Group User Key Identifier

Description

The Group User Key Identifier (GUK-ID) is a critical security parameter within the 3GPP architecture for Proximity-based Services (ProSe), which enable Device-to-Device (D2D) communication. It serves as a unique label or reference for a specific Group User Key (GUK), which is a symmetric cryptographic key shared among all members of a ProSe group. The GUK itself is used to secure group communications, for example, by encrypting and integrity-protecting traffic sent between group members over a direct PC5 interface or via a network relay. The GUK-ID does not contain the key material itself; instead, it is a non-secret identifier that allows devices and network functions to unambiguously refer to and retrieve the correct GUK from their secure storage (e.g., a UICC or a trusted execution environment) when needed for cryptographic operations.

Architecturally, the GUK-ID is provisioned to authorized user devices (User Equipment, UE) along with the corresponding GUK by the ProSe Function in the network, as defined in specifications like TS 23.303 and the security specs TS 33.179 and 33.180. The provisioning process is itself secured. When a UE wants to engage in secure group communication or discovery, it includes the relevant GUK-ID in signaling messages. Other UEs in the group, upon receiving this identifier, can use it to locate the same GUK in their local storage to decrypt messages or verify integrity checks. The ProSe Function also uses GUK-IDs to manage the lifecycle of group keys, including key updates, revocation, and membership changes. The identifier is structured to be globally unique within the context of the issuing ProSe Function or a broader domain to avoid collisions.

Its role is foundational for scalable and secure group management in ProSe. Without a concise identifier, devices would need to exchange or reference the full key value, which is insecure and inefficient. The GUK-ID enables efficient key indexing and retrieval. It is used in various ProSe procedures: in direct discovery, a UE may broadcast a message signed with a key associated with a GUK-ID to prove its group membership; in one-to-many group communication, the sending UE encrypts the data with the GUK and receivers use the signaled GUK-ID to select the correct decryption key. This mechanism is vital for public safety scenarios where first responders form dynamic groups, as well as for commercial applications like location-based social networking. The security specifications detail how the GUK-ID binds to the GUK's usage restrictions and the group's metadata, ensuring that the identifier cannot be misused to infer key material or to impersonate a group without possessing the actual key.

Purpose & Motivation

The GUK-ID was created to address the specific security and scalability challenges of group-oriented Device-to-Device communication introduced with Proximity Services (ProSe) in 3GPP Release 12 and enhanced thereafter. Prior to ProSe, cellular security was primarily focused on point-to-point security between a single UE and the network (e.g., using KASME in LTE). ProSe introduced scenarios where devices need to communicate directly in a secure, group-aware manner, especially for public safety where ad-hoc groups of first responders must be established rapidly. The core problem was how to efficiently and securely manage shared cryptographic keys for potentially many dynamic groups. Simply using the key value as an identifier is a security anti-pattern. The GUK-ID provides an indirect reference mechanism, solving this by allowing secure signaling about which key to use without exposing the key itself.

The historical motivation stems from the need for mission-critical communication systems that can operate partially or fully without network infrastructure (network off coverage). In such scenarios, devices must be able to authenticate each other and establish secure channels autonomously. The GUK, identified by the GUK-ID, is pre-shared via the network when it is available, enabling this off-grid security. The GUK-ID mechanism solves the problem of key identification in resource-constrained signaling. It allows a device to indicate, "use the group key we both know as 'ID-12345' for this session," making the protocol lightweight. Furthermore, it enables efficient key renewal; when a GUK is updated, a new GUK-ID is issued, and devices can seamlessly transition to the new key while discarding the old one referenced by the old ID. This is crucial for maintaining forward secrecy and managing compromised devices within a group. Without such an identifier, group key management would be cumbersome, error-prone, and less secure, hindering the adoption of ProSe for critical services.

Key Features

• Globally unique identifier for a specific Group User Key (GUK)
• Enables secure and efficient reference to cryptographic keys in signaling
• Used in ProSe direct discovery and group communication procedures
• Provisioned by the ProSe Function alongside the GUK
• Facilitates group key lifecycle management (update, revocation)
• Essential for secure D2D operation in both network-covered and off-network scenarios

Evolution Across Releases

Defining Specifications