Download 090911_KW-LTESecurity-VzW-01

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
page
23
page
24
page
25
page
26
page
27
page
28
page
29
page
30
page
31
page
32
page
33
page
34
page
35
page
36
page
37
page
38
Document related concepts

Computer network wikipedia , lookup

Recursive InterNetwork Architecture (RINA) wikipedia , lookup

Deep packet inspection wikipedia , lookup

Airborne Networking wikipedia , lookup

Network tap wikipedia , lookup

List of wireless community networks by region wikipedia , lookup

Distributed firewall wikipedia , lookup

Wireless security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Piggybacking (Internet access) wikipedia , lookup

Computer security wikipedia , lookup

Transcript 
LTE Security
Agenda
•
•
•
•
•
Intro
…
…
…
…
Intro
• …
The LTE System
• Radio Side (LTE – Long Term
Evolution/Evolved UTRAN EUTRAN)
– Improvements in spectral
efficiency, user throughput,
latency
– Simplification of the radio
network
– Efficient support of packet based
services: Multicast,
VoIP, etc.
• Network Side (SAE – System
Architecture Evolution/Evolved
Packet Core - EPC)
– Improvement in latency, capacity,
throughput, idle to active
transitions
– Simplification of the core
network
– Optimization for IP traffic and
services
– Simplified support and handover
to non-3GPP access technologies
Overview of 3GPP LTE/SAE System
eNodeB
UE
S1-MME
MME
HSS
PCRF
X2
eNodeB
S-GW
S1-U
Evolved UTRAN(E-UTRAN)
PDN-GW
S5
Evolved Packet Core (EPC)
• UE = User Equipment
• MME = Mobility Management Entity, termination point in network for
ciphering/integrity protection for NAS signaling, handles the security key
management, authenticating users
• S-GW = Serving Gateway
• PDN-GW = PDN Gateway
• PCRF = Policy Charging Rule Function
Evolved Packet Core GW
Capabilities
• Serving GW functions include:
– Local Mobility Anchor point for inter-eNodeB handover
(i.e. GTP termination)
– PMIP or GTP support towards PDN Gateway
– Per flow QoS Policy Enforcement
– Lawful Interception
– Traffic Accounting
• Both can be combined if there is a full mesh
between base stations and GWs
Serving
GW
MAC
Security
IP Tunnel
OFDMA
– Policy Enforcement (QoS, charging, mobility)
– Per-user based packet filtering
– Mobility anchoring for intra- and inter-3GPP mobility
(requires GTP and MIP HA)
– Charging Support
– Lawful Interception
IP Tunnel
Layer 3
• PDN GW functions include:
PDN GW
Evolving Security Architecture
Radio Controller
Handset Authentication
GSM
Ciphering
Handset Authentication + Ciphering
GPRS
Mutual Authentication
3G
Ciphering + Signalling integrity
Mutual Authentication
SAE/LTE
Ciphering + Radio
signalling
integrity
Optional IPSec
Core Signalling integrity
Core Network
SAE/LTE Security
• Security implications:
–
–
–
–
Flat architecture
Interworking with legacy and non-3GPP networks
eNB placement in untrusted locations
Keep security breaches local
• Result:
–
–
–
–
Extended Authentication and Key Agreement
More complex key hierarchy
More complex interworking security
Additional security for (home)eNB
LTE/SAE architecture
ME
USIM
AN
HE
SN
=
=
=
=
=
Mobile Equipment
Universal Subscriber Identity Module
Access Network
Home Environment
Serving Network
• (I) Network access security: secure access to services, protect against
attacks on (radio) access links
• (II) Network domain security: enable nodes to securely exchange signaling
data & user data (between AN/SN and within AN, protect against attacks
wireline network
• (III) User domain security: secure access to mobile stations
• (IV) Application domain security: enable applications in the user and in the
provider domain to securely exchange messages
Non-3GPP Access
ME
USIM
AN
HE
SN
•
•
•
•
•
(I) Network access security
(II) Network domain security
(III) Non-3GPP domain security
(IV) Application domain security
(V) User domain security
=
=
=
=
=
Mobile Equipment
Universal Subscriber Identity Module
Access Network
Home Environment
Serving Network
Network access security
•
•
•
•
•
User identity (and location) confidentiality
Entity authentication
Confidentiality
Data integrity
Mobile equipment identification
The use of a SIM
• Subscription Identification Module
– SIM holds secret key Ki, Home network holds another
– Used as Identity & Security key
– IMSI is used as user identity
• Benefits
– Easy to get authentication from home network while in visited
network without having to handle Ki
Source: ETRI
Network Access Protection
• Authentication and key agreement
– UMTS AKA re-used for SAE
– SIM access to LTE explicitly excluded
• Signaling protection
– For core network (NAS) signaling, integrity and confidentiality
protection terminates in MME (Mobile Management Entity)
– For radio network (RRC) signaling, integrity and confidentiality
protection terminates in eNodeB
• User plane protection
– Encryption terminates in eNodeB
• Network domain security for network internal interfaces
Authentication and Key Agreement
• HSS generates authN data and provides it to MME
• Challenge-response authN and key agreement
between MME and UE
Confidentiality and Integrity of
Signaling
• RRC signaling between UE and E-UTRAN
• NAS signaling between UE and MME
• S1 interface signaling (optional) protection not UEspecific
User Plane Confidentiality
• S1-U (optional) protection not UE-specific,
based on IPsec
• Integrity not protected
Key Hierarchy in LTE/SAE
• Cryptographic network separation
– Authentication vectors specific to serving network
Handovers without MME
• Handovers possible between eNB’s
(performance)
• If keys are passed unmodified, compromised
eNB compromises other eNB
– One-way function before passing over
– MME is involved after HO for further key passing
Home eNodeB security threats
•
•
•
•
•
•
•
Compromise HeNB credentials
Physical attack HeNB
Configuration attack
MitM attacks etc.
DoS attacks etc.
User data and privacy attacks
Radio Resources and management attacks
Home ENodeB security measures
•
•
•
•
•
•
Mutual AuthN HeNB and home network
Secure tunnel for backhaul
Trusted environment inside HeNB
Access Control
OAM security mechanisms
Hosting Party authentication (Hosting party
Module)
Network Domain Security
• Enable nodes to securely exchange signaling data &
user data
– between Access Network and Serving Network and within
Access Network
• Protect against attacks on wireline network
• No security in 2G core network
• Now security is needed:
–
–
–
–
IP used for signaling and user traffic
Open and easily accessible protocols
New service providers (content, data service, HLR)
Network elements can be remote (eNB)
Security Domains
• Managed by single administrative authority
• Border between security domains protected
by Security Gateway (SEG)
Security Gateway
• Handle communication over Za interface (SEG-SEG)
– AuthN/integrity mandatory, encryption recommended using IKEv1 or
IKEv2 for negotiating, establishing and maintaining secure ESP tunnel
• Handle communication over (optional) Zb interface (SEG- NE
or NE-NE)
– Implement ESP tunnel and IKEv1 or IKEv2
– ESP with AuthN, integrity, optional encryption
• All traffic flows through SEG before leaving or entering
security domain
• Secure storage of long-term keys used for IKEv1 and IKEv2
• Hop-by-hop security (chained tunnels or hub-and-spoke)
Security for Network Elements
• Services
–
–
–
–
•
•
•
•
Data integrity
Data origin authentication
Anti-replay
Confidentiality (optional)
Using IPsec ESP (Encapsulation Security Payload)
Between SEGs: tunnel mode
Key management: IKEv1 or IKEv2
Security associations from NE only to SEG or NE’s in
own domain
Trust validation with IPsec
Trust validation for TLS
User domain security
• Secure access to mobile stations
• Few slides
Application domain security
• The set of security features that enable
applications in the user and in the provider
domain to securely exchange messages.
• Secure messaging between the USIM and the
network (TS 22.048)
• Slides about IMS, SIP
IMS Security
• Security/AuthN mechnism
– Mutual AuthN using UMTS AKA
– Typically implemented on UICC (ISIM application)
– UMTS AKA integrated into HTTP digest (RFC3310)
– NASS-IMS bundled AuthN
– SIP Digest based AuthN
– Access security with TLS
Interworking with legacy network
• Few slides about CDMA-3GPP interworking
References
• Principles, objectives and requirements
– TS 33.120 Security principles and objectives
– TS 21.133 Security threats and requirements
• Architecture, mechanisms and algorithms
– TS 33.102 Security architecture
– TS 33.103 Integration guidelines
– TS 33.105 Cryptographic algorithm requirements
– TS 35.20x Access network algorithm specifications
References
• TS 33.210 v8.3.0: Network Domain Security: IP-layer
(http://www.3gpp.org/ftp/Specs/archive/33_series/33.210/)
• TS 33.310 V9.0.0: Network Domain Security: Authentication Framework
http://www.3gpp.org/ftp/Specs/archive/33_series/33.310/
• TS 33.401 V9.0.0: SAE security architecture
http://www.3gpp.org/ftp/Specs/archive/33_series/33.401/
• TS 33.402 V9.0.0: SAE security aspects of non 3GPP access
http://www.3gpp.org/ftp/Specs/archive/33_series/33.402/
• TR 33.820 V8.1.0: Security of H(e)NB
http://www.3gpp.org/ftp/Specs/archive/33_series/33.820/33820-810.zip
• 3GPP TS 33.102 V8.3.0: Security architecture
http://www.3gpp.org/ftp/Specs/archive/33_series/33.102/33102-830.zip
Credits
• Valterri Niemi (3GPP SA3 chair)
Backup
UMTS Authentication and Key
Agreement (AKA)
• Procedure to authenticate the user and
establish pair of cipher and integrity between
VLR/SGSN and USIM
Source: ETRI
X2 Routing and Handover
Source
ENB
SGW
Target
ENB
30 ms
Interruption
Time
Out of Order
Packets
Expect out of order packets around handover
Interworking with UTRAN/GERAN
• UE registered in both SGSN and MME
• Keys may be mapped
Related documents
Long Term Evolution
Long Term Evolution
Document
Document
www.ijecs.in International Journal Of Engineering And Computer Science ISSN: 2319-7242
www.ijecs.in International Journal Of Engineering And Computer Science ISSN: 2319-7242
Panel: Security and the World Wide Web
Panel: Security and the World Wide Web
(MSC) and Base Station Controller (BSC) in GSM
(MSC) and Base Station Controller (BSC) in GSM
In order to survive, plants must constantly adapt to the changing
In order to survive, plants must constantly adapt to the changing
Lecture_7-CTTC_20120422
Lecture_7-CTTC_20120422
Worksheet on Cell Communication
Worksheet on Cell Communication
Postdoctoral Researcher Fox Chase Cancer Center Job Description:
Postdoctoral Researcher Fox Chase Cancer Center Job Description:
Services and System Aspects (SA) LTE Africa 11.11.2014
Services and System Aspects (SA) LTE Africa 11.11.2014
On the road with 3GPP
On the road with 3GPP
Real Time Forecast PPT
Real Time Forecast PPT
Ch. 11 Stem Notes
Ch. 11 Stem Notes
PPT Version
PPT Version
Presentation title
Presentation title
Power Management for 4G Mobile Broadband Wireless
Power Management for 4G Mobile Broadband Wireless
Recent Advances in 3GPP Rel-12
Recent Advances in 3GPP Rel-12
Gene Section MME (membrane metallo-endopeptidase) Atlas of Genetics and Cytogenetics
Gene Section MME (membrane metallo-endopeptidase) Atlas of Genetics and Cytogenetics
32501-900
32501-900
gisfi_sp_201212337
gisfi_sp_201212337
22101-660
22101-660
23002-a20 - Network architecture
23002-a20 - Network architecture