Tech-invite   World Map
3GPPspecs     Glossaries     T+       IETF     RFCs     Groups     SIP     ABNFs
Top        in Index        Prev        Next

TR 33.859 (SA3)
Study on the introduction of Key Hierarchy in UTRAN

ToC      3GPP‑Page      Help       
V11.1.0 (Wzip)    2012/03    67 p.

Rapporteur:  Mr. Norrman, Karl
See also:  –

Deployments of HSPA UTRAN with part of the RNC functionality, including user plane and signaling protection, moved to HSPA NodeBs present the same threat environment as encountered by E-UTRAN eNBs. To help counter the threats towards the base stations, E UTRAN has introduced a key hierarchy and a key-refresh mechanism, making security breaches of the keys used on the air-interface much less severe. With the current key management in UTRAN it is impossible to achieve the same level of protection as in E-UTRAN.

The introduction of a key hierarchy in UTRAN gives an increased protection level and achieves additional benefits by yielding more secure interworking between UTRAN and E-UTRAN. It also implies a simpler handling in the sense that key management becomes more aligned in the two systems.

The objective of this work item is to study potential solutions for introducing an "E-UTRAN-like" key hierarchy in UTRAN, to improve the security level in UTRAN in the presence of the new deployment scenarios and to ensure that a security breach in UTRAN will not propagate into E-UTRAN. The study covers the technical feasibility and consequences. The impacts of such potential solution on UTRAN of earlier releases are identified. Interworking with earlier releases of UTRAN, GERAN and E-UTRAN is also studied.

The UTRAN key hierarchy is assumed to be built on top of (R99+) UMTS AKA, without requiring any changes to the authentication protocol or USIM. Therefore, it could in principle be used also in GERAN as long as USIMs are used and the SGSN, MSC/VLR, and ME are updated. However, the benefit of introducing the key hierarchy in GPRS is smaller than for the circuit switched part, as the traffic protection already terminates in the core network. Solution details for GERAN are not discussed further.

The study covers both PS and CS part of UTRAN.


Here        Top        None        None        Next
1…      5.2…     



1   Scope   Word-p. 8
2   References
3   Definitions, symbols and abbreviations   Word-p. 9
4   General   Word-p. 11
5   Analysis and design
5.1   Proposed solution 1   Word-p. 20
5.1.1   General
5.1.2   Key handling capability negotiation
5.1.3   Signalling procedures
5.1.4   Inter-working with GERAN procedures
5.1.5   Inter-working with E-UTRAN
5.1.6   Summary of changes to messages

Up        Top        ToC