Content for TR 33.828 Word version: 11.1.0
4 Use cases
5 Requirements
6 General aspects of solutions
7 Candidate solutions
8 Conclusions
A Identity Based Encryption
$ Change history
4 Use cases p. 8
4.1 Usage models p. 8
4.1.1 General p. 8
4.1.2 Access media protection p. 9
4.1.3 End-to-end protection p. 9
4.1.4 Enhanced end-to-end protection p. 10
4.2 Multimedia telephony p. 10
4.2.1 General p. 10
4.2.2 Peer-to-peer p. 10
4.2.3 Non RTP based media p. 11
4.2.4 Deferred delivery p. 11
4.2.5 Group and conference calls p. 11
4.2.6 Conclusions p. 12
4.3 Push-to-talk (PoC) p. 12
4.4 Instant messaging p. 12
4.5 Chat p. 12
4.6 Media on demand p. 12
4.7 Transcoders p. 12
4.8 PSTN-GW p. 13
4.9 Termination of media security in an AS p. 13
5 Requirements p. 14
5.1 Overview p. 14
5.2 Summary of requirements p. 14
5.3 Lawful interception p. 14
5.4 Security p. 14
5.5 Requirements related to SIP based call features/SIP related problems p. 15
5.6 Architectural p. 15
5.7 Scalability, cost and performance p. 16
5.8 Requirements regarding the access network type p. 16
5.9 Backward compatibility and migration p. 16
5.10 Other requirements p. 16
6 General aspects of solutions p. 17
6.1 Introduction p. 17
6.2 Architectural aspects of end-to-middle protection p. 17
6.2.1 Preferred endpoints for end-to-middle protection p. 17
6.2.2 Interfaces for end-to-middle protection p. 18
6.3 Co-existence of end-to-end and end-to-middle solutions p. 19
6.3.1 Introduction p. 19
6.3.2 Registration procedures p. 19
6.3.3 Originating procedures p. 20
6.3.3.1 End-to-access-edge p. 20
6.3.3.2 End-to-end p. 21
6.3.4 Terminating Procedures p. 22
6.3.4.1 End-to-access-edge p. 22
6.3.4.2 End-to-end p. 23
7 Candidate solutions p. 24
7.1 Ticket-Based System (TBS) p. 24
7.1.1 Introduction p. 24
7.1.2 Analysis p. 25
7.1.3 Solution description p. 26
7.1.4 System details p. 27
7.1.4.1 Ticket information and format p. 27
7.1.4.2 Binding between user and ticket recipient identities p. 28
7.1.4.3 Interoperability between users in different KMS domains p. 29
7.1.4.4 Session and forking keys p. 30
7.1.4.4.1 General aspects p. 30
7.1.4.4.2 Session keys p. 30
7.1.4.4.3 Forking keys p. 30
7.1.4.4.4 Combined session and forking key generation p. 31
7.1.4.4.5 Terminating side identity assurance. p. 32
7.1.4.5 Unprotected tickets p. 32
7.1.4.6 Ticket replay protection p. 32
7.1.4.7 Limiting KMS statefulness p. 33
7.1.4.8 Lawful intercept p. 33
7.1.4.9 Access to KMS services when roaming p. 34
7.1.4.10 End-to-middle scenarios p. 34
7.1.5 Evaluation of solution against requirements. p. 35
7.1.5.1 Compliance of TBS with 3GPP Requirements p. 35
7.1.5.1.1 LI requirements p. 35
7.1.5.1.2 Security requirements p. 35
7.1.5.1.3 Requirements related to SIP based call features p. 35
7.1.5.1.4 Architectural requirements p. 35
7.1.5.1.5 Scalability, cost and performance p. 36
7.1.5.1.6 Requirements regarding the access network type p. 36
7.1.5.1.7 Backward compatibility and migration p. 36
7.1.5.1.8 Other requirements p. 36
7.1.5.2 Compliance of Ticket Based System with IETF requirements p. 37
7.1.5.2.1 Security requirements p. 37
7.1.5.2.2 Forking/retargeting p. 37
7.1.5.2.3 Early media p. 38
7.1.5.3 Summary requirement compliance p. 38
7.2 Using IMS AKA keys for media protection over the access network p. 38
7.2.1 Requirements p. 38
7.2.2 Architecture p. 39
7.2.3 Access security set-up p. 39
7.2.4 Access security set-up with key mixing p. 41
7.3 Security Descriptions (SDES) p. 41
7.3.1 Brief description of SDES p. 41
7.3.2 Compliance of SDES with 3GPP requirements p. 42
7.3.2.1 LI requirements p. 42
7.3.2.2 Security requirements p. 42
7.3.2.3 Requirements related to SIP based call features p. 43
7.3.2.4 Architectural requirements p. 43
7.3.2.5 Scalability, cost and performance p. 44
7.3.2.6 Requirements regarding the access network type p. 44
7.3.2.7 Backward compatibility and migration p. 44
7.3.2.8 Other requirements p. 44
7.3.3 Compliance of SDES with IETF requirements p. 44
7.3.4 Summary requirement compliance p. 47
7.3.5 SDES in end-to-middle scenarios p. 47
7.3.6 Possible enhancements to an SDES based solution p. 50
7.4 Otway-Rees based key management protocol p. 52
7.4.1 Definitions p. 52
7.4.2 Solution description p. 52
7.4.3 Analysis p. 54
7.4.3.1 Peer-to-peer p. 54
7.4.3.2 Forking p. 54
7.4.3.3 Deferred delivery p. 57
7.4.3.4 Transcoders p. 60
7.4.3.5 Group and conference calls p. 60
7.4.3.6 End-to-middle p. 62
7.4.4 Lawful intercept p. 64
7.5 DTLS-SRTP p. 65
7.5.1 Brief Description of DTLS-SRTP p. 65
7.5.2 Usage of the media path p. 65
7.5.3 Lawful interception p. 65
7.5.3.1 Lawful MitM attack p. 66
7.5.3.2 Protocol-based hidden key recovery p. 66
7.5.3.3 Key disclosure p. 66
7.5.4 Support of multiparty communication p. 67
7.6 MIKEY-IBAKE Solution p. 67
7.6.1 Introduction p. 67
7.6.2 Solution description p. 68
7.6.2.1 General p. 68
7.6.2.2 Discussion p. 70
7.6.2.3 Key forking p. 71
7.6.2.4 Redirection p. 72
7.6.2.5 Deferred delivery p. 73
7.6.2.6 Group and conference calls p. 74
7.6.2.6.1 General p. 74
7.6.2.6.2 Adding and deleting users p. 75
7.6.3 Compliance of MIKEY-IBAKE with requirements p. 76
7.6.3.1 General p. 76
7.6.3.2 Compliance of IBAKE with 3GPP requirements p. 76
7.6.3.2.1 General p. 76
7.6.3.2.2 Lawful intercept p. 76
7.6.3.2.3 Security requirements p. 76
7.6.3.2.4 Requirements related to SIP based call features p. 77
7.6.3.2.5 Architectural requirements p. 77
7.6.3.2.6 Scalability, cost and performance p. 77
7.6.3.2.7 Requirements regarding the access network type p. 77
7.6.3.2.8 Backward compatibility and migration p. 77
7.6.3.2.9 Other requirements p. 77
7.6.3.3 Compliance of IBAKE with IETF requirements p. 77
7.6.3.3.1 General p. 77
7.6.3.3.2 Security requirements p. 78
7.6.3.3.3 Forking/retargeting p. 78
7.6.3.3.4 Early media p. 79
8 Conclusions p. 79
A Identity Based Encryption p. 80
$ Change history p. 81
