1、 TIA-1208 August 2011Advanced Security Framework for HRPD and eHRPD Systems NOTICE TIA Engineering Standards and Publications are designed to serve the public interest through eliminating misunderstandings between manufacturers and purchasers, facilitating interchangeability and improvement of produ
2、cts, and assisting the purchaser in selecting and obtaining with minimum delay the proper product for their particular need. The existence of such Standards and Publications shall not in any respect preclude any member or non-member of TIA from manufacturing or selling products not conforming to suc
3、h Standards and Publications. Neither shall the existence of such Standards and Publications preclude their voluntary use by Non-TIA members, either domestically or internationally. Standards and Publications are adopted by TIA in accordance with the American National Standards Institute (ANSI) pate
4、nt policy. By such action, TIA does not assume any liability to any patent owner, nor does it assume any obligation whatever to parties adopting the Standard or Publication. This Standard does not purport to address all safety problems associated with its use or all applicable regulatory requirement
5、s. It is the responsibility of the user of this Standard to establish appropriate safety and health practices and to determine the applicability of regulatory limitations before its use. (From Project No. TIA-PN-1208, formulated under the cognizance of the TIA TR-45 Mobile (b) there is no assurance
6、that the Document will be approved by any Committee of TIA or any other body in its present or any other form; (c) the Document may be amended, modified or changed in the standards development or any editing process. The use or practice of contents of this Document may involve the use of intellectua
7、l property rights (“IPR”), including pending or issued patents, or copyrights, owned by one or more parties. TIA makes no search or investigation for IPR. When IPR consisting of patents and published pending patent applications are claimed and called to TIAs attention, a statement from the holder th
8、ereof is requested, all in accordance with the Manual. TIA takes no position with reference to, and disclaims any obligation to investigate or inquire into, the scope or validity of any claims of IPR. TIA will neither be a party to discussions of any licensing terms or conditions, which are instead
9、left to the parties involved, nor will TIA opine or judge whether proposed licensing terms or conditions are reasonable or non-discriminatory. TIA does not warrant or represent that procedures or practices suggested or provided in the Manual have been complied with as respects the Document or its co
10、ntents. If the Document contains one or more Normative References to a document published by another organization (“other SSO”) engaged in the formulation, development or publication of standards (whether designated as a standard, specification, recommendation or otherwise), whether such reference c
11、onsists of mandatory, alternate or optional elements (as defined in the TIA Engineering Manual, 4thedition) then (i) TIA disclaims any duty or obligation to search or investigate the records of any other SSO for IPR or letters of assurance relating to any such Normative Reference; (ii) TIAs policy o
12、f encouragement of voluntary disclosure (see Engineering Manual Section 6.5.1) of Essential Patent(s) and published pending patent applications shall apply; and (iii) Information as to claims of IPR in the records or publications of the other SSO shall not constitute identification to TIA of a claim
13、 of Essential Patent(s) or published pending patent applications. TIA does not enforce or monitor compliance with the contents of the Document. TIA does not certify, inspect, test or otherwise investigate products, designs or services or any claims of compliance with the contents of the Document. AL
14、L WARRANTIES, EXPRESS OR IMPLIED, ARE DISCLAIMED, INCLUDING WITHOUT LIMITATION, ANY AND ALL WARRANTIES CONCERNING THE ACCURACY OF THE CONTENTS, ITS FITNESS OR APPROPRIATENESS FOR A PARTICULAR PURPOSE OR USE, ITS MERCHANTABILITY AND ITS NONINFRINGEMENT OF ANY THIRD PARTYS INTELLECTUAL PROPERTY RIGHTS
15、. TIA EXPRESSLY DISCLAIMS ANY AND ALL RESPONSIBILITIES FOR THE ACCURACY OF THE CONTENTS AND MAKES NO REPRESENTATIONS OR WARRANTIES REGARDING THE CONTENTS COMPLIANCE WITH ANY APPLICABLE STATUTE, RULE OR REGULATION, OR THE SAFETY OR HEALTH EFFECTS OF THE CONTENTS OR ANY PRODUCT OR SERVICE REFERRED TO
16、IN THE DOCUMENT OR PRODUCED OR RENDERED TO COMPLY WITH THE CONTENTS. TIA SHALL NOT BE LIABLE FOR ANY AND ALL DAMAGES, DIRECT OR INDIRECT, ARISING FROM OR RELATING TO ANY USE OF THE CONTENTS CONTAINED HEREIN, INCLUDING WITHOUT LIMITATION ANY AND ALL INDIRECT, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMA
17、GES (INCLUDING DAMAGES FOR LOSS OF BUSINESS, LOSS OF PROFITS, LITIGATION, OR THE LIKE), WHETHER BASED UPON BREACH OF CONTRACT, BREACH OF WARRANTY, TORT (INCLUDING NEGLIGENCE), PRODUCT LIABILITY OR OTHERWISE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. THE FOREGOING NEGATION OF DAMAGES IS A F
18、UNDAMENTAL ELEMENT OF THE USE OF THE CONTENTS HEREOF, AND THESE CONTENTS WOULD NOT BE PUBLISHED BY TIA WITHOUT SUCH LIMITATIONS. S.S0145-0 v1.0 ii EDITOR Zhibi Wang 1 Alcatel Lucent 2 Tel: (+1) 630-713-8381 3 Email: zhibi.wangalcatel- 4 5 REVISION HISTORY 6 7 REVISION HISTORY 1.0 Initial Publication
19、 26 May 2011 8 Table of Contents 1 Advanced Security Framework for HRPD and eHRPD Systems i 2 1 Introduction . 2 3 1.1 Scope 2 4 2 References . 2 5 2.1 Normative References 2 6 2.2 Informative References . 3 7 3 Definitions, Abbreviations and Acronyms 3 8 3.1 Definitions 3 9 3.1.1 Abbreviations and
20、Acronyms . 3 10 3.1.2 Terminology . 4 11 4 Architecture 4 12 5 Security Requirements 6 13 6 Access Authentication and Authorization . 7 14 6.1 EAP Protocol Negotiation 7 15 6.2 UE Behavior . 7 16 6.2.1 UE Identity Management for eHRPD 7 17 6.2.2 UE Identity Management for HRPD 7 18 6.2.3 UE Network
21、Access Authentication for eHRPD 7 19 6.2.4 UE Network Access Authentication for HRPD . 8 20 6.3 HSGW Behavior . 8 21 6.4 PDSN Behavior 8 22 6.5 AAA Server Behavior 8 23 6.5.1 3GPP AAA Server Behavior 8 24 6.5.2 3GPP2 AAA Server Behavior 8 25 6.6 HSS Behavior . 8 26 7 Key Generation . 8 27 7.1 Pairwi
22、se Master Key (PMK) Generation 9 28 7.2 Access Network Key Generation 10 29 7.3 Access Network Key Generation for AALS . 11 30 8 Key Distribution . 12 31 8.1 eHRPD Master Session Key and Inter-HSGW Handoff 12 32 8.2 HSGW/PDSN (e)AN Key Distribution . 12 33 8.3 Multi-Key Key Exchange Protocol and Int
23、ra-HSGW/PDSN inter-eAN Handoff 13 34 8.3.1 Reconfiguration Procedures . 13 35 S.S0145-0 v1.0 1 9 Session Key Usage for AALS . 14 1 9.1 Derivation and Management of Crypto-sync 14 2 9.2 AALS EMFPA and AALS MLMFPA 14 3 9.3 Air Interface Application Signaling Encryption/Decryption functions 15 4 9.4 Ai
24、r Interface Application Signaling Integrity Protection 15 5 6 7 S.S0145-0 v1.0 2 1 Introduction 1 This document defines security framework for HRPD and eHRPD access networks. 2 This document describes only normal operation. Handling of error cases and unsuccessful 3 scenarios resulting from protocol
25、 failures is described in other relevant standards. 4 1.1 Scope 5 This document defines updated security framework for HRPD and eHRPD access networks. It 6 presents consolidation of advanced security features defined to support authentication, key 7 distribution, efficient upper layer ciphering, and
26、 information integrity protection. 8 9 2 References 10 2.1 Normative References 11 1 3GPP2: X.S0057-0: “E-UTRAN eHRPD Connectivity and Interworking: 12 Core Network Aspects”. 13 2 3GPP2: C.S0067-A: “Key Exchange Protocols for cdma2000 High Rate 14 Packet Data Air Interface”. 15 3 3GPP2: S.S0078-B: “
27、Common Security Algorithms”. 16 4 IETF: RFC1661: “The Point-to-Point Protocol (PPP)”, July 1994. 17 5 IETF: RFC3588: “Diameter Base Protocol”, September 2003. 18 6 IETF: RFC3748: “Extensible Authentication Protocol (EAP)”, June 2004. 19 7 IETF: RFC4005: “Diameter Network Access Server Application”,
28、August 20 2005. 21 8 IETF: RFC4072: “Diameter Extensible Authentication Protocol (EAP) 22 Application”, August 2005. 23 9 IETF: RFC4187: “Extensible Authentication Protocol Method for 3rd 24 Generation Authentication and Key Agreement (EAP-AKA)”, January 2006. 25 10 IETF: RFC4282: “The Network Acces
29、s Identifier”, December 2005. 26 11 IETF: RFC5448: “Improved Extensible Authentication Protocol Method for 27 3rd Generation Authentication and Key Agreement (EAP-AKA)”, May 28 2009. 29 12 3GPP: TS 33.402: “Security aspects of non-3GPP accesses (Release 9)”. 30 13 3GPP: TS 23.003: “Numbering, addres
30、sing and identification (Release 9)”. 31 14 3GPP: TS 24.302: “Access to the 3GPP Evolved Packet Core (EPC) via 32 non-3GPP access networks; Stage 3; (Release 9)”. 33 S.S0145-0 v1.0 3 15 3GPP2: A.S0022-0: “E-UTRAN eHRPD Connectivity and Interworking: 1 Access Network Aspects (E-UTRAN HRPD IOS)”. 2 16
31、 3GPP2: C.S0024-B: cdma2000 High Rate Packet Data Air Interface 3 Specification. 4 17 3GPP2: C.S0039-0: Enhanced Subscriber Privacy for cdma2000 High Rate 5 Packet Data. 6 18 IETF: RFC 4493: “The AES-CMAC Algorithm“, June 2006. 7 19 NIST: CMAC-NIST-SP800-38B, Special Publication 800-38B, 8 “Recommen
32、dation for Block Cipher Modes of Operation: The CMAC Mode 9 for Authentication“, May 2005. 10 20 3GPP2: A.S0008-C: “Interoperability Specification (IOS) for High Rate 11 Packet Data (HRPD) Radio Access Network Interfaces With Session Control 12 in the Access Network”. 13 21 3GPP2: A.S0009-C: “Intero
33、perability Specification (IOS) for High Rate 14 Packet Data (HRPD) Radio Access Network Interfaces With Session Control 15 in the Access Network”. 16 22 3GPP2: X.S0011-E: “cdma2000 Wireless IP Network Standard”. 17 23 IETF: RFC2865: “Remote Authentication Dial In User Service (RADIUS)“, 18 June 2000
34、. 19 24 3GPP2: C.S0102-0: “HRPD Air Interface Application Layer Security 20 (AALS): Air Interface Aspects”. 21 2.2 Informative References 22 This section provides references to other documents that may be useful for the reader of this 23 document. 24 25 3 Definitions, Abbreviations and Acronyms 26 T
35、his section contains definitions, symbols and abbreviations that are used throughout the 27 document. 28 3.1 Definitions 29 30 3.1.1 Abbreviations and Acronyms 31 The following list provides abbreviations and acronyms used throughout this document. 32 3GPP 3rd Generation Partnership Project 33 3GPP2
36、 3rd Generation Partnership Project 2 34 AAA Authentication, Authorization, Accounting 35 AALS Air interface Application Layer Security 36 S.S0145-0 v1.0 4 AKA Authentication and Key Agreement 1 AN-AAA Access Network AAA 2 AT Access Terminal 3 eAN Evolved Access Network 4 EAP Extensible Authenticati
37、on Protocol 5 EPC Evolved Packet Core 6 ePCF Evolved Packet Control Function 7 EPS Evolved Packet System 8 E-UTRAN Evolved Universal Terrestrial Radio Access Network 9 HRPD High Rate Packet Data 10 HSGW HRPD Serving Gateway 11 HSS Home Subscriber Service 12 IMSI International Mobile Subscriber Ident
38、ity 13 IP Internet Protocol 14 IP-CAN IP Connectivity Access Network 15 MSK Master Session Key 16 NAI Network Access Identifier 17 P-GW Packet Data Network Gateway (specified by 3GPP) 18 PDN Packet Data Network 19 PDSN Packet Data Serving Node 20 RLP Radio Link Protocol 21 SNP Signaling Network Prot
39、ocol 22 RAN Radio Access Network 23 UE User Equipment 24 3.1.2 Terminology 25 In this document, the term UE has the same meaning as AT in HRPD system. 26 4 Architecture 27 Figure 1 below shows the eHRPD security reference model. An eHPRD UE connects to the 28 Evloved Packet Core (EPC) through the HR
40、PD Serving Gateway (HSGW). Before connection 29 to the HSGW is allowed, the UE performs HRPD Access Authentication with the AN-AAA 30 through the evovled Access Network (eAN) using the A12 interface. The HRPD Access 31 Authentication procedures are specified in 20 and 21. 32 The eHRPD network access
41、 authentication of the UE is performed by the 3GPP AAA Server. 33 The 3GPP AAA server retrieves the UE subscription data and the authentication vectors from 34 the HSS through SWx interface. The 3GPP2 AAA Proxy plays the role of AAA proxy during 35 authentication procedures. The details of authentic
42、ation procedures are specified in 1. 36 37 S.S0145-0 v1.0 5 3 G P P A A A S e r v e rH S G WS T aA 1 2A 1 1 A N - A A Ae A N / e P C FH R P D A i r I n t e r f a c eU E3 G P P 2 A A A P r o x yP i *H S SS W x1 Figure 1 eHRPD Security Reference Model 2 3 Figure 2 below illustrates the HRPD security r
43、eference model. An HPRD AT connects to the 4 cdma2000 packet core network through the Packet Data Serving Node (PDSN). Before 5 connection to the PDSN is allowed, the AT performs HRPD Access Authentication with the 6 AN-AAA through the Access Network (AN) using the A12 interface. The HRPD Access 7 A
44、uthentication procedures are specified in 20 and 21. 8 The PDSN authentication of an AT is performed by the 3GPP2 AAA. The 3GPP2 AAA server 9 stores the AT subscription data and the authentication credential(s). 10 S.S0145-0 v1.0 6 P D S NA 1 2A 1 1A N - A A AA N / P C FH R P D A i r I n t e r f a c
45、 eA T3 G P P 2 A A A 1 Figure 2 HRPD Security Reference Model 2 5 Security Requirements 3 The following security requirements shall be supported by the HRPD and eHRPD systems 4 compliant to this document: 5 Mutual authentication between the UE and the network shall be supported. 6 It shall be possib
46、le to perform data encryption on a per link flow basis. 7 Confidentiality and integrity protection of the (e)HRPD access network signalling 8 messages shall be supported with the following exceptions: 9 - Messages required to establish the security context between the UE and the network 10 - Emergen
47、cy calls for an unauthenticated UE. 11 - Any messages that are explicitly identified as not being protected by the 12 specifications. 13 NOTE: For best effort (e)HRPD signaling messages, confidentiality protection is 14 not supported as it relies on HRPD Security Layer specified in 16. 15 Confidenti
48、ality protection of user data shall be supported. 16 Mechanisms to perform key exchange or update shall be supported. 17 S.S0145-0 v1.0 7 It should be possible to provide user identity confidentiality. 1 6 Access Authentication and Authorization 2 This section defines (e)HRPD authentication and auth
49、orization procedures. These 3 authentication and authorization procedures are based on EAP. 4 Access authentication for eHRPD system shall be based on EAP-AKA specified in 11. 5 Access authentication for HRPD system shall use EAP-AKA as specified in 9. 6 6.1 EAP Protocol Negotiation 7 EAP is used for network access authentication for (e)HRPD system. During the PPP session 8 negotiation between the HSGW/PDSN and the UE, the HSGW/PDSN shall propose EAP as 9 the authentication protocol in t
