Академический Документы
Профессиональный Документы
Культура Документы
Dionisio Zumerle
Technical Officer, 3GPP ETSI
3GPP 2011
1 1
Contents
LTE security architecture Security algorithms Lawful Interception Backhaul Security Relay Node Security
3GPP 2011
2 2
3GPP 2011
3 3
LTE Architecture:
Flat architecture Separation of control plane and user plane eNodeB instead of NodeB/RNC All-IP network Interworking with legacy and non-3GPP networks
3GPP 2011 3GPP Workshop, Bangalore, 30 May 2011
4 4
Confidentiality and integrity for signalling and confidentiality for user plane (RRC & NAS) Confidentiality and integrity for signalling only (NAS) Optional user plane protection (IPsec)
3GPP 2011
5 5
MME
AuC
3GPP 2011
6 6
Security Algorithms
3GPP 2011
7 7
Confidentiality protection of NAS/AS signalling recommended Integrity protection of NAS/AS signalling mandatory User data confidentiality protection recommended Ciphering/Deciphering applied on PDCP and NAS
3GPP 2011
8 8
ciphering
KEY
EEA
KEYSTREAM BLOCK
KEY
EEA
KEYSTREAM BLOCK
PLAINTEXT BLOCK
integrity
KEY
COUNT
DIRECTION BEARER
COUNT
DIRECTION BEARER
MESSAGE
MESSAGE
EIA
Sender MAC-I/NAS-MAC
KEY
EIA
XMAC -I/XNAS-MAC Receiver
3GPP 2011
9 9
128-EEA1/EIA1
Based on SNOW 3G
stream cipher keystream produced by Linear Feedback Shift Register (LFSR) and a Finite State Machine (FSM)
Allows for:
low power consumption low gate count implementation in hardware
3GPP 2011
10 10
128-EEA2/EIA2
AES block cipher
Counter (CTM) Mode for ciphering CMAC Mode for MAC-I creation (integrity)
128-EEA3/EIA3
Based on Chinese ZUC
stream cipher
Network-mandatory/network-optional to be decided
3GPP 2011
12 12
UE / MME UE / eNB
Faster handovers and key changes, independent of AKA Added complexity in handling of security contexts Security breaches local
3GPP 2011 3GPP Workshop, Bangalore, 30 May 2011 13 13
Key Derivation
HSS
SN id, SQN AK
CK,IK
256
MME
KeNB*
256
KeNB
s
KeNB
NH
KDF
256
K D F K D F
eNB eNB
256
KDF
Physical cell ID, EARFCN-DL 256
NH
256
KeNB
256
KASME
256
KDF
256
KDF
256
KDF
256
KDF
256
KDF
256
KDF
256
KNASenc
256
KNASint
256
KUPint
256
KUPenc
256
KRRCint
256
KRRCe
nc 256
Trunc
128
Trunc
128
Trunc
128
Trunc
128
Trunc
128
Trunc
128
KNASenc
KNASint
KUPint
KUPenc
KRRCint
KRRCenc
Key distribution and key derivation scheme for EPS (network side), found in 33.401 Key Derivation Function (KDF) specification can be found in 33.220
3GPP 2011 3GPP Workshop, Bangalore, 30 May 2011 14 14
Lawful Interception
3GPP 2011
15 15
Cost Interception
Political
Business
Retrieval
Handover
Analysis
Legal
process
Relations
Storage
3GPP 2011
16 16
X1 interface provisions ICEs and Delivery Functions X2 delivers IRI (Intercept Related Information) X3 delivers CC (Content of Communication) HI1,2,3: Handover Interfaces with law enforcement
Convey requests for interception of targets (HI1) Deliver IRI (HI2) and CC (HI3) to LEAs
3GPP 2011
17 17
EPS LI Architecture
UTRAN SGSN GERAN S3 S1-MME MME S11 LTE-Uu UE E-UTRAN S1-U S10 HSS S6a PCRF S12 S4 Serving Gateway Gx PDN Gateway SGi Rx Operator's IP Services (e.g. IMS, PSS etc.)
X2
X1_1 X1_3
X2
X3
Delivery Function 3
ADMF
X1_2
Mediation Function
HI1
HI2
HI3
LEMF
3GPP 2011 3GPP Workshop, Bangalore, 30 May 2011 18 18
Backhaul Security
3GPP 2011
19 19
Backhaul Security
Base stations becoming more powerful
LTE eNode B includes functions of NodeB and RNC
Not always possible to trust physical security of eNB Greater backhaul link protection necessary
3GPP 2011
20 20
RA/CA
SEG
CMPv2
IPsec
base station obtains operator-signed certificate on its own public key from RA/CA using CMPv2.
base station
3GPP 2011
21 21
3GPP 2011
22 22
Radio UE Relay
Radio
Donor eNB
Backhaul
Core
NW
3GPP 2011
23 23
3GPP 2011
24 24
Conclusions
LTE Security: building on GSM and UMTS Security Newer security algorithms, longer keys Extended key hierarchy New features, addressing new scenarios
Backhaul Security Relay Node Security
3GPP 2011
25 25
Thank You!
dionisio.zumerle@etsi.org
www.3gpp.org
contact@3gpp.org
3GPP 2011 3GPP Workshop, Bangalore, 30 May 2011 26 26
3GPP 2011
27 27