1 / 14

The Future of CDMA2000 Security

The Future of CDMA2000 Security. Greg Rose QUALCOMM Incorporated ggr@qualcomm.com. Overview. Looking back, improving deployment of security functionality Subscriber Authentication, addressing problems of backward compatibility

kellie-hinton
Download Presentation

The Future of CDMA2000 Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The Future of CDMA2000 Security Greg Rose QUALCOMM Incorporated ggr@qualcomm.com

  2. Overview • Looking back, improving deployment of security functionality • Subscriber Authentication, addressing problems of backward compatibility • Subscriber Authentication, moving to a public-key based architecture • Privacy and integrity, use of stronger algorithms • Service availability: firewalls, signaling message integrity

  3. Looking wayyy back • AMPS, at first no authentication or security • Newt Gingrich in the USA • “Squidgy” in the UK • Cloning reached $500,000,000/year around 1998

  4. Looking back – cdmaOne • CAVE-based authentication • Enabling authentication in the important markets (New York, Los Angeles, …) mostly killed cloning • CAVE is academically broken, but safe the way it is used. • Private Long Code Mask enables extra voice/data privacy • but is not cryptographically sound • relies on “chicken and egg” problem • CMEA for signaling protection – broken. • ORYX for data protection – broken.

  5. Past deployment • None of these mechanisms has been very widely deployed • Authentication probably widest deployment, but many exceptions • badly provisioned phones? • CMEA/ORYX were “value added” • Who would pay for this? • Think of it as insurance, instead.

  6. Things that were wrong • No mutual authentication • allows false base station attacks • Inadequate key lengths • Algorithms not subjected to scrutiny

  7. Current/future Authentication • Based on 3GPP AKA, with enhancements for faster local authentication • Underlying crypto algorithm is SHA-1 • recent attacks on SHA-1 don’t affect AKA • very conservative implementation • Derive longer (128-bit) keys for privacy and message integrity

  8. Caution: backward compatibility • Difficult to prevent “bidding down” attacks • Man In The Middle relays all traffic, but claims only supports weaker mechanisms • Important that we never support “optional authentication” • if we do, the foundation of all the security goes away

  9. Privacy • Air interface uses Rijndael (AES) • Network uses either physical security or IPsec with strength at least that of AES • Content is still accessible at access points within the network

  10. Message Integrity • Based on HMAC SHA-1 • Unaffected by new attacks • Should choose a successor when the dust settles • Only applies to signaling messages • User message integrity requirement must be met at the application level

  11. Future/future authentication • Moving towards public-key based mechanisms • better for applications and 3rd party authentication • can “bootstrap” from already-provisioned symmetric keys • More reliance on IETF protocols • Enables end-to-end privacy and integrity

  12. Services • Increasing emphasis on security of applications and services • Mechanisms need to be “transport agnostic” • Increasingly based on IETF mechanisms • TLS at application level • Sometimes enhanced to work better with 3GPP/PP2 underlying primitives

  13. Denial of Service • This is a big issue for the future • Very hard problems to solve • Network firewall to prevent overloading the cells by a port scan • Authentication of requests for broadcast traffic

  14. The big challenge • None of this matters if the security mechanisms are not deployed • The mechanisms all build on one another • Customers don’t want security • won’t pay in advance for it • will sue over it after the event • So, think of security mechanisms as insurance

More Related