Professional Documents
Culture Documents
Presented by Alain Sultan for MIIT and TMC visit to ETSI - September 2012
Authentication
Encryption
2G/3G Authentication & Key Agreement
(AKA)
Authentication
128-EEA1/EIA1
Based on SNOW 3G: stream cipher; keystream produced by Linear
Feedback Shift Register (LFSR) and a Finite State Machine (FSM)
Different from KASUMI as possible
Allows for low power consumption
128-EEA2/EIA2
AES block cipher
Counter (CTM) Mode for ciphering
CMAC Mode for MAC-I creation (integrity)
Different from SNOW 3G as possible, so cracking one would not affect
the other
KASUMI not re-used: eNB already supports AES as well as other non-3GPP
accesses, e.g. 802.11i
128-EEA3/EIA3 (Rel-11 onwards)
Based on ZUC (Zu Chongzhi): stream cipher
Developed by Data Assurance and Communication Security Research
Center of Chinese Academy of Sciences (DACAS)
Lawful Interception
Lawful Interception in 3GPP
Cost Political
Interception
process
Relations
Storage
Lawful Interception in EPS
X
2
X1_1 X X
X1_3 2 3
Delivery
ADMF Function 3
X1_2 Deliver
y
Functio Mediation
Mediation n2
Mediation Function
Function Function
HI1 HI HI3
2
LEMF
Additional slides for more info
Contact Details:
Alain.Sultan@etsi.org
Thank you!
USIM / K
AuC
CK, IK
UE /
HSS KASME
UE /
ASME
KNASenc KNASint KeNB
UE / MME
KUPint KUPenc KRRCint KRRCenc
UE /
eNB
Faster handovers and key changes, independent of AKA
Added complexity in handling of security contexts
Security breaches local
Backhaul Security
Backhaul Security
Operator root
certificate
RA/CA SEG pre-installed.
Vendor-signed certificate
base of base station public
base station obtains operator-
station key
signed certificate on its own public
key from RA/CA using CMPv2. pre-installed.
RAN3 FF
countermeasures
in Technical
Report 33.820
Examples
cloning of credentials
physical tampering
fraudulent software updates
man-in-the-middle attacks
Denial of service against core network
Eavesdropping (identity theft, privacy breaches,
)
Home (e)NB Security architecture (1/2)
Operators AAA
core Server/HSS
network
UE H(e)NB unsecure SeGW
link H(e)NB GW
H(e)MS
H(e)MS
Operators AAA
core Server/HSS
network
UE H(e)NB unsecure SeGW
link H(e)NB GW
H(e)MS
H(e)MS
UMTS Security:
33.102 Security Architecture.
33.105. 3GPP Cryptographic Algorithm Requirements.
35.201. f8 and f9 Specification.
35.202. KASUMI Specification.
IMS Security:
23.228 IMS Architecture.
LTE Security:
33.401 System Architecture Evolution (SAE); Security architecture
33.402 System Architecture Evolution (SAE); Security aspects of non-3GPP
Lawful Interception:
33.106 Lawful interception requirements
33.107 Lawful interception architecture and functions
33.108 Handover interface for Lawful Interception
Key Derivation Function:
33.220 GAA: Generic Bootstrapping Architecture (GBA)
Backhaul Security:
33.310 Network Domain Security (NDS); Authentication Framework (AF)
Relay Node Security
33.816 Feasibility study on LTE relay node security (also 33.401)
Home (e) Node B Security:
33.320 Home (evolved) Node B Security