This document collects the identified threats and proposed countermeasures, and includes the design choices and rationale for why proposed security mechanisms are accepted or rejected to record the history of the final security solution.
The scope of this 3GPP Technical Report is rationale and track of security decisions in Long Term Evolved (LTE) RAN and 3GPP System Architecture Evolution (SAE) for release 8.
Disclaimer: This TR reflects the discussions held in 3GPP SA3 while 3GPP SA3 was working towards
TS 33.401. This TR is useful to better understand the basis on which decisions in
TS 33.401 were taken, and the alternatives that were discussed towards the decision. Some of the text in this TR reflected 3GPP SA3's decision. However 3GPP's position on EPS Security Architecture is reflected in the normative text in
TS 33.401.
The following documents contain provisions which, through reference in this text, constitute provisions of the present document.
-
References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
-
For a specific reference, subsequent revisions do not apply.
-
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.
[1]
"Revised Draft report of 3GPP TSG RAN WG3 meeting #50 & joint RAN WG2/RAN WG3/SA WG3 LTE meeting", S3-060119, 3GPP TSG SA WG3 (Security) meeting #42, Bangalore, India, 6 - 9 Feb 2006.
[2]
"LS on the status of the study on LTE/SAE security", 3GPP TSG RAN WG3 Meeting #51, R3-060289, Denver, Colorado, USA, 13 - 17 February 2006.
[3]
"Security Vulnerabilities in the E-RRC Control Plane", 3GPP TSG-RAN WG2/RAN WG3/SA WG3 joint meeting, R3-060032, 9-13 January 2006
[4]
M. Zhang: "Security Analysis and Enhancements of 3GPP Authentication and Key Agreement Protocol", IEEE Transactions on Wireless Communications, Vol. 4, No. 2, March 2005.
[5]
[6]
EFF, "Cracking DES", O'Reilly, 1998.
[7]
M. Wiener, "Efficient DES Key Search", originally presented at Crypto 93 rumpsession, reprinted in W. Stallings (ed), Practical Cryptography for Data Internetworks.
[8]
[9]
I. Devlin and A. Purvis, "Assessing the Security of Key Length", SASC 2007 workshop.
[10]
RFC 4270: "Attacks on Cryptographic Hashes in Internet Protocols"
For the purposes of the present document, the following abbreviations apply:
aGW
Access Gateway
AS
Access Stratum
(D)DoS
(Distributed) Denial of Service
eNB
Evolved Node-B
LTE
Long Term Evolution
MAC
Media Access Control
MME
Mobility Management Entity
NAS
Non Access Stratum
PDCP
Packet Data Convergence Protocol
RAN
Radio Access Network
RB
Radio Bearer
RRC
Radio Resource Control
SA
Security Association
SAE
System Architecture Evolution
SMC
Security Mode Command
UE
User Equipment