ETSI TS 102 867-2012 Intelligent Transport Systems (ITS) Security Stage 3 mapping for IEEE 1609 2 (V1 1 1)《智能交通系统(ITS) 安全 第3阶段与IEEE 1609 2的映射 版本1 1 1》.pdf

1、 ETSI TS 102 867 V1.1.1 (2012-06) Intelligent Transport Systems (ITS); Security; Stage 3 mapping for IEEE 1609.2 Technical Specification ETSI ETSI TS 102 867 V1.1.1 (2012-06)2Reference DTS/ITS-0050013 Keywords ITS, security ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +3

2、3 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made avail

3、able in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a

4、specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find er

5、rors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in

6、all media. European Telecommunications Standards Institute 2012. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Orga

7、nizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 867 V1.1.1 (2012-06)3Contents Intellectual Property Rights 5g3Foreword . 5g31 Scope 6g32 References 6g32.1 Normative references . 6g32.2 Informative references 6g33 Definitions and

8、 abbreviations . 7g33.1 Definitions 7g33.2 Abbreviations . 7g34 Assessment of the ability of IEEE 1609.2 to provide the security services defined in TS 102 731. 7g34.1 Summary 7g35 Stage 2 security service implementation based on IEEE 1609.2 . 9g35.1 Services directly mappable to IEEE 1609.2 . 10g35

9、.1.1 Enrolment service . 10g35.1.1.1 Enrolment request . 10g35.1.1.2 Update Enrolment Credentials 12g35.1.1.3 Remove Enrolment Credentials 13g35.1.2 Authorization Service . 14g35.1.2.1 Request Authorization . 14g35.1.2.2 Update Authorization Ticket . 16g35.1.2.3 Publish Authorization Status. 16g35.1

10、.2.4 Update Local Authorization Status Repository . 17g35.1.3 Authorize Single Message 17g35.1.4 Validate Authorization on Single Message . 18g35.1.5 Encrypt single outgoing message 18g35.1.6 Decrypt single incoming message 18g35.1.7 Calculate check value . 18g35.1.8 Validate check value. 18g35.1.9

11、Insert check value . 19g35.1.10 Replay Protection Based on Timestamp . 19g35.1.11 Validate data plausibility 19g35.2 Security services defined in TS 102 731 not directly mappable to IEEE 1609.2 . 20g35.2.1 Security Associations 20g35.2.2 Replay Protection Based on Sequence Number 20g35.2.3 Accountab

12、ility services . 20g35.2.4 Activate / deactivate ITS transmission 20g35.2.5 Report Misbehaving ITS-S . 20g36 Mapping of IEEE 1609.2 to ETSI CAM/DENM . 20g36.1 Location of services within the stack . 20g36.2 Security profiles . 20g36.2.1 Overview 20g36.2.2 Security Profile for CAM . 20g36.2.2.1 Gener

13、al 21g36.2.2.2 Secure messaging (sending) 21g36.2.2.3 Secure messaging (receiving) 21g36.2.2.4 Security management 22g36.2.3 Security Profile for DENM without Geonetworking 22g36.2.3.1 General 22g36.2.3.2 Secure messaging (sending) 22g36.2.3.3 Secure messaging (receiving) 23g36.2.3.4 Security manage

14、ment 23g3ETSI ETSI TS 102 867 V1.1.1 (2012-06)4Annex A (informative): Cryptographic considerations 24g3A.1 Export control . 24g3A.2 Signatories to the Wassenaar Arrangement 24g3Annex B (informative): Overhead due to IEEE 1609.2 security processing . 25g3History 26g3ETSI ETSI TS 102 867 V1.1.1 (2012-

15、06)5Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Prop

16、erty Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searc

17、hes, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produce

18、d by ETSI Technical Committee Intelligent Transport System (ITS). ETSI ETSI TS 102 867 V1.1.1 (2012-06)61 Scope The present document specifies the use of the mechanisms of IEEE 1609.2 1 within the ITS communications architecture defined in EN 302 665 3 to provide a stage 3 implementation for a subse

19、t of the security services defined in TS 102 731 2. The present document identifies: Those areas where IEEE 1609.2 1 provides a security service defined in TS 102 731 2. Those areas where IEEE 1609.2 1 needs to be extended or modified in a minor way to provide security services defined in TS 102 731

20、 2 and suitable for CAM and DENM. Those areas where IEEE 1609.2 1 does not provide a basis for a security service defined in TS 102 731 2 and consumed by CAM and DENM. In those cases where IEEE 1609.2 1 does not fully provide a required service, the present document identifies the requirements for t

21、hat service but does not specify that service in full. The present document should therefore be seen not as a full specification of security for CAM and DENM but as a subset of that specification. 2 References References are either specific (identified by date of publication and/or edition number or

22、 version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the reference document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected location might be

23、 found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of the present document. 1

24、 IEEE Std. 1609.2 draft D12 (January 2012): “Wireless Access in Vehicular Environments - Security Services for Applications and Management Messages“. NOTE: Available fromg3http:/ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?reload=true Security; Security Services and Architecture“. 3 ETSI EN 302 665:

25、“Intelligent Transport Systems (ITS); Communications Architecture“. 2.2 Informative references The following referenced documents are not necessary for the application of the present document but they assist the user with regard to a particular subject area. i.1 ETSI TR 102 893: “Intelligent Transpo

26、rt Systems (ITS); Security; Threat, Vulnerability and Risk Analysis (TVRA)“. i.2 ETSI TS 102 636-3: “Intelligent Transport Systems (ITS); Vehicular Communications; GeoNetworking; Part 3: Network architecture“. ETSI ETSI TS 102 867 V1.1.1 (2012-06)7i.3 Wassenaar agreement: “Lists of Dual Use Goods an

27、d Technologies and Munitions List; Category 5; Part 2“. NOTE: Available from http:/www.wassenaar.org. 3 Definitions and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in IEEE 1609.2 1, TS 102 731 2 and TS 102 636-3 i.2 apply. 3.2 Abbreviations

28、 For the purposes of the present document, the following abbreviations apply: BSM Basic Safety Message CA Certificate AuthorityCAM Cooperative Awareness Message CME Connection Management Entity CRL Certificate Revocation List CSR Certificate Signing Request DENM Decentralized Environmental Notificat

29、ion Message ITS-AID Intelligent Transport Systems - Application Identifier ITS-S ITS Station MAC Message Authentication Code PSID Provider Service Identifier RSA Rivest Shamir Adleman Rx Receiver SSP Service Specific Permissions TVRA Threat Vulnerability and Risk Analysis Tx Transmitter 4 Assessment

30、 of the ability of IEEE 1609.2 to provide the security services defined in TS 102 731 4.1 Summary Table 1 summarizes the capabilities of IEEE 1609.2 1 in relation to the stage 2 ITS security services 2. The level of support in IEEE 1609.2 1 for each ITS security service is identified using a traffic

31、 light key where green indicates full explicit support, amber indicates partial support, and red indicates no support. ETSI ETSI TS 102 867 V1.1.1 (2012-06)8Table 1: Identification of stage 2 services covered by IEEE 1609.2 1 at stage 3 Security Service Group Stage 2 service Stage 3 mapping definiti

32、on (IEEE 1609.2 1) Security Service at Tx Security service at Rx Enrolment Obtain Enrolment Credentials Supported through Certificate Signing Request certificates Remove Enrolment Credentials Supported through Certificate Signing Request certificates Update Enrolment Credentials Supported through Ce

33、rtificate Signing Request certificates Authorisation Obtain Authorization Ticket Supported through Certificate Signing Request Certificates Update Authorization Ticket Supported through Certificate Signing Request Certificates Publish Authorization Status Supported through Certificate Revocation Lis

34、ts Update Local Authorization Status Repository Supported through Certificate Revocation Lists and CRL Requests Add authorisation credential to single message Supported through Signed Messages Validate authorisation credential of received message Supported through processing of incoming signed messa

35、ges Security Association management Establish Security Association Establish Security Association Not supported (note 1) Remove Security Association Remove Security Association Not supported (note 1) Update Security Association Update Security Association Not supported (note 1) Authentication servic

36、es Authenticate ITS user Authenticate ITS user Supported for single messages through signed messages. No concept of authenticating a user for prolonged communications Authenticate ITS network Authenticate ITS network Supported for single messages through signed messages. No concept of authenticating

37、 the network for prolonged communications Confidentiality services Encrypt single outgoing message Supported through encrypted messages Decrypt single incoming message Supported through encrypted messages Send secured message using Security Association Not supported (note 1) Receive secured message

38、using Security Association Not supported (note 1) Integrity services Insert check value Supported through signed messages. No concept of providing a check value within a prolonged communications session. Validate check value Supported through signed messages. No concept of providing a check value wi

39、thin a prolonged communications session. ETSI ETSI TS 102 867 V1.1.1 (2012-06)9Security Service Group Stage 2 service Stage 3 mapping definition (IEEE 1609.2 1) Security Service at Tx Security service at Rx Calculate check value Supported through signed messages. No concept of providing a check valu

40、e within a prolonged communications session. Replay Protection services Timestamp message Supported Validate timestamp Supported Insert sequence number Not supported Validate sequence number Not supported Insert challenge Not supported Use received challenge Not supported Validate use of challenge N

41、ot supported Accountability services Record incoming message Not supported Record outgoing message Not supported Plausibility validation Validate data plausibility Basic support (note 2) Validate dynamic parameters Basic support (note 2) Validate timestamp Supported Validate sequence number Not supp

42、orted Remote management Activate ITS transmission Not supported Deactivate ITS transmission Not supported Report Misbehaving ITS-S Report Misbehaviour Report Misbehaviour Not supported NOTE 1: IEEE 1609.2 1 does not explicitly support the management of session based security associations but does su

43、pport on the fly security associations by identifying the trust hierarchy and security service applied to the message in the body and content of the public key certificate. NOTE 2: IEEE provides basic data plausibility and dynamic parameter validation: messages may be rejected on the grounds of gene

44、ration time too far in the past, expiry time in the past, generation time or expiry time in the future, or geographic location too far away, where “too far“ is parameterizable. More sophisticated plausibility and parameter validation may be carried out by services outside the scope of IEEE 1609.2 1.

45、 5 Stage 2 security service implementation based on IEEE 1609.2 TS 102 731 2 models the functional entities, and the relationships between them, as well as the detail of the information flows for each of the security services identified as necessary to counter the risks identified in the ITS TVRA fr

46、om TR 102 893 i.1. The relevant models are copied here for ease of reference. This clause details how these entities, relationships, and flows shall be implemented by an implementation based on IEEE 1609.2 1. Figure 1: Functional model for the Obtain Enrolment Credentials security service ETSI ETSI

47、TS 102 867 V1.1.1 (2012-06)10Figure 2: Functional model for the Update Enrolment Credentials security service Figure 3: Functional model for the Remove Enrolment Credentials security service Figure 4: Functional model for the Authorization Tickets security services 5.1 Services directly mappable to

48、IEEE 1609.2 5.1.1 Enrolment service The Enrolment Credential in ETSI ITS shall be implemented as an IEEE 1609.2 1 Certificate Signing Request Certificate (CSR Certificate). 5.1.1.1 Enrolment request The information flow sequence Request Enrolment Credentials defined in TS 102 731 2 shall be implemen

49、ted as follows. The request flow shall be implemented as an IEEE 1609.2 ToBeEncrypted message of type certificate_request as defined in clause 6.2.27 of IEEE 1609.2 1, with fields set as specified in table 2. If enrolment was successful, the confirm flow shall be implemented using a 1609Dot2Data structure of type encrypted_message, encapsulating a ToBeEncrypted message of type certificate_response as defined in clauses 6.2.1 and 6.2.7 of IEEE 1609.2 1, with fields set as specified in table 3. If en