Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication
www.netmanias.com
About NMC Con...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Copyright © 2002-2012NMC Consulting Group. All rights reserved.
Netmanias Technical Document: LTE Security I - LTE Securit...
Upcoming SlideShare
Loading in...5
×

Netmanias.2012.08.22 [en] lte security i-security concept and authentication

1,335

Published on

Published in: Technology, News & Politics
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
1,335
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
0
Comments
0
Likes
2
Embeds 0
No embeds

No notes for slide

Transcript of "Netmanias.2012.08.22 [en] lte security i-security concept and authentication"

  1. 1. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication www.netmanias.com About NMC Consulting Group NMC Consulting Group was founded on year 2002 and is advanced, professional network consulting company which is specialized for IP Network area like FTTH, Metro Ethernet and IP/MPLS, Service area like IPTV, IMS and CDN lastly, Wireless network area like Mobile WiMAX, LTE and Wi-Fi. Copyright © 2002-2012NMC Consulting Group. All rights reserved. www.nmcgroups.com LTE Security I LTE Security Concept and LTE Authentication August 21, 2012 (Last Updated: August 22, 2012) NMC Consulting Group www.netmanias.com www.nmcgroups.com
  2. 2. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 2 Scope and Concept of LTE Security ❶ LTE Authentication  Mutual Authentication between UE and LTE Network (UE – MME – HSS) using EPS-AKA  Base Key: K  Derived Key: KASME ❷ NAS Security  Integrity Protection and Ciphering (Encryption) for NAS Signaling Message between UE and MME  Base Key: KASME  Derived Key: KNASint, KNASenc ❸ AS Security  Integrity Protection and Ciphering (Encryption) for RRC Signaling Message between UE and eNB  Base Key: KeNB  Derived Key: KRRCint, KRRCenc  Ciphering (Encryption) for User IP Packet between UE and eNB  Base key: KeNB  Derived key: KUPenc IP Packet Ciphering ① Mutual Authentication EPS Authentication Vectors (RAND, AUTN, XRES, KASME) KNASint/KNASenc KNASint/KNASenc KRRCint/KRRCenc KUPenc KRRCint/KRRCenc KUPenc RRC Signaling Integrity Protection/ Ciphering IMSI, LTE K IMSI, LTE K ② NAS Signaling Integrity Protection/ Ciphering KASME KASME KeNB KeNBUE eNB MME HSS 1 2 3 3 Mandatory Optional
  3. 3. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 3 Attach Request (IMSI, UE Network Capability, KSIASME=7) Authentication Information Request (IMSI, SN ID, Network Type) Authentication Information Answer (AVs (1...n)) Authentication Request (RAND, AUTNHSS, KSIASME=1) [not ciphered; not integrity protected] Authentication Response (RES) [not ciphered; not integrity protected] AS Security Mode Complete (MAC-I) [AS integrity protected] AS Security Mode Command (Ciphering Algorithm=EEA1, Integrity Algorithm=EIA1, MAC-I) [AS integrity protected] Attach Accept <Initial Context Setup Request> (UE Network Capability, KeNB) NAS Security Mode Command (KSIASME=1, Replayed UE Network Capability, NAS Ciphering Algorithm=EEA1, NAS Integrity Algorithm=EIA1, NAS-MAC) [NAS integrity protected] NAS Security Mode Complete (NAS-MAC) [NAS ciphered and integrity protected] Network(HSS) Authentication ( AUTNUE = AUTNHSS ) UE Authentication ( RES = XRES ) Authentication NAS Security Setup AS Security Setup Ciphered and Integrity Protected NAS Signaling Compute KeNB Ciphered and Integrity Protected RRC Signaling Ciphered User Plane (Data Plane) KNASenc, KNASint KRRCenc, KRRCint KUPenc KRRCenc, KRRCint KUPenc eNBUE MME HSS 1 2 3 LTE K RAND EPS AKA Algorithm AUTNUE RES KASME SQN SN ID LTE K RAND EPS AKA Algorithm AUTNHSS XRES KASME SQN SN ID Authentication Vector= (RAND, XRES, AUTNHSS, KASME) Select encryption/integrity algorithm KNASenc KASME KDF KNASint Alg-ID, Alg Distinguisher KNASenc, KNASint NAS Uplink Count KeNB KASME KDF Alg-ID, Alg Distinguisher KRRCenc KeNB KDF KRRCint KUPenc Select encryption/integrity algorithm NAS Uplink Count KeNB KASME KDF KNASenc KASME KDF KNASint Alg-ID, Alg Distinguisher Alg-ID, Alg Distinguisher KRRCenc KeNB KDF KRRCint KUPenc LTE Security I - Authentication LTE Security II – NAS & AS Security Overview of LTE Security After Authentication  UE and MME share KASME After NAS Security Setup  UE and MME share NAS Security Key (KNASenc, KNASint) in Control Plane After AS Security Setup  UE and eNB share AS Security Key (KRRCenc, KRRCint) in Control Plan  UE and eNB share AS Security Key (KUPenc) in User Plan
  4. 4. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 4 Overview of LTE Authentication Procedure: EPS-AKA EPS-AKA (Evolved Packet System – Authentication and Key Agreement) MME HSSAttach Request (IMSI, UE Network Capability, KSIASME=7) SQN Crypto function LTE K RAND XRES AUTN CK IK KDF SQN SN ID KASME IMSI: Provisioned @AuC RAND: HSS generates LTE K: Provisioned @AuC SQN: HSS generates (increase) Select an AV (e.g., AV i) KSIASME AV 1 XRES i, KASME i Authentication Request (RAND i, AUTN i, KSIASME i) SQN Crypto function LTE K RAND i RES AUTNUE CK IK KDF SQN SN ID KASME (KASME i) IMSI: Factory Default RAND: HSS generates LTE K: Factory Default SQN: HSS generates Authentication Response (RES) UE uses KASME (KASME i) to calculates additional keys MME uses KASME (KASME i) to calculates additional keys IMSI USIM LTE K Authentication Vector (AV) AV = (RAND, AUTN, XRES, KASME) Authentication Complete HSS authenticated if AUTN i = AUTNUE UE authenticated if RES = XRES i KSIASME value is not used for authentication itself, but used to generate subsequent key values (for Encryption & Integrity Check) KSIASME AV 1 KASME i 1 2 3 4 5 UE MME HSSAuthentication Information Request (IMSI, SN ID, n, Network Type) Authentication Information Answer (Authentication Vectors) AV 1 = (RAND1, AUTN1, XRES1, KASME1) … AV i = (RANDi, AUTNi, XRESi, KASMEi) … AV n = (RANDn, AUTNn, XRESn, KASMEn)
  5. 5. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 5 LTE Authentication Procedure (1)  Provisioning Information @HSS/AuC  K: provisioned to AuC at subscription time  IMSI: provisioned to HSS & AuC at subscription time  Storing Information @USIM  K & IMSI: stored to USIM at manufacturing time 1. Authentication Request from UE ❶ [UE  MME] UE Requests Registration to Network  UE sends Attach Request (IMSI, UE Network Capability, KSIASME=7) message to MME  IMSI: Subscriber ID  UE Network Capability: supported security algorithms by UE  KSIASME=7: indicates no key is available EEA and EIA in “UE Network Capability” Information [4] Algorithm ID Description 128-EEA0 Null Ciphering Algorithm 128-EEA1 SNOW 3G 128-EEA2 AES Algorithm ID Description - - 128-EIA1 SNOW 3G 128-EIA2 AES EEA EIA
  6. 6. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 6 LTE Authentication Procedure (2) 2. Transfer of Authentication Vector(s) from HSS to MME ❷ [MME  HSS] Requesting Authentication Vector(s)  MME sends Authentication Information Request (IMSI, SN ID, n, Network Type) message to HSS to request authentication vector(s) for the UE  IMSI: Subscriber ID  SN ID: Serving Network ID. Identified by PLMN ID (MCC + MNC)  n: number of requested Authentication Vector(s)  Network Type: here, E-UTRAN  HSS  Generates RAND and SQN  Calculates XRES, AUTN, CK and IK using AKA Algorithm with inputs, LTE Key (K), SQN and RAND  Calculates local master key KASME using KDF with inputs, CK, IK, SQN and SN ID  Constitutes Authentication Vector(s), AV=(RAND, AUTH, XRES, KASME) ❸ [MME  HSS] Distributing Authentication Vector(s)  HSS sends Authentication Information Answer (AVs) message including AVs back to MME  MME  Stores AVs and selects an AV (here the ith AV, AVi=(RANDi, AUTHi, XRESi, KASMEi)) SQN Crypto function LTE K RAND XRES AUTN CK IK KDF SQN SN ID KASME IMSI: Provisioned @AuC RAND: HSS generates LTE K: Provisioned @AuC SQN: HSS generates (increase) Authentication Vector (AV) AV = (RAND, AUTN, XRES, KASME) HSS
  7. 7. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 7 LTE Authentication Procedure (3) 3. Mutual Authentication between UE and MME  KASME : MME Base Key (local master key). Stored only in MME, not delivered to the UE  UE authenticates the Network (HSS) by comparing AUTN with AUTHUE  MME (on behalf of HSS) authenticates the UE by comparing RES with XRES ❹ [UE  MME] Requesting User Authentication  MME sends Authentication Request (KSIASMEi, RANDi, AUTNi) message to UE  Keeps KASMEi and XRESi  Allocates KSIASMEi to uniquely identify KASMEi (KSIASMEi is shared in the UE and MME)  Sends KSIASMEi, RANDi, AUTNi to UE  UE  Calculates Authentication Vector, AV=(RAND, AUTHUE, RES, KASME) using the same AKA algorithm as in HSS  Authenticates the Network (HSS) by comparing AUTHi with AUTHUE ❺ [UE  MME] Responding User Authentication  UE sends Authentication Response (RES) message back to MME  MME  Authenticates the UE by comparing RES with XRESi SQN Crypto function LTE K RAND RES AUTNUE CK IK KDF SQN SN ID IMSI: Factory Default RAND: HSS generates LTE K: Factory Default SQN: HSS generates Sent to MME Used to authenticate HSS KASME (KASME i) KSIASME AV 1 KASME i UE
  8. 8. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 8 Summary of LTE Security Key: Authentication LTE Security Keys related to the LTE Authentication (EPS-AKA) Key Length Location Derived from Description K 128 bits USIM, AuC - EPS master key CK 128 bits USIM, HSS K Cipher key IK 128 bits USIM, HSS K Integrity key KASME 256 bits UE, HSS, MME CK, IK MME base key
  9. 9. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 9 References and Abbreviations [1] Netmanias Technical Document, “LTE Network Architecture”, September 2010, http://www.netmanias.com/bbs/zboard.php?id=1x_TechdocsForum_4G [2] NMC Consulting Group Report, “E2E LTE Network Design”, August 2010. [3] 3GPP TS 24.301, “Non-Access-Stratum (NAS) Protocol for Evolved Packet System (EPS); Stage 3”. [4] 3GPP TS 33.401, “3GPP System Architecture Evolution (SAE); Security Architecture”. AES AKA AS ASME AuC AUTN AV CK EEA EIA EPS HSS IK IMSI KSI LTE : Advanced Encryption Standard : Authentication and Key Agreement : Access Stratum : Access Security Management Entity : Authentication Center : Authentication Token : Authentication Vector : Cipher Key : EPS Encryption Algorithm : EPS Integrity Algorithm : Evolved Packet System : Home Subscriber Server : Integrity Key : International Mobile Subscriber Identity : Key Set Identifier : Long Term Evolution Abbreviations MCC MME MNC NAS PLMN RAND RES RRC SN ID SQN UE UP USIM XRES : Mobile Country Code : Mobility Management Entity : Mobile Network Code : Non Access Stratum : Public Land Mobile Network : RANDom number : Response : Radio Resource Control : Serving Network ID : Sequence Number : User Equipment : User Plane : Universal Subscriber Identity Module : Expected Response

×