The **ZUC algorithm** is the core of the standardized **3GPP Confidentiality and Integrity algorithms.**

**ZUC** is a word-oriented stream cipher. It takes a 128-bit initial key and a 128-bit initial vector (IV) as input, and outputs a keystream of 32-bit words (where each 32-bit word is hence called a key-word). This keystream can be used for **encryption/decryption**.

The execution of **ZUC** has two stages: initialization stage and working stage. In the first stage, a key/IV initialization is performed, i.e., the cipher is clocked without producing output. The second stage is a working stage. In this stage, with every clock pulse, it produces a 32-bit word of output.

Let ZUC generate keystream of L words: To encrypt a message of LENGTH bits, it is required that **L=LENGTH/32.**

### So maximum length of key-stream generated from a single key is 32 x 2047 = 65504 bits (or 8188 bytes).

**It can not be set to 32 x 2048** because in this case it will exceed from 65536. That is not possible. This is the only case where we can set the the maximum supported size of a PDCP SDU **i.e. 8188 octets.**

Within the **security architecture of the LTE** **system** there are standardized algorithms for

confidentiality and integrity. . Two sets of algorithms 128‐EEA1/128‐EIA1 and 128‐EEA2/128‐EIA2

have been specified as:

- The
**Confidentiality algorithm 128‐EEA3** is a stream cipher that is used to encrypt/decrypt blocks

of data using a confidentiality key CK. The block of data may be between **1 and 65504** bits long.

The algorithm uses ZUC as a keystream generator.

The confidentiality algorithm 128‐EEA3 is a stream cipher that is used to encrypt/decrypt blocks

of data under a confidentiality key. The block of data can be between 1 and 65504 bits in length.

- The
**Integrity algorithm 128‐EIA3** computes a 32‐bit MAC (Message Authentication Code) of a

given input message using an integrity key IK. The core algorithms adopted by the MAC are a

universal hash and ZUC.

The integrity algorithm 128‐EIA3 is a message authentication code (MAC) function that is used to

compute the MAC of an input message using an integrity key (IK). The message can be between **1 **

and 65504 bits in length.

Reference 1: 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 1: 128-EEA3 and 128-EIA3 Specification

Reference 2: 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 2: ZUC Specification