Content for TS 33.204 Word version: 18.0.0
0 Introduction
1 Scope
2 References
3 Definitions, symbols and abbreviations
3.1 Definitions
3.2 Symbols
3.3 Abbreviations
3.4 Conventions
...
...
0 Introduction p. 4
The absence of security in Signalling System No. 7 (SS7) networks is an identified security weakness in 2G systems. This was formerly perceived not to be a problem, since the SS7 networks were the provinces of a small number of large institutions. This is no longer the case, and so there is now a need for security precautions.
For 3G systems it is a clear goal to be able to protect the core network signalling protocols, and by implication this means that security solutions shall be found for both SS7 and IP based protocols.
Various protocols and interfaces are used for control plane signalling within and between core networks. The security services that have been identified as necessary are confidentiality, integrity, authentication and anti-replay protection. These will be ensured by standard procedures, based on cryptographic techniques.
1 Scope p. 5
This technical specification covers the security mechanisms and procedures necessary to protect all TCAP user messages which are sent between different security domains. The complete set of enhancements and extensions to facilitate security protection for the TCAP protocol is termed TCAPsec and it covers transport security in the TCAP protocol itself and the security management procedures.
This technical specification contains the stage 2 specification for security protection of the TCAP protocol. The actual implementation (stage 3) specification can be found in TS 29.204.
2 References p. 5
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
- References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
- For a specific reference, subsequent revisions do not apply.
- For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
TR 21.905: "Vocabulary for 3GPP Specifications".
[2]
TS 29.002: "Mobile Application Part (MAP) specification".
[3]
NIST Special Publication 800-38A "Recommendation for Block Cipher Modes of Operation" December 2001.
[4]
ISO/IEC 9797: "Information technology -- Security techniques -- Message Authentication Codes (MACs) -- Part 1: Mechanisms using a block cipher", Ed.1, 1999-12-16.
[5]
FIPS Publication 197: "Specification for the Advanced Encryption Standard (AES)", November 26, 2001.
[6]
TS 33.210: "3G security; Network Domain Security (NDS); IP network layer security".
[7]
W3C DTF profile of ISO 8601: 2000 - Data Elements and Interchange Formats - Information Interchange - Representation of Dates and Times. International Organization for Standardization. http://www.w3.org/TR/1998/NOTE-datetime-19980827 .
[8]
TS 23.003: "Numbering, addressing and identification".
[9]
TS 29.204: "Signalling System No. 7 (SS7) security gateway; Architecture, functional description and protocol details "
3 Definitions, symbols and abbreviations p. 5
3.1 Definitions p. 5
In addition to the definitions included in TR 21.905, for the purposes of the present document, the following definitions apply:
Anti-replay protection:
Anti-replay protection is a special case of integrity protection. Its main service is to protect against replay of self-contained packets that already have a cryptographic integrity mechanism in place.
Confidentiality:
The property that information is not made available or disclosed to unauthorised individuals, entities or processes.
Data integrity:
The property that data has not been altered in an unauthorised manner.
Data origin authentication:
The corroboration that the source of data received is as claimed.
Entity authentication:
The provision of assurance of the claimed identity of an entity.
Key freshness:
A key is fresh if it can be guaranteed to be new, as opposed to an old key being reused through actions of either an adversary or authorised party.
Security Association:
A logical connection created for security purposes. All traffic traversing a security association is provided the same security protection. The security association specifies protection levels, algorithms to be used, lifetimes of the connection etc.
SS7 Carrier:
An SS7 network that is not a PLMN.
SS7 Security Gateway:
A Network Node that terminates and initiates TCAPsec. Similar to a SEG (see TS 33.210), the SS7 security Gateway is used for communication between two SS7 security domains.
TCAPsec:
The complete collection of protocols and procedures needed to protect TCAP user messages.
3.2 Symbols p. 6
For the purposes of the present document, the following symbols apply:
f6
TCAPsec encryption algorithm.
f7
TCAPsec integrity algorithm.
Zf
TCAPsec reference point between SS7-SEGs engaged in security protected signalling.
3.3 Abbreviations p. 6
In addition to the abbreviations included in TR 21.905, for the purposes of the present document, the following abbreviations apply:
AES
Advanced Encryption Standard
FALLBACK
Fallback to unprotected mode indicator
IP
Internet Protocol
IV
Initialisation Vector
MAC
Message Authentication Code
MAC-M
MAC used for TCAP user
MAP
Mobile Application Part
NDS
Network Domain Security
NE
Network Entity
PROP
Proprietary field
SA
Security Association
SAD
Security Association Database
SEA
SS7 security gateway Encryption Algorithm identifier
SEK
SS7 security gateway Encryption Key
SIA
SS7 security gateway Integrity Algorithm identifier
SIK
SS7 security gateway Integrity Key
SPD
Security Policy Database
SPI
Security Parameters Index
SS7-SEG
SS7 security gateway
TCAPsec
TCAP user security - the SS7 security gateway security protocol suite
TCAP user
Application Part identified by the SCCP Subsystem Numbers of TS 23.003
TVP
Time Variant Parameter
3.4 Conventions p. 7
All data variables in this specification are presented with the most significant substring on the left hand side and the least significant substring on the right hand side. A substring may be a bit, byte or other arbitrary length bitstring. Where a variable is broken down into a number of substrings, the leftmost (most significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant.
