SlideShare una empresa de Scribd logo

Netmanias.2012.08.22 [en] lte security i-security concept and authentication

son6971
son6971
TecnologíaNoticias y política
1 de 9
Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication www.netmanias.com About NMC Consulting Group NMC Consulting Group was founded on year 2002 and is advanced, professional network consulting company which is specialized for IP Network area like FTTH, Metro Ethernet and IP/MPLS, Service area like IPTV, IMS and CDN lastly, Wireless network area like Mobile WiMAX, LTE and Wi-Fi. Copyright © 2002-2012NMC Consulting Group. All rights reserved. www.nmcgroups.com LTE Security I LTE Security Concept and LTE Authentication August 21, 2012 (Last Updated: August 22, 2012) NMC Consulting Group www.netmanias.com www.nmcgroups.com
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 2 Scope and Concept of LTE Security ❶ LTE Authentication  Mutual Authentication between UE and LTE Network (UE – MME – HSS) using EPS-AKA  Base Key: K  Derived Key: KASME ❷ NAS Security  Integrity Protection and Ciphering (Encryption) for NAS Signaling Message between UE and MME  Base Key: KASME  Derived Key: KNASint, KNASenc ❸ AS Security  Integrity Protection and Ciphering (Encryption) for RRC Signaling Message between UE and eNB  Base Key: KeNB  Derived Key: KRRCint, KRRCenc  Ciphering (Encryption) for User IP Packet between UE and eNB  Base key: KeNB  Derived key: KUPenc IP Packet Ciphering ① Mutual Authentication EPS Authentication Vectors (RAND, AUTN, XRES, KASME) KNASint/KNASenc KNASint/KNASenc KRRCint/KRRCenc KUPenc KRRCint/KRRCenc KUPenc RRC Signaling Integrity Protection/ Ciphering IMSI, LTE K IMSI, LTE K ② NAS Signaling Integrity Protection/ Ciphering KASME KASME KeNB KeNBUE eNB MME HSS 1 2 3 3 Mandatory Optional
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 3 Attach Request (IMSI, UE Network Capability, KSIASME=7) Authentication Information Request (IMSI, SN ID, Network Type) Authentication Information Answer (AVs (1...n)) Authentication Request (RAND, AUTNHSS, KSIASME=1) [not ciphered; not integrity protected] Authentication Response (RES) [not ciphered; not integrity protected] AS Security Mode Complete (MAC-I) [AS integrity protected] AS Security Mode Command (Ciphering Algorithm=EEA1, Integrity Algorithm=EIA1, MAC-I) [AS integrity protected] Attach Accept <Initial Context Setup Request> (UE Network Capability, KeNB) NAS Security Mode Command (KSIASME=1, Replayed UE Network Capability, NAS Ciphering Algorithm=EEA1, NAS Integrity Algorithm=EIA1, NAS-MAC) [NAS integrity protected] NAS Security Mode Complete (NAS-MAC) [NAS ciphered and integrity protected] Network(HSS) Authentication ( AUTNUE = AUTNHSS ) UE Authentication ( RES = XRES ) Authentication NAS Security Setup AS Security Setup Ciphered and Integrity Protected NAS Signaling Compute KeNB Ciphered and Integrity Protected RRC Signaling Ciphered User Plane (Data Plane) KNASenc, KNASint KRRCenc, KRRCint KUPenc KRRCenc, KRRCint KUPenc eNBUE MME HSS 1 2 3 LTE K RAND EPS AKA Algorithm AUTNUE RES KASME SQN SN ID LTE K RAND EPS AKA Algorithm AUTNHSS XRES KASME SQN SN ID Authentication Vector= (RAND, XRES, AUTNHSS, KASME) Select encryption/integrity algorithm KNASenc KASME KDF KNASint Alg-ID, Alg Distinguisher KNASenc, KNASint NAS Uplink Count KeNB KASME KDF Alg-ID, Alg Distinguisher KRRCenc KeNB KDF KRRCint KUPenc Select encryption/integrity algorithm NAS Uplink Count KeNB KASME KDF KNASenc KASME KDF KNASint Alg-ID, Alg Distinguisher Alg-ID, Alg Distinguisher KRRCenc KeNB KDF KRRCint KUPenc LTE Security I - Authentication LTE Security II – NAS & AS Security Overview of LTE Security After Authentication  UE and MME share KASME After NAS Security Setup  UE and MME share NAS Security Key (KNASenc, KNASint) in Control Plane After AS Security Setup  UE and eNB share AS Security Key (KRRCenc, KRRCint) in Control Plan  UE and eNB share AS Security Key (KUPenc) in User Plan
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 4 Overview of LTE Authentication Procedure: EPS-AKA EPS-AKA (Evolved Packet System – Authentication and Key Agreement) MME HSSAttach Request (IMSI, UE Network Capability, KSIASME=7) SQN Crypto function LTE K RAND XRES AUTN CK IK KDF SQN SN ID KASME IMSI: Provisioned @AuC RAND: HSS generates LTE K: Provisioned @AuC SQN: HSS generates (increase) Select an AV (e.g., AV i) KSIASME AV 1 XRES i, KASME i Authentication Request (RAND i, AUTN i, KSIASME i) SQN Crypto function LTE K RAND i RES AUTNUE CK IK KDF SQN SN ID KASME (KASME i) IMSI: Factory Default RAND: HSS generates LTE K: Factory Default SQN: HSS generates Authentication Response (RES) UE uses KASME (KASME i) to calculates additional keys MME uses KASME (KASME i) to calculates additional keys IMSI USIM LTE K Authentication Vector (AV) AV = (RAND, AUTN, XRES, KASME) Authentication Complete HSS authenticated if AUTN i = AUTNUE UE authenticated if RES = XRES i KSIASME value is not used for authentication itself, but used to generate subsequent key values (for Encryption & Integrity Check) KSIASME AV 1 KASME i 1 2 3 4 5 UE MME HSSAuthentication Information Request (IMSI, SN ID, n, Network Type) Authentication Information Answer (Authentication Vectors) AV 1 = (RAND1, AUTN1, XRES1, KASME1) … AV i = (RANDi, AUTNi, XRESi, KASMEi) … AV n = (RANDn, AUTNn, XRESn, KASMEn)
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 5 LTE Authentication Procedure (1)  Provisioning Information @HSS/AuC  K: provisioned to AuC at subscription time  IMSI: provisioned to HSS & AuC at subscription time  Storing Information @USIM  K & IMSI: stored to USIM at manufacturing time 1. Authentication Request from UE ❶ [UE  MME] UE Requests Registration to Network  UE sends Attach Request (IMSI, UE Network Capability, KSIASME=7) message to MME  IMSI: Subscriber ID  UE Network Capability: supported security algorithms by UE  KSIASME=7: indicates no key is available EEA and EIA in “UE Network Capability” Information [4] Algorithm ID Description 128-EEA0 Null Ciphering Algorithm 128-EEA1 SNOW 3G 128-EEA2 AES Algorithm ID Description - - 128-EIA1 SNOW 3G 128-EIA2 AES EEA EIA
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 6 LTE Authentication Procedure (2) 2. Transfer of Authentication Vector(s) from HSS to MME ❷ [MME  HSS] Requesting Authentication Vector(s)  MME sends Authentication Information Request (IMSI, SN ID, n, Network Type) message to HSS to request authentication vector(s) for the UE  IMSI: Subscriber ID  SN ID: Serving Network ID. Identified by PLMN ID (MCC + MNC)  n: number of requested Authentication Vector(s)  Network Type: here, E-UTRAN  HSS  Generates RAND and SQN  Calculates XRES, AUTN, CK and IK using AKA Algorithm with inputs, LTE Key (K), SQN and RAND  Calculates local master key KASME using KDF with inputs, CK, IK, SQN and SN ID  Constitutes Authentication Vector(s), AV=(RAND, AUTH, XRES, KASME) ❸ [MME  HSS] Distributing Authentication Vector(s)  HSS sends Authentication Information Answer (AVs) message including AVs back to MME  MME  Stores AVs and selects an AV (here the ith AV, AVi=(RANDi, AUTHi, XRESi, KASMEi)) SQN Crypto function LTE K RAND XRES AUTN CK IK KDF SQN SN ID KASME IMSI: Provisioned @AuC RAND: HSS generates LTE K: Provisioned @AuC SQN: HSS generates (increase) Authentication Vector (AV) AV = (RAND, AUTN, XRES, KASME) HSS
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 7 LTE Authentication Procedure (3) 3. Mutual Authentication between UE and MME  KASME : MME Base Key (local master key). Stored only in MME, not delivered to the UE  UE authenticates the Network (HSS) by comparing AUTN with AUTHUE  MME (on behalf of HSS) authenticates the UE by comparing RES with XRES ❹ [UE  MME] Requesting User Authentication  MME sends Authentication Request (KSIASMEi, RANDi, AUTNi) message to UE  Keeps KASMEi and XRESi  Allocates KSIASMEi to uniquely identify KASMEi (KSIASMEi is shared in the UE and MME)  Sends KSIASMEi, RANDi, AUTNi to UE  UE  Calculates Authentication Vector, AV=(RAND, AUTHUE, RES, KASME) using the same AKA algorithm as in HSS  Authenticates the Network (HSS) by comparing AUTHi with AUTHUE ❺ [UE  MME] Responding User Authentication  UE sends Authentication Response (RES) message back to MME  MME  Authenticates the UE by comparing RES with XRESi SQN Crypto function LTE K RAND RES AUTNUE CK IK KDF SQN SN ID IMSI: Factory Default RAND: HSS generates LTE K: Factory Default SQN: HSS generates Sent to MME Used to authenticate HSS KASME (KASME i) KSIASME AV 1 KASME i UE
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 8 Summary of LTE Security Key: Authentication LTE Security Keys related to the LTE Authentication (EPS-AKA) Key Length Location Derived from Description K 128 bits USIM, AuC - EPS master key CK 128 bits USIM, HSS K Cipher key IK 128 bits USIM, HSS K Integrity key KASME 256 bits UE, HSS, MME CK, IK MME base key
Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 9 References and Abbreviations [1] Netmanias Technical Document, “LTE Network Architecture”, September 2010, http://www.netmanias.com/bbs/zboard.php?id=1x_TechdocsForum_4G [2] NMC Consulting Group Report, “E2E LTE Network Design”, August 2010. [3] 3GPP TS 24.301, “Non-Access-Stratum (NAS) Protocol for Evolved Packet System (EPS); Stage 3”. [4] 3GPP TS 33.401, “3GPP System Architecture Evolution (SAE); Security Architecture”. AES AKA AS ASME AuC AUTN AV CK EEA EIA EPS HSS IK IMSI KSI LTE : Advanced Encryption Standard : Authentication and Key Agreement : Access Stratum : Access Security Management Entity : Authentication Center : Authentication Token : Authentication Vector : Cipher Key : EPS Encryption Algorithm : EPS Integrity Algorithm : Evolved Packet System : Home Subscriber Server : Integrity Key : International Mobile Subscriber Identity : Key Set Identifier : Long Term Evolution Abbreviations MCC MME MNC NAS PLMN RAND RES RRC SN ID SQN UE UP USIM XRES : Mobile Country Code : Mobility Management Entity : Mobile Network Code : Non Access Stratum : Public Land Mobile Network : RANDom number : Response : Radio Resource Control : Serving Network ID : Sequence Number : User Equipment : User Plane : Universal Subscriber Identity Module : Expected Response

Recomendados

Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)
Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)
Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)
son6971
 
Security In LTE Access Network
Security In LTE Access NetworkSecurity In LTE Access Network
Security In LTE Access Network
Sukhvinder Singh Malik
 
Netmanias.2013.08.05 lte security i-concept and authentication.eng
Netmanias.2013.08.05 lte security i-concept and authentication.engNetmanias.2013.08.05 lte security i-concept and authentication.eng
Netmanias.2013.08.05 lte security i-concept and authentication.eng
son6971
 
Netmanias.2013.07.31 lte security i-concept and authentication (en)
Netmanias.2013.07.31 lte security i-concept and authentication (en)Netmanias.2013.07.31 lte security i-concept and authentication (en)
Netmanias.2013.07.31 lte security i-concept and authentication (en)
Ehab Sameh
 
IPsec for IMS
IPsec for IMSIPsec for IMS
IPsec for IMS
Hossein Yavari
 
Authentication and Key Agreement in 3GPP Networks
Authentication and Key Agreement in 3GPP Networks Authentication and Key Agreement in 3GPP Networks
Authentication and Key Agreement in 3GPP Networks
csandit
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
Università Degli Studi Di Salerno
 
K43066774
K43066774K43066774
K43066774
IJERA Editor
 

Recomendados

Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)
Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)
Netmanias.2012.09.03 [en] emm_procedure_1._initial_attach_(part_1)
son6971
 
Security In LTE Access Network
Security In LTE Access NetworkSecurity In LTE Access Network
Security In LTE Access Network
Sukhvinder Singh Malik
 
Netmanias.2013.08.05 lte security i-concept and authentication.eng
Netmanias.2013.08.05 lte security i-concept and authentication.engNetmanias.2013.08.05 lte security i-concept and authentication.eng
Netmanias.2013.08.05 lte security i-concept and authentication.eng
son6971
 
Netmanias.2013.07.31 lte security i-concept and authentication (en)
Netmanias.2013.07.31 lte security i-concept and authentication (en)Netmanias.2013.07.31 lte security i-concept and authentication (en)
Netmanias.2013.07.31 lte security i-concept and authentication (en)
Ehab Sameh
 
IPsec for IMS
IPsec for IMSIPsec for IMS
IPsec for IMS
Hossein Yavari
 
Authentication and Key Agreement in 3GPP Networks
Authentication and Key Agreement in 3GPP Networks Authentication and Key Agreement in 3GPP Networks
Authentication and Key Agreement in 3GPP Networks
csandit
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
Università Degli Studi Di Salerno
 
K43066774
K43066774K43066774
K43066774
IJERA Editor
 
IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...
IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...
IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...
IRJET Journal
 
CCNAv5 - S1: Chapter 5 - Ethernet
CCNAv5 - S1: Chapter 5 - EthernetCCNAv5 - S1: Chapter 5 - Ethernet
CCNAv5 - S1: Chapter 5 - Ethernet
Vuz Dở Hơi
 
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOLOVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
Zachariah Pabi
 
CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3
Nil Menon
 
CCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point ConnectionsCCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point Connections
Vuz Dở Hơi
 
Virtual private networks
Virtual private networks Virtual private networks
Virtual private networks
UBT - Higher Education Institution
 
Y36146148
Y36146148Y36146148
Y36146148
IJERA Editor
 
WiMAX Network Security
WiMAX Network SecurityWiMAX Network Security
WiMAX Network Security
sashar86
 
CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan Routing
Vuz Dở Hơi
 
ZigBee energy manager Keletron presales
ZigBee energy manager Keletron presalesZigBee energy manager Keletron presales
ZigBee energy manager Keletron presales
Yiannis Hatzopoulos
 
CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4
Nil Menon
 
CCNA 1 Routing and Switching v5.0 Chapter 6
CCNA 1 Routing and Switching v5.0 Chapter 6CCNA 1 Routing and Switching v5.0 Chapter 6
CCNA 1 Routing and Switching v5.0 Chapter 6
Nil Menon
 
CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the network
Vuz Dở Hơi
 
Go3611771182
Go3611771182Go3611771182
Go3611771182
IJERA Editor
 
Kastriot Blakaj
Kastriot BlakajKastriot Blakaj
Kastriot Blakaj
UBT - Higher Education Institution
 
CCNA RS_ITN - Chapter 3
CCNA RS_ITN - Chapter 3CCNA RS_ITN - Chapter 3
CCNA RS_ITN - Chapter 3
Irsandi Hasan
 
Lte security concepts and design considerations
Lte security concepts and design considerationsLte security concepts and design considerations
Lte security concepts and design considerations
Mary McEvoy Carroll
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)
Mohamed Tharwat Waheed
 
LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network Security
Satish Chavan
 
4g security presentation
4g security presentation4g security presentation
4g security presentation
Kyle Ly
 
Lte security overview
Lte security overviewLte security overview
Lte security overview
aliirfan04
 
Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...
EC-Council
 

Más contenido relacionado

La actualidad más candente

La actualidad más candente (16)

IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...
IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...
IRJET - Virtual Private Network Implementation on PC as a Router for Privacy ...
 
CCNAv5 - S1: Chapter 5 - Ethernet
CCNAv5 - S1: Chapter 5 - EthernetCCNAv5 - S1: Chapter 5 - Ethernet
CCNAv5 - S1: Chapter 5 - Ethernet
 
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOLOVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
OVERVIEW OF PKM AUTHENTICATION MECHANISM IN WiMAX SECURITY PROTOCOL
 
CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3CCNA 1 Routing and Switching v5.0 Chapter 3
CCNA 1 Routing and Switching v5.0 Chapter 3
 
CCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point ConnectionsCCNAv5 - S4: Chapter3 Point to-point Connections
CCNAv5 - S4: Chapter3 Point to-point Connections
 
Virtual private networks
Virtual private networks Virtual private networks
Virtual private networks
 
Y36146148
Y36146148Y36146148
Y36146148
 
WiMAX Network Security
WiMAX Network SecurityWiMAX Network Security
WiMAX Network Security
 
CCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan RoutingCCNAv5 - S2: Chapter5 Inter Vlan Routing
CCNAv5 - S2: Chapter5 Inter Vlan Routing
 
ZigBee energy manager Keletron presales
ZigBee energy manager Keletron presalesZigBee energy manager Keletron presales
ZigBee energy manager Keletron presales
 
CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4CCNA 1 Routing and Switching v5.0 Chapter 4
CCNA 1 Routing and Switching v5.0 Chapter 4
 
CCNA 1 Routing and Switching v5.0 Chapter 6
CCNA 1 Routing and Switching v5.0 Chapter 6CCNA 1 Routing and Switching v5.0 Chapter 6
CCNA 1 Routing and Switching v5.0 Chapter 6
 
CCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the networkCCNAv5 - S4: Chapter8 monitoring the network
CCNAv5 - S4: Chapter8 monitoring the network
 
Go3611771182
Go3611771182Go3611771182
Go3611771182
 
Kastriot Blakaj
Kastriot BlakajKastriot Blakaj
Kastriot Blakaj
 
CCNA RS_ITN - Chapter 3
CCNA RS_ITN - Chapter 3CCNA RS_ITN - Chapter 3
CCNA RS_ITN - Chapter 3
 

Destacado

4g security presentation
4g security presentation4g security presentation
4g security presentation
Kyle Ly
 
Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...
EC-Council
 
4G LTE Presentation Group 9
4G LTE Presentation Group 94G LTE Presentation Group 9
4G LTE Presentation Group 9
eel4514team9
 

Destacado (12)

Lte security concepts and design considerations
Lte security concepts and design considerationsLte security concepts and design considerations
Lte security concepts and design considerations
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)
 
LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network Security
 
4g security presentation
4g security presentation4g security presentation
4g security presentation
 
Lte security overview
Lte security overviewLte security overview
Lte security overview
 
Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...Exploring LTE security and protocol exploits with open source software and lo...
Exploring LTE security and protocol exploits with open source software and lo...
 
Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012
 
4G LTE Security - What hackers know?
4G LTE Security - What hackers know?4G LTE Security - What hackers know?
4G LTE Security - What hackers know?
 
4G LTE Presentation Group 9
4G LTE Presentation Group 94G LTE Presentation Group 9
4G LTE Presentation Group 9
 
Chap 4. call processing and handover.eng
Chap 4. call processing and handover.engChap 4. call processing and handover.eng
Chap 4. call processing and handover.eng
 
LTE Basics
LTE BasicsLTE Basics
LTE Basics
 
Lte Presentation.Ppt
Lte Presentation.PptLte Presentation.Ppt
Lte Presentation.Ppt
 

Similar a Netmanias.2012.08.22 [en] lte security i-security concept and authentication

Similar a Netmanias.2012.08.22 [en] lte security i-security concept and authentication (20)

WLAN and IP security
WLAN and IP securityWLAN and IP security
WLAN and IP security
 
Enhanced Advanced Encryption Standard (E-AES): using ESET
Enhanced Advanced Encryption Standard (E-AES): using ESETEnhanced Advanced Encryption Standard (E-AES): using ESET
Enhanced Advanced Encryption Standard (E-AES): using ESET
 
Chapter 15 - Security
Chapter 15 - SecurityChapter 15 - Security
Chapter 15 - Security
 
Moein
MoeinMoein
Moein
 
Basic Security in Routing and Switching
Basic Security in Routing and SwitchingBasic Security in Routing and Switching
Basic Security in Routing and Switching
 
IRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA AlgorithmIRJET- Data Transmission using RSA Algorithm
IRJET- Data Transmission using RSA Algorithm
 
VPN presentation - moeshesh
VPN presentation - moesheshVPN presentation - moeshesh
VPN presentation - moeshesh
 
IS - SSL
IS - SSLIS - SSL
IS - SSL
 
Ip Sec
Ip SecIp Sec
Ip Sec
 
Ip Sec Rev1
Ip Sec Rev1Ip Sec Rev1
Ip Sec Rev1
 
Web Security
Web SecurityWeb Security
Web Security
 
Ip Sec
Ip SecIp Sec
Ip Sec
 
Ipsec vpn v0.1
Ipsec vpn v0.1Ipsec vpn v0.1
Ipsec vpn v0.1
 
An Efficient VLSI Architecture for AES and It's FPGA Implementation
An Efficient VLSI Architecture for AES and It's FPGA ImplementationAn Efficient VLSI Architecture for AES and It's FPGA Implementation
An Efficient VLSI Architecture for AES and It's FPGA Implementation
 
Test
TestTest
Test
 
Test 1
Test 1Test 1
Test 1
 
CCNA Icnd110 s03l02
CCNA Icnd110 s03l02CCNA Icnd110 s03l02
CCNA Icnd110 s03l02
 
IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2 IMS Authentication with AKAv1 and AKAv2
IMS Authentication with AKAv1 and AKAv2
 
Websecurity
Websecurity Websecurity
Websecurity
 
Introduction to security_and_crypto
Introduction to security_and_cryptoIntroduction to security_and_crypto
Introduction to security_and_crypto
 

Último

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
WSO2
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Último (20)

Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
Emergent Methods: Multi-lingual narrative tracking in the news - real-time ex...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 

Netmanias.2012.08.22 [en] lte security i-security concept and authentication

  • 1. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication www.netmanias.com About NMC Consulting Group NMC Consulting Group was founded on year 2002 and is advanced, professional network consulting company which is specialized for IP Network area like FTTH, Metro Ethernet and IP/MPLS, Service area like IPTV, IMS and CDN lastly, Wireless network area like Mobile WiMAX, LTE and Wi-Fi. Copyright © 2002-2012NMC Consulting Group. All rights reserved. www.nmcgroups.com LTE Security I LTE Security Concept and LTE Authentication August 21, 2012 (Last Updated: August 22, 2012) NMC Consulting Group www.netmanias.com www.nmcgroups.com
  • 2. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 2 Scope and Concept of LTE Security ❶ LTE Authentication  Mutual Authentication between UE and LTE Network (UE – MME – HSS) using EPS-AKA  Base Key: K  Derived Key: KASME ❷ NAS Security  Integrity Protection and Ciphering (Encryption) for NAS Signaling Message between UE and MME  Base Key: KASME  Derived Key: KNASint, KNASenc ❸ AS Security  Integrity Protection and Ciphering (Encryption) for RRC Signaling Message between UE and eNB  Base Key: KeNB  Derived Key: KRRCint, KRRCenc  Ciphering (Encryption) for User IP Packet between UE and eNB  Base key: KeNB  Derived key: KUPenc IP Packet Ciphering ① Mutual Authentication EPS Authentication Vectors (RAND, AUTN, XRES, KASME) KNASint/KNASenc KNASint/KNASenc KRRCint/KRRCenc KUPenc KRRCint/KRRCenc KUPenc RRC Signaling Integrity Protection/ Ciphering IMSI, LTE K IMSI, LTE K ② NAS Signaling Integrity Protection/ Ciphering KASME KASME KeNB KeNBUE eNB MME HSS 1 2 3 3 Mandatory Optional
  • 3. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 3 Attach Request (IMSI, UE Network Capability, KSIASME=7) Authentication Information Request (IMSI, SN ID, Network Type) Authentication Information Answer (AVs (1...n)) Authentication Request (RAND, AUTNHSS, KSIASME=1) [not ciphered; not integrity protected] Authentication Response (RES) [not ciphered; not integrity protected] AS Security Mode Complete (MAC-I) [AS integrity protected] AS Security Mode Command (Ciphering Algorithm=EEA1, Integrity Algorithm=EIA1, MAC-I) [AS integrity protected] Attach Accept <Initial Context Setup Request> (UE Network Capability, KeNB) NAS Security Mode Command (KSIASME=1, Replayed UE Network Capability, NAS Ciphering Algorithm=EEA1, NAS Integrity Algorithm=EIA1, NAS-MAC) [NAS integrity protected] NAS Security Mode Complete (NAS-MAC) [NAS ciphered and integrity protected] Network(HSS) Authentication ( AUTNUE = AUTNHSS ) UE Authentication ( RES = XRES ) Authentication NAS Security Setup AS Security Setup Ciphered and Integrity Protected NAS Signaling Compute KeNB Ciphered and Integrity Protected RRC Signaling Ciphered User Plane (Data Plane) KNASenc, KNASint KRRCenc, KRRCint KUPenc KRRCenc, KRRCint KUPenc eNBUE MME HSS 1 2 3 LTE K RAND EPS AKA Algorithm AUTNUE RES KASME SQN SN ID LTE K RAND EPS AKA Algorithm AUTNHSS XRES KASME SQN SN ID Authentication Vector= (RAND, XRES, AUTNHSS, KASME) Select encryption/integrity algorithm KNASenc KASME KDF KNASint Alg-ID, Alg Distinguisher KNASenc, KNASint NAS Uplink Count KeNB KASME KDF Alg-ID, Alg Distinguisher KRRCenc KeNB KDF KRRCint KUPenc Select encryption/integrity algorithm NAS Uplink Count KeNB KASME KDF KNASenc KASME KDF KNASint Alg-ID, Alg Distinguisher Alg-ID, Alg Distinguisher KRRCenc KeNB KDF KRRCint KUPenc LTE Security I - Authentication LTE Security II – NAS & AS Security Overview of LTE Security After Authentication  UE and MME share KASME After NAS Security Setup  UE and MME share NAS Security Key (KNASenc, KNASint) in Control Plane After AS Security Setup  UE and eNB share AS Security Key (KRRCenc, KRRCint) in Control Plan  UE and eNB share AS Security Key (KUPenc) in User Plan
  • 4. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 4 Overview of LTE Authentication Procedure: EPS-AKA EPS-AKA (Evolved Packet System – Authentication and Key Agreement) MME HSSAttach Request (IMSI, UE Network Capability, KSIASME=7) SQN Crypto function LTE K RAND XRES AUTN CK IK KDF SQN SN ID KASME IMSI: Provisioned @AuC RAND: HSS generates LTE K: Provisioned @AuC SQN: HSS generates (increase) Select an AV (e.g., AV i) KSIASME AV 1 XRES i, KASME i Authentication Request (RAND i, AUTN i, KSIASME i) SQN Crypto function LTE K RAND i RES AUTNUE CK IK KDF SQN SN ID KASME (KASME i) IMSI: Factory Default RAND: HSS generates LTE K: Factory Default SQN: HSS generates Authentication Response (RES) UE uses KASME (KASME i) to calculates additional keys MME uses KASME (KASME i) to calculates additional keys IMSI USIM LTE K Authentication Vector (AV) AV = (RAND, AUTN, XRES, KASME) Authentication Complete HSS authenticated if AUTN i = AUTNUE UE authenticated if RES = XRES i KSIASME value is not used for authentication itself, but used to generate subsequent key values (for Encryption & Integrity Check) KSIASME AV 1 KASME i 1 2 3 4 5 UE MME HSSAuthentication Information Request (IMSI, SN ID, n, Network Type) Authentication Information Answer (Authentication Vectors) AV 1 = (RAND1, AUTN1, XRES1, KASME1) … AV i = (RANDi, AUTNi, XRESi, KASMEi) … AV n = (RANDn, AUTNn, XRESn, KASMEn)
  • 5. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 5 LTE Authentication Procedure (1)  Provisioning Information @HSS/AuC  K: provisioned to AuC at subscription time  IMSI: provisioned to HSS & AuC at subscription time  Storing Information @USIM  K & IMSI: stored to USIM at manufacturing time 1. Authentication Request from UE ❶ [UE  MME] UE Requests Registration to Network  UE sends Attach Request (IMSI, UE Network Capability, KSIASME=7) message to MME  IMSI: Subscriber ID  UE Network Capability: supported security algorithms by UE  KSIASME=7: indicates no key is available EEA and EIA in “UE Network Capability” Information [4] Algorithm ID Description 128-EEA0 Null Ciphering Algorithm 128-EEA1 SNOW 3G 128-EEA2 AES Algorithm ID Description - - 128-EIA1 SNOW 3G 128-EIA2 AES EEA EIA
  • 6. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 6 LTE Authentication Procedure (2) 2. Transfer of Authentication Vector(s) from HSS to MME ❷ [MME  HSS] Requesting Authentication Vector(s)  MME sends Authentication Information Request (IMSI, SN ID, n, Network Type) message to HSS to request authentication vector(s) for the UE  IMSI: Subscriber ID  SN ID: Serving Network ID. Identified by PLMN ID (MCC + MNC)  n: number of requested Authentication Vector(s)  Network Type: here, E-UTRAN  HSS  Generates RAND and SQN  Calculates XRES, AUTN, CK and IK using AKA Algorithm with inputs, LTE Key (K), SQN and RAND  Calculates local master key KASME using KDF with inputs, CK, IK, SQN and SN ID  Constitutes Authentication Vector(s), AV=(RAND, AUTH, XRES, KASME) ❸ [MME  HSS] Distributing Authentication Vector(s)  HSS sends Authentication Information Answer (AVs) message including AVs back to MME  MME  Stores AVs and selects an AV (here the ith AV, AVi=(RANDi, AUTHi, XRESi, KASMEi)) SQN Crypto function LTE K RAND XRES AUTN CK IK KDF SQN SN ID KASME IMSI: Provisioned @AuC RAND: HSS generates LTE K: Provisioned @AuC SQN: HSS generates (increase) Authentication Vector (AV) AV = (RAND, AUTN, XRES, KASME) HSS
  • 7. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 7 LTE Authentication Procedure (3) 3. Mutual Authentication between UE and MME  KASME : MME Base Key (local master key). Stored only in MME, not delivered to the UE  UE authenticates the Network (HSS) by comparing AUTN with AUTHUE  MME (on behalf of HSS) authenticates the UE by comparing RES with XRES ❹ [UE  MME] Requesting User Authentication  MME sends Authentication Request (KSIASMEi, RANDi, AUTNi) message to UE  Keeps KASMEi and XRESi  Allocates KSIASMEi to uniquely identify KASMEi (KSIASMEi is shared in the UE and MME)  Sends KSIASMEi, RANDi, AUTNi to UE  UE  Calculates Authentication Vector, AV=(RAND, AUTHUE, RES, KASME) using the same AKA algorithm as in HSS  Authenticates the Network (HSS) by comparing AUTHi with AUTHUE ❺ [UE  MME] Responding User Authentication  UE sends Authentication Response (RES) message back to MME  MME  Authenticates the UE by comparing RES with XRESi SQN Crypto function LTE K RAND RES AUTNUE CK IK KDF SQN SN ID IMSI: Factory Default RAND: HSS generates LTE K: Factory Default SQN: HSS generates Sent to MME Used to authenticate HSS KASME (KASME i) KSIASME AV 1 KASME i UE
  • 8. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 8 Summary of LTE Security Key: Authentication LTE Security Keys related to the LTE Authentication (EPS-AKA) Key Length Location Derived from Description K 128 bits USIM, AuC - EPS master key CK 128 bits USIM, HSS K Cipher key IK 128 bits USIM, HSS K Integrity key KASME 256 bits UE, HSS, MME CK, IK MME base key
  • 9. Copyright © 2002-2012NMC Consulting Group. All rights reserved. Netmanias Technical Document: LTE Security I - LTE Security Concept and LTE Authentication 9 References and Abbreviations [1] Netmanias Technical Document, “LTE Network Architecture”, September 2010, http://www.netmanias.com/bbs/zboard.php?id=1x_TechdocsForum_4G [2] NMC Consulting Group Report, “E2E LTE Network Design”, August 2010. [3] 3GPP TS 24.301, “Non-Access-Stratum (NAS) Protocol for Evolved Packet System (EPS); Stage 3”. [4] 3GPP TS 33.401, “3GPP System Architecture Evolution (SAE); Security Architecture”. AES AKA AS ASME AuC AUTN AV CK EEA EIA EPS HSS IK IMSI KSI LTE : Advanced Encryption Standard : Authentication and Key Agreement : Access Stratum : Access Security Management Entity : Authentication Center : Authentication Token : Authentication Vector : Cipher Key : EPS Encryption Algorithm : EPS Integrity Algorithm : Evolved Packet System : Home Subscriber Server : Integrity Key : International Mobile Subscriber Identity : Key Set Identifier : Long Term Evolution Abbreviations MCC MME MNC NAS PLMN RAND RES RRC SN ID SQN UE UP USIM XRES : Mobile Country Code : Mobility Management Entity : Mobile Network Code : Non Access Stratum : Public Land Mobile Network : RANDom number : Response : Radio Resource Control : Serving Network ID : Sequence Number : User Equipment : User Plane : Universal Subscriber Identity Module : Expected Response