MBMS Request Key

Description

The MBMS Request Key (MRK) is a core security element within the 3GPP Multimedia Broadcast Multicast Service (MBMS) architecture. It functions as a shared secret between the Broadcast Multicast Service Center (BM-SC) and authorized User Equipment (UE). The MRK is not used directly for encrypting media content. Instead, its primary role is to secure the delivery of other essential keys, specifically the MBMS Traffic Key (MTK) and the MBMS Service Key (MSK), which are used for content encryption and service authentication, respectively. The BM-SC generates the MRK and provisions it to UEs that are authorized to receive a specific MBMS service, typically as part of the service subscription or activation process.

When a UE wishes to join an MBMS service, it uses the MRK in a key request protocol. The UE typically sends a request to the BM-SC, and this request is authenticated using the MRK or keys derived from it. Upon successful authentication, the BM-SC securely delivers the current MTK and/or MSK to the requesting UE. This delivery is often protected using keys derived from the MRK, ensuring that only UEs possessing the correct MRK can obtain the keys necessary to decrypt the broadcast traffic. This two-layer key hierarchy (MRK for key distribution, MTK/MSK for content protection) provides a scalable and secure method for managing access in broadcast scenarios where the same content is sent to potentially millions of devices.

The MRK's management is centralized at the BM-SC. Its lifecycle—generation, distribution, potential renewal, and revocation—is controlled by the service provider. The security of the entire MBMS service depends on the confidentiality of the MRK. If compromised, an attacker could request and obtain valid traffic keys, breaking the service's confidentiality. Therefore, the MRK must be stored securely in the UE's tamper-resistant environment (like a UICC) and transmitted using secure channels during initial provisioning. The specifications detailing the MRK, such as TS 33.246, define the key derivation functions, key sizes, and the protocols for its use within the MBMS security framework.

Purpose & Motivation

The MRK was created to address the fundamental security challenge of scalable content protection in point-to-multipoint services like MBMS. Traditional unicast security models, where a unique key is shared between the network and each individual user, are inefficient for broadcast because they would require the network to encrypt the same content with millions of different keys. MBMS needed a model where a single encrypted stream could be decrypted by a large group of authorized users, but where access to the decryption key could be controlled.

The MRK solves this by introducing a tiered key management system. Its purpose is to act as a stable, long-term credential that authenticates a user's right to receive the dynamic, short-term keys used for actual content decryption (the MTK). This separation allows the content key (MTK) to be changed frequently (e.g., per session or even per movie) to limit the impact of key compromise, without requiring the re-provisioning of the long-term user credential (MRK). Without the MRK, there would be no secure and scalable mechanism to distribute the traffic keys to a massive, dynamic group of subscribers, making commercial broadcast services vulnerable to piracy and unauthorized access.

Key Features

• Serves as a long-term shared secret between the BM-SC and authorized UE for MBMS service access
• Used to authenticate the UE's request for dynamic MBMS Traffic Keys (MTK) and Service Keys (MSK)
• Enables secure distribution of session keys via key derivation and encryption
• Centralized generation and management by the Broadcast Multicast Service Center (BM-SC)
• Typically provisioned to the UE's secure element (e.g., UICC) during service subscription
• Forms the foundation of the two-layer key hierarchy in MBMS security

Evolution Across Releases

Defining Specifications