1 / 7

3 GPP2 Security

GSC9/Joint_027. 3 GPP2 Security. Standards Status. GSC-9, Seoul. 1. TSG-S WG4 Manages the 3GPP2 Security Standards Activities Defines 3GPP2 security requirements in coordination with TIA-45 AHAG, 3GPP and OMA Security Working groups.

doyle
Download Presentation

3 GPP2 Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GSC9/Joint_027 3GPP2 Security Standards Status GSC-9, Seoul 1

  2. TSG-S WG4 Manages the 3GPP2 Security Standards Activities • Defines 3GPP2 security requirements in coordination with TIA-45 AHAG, 3GPP and OMA Security Working groups. • Develops provably secure protocols strong cryptographic algorithms for 3GPP2 architecture. • Standards Developed and Published by 3GPP2 TSG-S WG4: • S.S0053 Common Cryptographic Algorithms • S.S0054 Interface Specifications for CommonCryptographic Algorithms • S.S0055 Enhanced Cryptographic Algorithms • S.S0078 Common Security Algorithms • S.S0083 BCMSC Security Framework • S.S0086 MMD (IMS) Security Framework 2014-08-24 GSC-9, Seoul 2

  3. 1X EV-DO (HRPD) • Standardization has been completed for: • Session Authentication • Implementation support provided to SE and PD • User Authentication • Based on IETF’s CHAP Protocol • Over-the-Air Data Encryption. • AES-Based Encryption GSC-9, Seoul

  4. Broadcast-Multicast • 3GPP2 Security Architecture completed. • Based on IP Routing and Service Level Authorization. • BCMCS Security Framework Specifications - S.P0083. • BCMCS support included in 1xEV-DO Rev.A. • 3GPP2 Broadcast Key Distribution completed. • Broadcast Root Key Provisioning. • Session Key Generation Procedures are using SHA-PRF and EHMAC. • Link Encryption with AES • Content Encryption with IETF’s SRTP. GSC-9, Seoul

  5. OTASP Security Enhancements • Authenticated Version of D-H Key Exchange (PAK) for OTASP Root Key Provisioning. • To be included in the upcoming release of the OTASP/OTAPA standards (IS-683D) • Service Level Root Keys (e.g., IMS, BCMCS, WLAN) • Every service has unique key hierarchy (root key, session key, etc.) • For each service, generation of the service key relies on the 128-bit strength 3G1x root key and a cryptographic function to produce equally strong 128-bit service keys. • To be included in the upcoming release of the OTASP/OTAPA standards (IS-683D) GSC-9, Seoul

  6. IMS MMD Security • Packet Data Services • Mutual Authentication between the IMS client and Home S-CSCF. • Same authentication keys and functions may be used for both IMS and PDS authentication (operator option) • SIP signaling protection • Security Association between the UE and IMS P-CSCF. • Hop-by-hop Integrity protection for SIP signaling (IPSec/AKA, IPSec/IKE, TLS). • Media protection • Follows IETF recommendations for RTP stream • Maximum convergence of 3GPP2 MMD (S.P0086) & 3GPP IMS Security Frameworks • 3GPP2 solution fully aligned with IETF. GSC-9, Seoul

  7. IP Network Domain Security • Security of IP-based Location Services. • Security of IP-based OTA Stage 1 (S.P0066) completed (IOTA) • Security Requirements (S.R0073) completed. • WAP-Based Specifications (C.P0040) are in final SDO review. • Supports IETF defined protocols GSC-9, Seoul

More Related