etc.). Its creation was motivated by the desire for algorithm agility—allowing the cryptographic algorithms to be updated as threats evolve without redesigning the entire service architecture—and for a clean separation between security functions and application logic, promoting more secure and maintainable system design.
Key Features
- Provides generic, transport-agnostic encryption and integrity protection for user plane data
- Modular architecture supporting multiple cryptographic algorithms (e.g., AES, SNOW 3G)
- Defines standardized packet formats (GSF-PDU) for carrying secured payloads
- Integrates with 3GPP key management, leveraging keys from AKA or dedicated key derivation
- Critical enabling technology for secure Lawful Interception (LI) delivery interfaces
- Supports algorithm agility, allowing cryptographic updates without service disruption
Evolution Across Releases
Introduced the Generic Security Functionality framework in TS 33.805, primarily to standardize the security for Lawful Interception delivery. Defined the core architecture, including the GSF Entity, Key Management Entity, packet formats, and initial set of cryptographic transforms. Established its role in securing the interface between the network operator and law enforcement.
Defining Specifications
| Specification | Title |
|---|---|
| TS 33.805 | 3GPP TR 33.805 |
| TS 33.916 | 3GPP TR 33.916 |