Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x

Content for  TR 33.863  Word version:  14.2.0

Top   Top   Up   Prev   None
1…   4…
4 Background and key objectives5 Key issues6 Candidate solutions7 ConclusionsA  AKA procedures assessment in very low data throughput environmentB  Review of security standardization efforts in other SDOsC Proposed normative changes$ Change History

 

4  Background and key objectivesp. 12

4.0  Motivationp. 12

4.1  Architectural assumptionsp. 12

4.2  Clarification of "device to enterprise security" termp. 13

4.3  "Device to enterprise" user plane protectionp. 14

4.4  "Device to HPLMN" user plane protectionp. 14

4.5  Battery usage challengesp. 15

4.6  Cellular IoT traffic modelp. 15

5  Key issuesp. 16

5.1  Issue 1: N-PDU data tampering and eavesdroppingp. 16

5.1.1  Issue descriptionp. 16

5.1.2  Threat descriptionp. 16

5.1.3  Security requirementsp. 16

5.2  Issue 2: Efficient user data protection challengesp. 16

5.2.1  Issue descriptionp. 16

5.2.2  Threat descriptionp. 17

5.2.3  Security requirementsp. 17

5.3  Issue 3: "VPLMN Specific Needs"p. 17

5.3.1  Issue descriptionp. 17

5.3.2  Threat descriptionp. 17

5.3.3  Security requirementsp. 17

5.4  Issue 4: End-to-end securityp. 17

5.4.1  Issue descriptionp. 17

5.4.2  Threat descriptionp. 18

5.4.3  Security requirementsp. 18

6  Candidate solutionsp. 18

6.0  Generalp. 18

6.1  Solution #1: "UE to HPLMN" security solutions based on UMTS/EPS AKA enhancements.p. 18

6.1.1  Introductionp. 18

6.1.2  Solution descriptionp. 19

6.1.2.1  "UE to HPLMN" security solution with HSE context establishment procedurep. 19

6.1.2.2  "UE to HPLMN" security solution with HLR push procedure - Alternativep. 21

6.1.2.3  "UE to HPLMN" security solution with HSE pull procedurep. 22

6.1.2.4  Key derivation rulesp. 24

6.1.2.5  Solution variant: End to Middle Key Serverp. 25

6.1.2.6  Solution variant: key derivation on the ME (EPS AKA only)p. 25

6.1.3  Solution evaluationp. 26

6.2  Solution #2: "End-to-middle security based on AKA"p. 26

6.2.1  Introductionp. 26

6.2.2  Solution descriptionp. 26

6.2.2.1  End-to-middle security solution based on AKAp. 26

6.2.2.2  Key derivation rulesp. 27

6.2.2.3  Usage of e2m securityp. 27

6.2.3  Solution evaluationp. 28

6.3  Solution #3: "Independent VPLMN and e2m security associations"p. 28

6.3.1  Introductionp. 28

6.3.2  Solution descriptionp. 28

6.3.2.1  Independent VPLMN and e2m security associationsp. 28

6.3.3  Solution evaluationp. 29

6.4  Solution #4: "Security policies"p. 29

6.4.1  Introductionp. 29

6.4.2  Solution descriptionp. 30

6.4.2.1  Authentication and key usage policyp. 30

6.4.2.2  Algorithm policyp. 30

6.4.2.3  VPLMN Specific Algorithm policiesp. 30

6.4.3  Solution evaluationp. 30

6.5  Solution #5: "End-to-end security solution"p. 31

6.5.1  Introductionp. 31

6.5.2  Solution Descriptionp. 31

6.5.2.1  Specific e2e security associationp. 31

6.5.2.2  Derivation of e2eKEYSETp. 31

6.5.2.3  Triggering the key derivationp. 31

6.5.2.4  Setting the timerp. 32

6.5.2.5  Interfaces of the EESEp. 32

6.5.3  Solution Evaluationp. 32

6.6  Solution #6: Bearer protectionp. 32

6.6.1  Introductionp. 32

6.6.2  Solution descriptionp. 32

6.6.3  Solution evaluationp. 33

6.7  Solution #X: "End-to-end" for solutions 1 and 2p. 33

6.7.1  Introductionp. 33

6.7.2  Solution #1 and #2 in End-to-End casep. 33

6.7.3  Solution Evaluationp. 33

6.8  Solution #8: Complete end to middle solutionp. 34

6.8.1  Introductionp. 34

6.8.2  Solution descriptionp. 35

6.8.2.1  Proposed Architecturep. 35

6.8.2.2  Service Discovery and Negotiationp. 35

6.8.2.3  Ability to enable and disable the BEST servicep. 39

6.8.2.4  End to Middle Security User Plane and Signalling Planep. 40

6.8.2.4.1  Data transportp. 40
6.8.2.4.2  End to Middle Secured Data Protocol (EMSDP)p. 40
6.8.2.4.3  EMSDP general structurep. 40
6.8.2.4.3a  EMSDP Counter Schemesp. 42
6.8.2.4.4  EMSDP Integrity protectionp. 42
6.8.2.4.5  EMSDP Encryptionp. 43
6.8.2.4.6  EMSDP Commandsp. 44

6.8.2.7  Key Agreement and Refreshingp. 45

6.8.2.7.1  Overviewp. 45
6.8.2.7.2  Key setup messaging between HSE and UEp. 45
6.8.2.7.3  BEST key derivation mechanismp. 48

6.8.2.8  Starting a BEST service sessionp. 49

6.8.2.8.1  UE initiated BEST sessionp. 49
6.8.2.8.2  HSE initiated BEST sessionp. 50

6.8.2.9  Resuming a BEST session following a power cycle at the UE or a re-attachp. 50

6.8.2.10  BEST service session operationp. 50

6.8.2.11  Ending a BEST service sessionp. 50

6.8.3  Solution Evaluationp. 50

6.9  Solution #9: Complete end to end solutionp. 51

6.9.1  Introductionp. 51

6.9.2  Solution descriptionp. 52

6.9.2.1  Proposed Architecturep. 52

6.9.2.2  Service Discovery and Negotiationp. 53

6.9.2.3  Ability to Enable and Disable the BEST servicep. 53

6.9.2.4  End to Middle Security User Plane and Signalling Planep. 53

6.9.2.4.1  Data transportp. 53
6.9.2.4.2  End to Middle Secured Data Protocol (EMSDP)p. 53
6.9.2.4.3  EMSDP general structurep. 54
6.9.2.4.3A  EMSDP Counter Schemesp. 54
6.9.2.4.4  EMSDP Integrity protectionp. 54
6.9.2.4.5  EMSDP Encryptionp. 54
6.9.2.4.6  EMSDP Commandsp. 54

6.9.2.7  Key Agreement and Refreshingp. 57

6.9.2.7.1  Overviewp. 57
6.9.2.7.2  Key setup messaging between HSE and UEp. 57
6.9.2.7.3  BEST key derivation mechanismp. 60

6.9.2.8  Starting a BEST service sessionp. 62

6.9.2.8.1  UE initiated BEST sessionp. 62
6.9.2.8.2  HSE initiated BEST sessionp. 63

6.9.2.9  Resuming a BEST session following a power cycle at the UE or a re-attachp. 63

6.9.2.10  BEST service session operationp. 64

6.9.2.11  Ending a BEST service sessionp. 64

6.9.3  Solution Evaluationp. 64

6.10  Solution #10: "AKA-based session key generation for application protocols"p. 64

6.10.1  Introductionp. 64

6.10.2  Solution descriptionp. 65

6.10.2.1  Featuresp. 65

6.10.2.2  Interface between EMKS and EMSEp. 68

6.10.2.2.1  Introductionp. 68
6.10.2.2.2  Procedures over the RESTful HTTP reference pointp. 68

6.10.2.3  Example use of solution 10: information flow using pre-shared key DTLSp. 69

6.10.3  Solution evaluationp. 71

6.11  Solution #11: A method for IoT service layer security bootstrapping solutionp. 71

6.11.1  Introductionp. 71

6.11.2  Solution descriptionp. 72

6.11.2.1  Proposed architecturep. 72

6.11.2.2  Security boostrapping and key refreshingp. 72

6.11.2.2.1  Overviewp. 72
6.11.2.2.2  Key agreement and boostrapping with HSS deriving master session keyp. 72
6.11.2.2.3  Key refreshingp. 75

6.11.3  Solution evaluationp. 76

6.12  Solution #12: A method for IoT service layer security bootstrapping solutionp. 76

6.12.1  Introductionp. 76

6.12.2  Solution descriptionp. 76

6.12.2.1  Proposed architecturep. 76

6.12.2.2  Security boostrapping and key refreshingp. 77

6.12.2.2.1  Overviewp. 77
6.12.2.2.2  Key agreement and boostrappingp. 77
6.12.2.2.3  Key refreshingp. 80

6.12.3  Solution evaluationp. 81

7  Conclusionsp. 82

7.1  Issues identifiedp. 82

7.2  Solution evaluation summaryp. 82

7.3  Recommendation for normative workp. 86

A  AKA procedures assessment in very low data throughput environmentp. 87

A.1  Introductionp. 87

A.2  UMTS AKAp. 87

A.3  DTLS handshake for ECDHE-ECDSA configurationp. 89

A.3.1  DTLS handshake procedure measurementp. 89

A.3.2  TLS Record and Handshake message measurementp. 91

A.4  DTLS record header overhead description for ciphered datap. 95

A.4.1  DTLS record header measurementp. 95

A.5  TLS handshake session resumptionp. 96

A.5.1  TLS handshake session resumption procedure measurementp. 96

A.5.2  TLS Record and Handshake message measurementp. 96

A.6  GBA bootstrapping procedurep. 99

A.6.1  Bootstrapping procedure description measurementp. 99

A.6.2  PSK-TLS procedure measurement in GBA case.p. 101

B  Review of security standardization efforts in other SDOsp. 105

B.0  Introductionp. 105

B.1  (D)TLS optimization efforts in IETFp. 105

B.1.1  Backgroundp. 105

B.1.2  Existing and evolving TLS optimizationsp. 105

B.1.3  Making the full handshake lighterp. 106

B.1.4  Resuming existing connectionp. 106

C  Proposed normative changesp. 107

C.1  Introductionp. 107

C.2  Proposed changes to 3GPP TS 33.401p. 107

C.2.1  Overview of changesp. 107

C.3  Proposed changes to 3GPP TS 43.020p. 108

$  Change Historyp. 109

Up   Top