Scribd Logo
Upload

Welcome to Scribd!

  • LTE Security Presentation PDF

    Uploaded by

    Rajib Chowdhury
    7 views11 pages

    Original Title

    LTE-Security-Presentation.pdf

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    7 views11 pages

    LTE Security Presentation PDF

    Uploaded by

    Rajib Chowdhury

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 11

    EventHelix.

    com
    • telecommunication design
    • systems engineering
    • real-time and embedded systems

    LTE Security

    Encryption and Integrity Protection in


    LTE

    © 2012 EventHelix.com Inc. 1


    EventHelix.com
    • telecommunication design
    LTE Security: Key Concepts • systems engineering
    • real-time and embedded systems

    Authentication Integrity Encryption

    • The LTE Network verifies • Signaling message • The sender encrypts the
    the UE’s identity by receiver verifies that the data with a secret key
    challenging the UT use received message is that is only known to the
    the keys and report a exactly the message that receiver
    result. the transmitter sent • Only the receiver is able
    • The network checks the • This is done using an to decode the message
    result against the integrity checksum • Guards against hackers
    expected result • Guards against “man in listening in on the data
    the middle” attacks
    where the senders
    messages and
    intercepted by a hacker
    and a modified message
    is relayed to the receiver

    © 2012 EventHelix.com Inc. 2


    EventHelix.com
    • telecommunication design
    LTE Security Key Hierarchy • systems engineering
    • real-time and embedded systems

    USIM and AuC K

    UE and HSS CK, IK

    UE and MME KASME

    UE and MME KNASint KNASenc KeNB

    UE and eNodeB KUPenc KRRCint KRRCenc

    © 2012 EventHelix.com Inc. 3


    EventHelix.com
    Encryption and Integrity • telecommunication design
    • systems engineering
    Protection in the LTE Control Plan • real-time and embedded systems

    • LTE supports two levels on


    MME eNodeB UE security on the control
    plane
    – The NAS traffic between the
    NAS NAS MME and the UE is protected
    with NAS level keys
    • KNASint • KNASint – The RRC connection traffic
    • KNASenc • KNASenc between the MME and the
    UE is protected with RRC level
    keys
    RRC RRC • This means that the NAS
    • KRRCint • KRRCint traffic is being protected
    • KRRCenc • KRRCenc with NAS as well as RRC
    level security
    © 2012 EventHelix.com Inc. 4
    Encryption and Integrity EventHelix.com
    • telecommunication design
    Protection in the LTE User • systems engineering
    • real-time and embedded systems

    Plane
    • User plane data is
    eNodeB UE encrypted with the
    KUPenc key
    User User
    Plane Plane
    • KUPenc • KUPenc

    © 2012 EventHelix.com Inc. 5


    EventHelix.com
    LTE NAS Key Derivation at • telecommunication design
    • systems engineering

    the MME and UE • real-time and embedded systems

    KNASint: Integrity protection key KNASenc: Encryption key for NAS


    for NAS signaling messages signaling messages

    K K

    CK, IK CK, IK

    KASME KASME

    KNASint KNASenc

    © 2012 EventHelix.com Inc. 6


    EventHelix.com
    LTE RRC Key Derivation at • telecommunication design
    • systems engineering

    the eNodeB and UE • real-time and embedded systems

    KRRCint: Integrity protection key for KRRCenc: Encryption key for RRC
    RRC signaling messages signaling messages

    K K

    CK, IK CK, IK

    KASME KASME

    KeNB KeNB

    KRRCint KRRCenc

    © 2012 EventHelix.com Inc. 7


    LTE User Plane Key EventHelix.com
    • telecommunication design
    Derivation at the eNodeB • systems engineering
    • real-time and embedded systems

    and UE
    • KUPenc: User plane
    K
    encryption key
    CK, IK

    KASME

    KeNB

    KUPenc

    © 2012 EventHelix.com Inc. 8


    EventHelix.com
    • telecommunication design
    Key Stream Computation • systems engineering
    • real-time and embedded systems

    Ciphering Integrity Protection

    Bearer Message
    Count Direction Count Bearer

    Key Key
    Key Length Key Direction
    Stream Stream

    © 2012 EventHelix.com Inc. 9


    EventHelix.com
    3GPP Security • telecommunication design
    • systems engineering

    Specifications • real-time and embedded systems

    LTE Security Lawful Interception Key Derivation Function


    • 33.401: System Architecture • 33.106: Lawful interception • 33.220: GAA: Generic Bootstrapping
    Evolution (SAE); Security architecture requirements Architecture (GBA)
    • 33.402: System Architecture • 33.107: Lawful interception
    Evolution (SAE); Security aspects of architecture and functions
    non-3GPP • 33.108: Handover interface for
    Lawful Interception

    Backhaul Security Relay Node Security Home (e) Node B Security


    • 33.310: Network Domain Security • 33.816: Feasibility study on LTE relay • 33.320: Home (evolved) Node B
    (NDS); Authentication Framework node security (also 33.401) Security
    (AF)

    © 2012 EventHelix.com Inc. 10


    EventHelix.com
    • telecommunication design
    Thank You • systems engineering
    • real-time and embedded systems

    Thank you for visiting EventHelix.com. The following links provide more information
    about telecom design tools and techniques:

    Links Description
    EventStudio System Designer Sequence diagram based systems engineering
    tool.
    VisualEther Protocol Analyzer Wireshark based visual protocol analysis and
    system design reverse engineering tool.
    Telecom Call Flows GSM, SIP, H.323, ISUP, LTE and IMS call flows.
    TCP/IP Sequence Diagrams TCP/IP explained with sequence diagrams.
    Telecom • Networking • Software Real-time and embedded systems, call flows and
    object oriented design articles.

    © 2012 EventHelix.com Inc. 11

    You might also like