ETSI TS 100 929-2008 Digital cellular telecommunications system (Phase 2+) Security-related network functions (V8 6 0 3GPP TS 03 20 version 8 6 0 Release 1999)《数字蜂窝通信系统(第2+阶段) 安全相关.pdf

1、 ETSI TS 100 929 V8.6.0 (2008-01)Technical Specification Digital cellular telecommunications system (Phase 2+);Security-related network functions (3GPP TS 03.20 version 8.6.0 Release 1999)GLOBAL SYSTEM FOR MOBILE COMMUNICATIONSRETSI ETSI TS 100 929 V8.6.0 (2008-01) 1 3GPP TS 03.20 version 8.6.0 Rele

2、ase 1999 Reference RTS/TSGS-030320v860 Keywords GSM, SECURITY ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Im

3、portant notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is

4、the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. In

5、formation on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No

6、 part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2008. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTM, TIPHONTM, the TIPHON logo and the ETSI logo are

7、 Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 100 929 V8.6.0 (2008-01) 2 3GPP TS 03.20 version 8.6.0 Release 1999 Intellectual Property Rights IPRs essenti

8、al or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially

9、 Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by

10、ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Part

11、nership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI i

12、dentities can be found under http:/webapp.etsi.org/key/queryform.asp. ETSI ETSI TS 100 929 V8.6.0 (2008-01) 3 3GPP TS 03.20 version 8.6.0 Release 1999 Contents Intellectual Property Rights2 Foreword.2 Foreword.7 0 Scope 8 0.1 References 8 0.2 Abbreviations .9 1 General .9 2 Subscriber identity confi

13、dentiality .9 2.1 Generality.9 2.2 Identifying method .10 2.3 Procedures 10 2.3.1 Location updating in the same MSC area .10 2.3.2 Location updating in a new MSCs area, within the same VLR area.11 2.3.3 Location updating in a new VLR; old VLR reachable .12 2.3.4 Location Updating in a new VLR; old V

14、LR not reachable.13 2.3.5 Reallocation of a new TMSI.13 2.3.6 Local TMSI unknown.14 2.3.7 Location updating in a new VLR in case of a loss of information15 2.3.8 Unsuccessful TMSI allocation15 2.3.9 Combined location area updating with the routing area updating.16 3 Subscriber identity authenticatio

15、n17 3.1 Generality.17 3.2 The authentication procedure .17 3.3 Subscriber Authentication Key management .18 3.3.1 General authentication procedure .18 3.3.2 Authentication at location updating in a new VLR, using TMSI19 3.3.3 Authentication at location updating in a new VLR, using IMSI.20 3.3.4 Auth

16、entication at location updating in a new VLR, using TMSI, TMSI unknown in “old“ VLR 21 3.3.5 Authentication at location updating in a new VLR, using TMSI, old VLR not reachable .22 3.3.6 Authentication with IMSI if authentication with TMSI fails22 3.3.7 Re-use of security related information in fail

17、ure situations 22 4 Confidentiality of signalling information elements, connectionless data and user information elements on physical connections 23 4.1 Generality.23 4.2 The ciphering method.24 4.3 Key setting24 4.4 Ciphering key sequence number 25 4.5 Starting of the ciphering and deciphering proc

18、esses 25 4.6 Synchronization25 4.7 Handover 25 4.8 Negotiation of A5 algorithm 26 4.9 Support of A5 Algorithms in MS .26 5 Synthetic summary.27 Annex A (informative): Security issues related to signalling schemes and key management .28 A.1 Introduction 28 A.2 Short description of the schemes28 A.3 L

19、ist of abbreviations.29 Annex B (informative): Security information to be stored in the entities of the GSM system43 ETSI ETSI TS 100 929 V8.6.0 (2008-01) 4 3GPP TS 03.20 version 8.6.0 Release 1999 B.1 Introduction 43 B.2 Entities and security information .43 B.2.1 Home Location Register (HLR) .43 B

20、.2.2 Visitor Location Register (VLR)43 B.2.3 Mobile services Switching Centre (MSC)/Base Station System (BSS) .43 B.2.4 Mobile Station (MS).44 B.2.5 Authentication Centre (AuC) .44 Annex C (normative): External specifications of security related algorithms45 C.0 Scope 45 C.1 Specifications for Algor

21、ithm A5 45 C.1.1 Purpose.45 C.1.2 Implementation indications 45 C.1.3 External specifications of Algorithm A547 C.1.4 Internal specification of Algorithm A5 47 C.1.5 A modification of the usage of A5 for EDGE 47 C.2 Algorithm A3 .47 C.2.1 Purpose.47 C.2.2 Implementation and operational requirements

22、.48 C.3 Algorithm A8 .48 C.3.1 Purpose.48 C.3.2 Implementation and operational requirements .48 Annex D (normative): Security related network functions for General Packet Radio Service 49 D.1 General .49 D.2 Subscriber identity confidentiality .49 D.2.1 Generality.49 D.2.2 Identifying method .50 D.2

23、.3 Procedures 50 D.2.3.1 Routing area updating in the same SGSN area .50 D.2.3.2 Routing area updating in a new SGSN; old SGSN reachable.51 D.2.3.3 Routing area updating in a new SGSN; old SGSN not reachable.52 D.2.3.4 Reallocation of a TLLI .52 D.2.3.5 Local TLLI unknown53 D.2.3.6 Routing area upda

24、ting in a new SGSN in case of a loss of information .54 D.2.3.7 Unsuccessful TLLI allocation.54 D.3 Subscriber identity authentication55 D.3.1 Generality.55 D.3.2 The authentication procedure .55 D.3.3 Subscriber Authentication Key management .55 D.3.3.1 General authentication procedure .55 D.3.3.2

25、Authentication at routing area updating in a new SGSN, using TLLI 56 D.3.3.3 Authentication at routing area updating in a new SGSN, using IMSI 57 D.3.3.4 Authentication at routing area updating in a new SGSN, using TLLI, TLLI unknown in old SGSN .58 D.3.3.5 Authentication at routing area updating in

26、 a new SGSN, using TLLI, old SGSN not reachable59 D.3.3.6 Authentication with IMSI if authentication with TLLI fails.59 D.3.3.7 Re-use of security related information in failure situations 59 D.4 Confidentiality of user information and signalling between MS and SGSN .60 D.4.1 Generality.60 D.4.2 The

27、 ciphering method.60 D.4.3 Key setting61 D.4.4 Ciphering key sequence number 61 D.4.5 Starting of the ciphering and deciphering processes 62 D.4.6 Synchronisation62 D.4.7 Inter SGSN routing area update .63 D.4.8 Negotiation of GPRS-A5 algorithm .63 ETSI ETSI TS 100 929 V8.6.0 (2008-01) 5 3GPP TS 03.

28、20 version 8.6.0 Release 1999 D.5 Synthetic summary.64 D.6 Security of the GPRS backbone .64 Annex E (normative): GSM Cordless Telephony System (CTS), (Phase 1); Security related network functions; Stage 265 E.1 Introduction 65 E.1.1 Scope65 E.1.2 References 65 E.1.3 Definitions and Abbreviations65

29、E.1.3.1 Definitions 65 E.1.3.2 Abbreviations66 E.2 General .67 E.3 CTS local security system 68 E.3.1 Mobile Subscriber identity confidentiality.68 E.3.1.1 Identifying method68 E.3.1.2 Procedures.68 E.3.1.2.1 CTSMSI assignment .68 E.3.1.2.2 CTSMSI update.69 E.3.1.2.3 CTS local identification 69 E.3.

30、2 Identity authentication69 E.3.2.1 The mutual authentication procedure69 E.3.2.1.1 Authentication failure70 E.3.2.2 Authentication Key management70 E.3.3 Confidentiality of user information and signalling between CTS-MS and CTS-FP 71 E.3.3.1 The ciphering method .71 E.3.3.2 Key setting71 E.3.3.3 St

31、arting of the ciphering and deciphering processes.72 E.3.3.4 Synchronisation 73 E.3.4 Structured procedures with CTS local security relevance 73 E.3.4.1 Local Part of the Enrolment of a CTS-MS onto a CTS-FP.73 E.3.4.1.1 Local part of the enrolment procedure 74 E.3.4.2 General Access procedure 76 E.3

32、.4.2.1 Attachment76 E.3.4.2.2 CTS local security data update77 E.3.4.3 De-enrolment of a CTS-MS77 E.3.4.3.1 De-enrolment initiated by the CTS-FP77 E.3.4.3.2 De-enrolment initiated by a CTS-MS .77 E.4 CTS supervising security system .78 E.4.1 Supervision data and supervision data protection 78 E.4.1.

33、1 Structure of supervision data 78 E.4.1.2 Supervision data protection 78 E.4.1.3 Key management 79 E.4.2 CTS subscriber identity79 E.4.3 Identity authentication with the CTS operator and the PLMN.79 E.4.3.1 Authentication of the CTS-FP 80 E.4.3.2 Authentication of the CTS-MS .80 E.4.4 Secure operat

34、ion control.81 E.4.4.1 GSM layer 3 signalling.81 E.4.4.2 CTS application signalling via the Fixed Network.81 E.4.4.3 CTS operation control procedures 82 E.4.4.3.1 Initialisation of a CTS-FP .82 E.4.4.3.2 De-initialisation of a CTS-FP82 E.4.4.3.3 Enrolment83 E.4.4.3.3.1 Enrolment conducted via the CT

35、S fixed network interface.83 E.4.4.3.4 Supervising security in the CTS-FP/CTS-SN access procedure .84 E.4.4.3.4.1 Update of operation data84 E.4.5 Equipment checking.85 E.4.6 FP-SIM card checking85 ETSI ETSI TS 100 929 V8.6.0 (2008-01) 6 3GPP TS 03.20 version 8.6.0 Release 1999 E.5 Other CTS securit

36、y features .86 E.5.1 Secure storage of sensitive data and software in the CTS-MS .86 E.5.1.1 Inside CTS-ME.86 E.5.2 Secure storage of sensitive data and software in CTS-FP 86 E.5.3 CTS-FP reprogramming protection86 E.6 FP Integrity.86 E.6.1 Threats87 E.6.1.1 Changing of FP software 87 E.6.1.2 Changi

37、ng of IFPEI88 E.6.1.3 Changing of IFPSI and operator and subscription related keys (KiFP, KOP) .88 E.6.1.4 Changing of timers and timer limits .88 E.6.1.5 Changing of radio usage parameters.88 E.6.2 Protection and storage mechanisms88 E.6.2.1 Static or semi static values88 E.6.2.2 Timers.88 E.6.2.3

38、Physical protection88 E.7 Type approval issues 88 E.8 Security information to be stored in the entities of the CTS 89 E.8.1 Entities and security information89 E.8.1.1 CTS-HLR89 E.8.1.2 CTS-SN 89 E.8.1.3 CTS-AuC 89 E.8.1.4 CTS Fixed Part Equipment (CTS-FPE)90 E.8.1.5 Fixed Part SIM card (FP-SIM) .90

39、 E.8.1.6 CTS Mobile Equipment (CTS-ME)90 E.8.1.7 Mobile Station SIM card (MS-SIM).90 E.9 External specification of security related algorithms .91 E.9.1 Algorithm B191 E.9.1.1 Purpose .91 E.9.1.2 Implementation and operational requirements92 E.9.2 Algorithm B292 E.9.2.1 Purpose .92 E.9.2.2 Implement

40、ation and operational requirements92 E.9.3 Algorithms B3 and B493 E.9.3.1 Purpose .93 E.9.3.2 Implementation and operational requirements93 E.9.4 Algorithms B5 and B693 E.9.4.1 Purpose .93 E.9.4.2 Implementation and operational requirements93 E.10 Coding of the FPAC and CTS-PIN 94 E.11 (informative

41、annex): Guidelines for generation of random numbers.94 Annex F (informative): Change History 95 History 96 ETSI ETSI TS 100 929 V8.6.0 (2008-01) 7 3GPP TS 03.20 version 8.6.0 Release 1999 Foreword This Technical Specification has been produced by the 3rdGeneration Partnership Project (3GPP). The con

42、tents of the present document are subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an identifying change of release date and an increase in version number as foll

43、ows: Version x.y.z where: x the first digit: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc.

44、 z the third digit is incremented when editorial only changes have been incorporated in the document. ETSI ETSI TS 100 929 V8.6.0 (2008-01) 8 3GPP TS 03.20 version 8.6.0 Release 1999 0 Scope This Technical Specification specifies the network functions needed to provide the security related service a

45、nd functions specified in GSM 02.09. This specification does not address the cryptological algorithms that are needed to provide different security related features. This topic is addressed in annex C. Wherever a cryptological algorithm or mechanism is needed, this is signalled with a reference to a

46、nnex C. The references refers only to functionalities, and some algorithms may be identical or use common hardware. 0.1 References The following documents contain provisions which, through reference in this text, constitute provisions of the present document. References are either specific (identifi

47、ed by date of publication, edition number, version number, etc.) or non-specific. For a specific reference, subsequent revisions do not apply. For a non-specific reference, the latest version applies. 1 GSM 01.04: “Digital cellular telecommunications system (Phase 2+); Abbreviations and acronyms“. 2

48、 GSM 01.61: “Digital cellular telecommunications system (Phase 2+); General Packet Radio Service (GPRS); GPRS ciphering algorithm requirements“. 3 GSM 02.07: “Digital cellular telecommunications system (Phase 2+); Mobile Station (MS) features“. 4 GSM 02.09: “Digital cellular telecommunications syste

49、m (Phase 2+); Security aspects“. 5 GSM 02.17: “Digital cellular telecommunications system (Phase 2+); Subscriber Identity Modules (SIM) Functional characteristics“. 6 GSM 02.56: “Digital cellular telecommunications system (Phase 2+); GSM Cordless Telephone System (CTS) Phase 1; Service Description; Stage 1“. 7 GSM 02.60: “ Digital cellular telecommunications system (Phase 2+); General Packet Radio Service (GPRS); Service description; Stage 1“. 8 GSM 03.03: “Digital cellular telecommunications system (Phase 2+); Numbering, addressing and identification“.