1 / 14

GSM - UMTS Interworking - Mechanisms

TSG-T3 (USIM) meeting #8 Tdoc T3-99248 Bonn 23 - 25 July, 1999. GSM - UMTS Interworking - Mechanisms. Roland Schmitz T-Nova Deutsche Telekom Group 24.8.99. Different Security Levels of UMTS and GSM. GSM No Serving Network (SN) Authentication No Guarantee of Key Freshness

melissaramirez
Download Presentation

GSM - UMTS Interworking - Mechanisms

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. TSG-T3 (USIM) meeting #8 Tdoc T3-99248 Bonn 23 - 25 July, 1999 GSM - UMTS Interworking - Mechanisms Roland Schmitz T-Nova Deutsche Telekom Group 24.8.99

  2. Different Security Levels of UMTS and GSM • GSM • No Serving Network (SN) Authentication • No Guarantee of Key Freshness • Length of KC 64 Bit • UMTS • Proof of Trust of HE by SN • Guarantee of Key Freshness • Integrity Protection of Signalling Messages • Length of CK, IK 128 Bit

  3. UMTS-GSM Interworking-Scenarios • Roaming • GSIM - Authentication in GSM R1 • GSIM - Authentication in UMTS R2 • USIM - Authentication in GSM R3 • USIM - Authentication in UMTS R4 • HandOver • GSIM HO from GSM to UMTS HO1 • USIM from GSM to UMTS HO2 • GSIM from UMTS to GSM HO3 • USIM from UMTS to GSM HO4

  4. Assumptions • GSIM is unchanged • Challenge RAND is the same in GSM and UMTS • Each HLR/AuC is capable of generating GSM-Triplets and UMTS-AV. • Re-authentication at HO is too time-consuming

  5. Requirements for an Interworking-Mechanism • Every Roaming/Handover - Scenario should be supported • If possible, UMTS-Subscribers should get UMTS-Level Security each time they are connected to a UTRAN => HO 2 (Handover of USIM from GSM to UMTS) is a critical scenario

  6. Mechanisms • Mechanism I (Ericsson) • does not allow for GSIM roaming; not covered here • Mechanism II (Siemens) • HLR/AuC generates UMTS-AV or derives GSM- Triplet via RAND*=RAND, RES* = c1(RES), Kc* = c2(CK), according to type of requesting VLR • UMTS-AV or GSM-Triplett are sent to VLR • On HO from GSM to UMTS or GSIM-Auth. in UMTS GSM-Keys are „stretched“ by UMTS-VLR via CK*=c3(KC), IK*=c4(KC) • No Impact on existing GSM-Infrastructure! • After USIM-Auth. in GSM or after HO to GSM only GSM-level security for UMTS-subscribers

  7. Mechanism II (HO) CK* = c3(Kc)IK* = c4(Kc) CK* = c3(Kc*)IK* = c4(Kc*) CK* = c3(Kc)IK* = c4(Kc) CK, IK UTRAN CK, IK GSIM USIM GSIM USIM GSM BSS KC Kc Kc* = c2(CK) Kc*=c2(CK) Kc* = c2(CK) HO01 HO02 HO03 HO04

  8. GSIM-Roaming USIM-Roaming GSIM-Roaming USIM-Roaming Mechanism II (Roaming) CK* = c3(Kc)IK* = c4(Kc) CK, IK UTRAN CK, IK GSM BSS KC Kc Kc* = c2(CK) R01 R02 R03 R04

  9. Mechanisms • Mechanism III (Siemens) • like mechanism II, but: In HO 4 (USIM HO from UMTS to GSM), UMTS VLR sends the tripel (KC*=c2(CK), CK, IK) to the GSM-VLR • in case of another HO to UMTS the CK, IK can be used again • UMTS-Security after HO2 (if registered in UMTS) • GSM VLRs have to handle UMTS-AVs • On USIM Registration in GSM only GSM-security even after subsequent HO to UMTS

  10. Mechanism III (HO) CK* = c3(Kc)IK* = c4(Kc) CK, IK CK* = c3(Kc)IK* = c4(Kc) CK, IK UTRAN CK, IK GSIM USIM GSIM USIM GSM BSS KC Kc Kc* = c2(CK) Kc*=c2(CK) Kc* = c2(CK) HO01 HO02 HO03 HO04

  11. Alternative Mechanisms • Mechanism IIa: (T-Mobil/T-Nova) • HLR/AuC generates UMTS-AVs and GSM-Tripletts and sends both to VLR, regardless if GSM-VLR or UMTS-VLR • on HO both kinds of authentication data are passed on to new VLR • „Maximum“ Security • High Signalling Load • Mechanism IIIa: (T-Mobil/T-Nova) • HLR/AuC generates UMTS-AV and sends them to all VLRs • GSM-VLRs generate derived RES*, KC* via RES*=c1(RES), KC*=c2(CK); on HO the pair (CK, IK) is passed on • „Maximum“ Security • GSM-VLRs have to implement c1, c2

  12. Mechanisms IIa/IIIa (HO) CK* = c3(Kc)IK* = c4(Kc) CK* = c3(Kc)IK* = c4(Kc) CK, IK CK, IK UTRAN CK, IK GSIM USIM GSIM USIM GSM BSS KC Kc Kc* = c2(CK) Kc*=c2(CK) Kc* = c2(CK) HO01 HO02 HO03 HO04

  13. GSIM-Roaming USIM-Roaming GSIM-Roaming USIM-Roaming Mechanisms IIa/IIIa (Roaming) CK* = c3(Kc)IK* = c4(Kc) CK, IK UTRAN CK, IK GSM BSS Kc* = c2(CK) Kc Kc* = c2(CK) R01 R02 R03 R04

  14. Summary

More Related