ImageVerifierCode 换一换
格式:PDF , 页数:42 ,大小:419.23KB ,
资源ID:736467      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-736467.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ETSI TR 103 445-2017 Digital Enhanced Cordless Telecommunications (DECT) DECT security technical review Security review and assessment 2017 (V1 1 1).pdf)为本站会员(eventdump275)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ETSI TR 103 445-2017 Digital Enhanced Cordless Telecommunications (DECT) DECT security technical review Security review and assessment 2017 (V1 1 1).pdf

1、 ETSI TR 103 445 V1.1.1 (2017-07) Digital Enhanced Cordless Telecommunications (DECT); DECT security technical review; Security review and assessment 2017 TECHNICAL REPORT ETSI ETSI TR 103 445 V1.1.1 (2017-07) 2 Reference DTR/DECT-00311 Keywords DECT, security ETSI 650 Route des Lucioles F-06921 Sop

2、hia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The p

3、resent document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such ve

4、rsions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the

5、 current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification

6、No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the

7、foregoing restriction extend to reproduction in all media. ETSI 2017. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP

8、Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TR 103 445 V1.1.1 (2017-07) 3 Contents Intellectual Property Rights 5g3Foreword . 5g3Modal verbs terminology 5g3Executive summ

9、ary 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 6g33 Definitions, symbols and abbreviations . 7g33.1 Definitions 7g33.2 Symbols and abbreviations . 7g34 Security overview and assessment . 7g34.1 General . 7g34.2 Authentication algorithms and procedures . 7g

10、34.3 Ciphering algorithms and procedures . 7g34.4 Re-keying and early encryption strategy and procedures . 8g34.4.1 Re-keying strategy and procedures . 8g34.4.2 Early encryption procedures . 8g34.5 Operation with Wireless Relay Stations . 9g34.6 Key allocation and specific issues during system regis

11、tration 9g34.7 Software Upgrading Over The Air (SUOTA) 9g34.8 ULE specific security procedures . 10g35 Detailed description of changes and enhancements introduced during 2017 DECT security review 10g35.1 General . 10g35.2 Changes introduced in the DECT common interface (ETSI EN 300 175) . 10g35.2.1

12、Changes introduced in ETSI EN 300 175-5 (DECT; NWK layer) . 10g35.2.1.1 Improvement in MM-INFO-REQUEST and in MM-INFO-SUGEST 10g35.2.1.2 Inclusion of Default Cipher Algorithm in IE . 12g35.2.1.3 Improvements in IE . 14g35.2.1.4 Review of the Parameter retrieval procedure 15g35.2.2 Changes introduced

13、 in ETSI EN 300 175-7 (DECT; security) . 17g35.2.2.1 New description for Transfer of Cipher Keys to Wireless Relay Stations (WRS) 17g35.2.2.2 New procedure for Cipher key retrieval. PT initiated . 19g35.2.2.3 New MAC layer procedure for re-keying . 22g35.2.2.4 New description of the re-keying proced

14、ure and new aging model to control operation with repeaters 25g35.2.2.5 New description of the early encryption procedure 27g35.2.2.6 New annex with security timers 28g35.3 Changes introduced in the Generic Access Profile (ETSI EN 300 444) 30g35.3.1 New description of the re-keying procedure and new

15、 aging model to control operation with repeaters 30g35.3.2 New description of the early encryption procedure 31g35.3.3 New clause with additional procedures for devices supporting DSC2 . 32g35.4 Changes proposed for the WRS standard (ETSI EN 300 700) . 33g35.4.1 Overview 33g35.4.2 Changes in Bearer

16、handover . 33g35.4.2.1 General principles and open issues . 33g35.4.2.2 Solution to Bearer handover requiring cipher algorithm switching: technical approach 1 . 34g35.4.2.3 Solution to Bearer handover requiring cipher algorithm switching: alternative technical approach 2 . 37g35.4.2.4 Provision of l

17、ower DefCKs “just-in-time“ 40g35.5 Other recommendations for implementation of security features. 40g35.5.1 Guidelines for Implementation of the key-aging model related to the re-keying procedure. 40g35.5.1.1 Introduction . 40g3ETSI ETSI TR 103 445 V1.1.1 (2017-07) 4 5.5.1.2 Implementation of the re

18、-keying timers before the addition of the aging-model 41g35.5.1.3 Additional procedures required by the aging model . 41g35.5.1.4 Additional implementation guidelines 41g3History 42g3ETSI ETSI TR 103 445 V1.1.1 (2017-07) 5 Intellectual Property Rights Essential patents IPRs essential or potentially

19、essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs n

20、otified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given

21、as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their o

22、wners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or

23、organizations associated with those trademarks. Foreword This Technical Report (TR) has been produced by ETSI Technical Committee Digital Enhanced Cordless Telecommunications (DECT). Modal verbs terminology In the present document “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“

24、and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. Executive summary The present document documents the review of DEC

25、T security procedures done during years 2016 and 2017. It contains two parts: a security overview and assessment on DECT security techniques, addressed to the general public, and a detailed description of the main security improvements introduced in the revisions of the DECT common interface (ETSI E

26、N 300 175 i.1 to i.8) and Generic Access Profile (ETSI EN 300 444 i.9) released by TC DECT during year 2017. The present document is primary addressed to TC DECT and DECT industry communities and as well, to other participants from new industry sectors that may be considering using DECT technology f

27、or new applications. ETSI ETSI TR 103 445 V1.1.1 (2017-07) 6 1 Scope The scope of the present document is documenting the review of DECT security procedures done during year 2017. The present document is structured as two different parts: A security overview and assessment, addressed to the general

28、public, which presents a general description of the different DECT security elements and, for each of them, an assessment with specific recommendations to implementers, including identification of possible threats (when applicable). This part of the study is covered by clause 4 of the present docume

29、nt. A detailed description of the improvements in security procedures introduced in the revisions of the DECT common interface (ETSI EN 300 175 series i.1 to i.8) and the Generic Access Profile (ETSI EN 300 444 i.9) released in year 2017 (version 2.7.1 of ETSI EN 300 175 i.1 to i.8) and version 2.5.

30、1 of Generic Access Profile ETSI EN 300 444 i.9). This part of the study is covered by clause 5 of the present document and is mostly addressed to DECT manufacturers and TC DECT participants. 2 References 2.1 Normative references Normative references are not applicable in the present document. 2.2 I

31、nformative references References are either specific (identified by date of publication and/or edition number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendme

32、nts) applies. NOTE: While any hyperlinks included in this clause were valid at the time of publication, ETSI cannot guarantee their long term validity. The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particula

33、r subject area. i.1 ETSI EN 300 175-1: “Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 1: Overview“. i.2 ETSI EN 300 175-2: “Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 2: Physical Layer (PHL)“. i.3 ETSI EN 300 175-3: “Digital En

34、hanced Cordless Telecommunications (DECT); Common Interface (CI); Part 3: Medium Access Control (MAC) layer“. i.4 ETSI EN 300 175-4: “Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 4: Data Link Control (DLC) layer“. i.5 ETSI EN 300 175-5: “Digital Enhanced Cordless

35、Telecommunications (DECT); Common Interface (CI); Part 5: Network (NWK) layer“. i.6 ETSI EN 300 175-6: “Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 6: Identities and addressing“. i.7 ETSI EN 300 175-7: “Digital Enhanced Cordless Telecommunications (DECT); Common

36、Interface (CI); Part 7: Security features“. i.8 ETSI EN 300 175-8: “Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 8: Speech and audio coding and transmission“. ETSI ETSI TR 103 445 V1.1.1 (2017-07) 7 i.9 ETSI EN 300 444: “Digital Enhanced Cordless Telecommunication

37、s (DECT); Generic Access Profile (GAP)“. i.10 ETSI EN 300 700: “Digital Enhanced Cordless Telecommunications (DECT); Wireless Relay Station (WRS)“. i.11 ETSI TS 102 939-1: “Digital Enhanced Cordless Telecommunications (DECT); Ultra Low Energy (ULE); Machine to Machine Communications; Part 1: Home Au

38、tomation Network (phase 1)“. i.12 ETSI TS 102 939-2: “Digital Enhanced Cordless Telecommunications (DECT); Ultra Low Energy (ULE); Machine to Machine Communications; Part 2: Home Automation Network (phase 2)“. 3 Definitions, symbols and abbreviations 3.1 Definitions For the purposes of the present d

39、ocument, the terms and definitions given in ETSI EN 300 175-1 i.1 and in ETSI EN 300 175-7 i.7 apply. 3.2 Symbols and abbreviations For the purposes of the present document, the symbols and abbreviations given in ETSI EN 300 175-1 i.1 and in ETSI EN 300 175-7 i.7 apply. 4 Security overview and asses

40、sment 4.1 General Clause 4 of the present document presents a general overview of the different DECT security elements. For each of them, it provides an assessment with specific recommendations to implementers, including identification of possible threats (when applicable). 4.2 Authentication algori

41、thms and procedures The authentication algorithm DSAA2, based on AES-128, and the associated authentication procedures are considered secure and are recommended for any new DECT product. The processing time for a brute force attack to the DSAA2, with current computer means, is estimated in thousands

42、 of millions of years. Therefore, a change in previous assessment is not expected in the next years, unless there is a significant change in cryptography techniques or in availability of quantum computing. The old algorithm DSAA is considered obsolete and should not be used in any new DECT product.

43、The implementation of DSAA2 can be done by software and does not introduce any special processing or other extra cost requirement. There are multiple suppliers able to provide software implementations according to OEM specifications. Therefore, the present document does not see any justification for

44、 not implementing DSAA2 in new DECT products. 4.3 Ciphering algorithms and procedures The encryption algorithm DSC2, based on AES-128, and associated procedures, are considered secure and are the primary recommendation for any new DECT product. ETSI ETSI TR 103 445 V1.1.1 (2017-07) 8 The processing

45、time for a brute force attack to the DSC2, with current computer means, is estimated in thousands of millions of years. Therefore, a change in previous assessment is not expected in the next years, unless there is a significant change in cryptography techniques or in availability of quantum computin

46、g. The old algorithm DSC is considered weak with a processing time for a brute force attack in the range of minutes to hours, depending on computer means. This issue can be compensated, to some extent, with the introduction of the “re-keying“ feature (see clause 4.4), which has the goal of adding ad

47、ditional processing requirements to a possible brute force attack. However, in the case of the encryption, the implementation of DSC2 introduces additional requirements of implementation by hardware (recommended) or additional processing power if implemented by software (DSP). Therefore, the recomme

48、ndation depends on the type of product: For security critical products, the use of the DSC2 cipher algorithm is recommended. For general low cost voice products, the use of DSC combined with enhanced security feature “re-keying“ is considered enough for preventing criminal phone tapping in consumer

49、market under most usual scenarios. NOTE: However, it should be expected that this second assessment may change in further reviews due to the continuous increase in computer processing availability. 4.4 Re-keying and early encryption strategy and procedures 4.4.1 Re-keying strategy and procedures The Re-keying is a mechanism consisting of the periodic and regular change of the Cipher Key of an ongoing call, service call, or virtual connection in order to improve the security. The fundamental aim of the re-keying is t

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1