1 / 7

Comparison of Key Derivation proposals for eHRPD

S40-20080721-004. 3GPP2 TSG-S WG4. Comparison of Key Derivation proposals for eHRPD. Source: Qualcomm Incorporated Contact(s) Anand Palanigounder ( apg@qualcomm.com ) Recommendation: Discuss and adopt. PMK Derivation proposals. Proposal 1: PMK=KDF (MSK, “PMK”) Proposal 2:

jaclyn
Download Presentation

Comparison of Key Derivation proposals for eHRPD

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. S40-20080721-004 3GPP2 TSG-S WG4 Comparison of Key Derivation proposals for eHRPD Source: Qualcomm IncorporatedContact(s) Anand Palanigounder (apg@qualcomm.com) Recommendation: Discuss and adopt

  2. PMK Derivation proposals • Proposal 1: • PMK=KDF (MSK, “PMK”) • Proposal 2: • PMK = KDF (MSK, ANID) where ANID is the Access Network Identifier • In this contribution, both proposals are compared

  3. Proposal 1 - Advantages • No complex new rekeying procedures or requirements required for the eAT, eAN, HSGW for inter and intra-AN HOs • No changes required to GKE (C.S0067) • Consistent with PMK transfer in inter-AN HOs in HRPD (Session State Information Record) • No additional A11 signaling messaging with HSGW needed for inter-PCF hand-off within the same HSGW • No reliance or requirements regarding availability of additional info for PMK derivation • Same level of security as proposal 2 for inter-AN HOs under the same PCF • GKE Keys can be pre-computed & used • Important for connected state HOs

  4. Proposal 1 - Disadvantages • No key binding for inter-PCF HOs under the same HSGW • Binding to PCF identity (ANID) not needed as PMK is not given to the BS (edge node) • BS may be located in physically vulnerable location • BSC/RNC located in a operator-controlled environments • This is similar to vulnerabilities at the HSGW • Conclusion: The requirement for PMK binding to a centrally-located, operator-controlled node seems unnecessary from security perspective

  5. Proposal 2 - Advantages • Binds the PMK to the PCF identity (ANID) • security gain not clear (refer to prev. slide)

  6. Proposal 2 - Disadvantages • Requires changes to GKE specs (C.S0067) • should not send PMK in inter-AN HOs session transfer • May be others changes needed (as identified in S40-20080715-003)? • Requires new requirements and complex procedures for re-keying inter-AN HOs • changes to C.S0024 & IOS specs needed • Requires unnecessary A11 signaling messaging between AN & HSGW for inter-AN HOs • ANID not available to AT until Location update (LU) • E.g., LU not performed in connected mode HOs • Unnecessary complexity and performance impacts to HRPD AN and AT • Old PMK re-used if AT hands-back to previously visited AN (no MSK change) – same as proposal 1

  7. Conclusion • Adopt proposal 1 for PMK derivation

More Related