ETSI TS 133 204-2016 Digital cellular telecommunications system (Phase 2+) Universal Mobile Telecommunications System (UMTS) LTE 3G Security Network Domain Security (NDS) Transacti.pdf

1、 ETSI TS 1Digital cellular telecoUniversal Mobile TelNetwork Transaction Capabilities(3GPP TS 33.2TECHNICAL SPECIFICATION133 204 V13.0.0 (2016communications system (Phaelecommunications System (LTE; 3G Security; k Domain Security (NDS); ies Application Part (TCAP) us.204 version 13.0.0 Release 1316-

2、01) hase 2+); (UMTS); user security 13) ETSI ETSI TS 133 204 V13.0.0 (2016-01)13GPP TS 33.204 version 13.0.0 Release 13Reference RTS/TSGS-0333204vd00 Keywords GSM,LTE,SECURITY,UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Sire

3、t N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. Th

4、e content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portabl

5、e Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.et

6、si.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanica

7、l, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Sta

8、ndards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo a

9、re Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 133 204 V13.0.0 (2016-01)23GPP TS 33.204 version 13.0.0 Release 13Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these

10、essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest up

11、dates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web se

12、rver) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identi

13、ties or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. Modal verbs terminology In the present document “shall“, “shall

14、not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct c

15、itation. ETSI ETSI TS 133 204 V13.0.0 (2016-01)33GPP TS 33.204 version 13.0.0 Release 13Contents Intellectual Property Rights 2g3Foreword . 2g3Modal verbs terminology 2g3Foreword . 5g3Introduction 5g31 Scope 6g32 References 6g33 Definitions, symbols and abbreviations . 6g33.1 Definitions 6g33.2 Symb

16、ols 7g33.3 Abbreviations . 7g33.4 Conventions 8g34 Principles of TCAP user security . 8g34.1 Overview 8g34.2 Network architecture 8g34.2.1 General 8g34.2.2 End-to-end architecture . 9g34.2.3 Hub-and-Spoke architecture . 9g35 TCAP user security (TCAPsec) . 10g35.1 Security services provided by TCAPse

17、c 10g35.2 Properties and tasks of an SS7-SEG . 10g35.3 Policy requirements for the TCAPsec Security Policy Database (SPD) 11g35.4 TCAPsec security association attribute definition 11g35.5 TCAPsec structure of protected messages 12g35.5.1 TCAPsec security header 13g35.5.2 Protected payload 13g35.5.2.

18、1 Protection Mode 1 . 13g35.5.2.2 Protection Mode 2. 14g35.6 TCAPsec algorithms. 14g35.6.1 Mapping of TCAPsec SA encryption algorithm identifiers 14g35.6.1.1 Description of SEA-0 14g35.6.2 Mapping of TCAPsec SA integrity algorithm identifiers . 14g35.6.2.1 Description of SIA-0 . 15g35.6.3 Constructi

19、on of IV 15g3Annex A (informative): Guidelines for manual key management . 16g3A.1 Inter-domain Security Association and Key Management Procedures 16g3A.2 Local Security Association Distribution 16g3Annex B (normative): TCAPsec message flows . 17g3Annex C (informative): High level migration strategy

20、 19g3C.1 Transition phase from unprotected to protected message transfer . 19g3C.2 Transition phase from protected message transfer to unprotected message transfer. . 20g3C.3 Transition phase from protected mode to another protected mode 20g3Annex D (normative): Using TCAP handshake for SMS transfer

21、 21g3D.1 Mobile Terminated SMS 21g3ETSI ETSI TS 133 204 V13.0.0 (2016-01)43GPP TS 33.204 version 13.0.0 Release 13D.2 Mobile Originated SMS . 22g3Annex E (informative): Change history . 24g3History 25g3ETSI ETSI TS 133 204 V13.0.0 (2016-01)53GPP TS 33.204 version 13.0.0 Release 13Foreword This Techn

22、ical Specification has been produced by the 3rdGeneration Partnership Project (3GPP). The contents of the present document are subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by

23、 the TSG with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incr

24、emented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. Introduction The absence of security in Signalling System No. 7 (SS7) networks is an identified security

25、weakness in 2G systems. This was formerly perceived not to be a problem, since the SS7 networks were the provinces of a small number of large institutions. This is no longer the case, and so there is now a need for security precautions. For 3G systems it is a clear goal to be able to protect the cor

26、e network signalling protocols, and by implication this means that security solutions shall be found for both SS7 and IP based protocols. Various protocols and interfaces are used for control plane signalling within and between core networks. The security services that have been identified as necess

27、ary are confidentiality, integrity, authentication and anti-replay protection. These will be ensured by standard procedures, based on cryptographic techniques. ETSI ETSI TS 133 204 V13.0.0 (2016-01)63GPP TS 33.204 version 13.0.0 Release 131 Scope This technical specification covers the security mech

28、anisms and procedures necessary to protect all TCAP user messages which are sent between different security domains. The complete set of enhancements and extensions to facilitate security protection for the TCAP protocol is termed TCAPsec and it covers transport security in the TCAP protocol itself

29、and the security management procedures. This technical specification contains the stage 2 specification for security protection of the TCAP protocol. The actual implementation (stage 3) specification can be found in TS 29.204 9. 2 References The following documents contain provisions which, through

30、reference in this text, constitute provisions of the present document. References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. For a specific reference, subsequent revisions do not apply. For a non-specific reference, the latest versi

31、on applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 1 3GPP TR 21.905: “Vocabulary for 3GPP Specifications“. 2 3GPP TS 29.002: “Mobile Appli

32、cation Part (MAP) specification“. 3 NIST Special Publication 800-38A “Recommendation for Block Cipher Modes of Operation“ December 2001. 4 ISO/IEC 9797: “Information technology - Security techniques - Message Authentication Codes (MACs) - Part 1: Mechanisms using a block cipher“, Ed.1, 1999-12-16. 5

33、 FIPS Publication 197: “Specification for the Advanced Encryption Standard (AES)“, November 26, 2001. 6 3GPP TS 33.210: “3G security; Network Domain Security (NDS); IP network layer security“. 7 W3C DTF profile of ISO 8601: 2000 - Data Elements and Interchange Formats - Information Interchange - Rep

34、resentation of Dates and Times. International Organization for Standardization. http:/www.w3.org/TR/1998/NOTE-datetime-19980827. 8 3GPP TS 23.003: “Numbering, addressing and identification“. 9 3GPP TS 29.204: “Signalling System No. 7 (SS7) security gateway; Architecture, functional description and p

35、rotocol details “ 3 Definitions, symbols and abbreviations 3.1 Definitions In addition to the definitions included in TR 21.905 1, for the purposes of the present document, the following definitions apply: ETSI ETSI TS 133 204 V13.0.0 (2016-01)73GPP TS 33.204 version 13.0.0 Release 13Anti-replay pro

36、tection: Anti-replay protection is a special case of integrity protection. Its main service is to protect against replay of self-contained packets that already have a cryptographic integrity mechanism in place. Confidentiality: The property that information is not made available or disclosed to unau

37、thorised individuals, entities or processes. Data integrity: The property that data has not been altered in an unauthorised manner. Data origin authentication: The corroboration that the source of data received is as claimed. Entity authentication: The provision of assurance of the claimed identity

38、of an entity. Key freshness: A key is fresh if it can be guaranteed to be new, as opposed to an old key being reused through actions of either an adversary or authorised party. Security Association: A logical connection created for security purposes. All traffic traversing a security association is

39、provided the same security protection. The security association specifies protection levels, algorithms to be used, lifetimes of the connection etc. SS7 Carrier: An SS7 network that is not a PLMN. SS7 Security Gateway: A Network Node that terminates and initiates TCAPsec. Similar to a SEG (see TS 33

40、.210 6), the SS7 security Gateway is used for communication between two SS7 security domains. TCAPsec: The complete collection of protocols and procedures needed to protect TCAP user messages. 3.2 Symbols For the purposes of the present document, the following symbols apply: f6 TCAPsec encryption al

41、gorithm.f7 TCAPsec integrity algorithm. Zf TCAPsec reference point between SS7-SEGs engaged in security protected signalling. 3.3 Abbreviations In addition to the abbreviations included in TR 21.905 1, for the purposes of the present document, the following abbreviations apply: AES Advanced Encrypti

42、on Standard FALLBACK Fallback to unprotected mode indicator IP Internet Protocol IV Initialisation VectorMAC Message Authentication Code MAC-M MAC used for TCAP user MAP Mobile Application Part NDS Network Domain Security NE Network Entity PROP Proprietary field SA Security Association SAD Security

43、Association Database SEA SS7 security gateway Encryption Algorithm identifier SEK SS7 security gateway Encryption Key SIA SS7 security gateway Integrity Algorithm identifier SIK SS7 security gateway Integrity Key SPD Security Policy Database SPI Security Parameters Index SS7-SEG SS7 security gateway

44、 TCAPsec TCAP user security the SS7 security gateway security protocol suite TCAP user Application Part identified by the SCCP Subsystem Numbers of TS 23.003 8 TVP Time Variant Parameter ETSI ETSI TS 133 204 V13.0.0 (2016-01)83GPP TS 33.204 version 13.0.0 Release 133.4 Conventions All data variables

45、 in this specification are presented with the most significant substring on the left hand side and the least significant substring on the right hand side. A substring may be a bit, byte or other arbitrary length bitstring. Where a variable is broken down into a number of substrings, the leftmost (mo

46、st significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant. 4 Principles of TCAP user security 4.1 Overview This technical specification defines mechanisms for protecting all TCAP user messages called TCAPsec. Another approach which c

47、ould partially achieve the same goal as TCAPsec is the use of NDS/IP 6 at the network layer when IP is used as the transport protocol. However, whenever inter-working with networks using SS7-based transport is necessary, protection with TCAPsec shall be used. The benefit for an operator applying TCA

48、Psec will gradually increase when more interconnected operators also apply TCAPsec. TCAPsec can be used together with TCAP handshake solutions, however when using TCAPsec for MAP SMS transfers between two PLMNs, running TCAP handshake in addition does not add more security. NOTE 1: A limited level o

49、f MAP message authenticity can be achieved without the use of SS7-SEGs by using a TCAP handshake prior to the MAP payload exchange. Annex D describes the use of the TCAP handshake for MAP SMS transfers. NOTE 2: TCAPsec does not validate the TCAP user payload content (e.g. SMS payload address correlation as described for TCAP handshake in Annex D). Message screening functions for particular message types may be needed on top of TCAPsec. NOTE 3: In order to prevent all active attacks all interconnected operators shall route all SS7 t