ETSI TS 133 234-2016 Universal Mobile Telecommunications System (UMTS) LTE 3G security Wireless Local Area Network (WLAN) interworking security (V13 0 0 3GPP TS 33 234 version 13 0.pdf

1、 ETSI TS 1Universal Mobile TelWireless Local Area N(3GPP TS 33.2TECHNICAL SPECIFICATION133 234 V13.0.0 (2016elecommunications System (LTE; 3G security; Network (WLAN) interworking.234 version 13.0.0 Release 1316-01) (UMTS); ing security 13) ETSI ETSI TS 133 234 V13.0.0 (2016-01)13GPP TS 33.234 versi

2、on 13.0.0 Release 13Reference RTS/TSGS-0333234vd00 Keywords LTE,SECURITY,UMTS ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (

3、06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without

4、 the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the

5、present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one

6、 of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content

7、 of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2016. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Mark

8、s of ETSI registered for the benefit of its Members. 3GPPTM and LTE are Trade Marks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 133 234 V13.0.0 (2016-01)23GPP

9、 TS 33.234 version 13.0.0 Release 13Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETS

10、I SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no

11、investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical S

12、pecification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliv

13、erables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be inter

14、preted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 133 234 V13.0.0 (2016-01)33GPP TS 33.234 version 13.0.0 Release 13Contents Intell

15、ectual Property Rights 2g3Foreword . 2g3Modal verbs terminology 2g3Foreword . 6g3Introduction 6g31 Scope 7g32 References 7g33 Definitions and abbreviations . 9g33.1 Definitions 9g33.2 Abbreviations . 10g34 Security Requirements for 3GPP-WLAN Interworking 10g34.1.1 Non roaming WLAN interworking Refer

16、ence Model 10g34.1.2 Roaming WLAN Interworking Reference Model, access to HPLMN services 11g34.1.3 Roaming WLAN Interworking Reference Model, access to VPLMN services 12g34.1.4 Network elements . 12g34.1.5 Reference points description . 13g34.2 Security Requirements . 14g34.2.1 General 14g34.2.2 Sig

17、nalling and user data protection . 14g34.2.3 User identity privacy . 15g34.2.4 WLAN-UE Functional Split . 15g34.2.4.1 General 15g34.2.4.2 Generic security requirements on local interface 15g34.2.4.3 Communication over local interface via a Bluetooth link . 16g34.2.5 Link layer security requirements

18、16g34.2.5.1 Void. 16g34.2.5.2 Void. 16g34.2.5.3 Void. 16g34.2.6 UE-initiated tunnelling . 16g34.2.7 Requirements on IP based Access Networks other than WLAN 17g34.2.8 Requirements for Support of emergency Call . 17g34.2.8.1 Requirements for Support of IMS emergency Call . 17g34.2.9 Requirements for

19、support of emergency call for a UICC-less terminal 17g34.2.9.1 Requirements for support of IMS emergency call for a UICC-less terminal 17g35 Security features . 18g35.1 Authentication of the subscriber and the network and Security Association Management 18g35.1.1 End to End WLAN Access Authenticatio

20、n (WLAN Direct IP Access) . 18g35.1.2 Transport of authentication WLAN Access signalling over the WLAN Radio interface . 18g35.1.3 Transport of WLAN Access authentication signalling between the WLAN access network and the 3GPP AAA proxy server 18g35.1.4 Transport of authentication signalling between

21、 the 3GPP AAA proxy server and the 3GPP AAA server 18g35.1.5 Transport of WLAN Access authentication signalling between the 3GPP AAA server and the HSS 18g35.1.6 User Identity Privacy in WLAN Access . 18g35.1.7 Re-authentication in WLAN Access . 20g35.1.8 Security Association Management for UE-initi

22、ated tunnels (WLAN 3GPP IP Access) 21g35.2 Confidentiality protection . 21g35.2.1 Confidentiality protection in WLAN Direct IP Access 21g35.2.2 Confidentiality protection in WLAN 3GPP IP Access . 21g35.3 Integrity protection . 21g35.3.1 Integrity protection in WLAN Direct IP Access . 21g3ETSI ETSI T

23、S 133 234 V13.0.0 (2016-01)43GPP TS 33.234 version 13.0.0 Release 135.3.2 Integrity protection in WLAN 3GPP IP Access . 21g35.4 Void 21g35.5 Immediate Service Termination . 21g35.6 WLAN UE functionality split 22g35.7 Simultaneous access control . 22g36 Security mechanisms 22g36.1 Authentication and

24、key agreement . 22g36.1.1 USIM-based WLAN Access Authentication 24g36.1.1.1 EAP/AKA Procedure 24g36.1.2 GSM SIM based WLAN Access authentication . 27g36.1.2.1 EAP SIM procedure 28g36.1.3 EAP support in Smart Cards . 31g36.1.3.1 EAP-AKA procedure 31g36.1.3.2 EAP-SIM procedure 31g36.1.4 Fast re-authen

25、tication mechanisms in WLAN Access 32g36.1.4.1 EAP/AKA procedure 32g36.1.4.2 EAP/SIM procedure 34g36.1.4.3 Fallback to full authentication from fast re-authentication . 36g36.1.5 Mechanisms for the set up of UE-initiated tunnels (WLAN 3GPP IP Access) 37g36.1.5.1 Tunnel full authentication and author

26、ization . 37g36.1.5.1.1 Skipping authentication for IMS emergency call 40g36.1.5.2 Tunnel fast re-authentication and authorization 41g36.1.5.3 Authentication and authorization for the Private network access from WLAN 3GPP IP Access . 43g36.1.5.3.1 Authentication and authorization for the Private net

27、work access (The External AAA Server performs EAP procedure) . 43g36.1.5.3.2 Authentication and authorization for the Private network access (The External AAA Server performs PAP procedure) 45g36.1.5.3.3 Authentication and authorization for the Private network access (The External AAA Server perform

28、s CHAP procedure) 47g36.1.6 Void 50g36.2 Confidentiality mechanisms . 50g36.2.1 Confidentiality mechanisms in WLAN Direct IP Access . 50g36.2.2 Confidentiality mechanisms in WLAN 3GPP IP Access 50g36.3 Integrity mechanisms . 50g36.3.1 Integrity mechanisms in WLAN Direct IP Access . 50g36.3.2 Integri

29、ty mechanisms in WLAN 3GPP IP Access 50g36.4 Temporary identity management 50g36.4.1 Temporary Identity Generation. 50g36.4.2 Key Management 52g36.4.3 Impact on Permanent User Identities 52g36.4.4 Acknowledged Limitations . 53g36.4.5 UE behaviour on receiving requests to send the IMSI-based user ide

30、ntity . 53g36.5 Profile of IKEv2 . 53g36.6 Profile of IPSec ESP. 53g36.6A Profile for PDG certificates 54g36.7 WLAN UE split interworking 55g36.7.1 Full authentication with EAP AKA 55g36.7.1.1 Termination in the UICC 55g36.7.1.2 Termination in the MT 57g36.7.2 Full authentication with EAP SIM 58g36.

31、7.2.1 Termination in the UICC 58g36.7.2.2 Termination in the MT 61g36.7.3 Fast re-authentication with EAP AKA 62g36.7.3.1 Termination in the UICC 62g36.7.3.2 Termination in the MT 64g36.7.4 Fast re-authentication with EAP SIM . 65g36.7.4.1 Termination in the UICC 65g36.7.4.2 Termination in the MT 66

32、g37 Support of emergency call over I-WLAN for a UICC-less terminal . 68g37.1 Support of IMS emergency call over I-WLAN for a UICC-less terminal 68g3ETSI ETSI TS 133 234 V13.0.0 (2016-01)53GPP TS 33.234 version 13.0.0 Release 13Annex A (informative): Review of the security of existing WLAN-related te

33、chnologies . 72g3A.1 IEEE . 72g3A.1.1 IEEE 802 Project 72g3A.1.2 Authentication 72g3A.1.3 Encryption and integrity protection 75g3A.2 ETSI/BRAN . 76g3A.2.1 HIPERLAN/2 Security architecture . 76g3A.2.1.1 Confidentiality protection . 77g3A.2.1.2 Authentication . 78g3A.2.1.3 Integrity protection . 78g3

34、A.2.2 Security mechanisms 78g3A.2.2.1 Confidentiality 78g3A.2.2.2 Authentication . 82g3A.3 IETF . 83g3A.3.1 Key Generation and EAP Methods 83g3A.3.2 Co-Existence of RADIUS and Diameter 83g3A.4 Bluetooth 84g3Annex B (informative): Trust Model 85g3B.1 Trust model entities 85g3B.2 Trust relations . 86g

35、3Annex C (informative): Analysis of Threats 88g3C.1 Security for Public WLAN Access 88g3C.2 Assets and Threats 88g3C.2.1 3GPP Operators Assets 88g3C.2.1.1 Access to WLAN Services . 88g3C.2.1.2 Non-WLAN Assets . 89g3C.2.2 WLAN Users Assets 89g3C.2.2.1 Access to WLAN Services . 89g3C.2.2.2 User Data a

36、nd Privacy 89g3C.2.3 WLAN Access Network Providers Assets 90g3C.3 Attacks 90g3C.3.1 Attacks at the Victims WLAN UE 90g3C.3.2 Attacks from an Attackers WLAN UE and/or AP . 91g3C.3.3 Attacks at the WLAN AN Infrastructure 91g3C.3.4 Attacks Performed by Other Devices on the Internet . 92g3C.3.5 Implicat

37、ions of the A5/2 Attack for 3GPP WLAN Access 92g3Annex D (informative): Management of sequence numbers 93g3Annex E: (informative): Alternative Mechanisms for the set up of UE-initiated tunnels (WLAN 3GPP IP Access) 94g3E.1 IKE with subscriber certificates . 94g3E.2 IKEv2 with subscriber certificates

38、 . 94g3Annex F (informative): Handling of the incompatibilities between the WLAN UE and the UICC or SIM card inserted 95g3Annex G (informative): Change history . 96g3History 99g3ETSI ETSI TS 133 234 V13.0.0 (2016-01)63GPP TS 33.234 version 13.0.0 Release 13Foreword This Technical Specification has b

39、een produced by the 3rdGeneration Partnership Project (3GPP). The contents of the present document are subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an identif

40、ying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes

41、of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. Introduction WLAN is not a single radio technology: several different technologies fall into the category called WLAN. Existing i

42、ndustry standard is IEEE 802.11b operating at 2.4 GHz ISM band. New entrant for this same band is Bluetooth and technologies such as IEEE 802.11a and ETSI BRAN Hiperlan2 are being developed for the 5 GHz band. Despite the different radio technologies, all these WLAN systems are commonly used for tra

43、nsportation of IP datagrams. The specific WLAN technology used in each wireless IP network is not very visible for the layers above IP. This Technical Specification covers the models and mechanisms under which these technologies can be used to securely interwork with 3GPP networks. ETSI ETSI TS 133

44、234 V13.0.0 (2016-01)73GPP TS 33.234 version 13.0.0 Release 131 Scope The present document specifies the security architecture; trust model and security requirements for the interworking of the 3GPP System and WLAN Access Networks. This specification is not limited to WLAN technologies. It is also v

45、alid for other IP based Access Networks that support the same security capabilities towards the interworking system as WLAN does. These security capabilities are addressed in section 4 of this specification. Specifications of the appropriate mechanisms for user and network authentication, key manage

46、ment, service authorization, confidentiality and integrity protection of user and signalling data are also provided. NOTE: According to the SA plenary decision at SA#64 to stop maintaining the I-WLAN feature from Rel-12 onwards SA3 has agreed that the present document will be maintained only for the

47、 parts where it is referenced from other specifications either for the purposes of backwards compatibility or to allow re-use of generic procedures. 2 References The following documents contain provisions, which, through reference in this text, constitute provisions of the present document. Referenc

48、es are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. For a specific reference, subsequent revisions do not apply. For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM docu

49、ment), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 1 Void 2 Void 3 IETF RFC 3748: “Extensible Authentication Protocol (EAP)“. 4 IETF RFC 4187, January 2006: “Extensible Authentication Protocol Method for 3rd Generation Authentication and Key Agreement (EAP-AKA)“. 5 IETF RFC 4186, January 2006: “Extensible Authentication Protocol Method for Global System for Mobile Communications (GSM) Subscriber Identity Modules (EAP-SIM)“. 6 IEEE 802.11i-2004: “IEEE Standard for Informat