9.3 Security header type

24.5013GPPNon-Access-Stratum (NAS) protocol for 5G System (5GS)Release 17Stage 3TS

Bits 1 to 4 of the second octet of every 5GMM message contain the Security header type IE. This IE includes control information related to the security protection of a 5GMM message. The total size of the Security header type IE is 4 bits.

The Security header type IE can take the values shown in table 9.3.1.

Table 9.3.1: Security header type

Security header type (octet 1)

Bits

4

3

2

1

0

0

0

0

Plain 5GS NAS message, not security protected

Security protected 5GS NAS message:

0

0

0

1

Integrity protected

0

0

1

0

Integrity protected and ciphered

0

0

1

1

Integrity protected with new 5G NAS security context (NOTE 1)

0

1

0

0

Integrity protected and ciphered with new 5G NAS security context (NOTE 2)

All other values are reserved.

NOTE 1: This codepoint may be used only for a SECURITY MODE COMMAND message.

NOTE 2: This codepoint may be used only for a SECURITY MODE COMPLETE message.

A 5GMM message received with the security header type encoded as 0000 shall be treated as not security protected, plain 5GS NAS message. A protocol entity sending a not security protected 5GMM message shall send the message as plain 5GS NAS message and encode the security header type as 0000.