security 3gpp

7/30/2019 Security 3gpp

1/15

SEC-3GPP 1

Mobile Communications

Security in 3GPP Networks

Manuel P. Ricardo

Faculdade de Engenharia da Universidade do Porto


2/15

SEC-3GPP 2

How is authentication and ciphering handled in GSM?

How is authentication and ciphering handled in UMTS?


3/15

SEC-3GPP 3

GSM


4/15

SEC-3GPP 4

Security in GSM Security services

access control/authentication user SIM (Subscriber Identity Module): secret PIN (Personal Identification Number) SIM network: challenge - response method

Ki - subscriber secret authentication key, stored in SIM

confidentiality

voice and signaling encrypted on the wireless link (after successful authentication)

anonymity TMSI - Temporary Mobile Subscriber Identity

newly assigned at each new location update

encrypted transmission

3 algorithms specified in GSM

A3 for authentication (secret, open interface)

A5 for encryption (standardized)

A8 for encryption key generation (secret, open interface)


5/15

SEC-3GPP 5

GSM - Authentication

A3

RANDKi

128 bit 128 bit

SRES* 32 bit

A3

RAND Ki

128 bit 128 bit

SRES 32 bit

SRES* =? SRES SRES

RAND

SRES

32 bit

mobile network SIM

AuC

MSC

SIM

Ki: individual subscriber authentication key SRES: signed response


6/15

SEC-3GPP 6GSM - Key Generation and

Encryption

A8

RANDKi

128 bit 128 bit

Kc

64 bit

A8

RAND Ki

128 bit 128 bit

SRES

RAND

encrypted

data

mobile network (BTS) MS with SIM

AuC

BTS

SIM

A5

Kc64 bit

A5

MS

data data

cipher

key


7/15

SEC-3GPP 7

3G

(3GPP TS 23.060, 3GPP TS 33.102)


8/15

SEC-3GPP 8

Security Function Authentication of the MS by the network

Provides user identity confidentiality temporary identification and ciphering

Provides user data and signalling confidentiality

ciphering

In UMTS (Iu mode)

authentication of the network by the MS

data integrity and origin authentication of signalling data


9/15

SEC-3GPP 9

Authentication Two types of authentication

UMTS authentication GSM authentication

Independent of the RAN modes

GSM authentication

Based on SIM Authentication of the MS by the network

Establishment of GSM ciphering key (Kc) between the SGSN and the MS

UMTS authentication

Based on USIM Requires authentication quintets

Implies mutual authentication

Agreement between SGSN and MS on

ciphering key (CK) and integrity key (IK)


10/15

SEC-3GPP 10

GSM Authentication

1. SGSN requests Authentication-Info (IMSI); HLR responds2. SGSN

sends Authentication-Ciphering(RAND, CKSN, Ciphering Algorithm);

MS responds with Ciphering-Response (SRES)

A/Gb mode: MS starts ciphering after sending Response message

Iu mode: SGSN / MS shall generate CK and IK from the GSM Kc

1. Send Authentication Info

2. Authentication and Ciphering Request1. Send Authentication Info Ack

2. Authentication and Ciphering Response

MS RAN HLR SGSN


11/15

SEC-3GPP 11

MS VLR/SGSN HE/HLR

Generate authentication

vectors AV(1..n)

Store authentication vectors

Select authentication vector AV(i)

Authentication data request

Authentication data response

AV(1..n)

User authentication request

RAND(i) || AUTN(i)

User authentication responseRES(i)

Compare RES(i) and XRES(i)

Verify AUTN(i)

Compute RES(i)

Compute CK(i) and IK(i) Select CK(i) and IK(i)

Authentication and

key establishment

Distribution of

authentication

vectors from HE

to SN

UMTS Authentication


12/15

SEC-3GPP 12Generation of an Authentication Vector

by HE/AuC

K

SQNRAND

f1 f2 f3 f4 f5

MAC XRES CK IK AK

AUTN := SQN AK || AMF || MAC

AV := RAND || XRES || CK || IK || AUTN

Generate SQN

Generate RAND

AMF


13/15

SEC-3GPP 13

K

SQN

RAND

f1 f2 f3 f4

f5

XMAC RES CK IK

AK

SQN AK AMF MAC

AUTN

Verify MAC = XMAC

Verify that SQN is in the correct range

User authentication function in the

USIM


14/15

SEC-3GPP 14

Release 99+ VLR/SGSN Release 98-

VLR/SGSN

Release 99+

HLR/AuC

USIM

RANDAUTNRES

CKIK

CK, IKKc

UTRAN

ME capable ofUMTS AKA

RANDAUTNRES

[Kc]

CK, IKKc

GSM BSS

CK, IKKcRESSRES

CK, IKKc

ME notcapable of UMTS

AKA

CK, IKKc

CK, IKKcRESSRES

RAND[AUTN]

SRES

[Kc]

Kc

RANDSRES

[Kc]

Kc

ME

CK, IKKcRESSRES

Quintets Triplets

CK, IKKcRESSRES

UMTS security GSM security

CK, IKKc


15/15

SEC-3GPP 15

Scope of Ciphering

Ciphering Algorithm

A/Gb mode: GPRS Encryption Algorithm (GEA)Kc is an input to the algorithm

Iu mode: UMTS Encryption Algorithm (UEA)

CK is an input to the algorithm.

MS BSS/UTRAN SGSN

Scope of GPRS ciphering

Scope of UMTS ciphering

security 3gpp

Documents