TIA-1098-A-2008 Generic Bootstrapping Architecture (GBA) Framework《通用自举电路架构(GBA)框架》.pdf

1、 TIA-1098-A-2008 APPROVED: JULY 8, 2008 REAFFIRMED: DECEMBER 6, 2012 TIA-1098-A (Revision of TIA-1098) July 2008Generic Bootstrapping Architecture (GBA) Framework NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between

2、 manufacturers and purchasers, facilitating interchangeability and improvement of products, and assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any m

3、ember or non-member of TIA from manufacturing or selling products not conforming to such Standards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are

4、adopted by TIA in accordance with the American National Standards Institute (ANSI) patent policy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to addre

5、ss all safety problems associated with its use or all applicable regulatory requirements. It is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Project No. 3-0238-R

6、V1-RF1, formulated under the cognizance of the TIA TR-45 Mobile (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any editing pr

7、ocess. The use or practice of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pending pa

8、tent applications are claimed and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TIA will

9、neither be a party to discussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practices sugg

10、ested or provided in the Manual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards (whether desig

11、nated as a standard, specification, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4thedition) then (i) TIA disclaims any duty or obligation to search or investigate the records of any other SSO fo

12、r IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending patent applications shall apply; and (iii) Information as to claims of IPR in the reco

13、rds or publications of the other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investigate produ

14、cts, designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, IT

15、S MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATI

16、ON, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, IN

17、CLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EV

18、EN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. Generic Bootstrapping Architecture (GBA) Framework TIA-1098-A 1 Table of Contents

19、 1 1 Introduction and Scope .3 2 2 References.3 3 2.1 Normative References 3 4 2.2 Informative References.4 5 3 Definitions and Abbreviations 4 6 3.1 Definitions 4 7 3.2 Abbreviations .5 8 4 Generic Bootstrapping Architecture .6 9 4.1 Reference Model 6 10 4.2 Network Elements 7 11 4.2.1 Bootstrappin

20、g Server Function (BSF) 7 12 4.2.2 Network Application Function (NAF) .7 13 4.2.3 HLR/HSS/AAA8 14 4.2.4 MN .8 15 4.3 Bootstrapping Architecture and Reference Points8 16 4.3.1 Reference Point Ub 8 17 4.3.2 Reference Point Ua.8 18 4.3.3 Reference Points Zh1, Zh2, Zh3.8 19 4.3.4 Reference Point Zn.9 20

21、 4.4 Requirements and Principles for Bootstrapping .9 21 4.4.1 Access Independence .9 22 4.4.2 Authentication Methods .9 23 4.4.3 Requirements on Reference Point Ub 9 24 4.4.4 Requirements on Reference Points Zh1, Zh2, Zh3.10 25 4.4.5 Requirements on Reference Point Zn.10 26 4.4.6 Requirements on Bo

22、otstrapping Transaction Identifier10 27 4.4.7 Requirements on Selection of UICC Application and Related Keys .11 28 4.4.8 Requirements on Reference Point Ua.12 29 4.5 Procedures 13 30 4.5.1 Initiation of Bootstrapping .13 31 4.5.2 Bootstrapping Procedures.13 32 4.5.2.1 Bootstrapping Mechanism Select

23、ion 13 33 4.5.2.2 Bootstrapping Procedures for cdma2000 1x and cdma2000 EV-34 DO Systems 16 35 4.5.2.2.1 Bootstrapping Based on CAVE 16 36 4.5.2.2.2 Bootstrapping Based on MN-AAA Key 19 37 4.5.2.2.3 Common Calculations 22 38 4.5.2.3 Bootstrapping Based on AKA.23 39 4.5.3 Procedures Using Bootstrappe

24、d Security Association .25 40 4.5.4 Procedure Related to Service Discovery 29 41 TIA-1098-A Generic Bootstrapping Architecture (GBA) Framework 2 5 UIM-based Enhancements to Generic Bootstrapping Architecture (GBA_U) .29 1 5.1 Architecture and Reference Points for Bootstrapping with UIM-Based Enhance

25、ments 29 2 5.2 Requirements and Principles for Bootstrapping with UIM-Based Enhancements .29 3 5.2.1 Requirements on MN .29 4 5.2.2 Requirements on BSF.29 5 5.3 Procedures for Bootstrapping with UIM-Based Enhancements .30 6 5.3.1 Initiation of Bootstrapping .30 7 5.3.2 Bootstrapping Procedures.30 8

26、5.3.2.1 Bootstrapping Procedures for cdma2000 EV-DO Systems 30 9 5.3.2.1.1 Bootstrapping Based on MN-AAA Key 30 10 5.3.2.2 Bootstrapping Procedures Based on AKA34 11 5.3.3 Procedures Using Bootstrapped Security Association .36 12 5.3.4 Procedure Related to Service Discovery 40 13 5.4 UIM-ME Interfac

27、e Description 40 14 5.4.1 Introduction 40 15 5.4.2 GBA_U Bootstrapping Procedure40 16 5.4.2.1 Bootstrapping Based on MN-AAA Key .40 17 5.4.2.2 Bootstrapping Procedures Based on AKA41 18 5.4.3 GBA_U NAF Derivation Procedure 42 19 Annex A (normative): Specification of the Key Derivation Function 43 20

28、 A.1 Introduction 43 21 A.2 Generic Key Derivation Function.43 22 A.3 Input Parameter Encoding 44 23 A.4 NAF Specific Key Derivation in GBA and GBA_U 44 24 Annex B (normative): XML Schema Definition.45 25 B.1 Introduction 45 26 Annex-C (Informative): Signaling Flows of Bootstrapping Procedure.47 27

29、C.1 Scope of Signaling Flows .47 28 C.2 Introduction 47 29 C.2.1 General .47 30 C.2.2 Rules Required to Interpret Signaling Flows .47 31 C.3 Signaling Flows Demonstrating a Successful Bootstrapping Procedure Based on AKA.47 32 C.4 Signaling Flows Demonstrating a Synchronization Failure in the Bootst

30、rapping Procedure 33 Based on AKA53 34 Generic Bootstrapping Architecture (GBA) Framework TIA-1098-A 3 1 Introduction and Scope 1 The present document describes the security features and a mechanism to bootstrap keys for application 2 security. 3 The scope of this document includes a generic bootstr

31、apping function, an architecture overview and the 4 detailed procedures on how to bootstrap the credential. 5 This document also describes a mechanism, called GBA_U, to bootstrap keys inside the (R-)UIM as 6 well as keys in the ME. GBA_U requires GBA support in the (R-)UIM, but provides enhanced sec

32、urity 7 by storing certain derived keys on the (R-)UIM. 8 In this document, several key words are used to signify the requirements. The key words “shall”, “shall 9 not”, “should”, “should not” and “may” are to be interpreted as described in the TIA Engineering Style 10 Manual. 11 2 References 12 2.1

33、 Normative References 13 1 Alliance for Telecommunications Industry Solutions (ATIS) T1TRQ3GPP 33.102-350, “3G 14 Security Security Architecture,” July, 2000. 15 2 IETF RFC 3310 (2002): “Hypertext Transfer Protocol (HTTP) Digest Authentication Using 16 Authentication and Key Agreement (AKA)“. 17 3 I

34、ETF RFC 3546 (2003): “Transport Layer Security (TLS) Extensions“. 18 4 TIA-873.004, “All-IP Core Network Multimedia Domain: IP Multimedia Call Control 19 Protocol Based on SIP and SDP Stage 3”, December 2003. 20 5 IETF RFC 3548 (2003): “The Base16, Base32, and Base64 Data Encodings“. 21 6 FIPS PUB 1

35、80-2 (2002): “Secure Hash Standard“. 22 7 IETF RFC 2104 (1997): “HMAC: Keyed-Hashing for Message Authentication“. 23 8 ISO/IEC 10118-3:2004: “Information Technology Security techniques Hash-functions 24 Part 3: Dedicated hash-functions“. 25 9 TIA-820, “Removable User Identity Module for Spread Spect

36、rum Systems“. 26 10 IETF RFC 2617 (1999): “HTTP Authentication: Basic and Digest Access Authentication“. 27 11 TIA-41.540-E: “MAP Operations Signaling Protocols“. 28 12 TIA-683-D: “Over-the-Air Service Provisioning of Mobile Stations in Spread Spectrum 29 Standards”. 30 13 TIA-1097: “Security Mechan

37、isms using GBA”. 31 14 IETF RFC 3629 (2003): “UTF-8, a transformation format of ISO 10646”. 32 15 TIA-945: “MAP Support of Authentication and Key Agreement (AKA)”. 33 TIA-1098-A Generic Bootstrapping Architecture (GBA) Framework 4 16 TIA-946, “Enhanced Cryptographic Algorithms,” June 2003. 1 17 TIA-

38、1078, “ISIM Application on UICC for CDMA20001Spread Spectrum Systems”. 2 18 TIA-1058: “UICC- Terminal interface Physical and Logical characteristics for 3 CDMA2000 Spread Spectrum Systems”. 4 23 ETSI TS 129 109 V7.7.0: “Generic Authentication Architecture (GAA); Zh and Zn 5 Interfaces based on the D

39、iameter protocol; Stage 3,“ October 2007. 6 2.2 Informative References 7 19 IETF RFC 1750 (1994): “Randomness Recommendations for Security”. 8 20 3GPP TS 33.203: “3rd Generation Partnership Project; Technical Specification Group 9 Services and System Aspects; 3G security; Access security for IP-base

40、d services”. 10 21 3GPP2 S.R0112-0: “Generic Bootstrapping Architecture System Requirements”. 11 22 TIA-1091: “IMS Security Framework”. 12 3 Definitions and Abbreviations 13 3.1 Definitions 14 For the purposes of the present document, the following terms and definitions apply: 15 Application: In all

41、 places in this document where the term application is used to refer to a service 16 offered by the carrier or a third party to the mobile subscriber, then it always denotes the type of 17 application and not the actual instance of an application installed on an application server. 18 Bootstrapping

42、Server Function: BSF is hosted in a network element under the control of the carrier. 19 BSF, HLR/HSS/AAA, and MNs participate in GBA in which a shared secret is established between the 20 network and a MN by running the bootstrapping procedure. The shared secret can be used between 21 NAFs and MNs,

43、 for example, for authentication purposes. 22 Bootstrapping Transaction Identifier: the bootstrapping transaction identifier (B-TID) is used to bind 23 the subscriber identity to the keying material in reference points Ua, Ub and Zn. 24 Bootstrapping Usage Procedure: A procedure using bootstrapped s

44、ecurity association over Ua 25 reference point. 26 GBA Function: A function in the MN executing the bootstrapping procedure with BSF (i.e. supporting 27 the Ub reference point) and providing Ua applications with security association to run bootstrapping 28 usage procedure. GBA function is called by

45、a Ua application when a Ua application wants to use 29 bootstrapped security association. 30 GBA User Security Settings: GUSS contains the BSF specific information element and the set of all 31 application-specific USSs. The GUSS may be held in the HSS, HLR, AAA or BSF. 32 1cdma2000is the trademark

46、for the technical nomenclature for certain specifications and standards of the Organizational Partners (OPs) of 3GPP2. Geographically (and as of the date of publication), cdma2000is a registered trademark of the Telecommunications Industry Association (TIA-USA) in the United States. Generic Bootstra

47、pping Architecture (GBA) Framework TIA-1098-A 5 ME-based GBA: in GBA_ME, all GBA-specific functions are carried out in the ME. The UIM is 1 GBA-unaware. If the term GBA is used in this document without any further qualification then always 2 GBA_ME is meant, see section 4 of this diocument. 3 Mobile

48、 Node (MN): For the purposes of this document, the Mobile Node is considered as two separate 4 entities, the User Identity Module (UIM) and Mobile Equipment (ME), which implements a GBA 5 function. The ME contains a high power processor, but no secure memory. 6 NAF_Id: The full name of the NAF (i.e.

49、 FQDN), concatenated with the Ua security protocol identifier. 7 Network Application Function: NAF is hosted in a network element. GBA may be used between 8 NAFs and MNs for authentication purposes, and for securing the communication path between the MN 9 and the NAF. 10 Removable UIM (R-UIM): An UIM that can be physically removed from the MN. The R-UIM can be 11 either a stand-alone module as defined in 9, or a multi-application platform (also called a UICC) that 12 may hold several applications that can be operated concurrently