TIA-136-510-B-2000 TDMA- Third Generation Wireless- Authentication Encryption of Signaling Information User Data and Privacy (ANSI APPROVAL WITHDRAWN JUNE 12 2015).pdf

1、 ANSI/TIA-136-510-B-2000 APPROVED: MARCH 31, 2000 REAFFIRMED: OCTOBER 20, 2004 REAFFIRMED: AUGUST 14, 2013 WITHDRAWN: JUNE 12, 2015 TIA-136-510-B (Revision of TIA-136-510-A) March 2000TDMA Third Generation Wireless- Authentication, Encryption of Signaling Information User Data and Privacy NOTICE TIA

2、 Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of products, and assisting the purchaser in selecting and obtaining with minimum delay the pro

3、per product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not conforming to such Standards and Publications. Neither shall the existence of such Standards and Public

4、ations preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) patent policy. By such action, TIA does not assume any liability to any patent owner, nor

5、does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirements. It is the responsibility of the user of this Standard to establish appropriate safe

6、ty and health practices and to determine the applicability of regulatory limitations before its use. Any use of trademarks in this document are for information purposes and do not constitute an endorsement by TIA or this committee of the products or services of the company. (From Project No. ANSI/TI

7、A-PN-136.510-B-RF2-WD, formulated under the cognizance of the TIA TR-45 Mobile (b) there is no assurance that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or

8、 any editing process. The use or practice of contents of this Document may involve the use of intellectual property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and publi

9、shed pending patent applications are claimed and called to TIAs attention, a statement from the holder thereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of

10、 IPR. TIA will neither be a party to discussions of any licensing terms or conditions, which are instead left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or

11、 practices suggested or provided in the Manual have been complied with as respects the Document or its contents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards

12、 (whether designated as a standard, specification, recommendation or otherwise), whether such reference consists of mandatory, alternate or optional elements (as defined in the TIA Procedures for American National Standards) then (i) TIA disclaims any duty or obligation to search or investigate the

13、records of any other SSO for IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy of encouragement of voluntary disclosure (see TIA Procedures for American National Standards Annex C.1.2.3) of Essential Patent(s) and published pending patent applications shall apply

14、 and (iii) Information as to claims of IPR in the records or publications of the other SSO shall not constitute identification to TIA of a claim of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does no

15、t certify, inspect, test or otherwise investigate products, designs or services or any claims of compliance with the contents of the Document. ALL WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS

16、 OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS C

17、OMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR R

18、ELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (IN

19、CLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A FUNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. TIA/EIA-136-510-BiContents

20、1. DCCH Authentication . 11.1 Shared Secret Data (SSD) . 11.2 Random Challenge Memory (RAND). 11.3 Call History Parameter (COUNTs-p) 11.4 MIN1 and MIN2 . 21.5 Authentication of Mobile Station Registrations 21.6 Unique Challenge-Response Procedure 31.7 Authentication of Mobile Station Originations .

21、41.8 Authentication of Mobile Station Terminations 61.9 SSD Update. 71.10 Authentication of Mobile Station R-DATA Messages 111.11 Authentication of Mobile Station SPACH Confirmations. 121.12 Auth_Signature, SSD_Update and SSD_Generation Procedures Algorithm 132. ACC, AVC, and DTC Authentication 142.

22、1 Shared Secret Data (SSD) . 142.2 Random Challenge Memory (RAND). 142.3 Call History Parameter (COUNTs-p) 152.4 MIN1 and MIN2 . 152.5 Authentication of Mobile Station Registrations 152.6 Unique Challenge-Response Procedure 162.7 Authentication of Mobile Station Originations . 182.8 Authentication o

23、f Mobile Station Terminations 202.9 Updating the Shared Secret Data (SSD) 212.10 Re-Authentication . 272.11 Auth_Signature, SSD_Update and SSD_Generation_Procedure Algorithm. 293. Signaling Message Encryption 303.1 Signaling Message Encryption Control, Domain A 303.2 Signaling Message Encryption Con

24、trol, Domain B. 323.2.1 Encryption Keys 323.2.1.1 CMEA Encryption Key and VPM Generation Procedures 333.2.1.2 DCCHKey Generation Procedure 333.2.1.3 DTCKey Generation Procedure .333.2.2 Signaling Message Encryption, DCCH. 343.2.3 Signaling Message Encryption, DTC 363.2.4 Signaling Message Encryption

25、/Decryption Procedure 394. Voice Privacy 414.1 Voice Privacy Domain A 414.1.1 Voice Privacy Control During Call Establishment . 424.1.1.1 Mobile Station Originations.424.1.1.1.1 Analog Operation .42TIA/EIA-136-510-Bii4.1.1.1.2 Digital Operation 424.1.1.2 Mobile Station Terminations . 424.1.1.2.1 Ana

26、log Operation. 424.1.1.2.2 Digital Operation 424.1.2 Voice Privacy Control After Initial Channel Assignment . 434.2 Voice Privacy Domain B. 434.2.1 Voice Privacy Control During Call Establishment 454.2.1.1 Mobile Station Originations. 454.2.1.1.1 Analog Operation. 454.2.1.1.2 Digital Operation 464.2

27、1.2 Mobile Station Terminations . 464.2.1.2.1 Analog Operation. 464.2.1.2.2 Digital Operation 464.2.2 Voice Privacy Control After Initial Channel Assignment . 464.3 Voice Privacy Algorithm. 475. Data Privacy . 485.1 Data Privacy Control, Domain A. 485.2 Mobile Station Originations, Domain A 485.2.1

28、 Analog Operation 485.2.2 Digital Operation.485.3 Mobile Station Terminations, Domain A 495.3.1 Analog Operation 495.3.2 Digital Operation.495.4 Data Privacy Control, Domain B. 495.5 Data Privacy Control After Initial Channel Assignment 505.6 Data Privacy Algorithm. 506. Common Cryptographic Algorit

29、hms 517. Change History for TIA/EIA-136-510 52TIA/EIA-136-510-BiiiFiguresFigure 1 Partitioning of SSD. 1Figure 2 Computation of AUTHR for Authentication of Mobile Station at Registrations 3Figure 3 Computation of AUTHU for Unique Challenge-Response Procedure 4Figure 4 Computation of AUTHR for Authen

30、tication of Mobile Station Originations. 6Figure 5 Computation of AUTHR for Authentication of Mobile Station Terminations 7Figure 6 SSD Update Message Flow. 9Figure 7 Computation of Shared Secret Data (SSD) . 10Figure 8 Computation of AUTHBS 10Figure 9 Computation of AUTHR for Authentication of Mobi

31、le Station R-DATA Messages 12Figure 10 Computation of AUTHR for Authentication of Mobile Station SPACH Confirmations 13Figure 11 Partitioning of SSD. 14Figure 12 Computation of AUTHR for Authentication of Mobile Station Registration . 16Figure 13 Computation of AUTHU for Unique Challenge-Response Pr

32、ocedure 17Figure 14 Computation of AUTHR for Authentication of Mobile Station Originations. 19Figure 15 Computation of AUTHR for Authentication of Mobile Station Terminations 21Figure 16 SSD Update Message Flow. 23Figure 17 Computation of Shared Secret Data (SSD) . 24Figure 18 Computation of AUTHBS

33、24Figure 19 Computation of AUTHRA for Re-Authentication Procedure. 28TIA/EIA-136-510-B11. DCCH Authentication1The term Authentication refers to the process during which information is exchanged2between a mobile station and the BMI for the purposes of enabling the base station to3confirm the identity

34、 of the mobile station. In short, a successful outcome of the4authentication process occurs only when it can be demonstrated that the mobile station5and base station possess identical sets of Shared Secret Data (SSD).6The following DCCH Authentication procedures are equivalent to the ACC7Authenticat

35、ion procedures described in Section 2.81.1 Shared Secret Data (SSD)9SSD is a 128-bit pattern that is generated in the mobile station using the10SSD_Generation_Procedure, stored in the mobile station (in semi-permanent memory)11and readily available to the BMI. As depicted in Figure 1, SSD is partiti

36、oned into two12distinct subsets. Each subset is used to support a different process.13Figure 1 Partitioning of SSD14Contents SSD-A SSD-BLength (bits) 64 64Specifically,15SSD-A is used to support the Authentication procedures, and16SSD-B is used to support voice privacy and message confidentiality.17

37、SSD is generated according to the procedure specified in Common Cryptographic18Algorithms (see Section 1.9).191.2 Random Challenge Memory (RAND)20RANDsis a 32-bit value held in the mobile station. It is a value received on the BCCH in21the Access Parameters Message, andis used in conjunction with SS

38、D-A and other22parameters, as appropriate, to authenticate mobile station originations, terminations,23registrations, SPACH Confirmations and R-DATA messages.241.3 Call History Parameter (COUNTs-p)25The Call History Parameter is a modulo-64 count held in the mobile station. COUNTs-p is26updated at t

39、he mobile station upon receipt of a Parameter Update Order message on a27DCCH or a Parameter Update Order message on the DTC or AVC.28TIA/EIA-136-510-B21.4 MIN1 and MIN21The 24-bit parameter referred to as MIN1 in the Authentication procedures is derived as2indicated in TIA/EIA-136-005.3The 8-bit pa

40、rameter referred to as MIN2 in the Authentication procedures is derived as4indicated in TIA/EIA-136-005.51.5 Authentication of Mobile Station Registrations6When the AUTH or AUTH Map information element indicates that the Authentication7message for Registrations is required (see TIA/EIA-136-123), and

41、 the mobile station8attempts to register, the following authentication-related procedures shall be performed:9 In the mobile station:10 Initialize the authentication algorithm (Auth_Signature) as illustrated in11Figure 2 and set the parameter SAVE_REGISTERS to FALSE unless12DCCHKey is to be generate

42、d, in which case set SAVE_REGISTERS to13TRUE.14 Execute the Auth_Signature procedure (see Section 1.12).15 Set AUTHR equal to the 18 bits of Auth_Signature algorithm output.16 Send AUTHR together with RANDC (eight most significant bits of RAND)17and COUNTs-p to the BMI via the Authentication message

43、18 On Power Up, ACC to DCCH, Forced, and New System Registrations19generate DCCHKey by following the Auth_Signature procedure (see20Section 1.12) with the CMEA Encryption Key and VPM Generation21Procedure, (see Section 3.2.1.1) and then the DCCH Key Generation22procedure (see Section 3.2.1.2).23 At

44、 the BMI:24 Compare the received values for RANDC, and optionally COUNT, with the25internally stored values associated with the received MSID/ESN.26 Compute AUTHR as described above, except use the internally stored value27of SSD-A.28 Compare the value for AUTHR computed internally with the value of

45、29AUTHR received from the mobile station.30 On Power Up, ACC to DCCH, Forced, and New System Registrations31generate DCCHKey by following the Auth_Signature (see Section 1.12)32procedure with the CMEA Encryption Key and VPM Generation Procedure,33(see Section 3.2.1.1) and then the DCCH Key Generatio

46、n procedure (see34Section 3.2.1.2).35If any of the comparisons by the BMI fail, the BMI may deem the registration attempt36unsuccessful, initiate the Unique Challenge-Response procedure (see Section 1.6), or37commence the process of updating the SSD (see Section 1.9).38TIA/EIA-136-510-B3Figure 2 Com

47、putation of AUTHR for Authentication of Mobile Station at1Registrations2RAND32ESN32MIN124SSD-A64AUTHR18RAND_CHALLENGE ESN AUTH_DATA SSD_AUTHAuth_SignatureSAVE_REGISTERSBOOLEANVALUE1.6 Unique Challenge-Response Procedure3The Unique Challenge-Response procedure is initiated by the BMI and is carried o

48、ut as4follows:5 At the BMI:6 A 24-bit, random pattern referred to as RANDU is generated and sent to the7mobile station via the Unique Challenge Order message.8 Initialize the authentication algorithm (Auth_Signature) as illustrated in9Figure 3 and set the parameter SAVE_REGISTERS to FALSE.10 Execute

49、 the Auth_Signature algorithm (see Section 1.12).11 Set AUTHU equal to the 18 bits of the Auth_Signature algorithm output.12 At the mobile station:13 Compute AUTHU as described above using the received RANDU and its14internally stored values for the remaining input parameters.15 Send AUTHU to the BMI via the Unique Challenge Order Confirmation16message.17TIA/EIA-136-510-B4Upon receipt of the Unique Challenge Order Confirmation from the mobile station, the1BMI compares the received value for AUTHU to that generated/stored internally. If the2comparison fails, the BMI may