Description
The Public Safety Discovery Key (PSDK) is a cryptographic key defined within the 3GPP security architecture for Proximity Services (ProSe), specifically tailored for public safety use cases. It is a crucial element in the ProSe Direct Discovery security framework, ensuring that discovery messages are authenticated and integrity-protected, preventing unauthorized devices from discovering or impersonating public safety personnel. The PSDK is derived and managed within the secure environment of the Universal Integrated Circuit Card (UICC) or embedded SIM (eSIM).
The PSDK's primary function is to secure the ProSe Restricted Code used in restricted discovery for public safety. In restricted discovery, a discovering UE needs to prove it is authorized to discover a specific target UE or group. The PSDK is used to generate and verify a message authentication code (MAC) for discovery messages. The process involves the ProSe Function in the network, which provisions authorized public safety UEs with necessary keying material and policies. The PSDK itself is not transmitted over the air; instead, derived keys or tokens generated using the PSDK are used in the discovery signaling.
Architecturally, the PSDK is part of a key hierarchy. It may be derived from a root key shared with the ProSe Function. The UE's ProSe Protocol uses this key, accessed securely from the UICC via the USIM application, to perform cryptographic operations. The security procedures ensure that even if discovery messages are broadcast openly, only UEs possessing the corresponding PSDK (or a derived key) can correctly process them to identify an authorized peer. This mechanism is vital for operations in infrastructure-less environments where traditional network authentication is unavailable.
Purpose & Motivation
The PSDK was introduced to address critical security requirements for public safety ProSe, particularly for direct discovery and communication when cellular network infrastructure is unavailable, compromised, or congested. Prior security mechanisms were entirely network-centric, relying on continuous interaction with core network entities for authentication and key agreement. This approach fails in the very scenarios public safety operations often encounter: disasters, remote areas, or network outages.
The motivation stemmed from the need for secure, direct device-to-device discovery among first responders. Without the PSDK, discovery messages could be intercepted or spoofed, allowing malicious actors to locate emergency personnel or impersonate them, leading to operational failure or danger. The PSDK enables a security model that works independently of the network's immediate availability. It allows pre-provisioned security relationships and policies, ensuring that discovery is restricted to authorized parties only, maintaining confidentiality of the public safety team's presence and integrity of the discovery process, which is foundational for establishing subsequent secure sidelink communication channels.
Key Features
- Stored and processed within the secure environment of the UICC/eSIM
- Used specifically for authenticating and integrity-protecting public safety ProSe Restricted Discovery messages
- Enables security for both in-coverage and out-of-coverage (full) operational scenarios
- Part of a key hierarchy managed by the network-based ProSe Function
- Generates or verifies Message Authentication Codes (MACs) for discovery signaling
- Ensures that discovery is restricted to authorized public safety user equipment only
Evolution Across Releases
Introduced alongside enhanced ProSe Direct Discovery for public safety. Defined the key derivation, storage on the UICC, and its use in securing the generation and validation of ProSe Restricted Codes for public safety discovery, establishing the foundational security model for off-network, mission-critical D2D discovery.
Defining Specifications
| Specification | Title |
|---|---|
| TS 24.554 | 3GPP TS 24.554 |
| TS 31.102 | 3GPP TR 31.102 |
| TS 33.303 | 3GPP TR 33.303 |