ProSe Group Key

Description

The ProSe Group Key (PGK) is a cryptographic key defined within the 3GPP security architecture for Proximity Services (ProSe). ProSe enables Device-to-Device (D2D) communication where User Equipments (UEs) can discover each other and communicate directly over the PC5 interface, either with or without network coverage. The PGK is specifically used for securing group communications within the ProSe feature set. It is a group-level key, meaning a single PGK is shared among all members of a defined ProSe group. This group could be formed for public safety scenarios (e.g., a firefighter squad) or commercial applications (e.g., a social media group at an event).

The lifecycle of a PGK is managed by a central entity. For network-authorized ProSe, this is typically the ProSe Function in the core network. The ProSe Function generates or obtains the PGK and securely provisions it to authorized group members. The provisioning can occur over the LTE-Uu interface when the UE is in network coverage. For ProSe communication without network coverage (UE-to-Network Relay or direct communication in coverage holes), the PGK must be pre-provisioned or provisioned via a relay. The key is used in conjunction with a ProSe Group IP Multicast address and a ProSe Layer 2 Group ID to identify the communication group.

In operation, the PGK serves two primary security functions: authentication and confidentiality. For authentication, it is used to derive a ProSe Group Integrity Key (PGIK). The PGIK is used to compute integrity protection values for group messages, allowing receiving UEs to verify that the message originated from a legitimate group member. For confidentiality, the PGK is used to derive a ProSe Group Encryption Key (PGEK). The PGEK is used to encrypt the payload of group messages, ensuring that only members possessing the PGK can decipher the content. This dual use provides a secure channel for group broadcasts, protecting against eavesdropping and message injection by unauthorized devices.

Purpose & Motivation

The PGK was created to address the security requirements of group-oriented Device-to-Device communication, a cornerstone of LTE-based public safety networks and commercial proximity services. Traditional cellular security relies on a permanent, point-to-point security context between the UE and the network (e.g., using keys like KASME). This model breaks down in D2D scenarios, especially when communicating directly without network involvement. Previous ad-hoc communication methods lacked standardized, robust security, making them unsuitable for sensitive public safety communications.

The problems it solves are twofold. First, it provides efficient and scalable security for one-to-many communication. Using individual pairwise keys for each member in a large group would be inefficient for broadcast traffic. A single group key allows a transmitting UE to secure a message once for reception by the entire group. Second, it enables secure operation outside network coverage. By pre-provisioning the PGK, a group of first responders can maintain secure communication in disaster areas where the cellular infrastructure is damaged. Its creation was motivated by the mission-critical needs of public safety organizations, driving its standardization in 3GPP Release 12 and beyond, ensuring interoperability and a high level of security for life-critical communications.

Key Features

• A shared secret key used by all members of a specific ProSe communication group.
• Generated and managed by the network-based ProSe Function for authorized groups.
• Used to derive separate keys for integrity protection (PGIK) and encryption (PGEK).
• Enables secure multicast/broadcast communication over the PC5 sidelink interface.
• Supports ProSe communication both within and outside of network coverage.
• Integral to the security architecture for Mission Critical Push-To-Talk (MCPTT) over ProSe.

Evolution Across Releases

Defining Specifications