P. 1
3GPP Rel-7 and Rel-8 White Paper (3G Americas)

3GPP Rel-7 and Rel-8 White Paper (3G Americas)

4.33

|Views: 7,537|Likes:
Published by Amit Chakradeo

More info:

Published by: Amit Chakradeo on Sep 05, 2008
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/09/2014

pdf

text

original

This section will discuss certain security aspects of the EPS, namely Subscriber Authentication and
Traffic Protection.

Subscriber Authentication
In EPS, the subscriber authentication occurs between the UE and the MME using an enhanced version of
the 3G AKA protocol. It has been agreed to allow the use of Rel-99 USIM, but use of SIM is not allowed.
In EPS architecture for authentication, a new functional entity called Access Security Management Entity
(ASME) has been introduced which will be collocated with the MME for NAS signaling protection
(encryption and integrity verification). In this new architecture the CK/IK keys are confined to the home
network with the ASME receiving derived keys from them (K_ASME) for authentication with the UE.

145

Two Unicast Bearers. 3GPP TS 23.401

www.3gamericas.org

June 2008

p. 41

ASME provides keys derived from K_ASME to the collocated MME. Similarly eNodeB also receives keys
from ASME which are derived from K_ASME. The key hierarchy and derivation process is shown in
Figure 12. While the MME keeps the keys, the eNodeB deletes all the keys when the UE goes into idle
mode. ASME keeps the K_ASME for future reuse. At inter eNodeB handovers, new eNodeB-specific keys
maybe derived by the source and/or destination eNodeB. Keys are bound to specific algorithms, so when
changing MME or eNodeB, a change of algorithm can occur. This should be reported to the UE which
would require new derivation of keys both at the destination MME or eNodeB and the UE. Since the user
plane is encrypted in the eNodeB for over-the-air downlink transmission, changing the Serving GW does
not imply any update of security keying material unless accompanied by inter eNodeB handover. For
handovers between EUTRAN and 3G/2G systems, the key exchange occurs between the MME and the
SGSN. For UTRAN/GERAN to EUTRAN handovers SGSN sends CK/IK to MME which derives K_ASME
from it and re-authenticates the UE as soon as possible to derive fresh keying material. For EUTRAN to
UTRAN/GERAN, the MME puts the K_ASME through a one way function to derive CK/IK from it which is
then sent to the SGSN. The details of the key derivation for UTRAN/GERAN to EUTRAN handovers are
still under discussion in 3GPP at the time of the writing this paper.

K_eNB-RRC-enc

K_eNB-RRC-int

K_eNB-UP-enc

K_eNB

K_NAS-int

K_NAS-enc

K_ASME

CK

IK

K

USIM/AUC

UE/HSS

UE/ASME

UE/eNB

UE/MME

Note: An Access Security Management Entity(ASME) is a new functional entity
which receives the top-level keys in an access network from the HSS, i.e., the MME.

Figure 12. Key Hierarchy in EPS146

Traffic Protection
Security termination points for various traffic types terminating at the terminal is shown in Figure 13. With
the user plane encryption in EPS being placed in eNodeB, system security has to be handled more
carefully compared to UMTS. Different deployment environments may call for different implementation-
specific security solutions to provide the appropriate level of security. As an example of an eNodeB
implementation, the radio interface encryption and S1 interface encryption could be integrated on the
same Integrated Circuit. While there are several potential implementations, 3GPP has decided at this
stage not to focus on a specific implementation technology in order to allow for future evolution in security
technology. The aim is to have a single set of high level security requirements for all types of eNodeBs.

146

Ericsson. Q2 2007.

www.3gamericas.org

June 2008

p. 42

eNB

MME

S-GW

NAS (integrity/encryption)

RRC
(integrity/encryption)

UP (encryption)

Figure 13. Security termination points for traffic to/from the UE147

The security termination points for traffic that is internal to EPS are shown in Figure 14. There is ongoing
work in 3GPP to provide integrity protection and encryption on these interfaces, one proposal is NDS/IP.
In addition, applicability of these solutions to other types of base stations (e.g. eHSPA) is under
consideration. Since ciphering is now located in eNodeB, as described above, additional security
requirements are also being considered.

eNB
eNB

MME
MME

S-GW
S-GW

eNB
eNB

S1-MME

S1-U

X2-UP

X2-CP

S1-MME:

Integrity
protection and
encryption.

S1-U: Encryption

X2-UP: Encryption
X2-CP: Encryption and integrity protection

Figure 14. Security termination points for traffic internal to EPS148

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->