1、 ETSI TS 133 180 V14.2.0 (2018-01) LTE; Security of the mission critical service (3GPP TS 33.180 version 14.2.0 Release 14) TECHNICAL SPECIFICATION ETSI ETSI TS 133 180 V14.2.0 (2018-01)13GPP TS 33.180 version 14.2.0 Release 14Reference RTS/TSGS-0333180ve20 Keywords LTE,SECURITY ETSI 650 Route des L
2、ucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/sta
3、ndards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versions of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in conte
4、nts between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status.
5、 Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you find errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copy
6、right Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The
7、 copyright and the foregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTE are trademarks of ETSI registered for the benefit of its Members
8、 and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSM and the GSM logo are trademarks registered and owned by the GSM Association. ETSI ETSI TS 133 180 V14.2.0 (2018-01)23GPP TS 33.180 version 14.2.0 Release 14Intellectual Property Rights Essential pa
9、tents IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essenti
10、al, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out
11、 by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are a
12、sserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI, and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorseme
13、nt by ETSI of products, services or organizations associated with those trademarks. Foreword This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS
14、identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. Modal verbs terminology In the present document “shall“, “
15、shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2 of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in di
16、rect citation. ETSI ETSI TS 133 180 V14.2.0 (2018-01)33GPP TS 33.180 version 14.2.0 Release 14Contents Intellectual Property Rights 2g3Foreword . 2g3Modal verbs terminology 2g3Foreword . 9g31 Scope 10g32 References 10g33 Definitions and abbreviations . 12g33.1 Definitions 12g33.2 Abbreviations . 12g
17、34 Overview of Mission Critical Security . 13g34.1 General . 13g34.2 Signalling plane security architecture. 13g34.3 MC system security architecture 14g34.3.1 General 14g34.3.2 User authentication and authorisation . 14g34.3.3 Identity keying of users and services 15g34.3.4 Protection of application
18、 plane signalling . 16g34.3.5 Media security 17g34.3.5.1 General 17g34.3.5.2 Media security for group communications. . 17g34.3.5.3 Media security for private calls . 19g35 Common mission critical security framework . 20g35.1 User authentication and authorization 20g35.1.1 General 20g35.1.2 User aut
19、hentication . 21g35.1.2.1 Identity management functional model . 21g35.1.2.2 User authentication framework . 22g35.1.2.3 OpenID Connect (OIDC) 23g35.1.2.3.1 General 23g35.1.2.3.2 User authentication example using username/password 24g35.1.3 MCX user service authorisation 24g35.1.3.1 General 24g35.1.
20、3.2 MCX user service authorization with MCX Server 27g35.1.3.2.1 General 27g35.1.3.2.2 Using SIP REGISTER . 27g35.1.3.2.3 Using SIP PUBLISH . 28g35.1.4 Inter-domain MCX user service authorization 28g35.1.4.1 General 28g35.1.4.2 Inter-domain identity management functional model . 28g35.2 Key manageme
21、nt common elements 30g35.2.1 Overview of key management 30g35.2.2 Common key distribution . 31g35.2.3 Key distribution with end-point diversity . 32g35.2.4 Key distribution with associated parameters 35g35.2.5 Key distribution with SAKKE-to-self payload . 36g35.2.6 Key distribution with identity hid
22、ing 37g35.2.7 Key distribution across multiple security domains . 38g35.2.7.1 General 38g35.2.7.2 Identification of External Security Domains . 38g35.2.7.3 Using multiple security domains . 39g35.3 User key management (KMS) 39g35.3.1 General 39g35.3.2 Functional model for key management . 39g3ETSI E
23、TSI TS 133 180 V14.2.0 (2018-01)43GPP TS 33.180 version 14.2.0 Release 145.3.3 Security procedures for key management . 40g35.3.4 Provisioned key material to support end-to-end communication security 42g35.3.5 KMS Certificate 42g35.3.6 KMS provisioned Key Set 42g35.4 Key management from MC client to
24、 MC server (CSK upload) . 43g35.5 Key management between MCX servers (SPK) 43g35.6 Key management for one-to-one (private) communications (PCK) . 43g35.7 Key management for group communications (GMK) 44g35.7.1 General 44g35.7.2 Security procedures for GMK provisioning 44g35.8 Key management from MC
25、server to MC client (Key download) . 45g35.8.1 General 45g35.8.2 Key download procedure 45g35.9 Key management during MBMS bearer announcement . 46g36 Supporting security mechanisms 46g36.1 HTTP 46g36.1.1 Authentication for HTTP-1 interface 46g36.1.2 HTTP-1 interface security 47g36.2 SIP 47g36.2.1 A
26、uthentication for SIP core access . 47g36.2.2 SIP-1 interface security . 47g36.3 Network domain security . 47g36.3.1 LTE access authentication and security 47g36.3.2 Inter/Intra domain interface security . 47g37 MCPTT and MCVideo . 48g37.1 General . 48g37.2 Private communications . 48g37.2.1 Key man
27、agement 48g37.2.2 Security procedures (on-network) . 48g37.2.3 Security procedures (off-network) 50g37.2.4 First-to-answer security and key management 51g37.2.4.1 Overview . 51g37.2.4.2 First-to-answer request and response 52g37.2.4.3 First-to-answer call setup with security. 52g37.2.4.4 First-to-an
28、swer media protection 54g37.2.5 Ambient listening call . 54g37.2.6 Ambient viewing call 54g37.2.7 Private video pull 55g37.2.7.1 One-to-one video pull . 55g37.2.7.2 One-from-server video pull . 55g37.2.8 Private video push . 56g37.2.8.1 One-to-one video push 56g37.2.8.2 One-to-server video push 56g3
29、7.2.8.3 Remotely initiated video push . 57g37.3 Group communications 58g37.3.1 General 58g37.3.2 Group creation security procedure 59g37.3.3 Dynamic group keying 59g37.3.3.1 General 59g37.3.3.2 Group regrouping security procedure (within a single MC domain) 59g37.3.3.3 Group regrouping security proc
30、edure (involving multiple MC domains) . 59g37.3.4 Broadcast group call . 61g37.3.5 Group-broadcast group call. 61g37.3.6 Emergency group call . 61g37.3.7 Imminent peril group call . 62g37.3.8 Emergency Alert . 62g37.3.9 Remotely initiated video push to group 63g37.4 Key derivation for media 64g37.4.
31、1 Derivation of SRTP master keys for private call 64g37.4.2 Derivation of SRTP master keys for group media 65g3ETSI ETSI TS 133 180 V14.2.0 (2018-01)53GPP TS 33.180 version 14.2.0 Release 147.5 Media protection profile . 65g37.5.1 General 65g37.5.2 Security procedures for media stream protection 66g
32、38 MCData 68g38.1 Overview 68g38.2 Key Management . 69g38.3 One-to-one communications 70g38.4 Group communications 70g38.5 MCData payload protection . 71g38.5.1 General 71g38.5.2 Prequisites . 71g38.5.2.1 Prequisites for protected payloads . 71g38.5.2.2 Prequisites for authenticated payloads 71g38.5
33、.3 Key derivation for protected payloads 71g38.5.4 Payload protection 72g38.5.4.1 Format of protected payloads 72g38.5.4.2 Encryption of protected payloads 72g38.5.5 Payload authentication 73g39 Signalling protection 73g39.1 General . 73g39.2 Key distribution for signalling protection 74g39.2.1 Clie
34、nt-Server Key (CSK) 74g39.2.1.1 General 74g39.2.1.2 Creation of the CSK 74g39.2.1.3 Initial CSK Upload Procedure . 74g39.2.1.4 CSK update via key download. 75g39.2.2 Multicast Signalling Key (MuSiK) . 75g39.2.3 Signalling Protection Key (SPK) 76g39.3 Application signalling security (XML protection)
35、. 77g39.3.1 General 77g39.3.2 Protected content 77g39.3.3 Key agreement 78g39.3.4 Confidentiality protection using XML encryption (xmlenc) 78g39.3.4.1 General 78g39.3.4.2 XML content encryption . 78g39.3.4.3 XML URI attribute encryption 79g39.3.5 Integrity protection using XML signature (xmlsig) 80g
36、39.4 RTCP signalling protection (SRTCP) 81g39.4.1 General 81g39.4.2 Unicast RTCP protection between client and server . 81g39.4.3 Multicast RTCP protection between client and server 81g39.4.4 Offline floor and transmission control protection . 82g39.4.5 RTCP protection between servers . 82g39.4.6 Ke
37、y derivation for SRTCP 82g39.4.7 Security procedures for transmission of RTCP content 82g39.4.8 RTCP protection profile 83g39.5 MCData signalling protection 84g39.5.1 Key distribution for signalling protection . 84g39.5.2 Protection of MCData application signalling payloads (XML) 84g39.5.3 Protectio
38、n of MCData signalling payloads . 84g3Annex A (normative): Security requirements . 85g3A.1 Introduction 85g3A.2 Configuration 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. techn
39、ical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. ETSI ETSI TS 133 180 V14.2.0 (2018-01)103GPP TS 33.180 version 14.2.0 Release 141 Scope The present document specifies the security architecture, procedu
40、res and information flows needed to protect the mission critical service (MCX). The architecture includes mechanisms to protect the Common Functional Architecture and security mechanisms for mission critical applications. This includes Push-To-Talk (MCPTT), Video (MCVideo) and Data (MCData). Additio
41、nally, security mechanisms relating to on-network use, off-network use, roaming, migration, interconnection, interworking and multiple security domains are described. This specification complements the Common Functional Architecture defined in TS 23.280 36, the functional architecture for MCPTT defi
42、ned in 3GPP TS 23.379 2, the functional architecture for MCVideo defined in 3GPP TS 23.281 37 and the functional architecture for MCData defined in 3GPP TS 23.282 38. The MC service can be used for public safety applications and also for general commercial applications e.g. utility companies and rai
43、lways. As the security model is based on the public safety environment, some security features may not be applicable to MCPTT for commercial purposes. 2 References The following documents contain provisions which, through reference in this text, constitute provisions of the present document. - Refer
44、ences are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. - For a specific reference, subsequent revisions do not apply. - For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a G
45、SM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 1 3GPP TR 21.905: “Vocabulary for 3GPP Specifications“. 2 3GPP TS 23.379: “Functional architecture and information flows to support Mission Critical Push To Ta
46、lk (MCPTT); Stage 2“. 3 3GPP TS 22.179: “Mission Critical Push To Talk (MCPTT) over LTE; Stage 1“. 4 3GPP TS 33.210: 3G security; Network Domain Security (NDS); IP network layer security. 5 3GPP TS 33.310: “Network Domain Security (NDS); Authentication Framework (AF)“. 6 3GPP TS 33.203: “3G security
47、; Access security for IP-based services“. 7 3GPP TS 33.179 Release 13: “Security of Mission Critical Push To Talk (MCPTT) over LTE“. 8 3GPP TS 33.328: IP Multimedia Subsystem (IMS) media plane security. 9 IETF RFC 6507: Elliptic Curve-Based Certificateless Signatures for Identity-Based Encryption (E
48、CCSI). 10 IETF RFC 6508: Sakai-Kasahara Key Encryption (SAKKE). 11 IETF RFC 6509: MIKEY-SAKKE: Sakai-Kasahara Key Encryption in Multimedia Internet KEYing (MIKEY). 12 IETF RFC 3550: RTP: A Transport Protocol for Real-Time Applications. 13 IETF RFC 3711: “The Secure Real-time Transport Protocol (SRTP
49、)“. 14 3GPP TS 33.401: “3GPP System Architecture Evolution (SAE); Security architecture“. 15 3GPP TS 23.228: “IP Multimedia Subsystem (IMS); Stage 2“. ETSI ETSI TS 133 180 V14.2.0 (2018-01)113GPP TS 33.180 version 14.2.0 Release 1416 3GPP TS 33.222: “Generic Authentication Architecture (GAA); Access to network application functions using Hypertext Transfer Protocol over Transport Layer Security (HTTPS)“. 17 3GPP TS 33.220: “Generic Authentication Architecture (GAA); Generic Bootstrapping Architecture (GBA
