The ZUC algorithm is the core of the standardized 3GPP Confidentiality and Integrity algorithms.
ZUC is a word-oriented stream cipher. It takes a 128-bit initial key and a 128-bit initial vector (IV) as input, and outputs a keystream of 32-bit words (where each 32-bit word is hence called a key-word). This keystream can be used for encryption/decryption.
The execution of ZUC has two stages: initialization stage and working stage. In the first stage, a key/IV initialization is performed, i.e., the cipher is clocked without producing output. The second stage is a working stage. In this stage, with every clock pulse, it produces a 32-bit word of output.
Let ZUC generate keystream of L words: To encrypt a message of LENGTH bits, it is required that L=LENGTH/32.
So maximum length of key-stream generated from a single key is 32 x 2047 = 65504 bits (or 8188 bytes).
It can not be set to 32 x 2048 because in this case it will exceed from 65536. That is not possible. This is the only case where we can set the the maximum supported size of a PDCP SDU i.e. 8188 octets.
Within the security architecture of the LTE system there are standardized algorithms for
confidentiality and integrity. . Two sets of algorithms 128‐EEA1/128‐EIA1 and 128‐EEA2/128‐EIA2
have been specified as:
- The Confidentiality algorithm 128‐EEA3 is a stream cipher that is used to encrypt/decrypt blocks
of data using a confidentiality key CK. The block of data may be between 1 and 65504 bits long.
The algorithm uses ZUC as a keystream generator.
The confidentiality algorithm 128‐EEA3 is a stream cipher that is used to encrypt/decrypt blocks
of data under a confidentiality key. The block of data can be between 1 and 65504 bits in length.
- The Integrity algorithm 128‐EIA3 computes a 32‐bit MAC (Message Authentication Code) of a
given input message using an integrity key IK. The core algorithms adopted by the MAC are a
universal hash and ZUC.
The integrity algorithm 128‐EIA3 is a message authentication code (MAC) function that is used to
compute the MAC of an input message using an integrity key (IK). The message can be between 1
and 65504 bits in length.
Reference 1: 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 1: 128-EEA3 and 128-EIA3 Specification
Reference 2: 3GPP Confidentiality and Integrity Algorithms 128-EEA3 & 128-EIA3. Document 2: ZUC Specification