Tech-invite 3GPPspecs RFCs

Gen 21 22 23 24 25 26 27 28 29 31 32 33 34 35 36 37 38 4‑5x
Fs NEs RPs SBIs IDs T_i+

TS 33.220 (SA3) ★
GBA: Generic Bootstrapping Architecture

3GPP‑Page ETSI‑search

use "3GPP‑Page" to get the Word version
use "ETSI‑search" to get the PDF version
for a better overview, the Table of Contents (ToC) is reproduced

V16.0.0 (Wzip) 2019/09 93 p.

V15.4.0 (PDF) 2018/12 96 p.

V14.1.0 2017/06 95 p.

V13.2.0 2017/06 95 p.

V12.3.0 2014/06 94 p.

V11.5.0 2013/06 94 p.

V10.1.0 2012/03 76 p.

V9.4.0 2012/03 76 p.

V8.9.0 2012/03 76 p.

V7.11.0 2008/03 75 p.

V6.13.0 2007/06 43 p.

3GPP 33.220 - GBA Reference Model

Rapporteur: Miss Jerichow, Anja

ThiS TS describes the security features and mechanisms to bootstrap authentication and key agreement for application security. Candidate applications to use this bootstrapping mechanism include but are not restricted to subscriber certificate distribution TS 33.221. Subscriber certificates support services whose provision mobile operator assists, as well as services that mobile operator provides.

The scope of this specification includes generic bootstrapping functions, an architecture overview and the detailed procedure how to bootstrap the credential.

full Table of Contents for TS 33.220 Word version: 16.0.0

1 Scope Word-p. 8

3 Definitions, abbreviations symbols and conventions Word-p. 10

3.1 Definitions

3.2 Abbreviations Word-p. 11

3.4 Conventions Word-p. 12

4 Generic Bootstrapping Architecture

4.1 Reference model

4.2 Network elements Word-p. 14

4.2.1 Bootstrapping server function (BSF)

4.2.2 Network application function (NAF)

4.2.2a Zn-Proxy Word-p. 15

4.2.4 UE Word-p. 16

4.2.6 HLR [R7] Word-p. 17

4.3 Bootstrapping architecture and reference points

4.3.1 Reference point Ub

4.3.2 Reference point Ua

4.3.3 Reference point Zh

4.3.4 Reference point Zn

4.3.5 Reference point Dz

4.3.6 Reference point Zh' [R7]

4.4 Requirements and principles for bootstrapping

4.4.1 Access Independence Word-p. 18

4.4.2 Authentication methods

4.4.4 Requirements on reference point Ub

4.4.5 Requirements on reference point Zh Word-p. 19

4.4.6 Requirements on reference point Zn

4.4.7 Requirements on Bootstrapping Transaction Identifier Word-p. 20

4.4.8 Requirements on selection of UICC application and related keys Word-p. 21

4.4.8.1 UICC application activation procedure in GBA Word-p. 22

4.4.9 Requirements on reference point Ua Word-p. 23

4.4.10 Requirements on reference point Dz

4.4.11 Requirements on GBA keys and parameters handling

4.4.12 Requirements on reference point Zh' [R7] Word-p. 24

4.4.13 Requirements on TMPI handling [R8] Word-p. 25

4.5.1 Initiation of bootstrapping

4.5.2 Bootstrapping procedures Word-p. 26

4.5.3 Procedures using bootstrapped Security Association Word-p. 28

4.5.4 Procedure related to service discovery Word-p. 30

5 UICC-based enhancements to Generic Bootstrapping Architecture (GBA_U) Word-p. 31

5.1 Architecture and reference points for bootstrapping with UICC-based enhancements

5.2 Requirements and principles for bootstrapping with UICC-based enhancements

5.2.1 Requirements on UE

5.2.2 Requirements on BSF

5.3 Procedures for bootstrapping with UICC-based enhancements

5.3.1 Initiation of bootstrapping

5.3.2 Bootstrapping procedure

5.3.3 Procedures using bootstrapped Security Association Word-p. 34

5.3.4 Procedure related to service discovery Word-p. 36

B (Normative) Specification of the key derivation function KDF Word-p. 38

B.1 Introduction

B.2 Generic key derivation function

B.2.0 General [R13]

B.2.1 Input parameter encoding Word-p. 39

B.2.1.1 General [R8]

B.2.1.2 Character string encoding [R8]

B.2.1.3 Non-negative integer encoding [R11]

B.2.2 FC value allocations [R8]

B.3 NAF specific key derivation in GBA and GBA_U Word-p. 40

B.4 Derivation of TMPI [R8]

B.5 Derivation of passwd and Ks [R11] Word-p. 41

B.6 NAF specific key derivation in GBA_Digest [R11] Word-p. 42

D Dialog example for user selection of UICC application used in GBA Word-p. 44

E (Normative) TLS profile for securing Zn/Zn' reference points Word-p. 45

F Handling of TLS certificates Word-p. 46

G (Normative) GBA_U UICC-ME interface Word-p. 47

G.1 GBA_U Bootstrapping procedure

G.2 GBA_U NAF Derivation procedure

H (Normative) Ua security protocol identifier Word-p. 49

H.2 Organization Octet

H.3 Ua security protocol identifiers for 3GPP specified protocols

I (Normative) 2G GBA [R7] Word-p. 51

I.0 Introduction [R11]

I.1 Reference model

I.2 Network elements

I.2.1 Bootstrapping server function (BSF)

I.2.2 Network application function (NAF) Word-p. 52

I.2.2a Zn-Proxy

I.2.4 UE Word-p. 53

I.2.6 HLR Word-p. 54

I.3 Bootstrapping architecture and reference points

I.3.1 Reference point Ub

I.3.2 Reference point Ua

I.3.3 Reference point Zh

I.3.4 Reference point Zn

I.3.5 Reference point Dz

I.3.6 Reference point Zh'

I.4 Requirements and principles for bootstrapping

I.4.0 General requirements [R11]

I.4.1 Access Independence Word-p. 55

I.4.2 Authentication methods

I.4.4 Requirements on reference point Ub

I.4.5 Requirements on reference point Zh Word-p. 56

I.4.6 Requirements on reference point Zn

I.4.7 Requirements on Bootstrapping Transaction Identifier Word-p. 57

I.4.8 Requirements on selection of UICC application and SIM card Word-p. 58

I.4.9 Requirements on reference point Ua

I.4.10 Requirements on reference point Dz

I.4.11 Requirements on reference point Zh'

I.5.1 Initiation of bootstrapping

I.5.2 Bootstrapping procedures

I.5.3 Procedures using bootstrapped Security Association Word-p. 61

I.5.4 Procedure related to service discovery Word-p. 63

I.6 TLS Profile

I.6.2 Authentication of the BSF Word-p. 64

I.6.3 Authentication of the UE

I.6.4 Set-up of Security parameters

J Usage of USS with local policy enforcement in BSF [R7] Word-p. 65

J.2 Usage scenarios

J.2.1 Scenario 1: NAF does not use USSs, BSF does not have local policy for NAF Word-p. 66

J.2.2 Scenario 2: NAF does not use USSs, BSF does have local policy for NAF

J.2.3 Scenario 3: NAF does use USSs, BSF does not have local policy for NAF

J.2.4 Scenario 4: NAF does use USSs, BSF does have local policy for NAF Word-p. 67

K Interoperator GBA-usage examples [R7] Word-p. 68

K.1 Example on interoperator GBA setup

K.2 Example on interoperator GBA operation Word-p. 70

L Information on how security threats related to known GSM vulnerabilities are addressed by the 2G GBA solution [R7] Word-p. 73

L.1 Impersonation of the UE to the BSF during the run of the Ub protocol

L.2 Impersonation of the BSF to the UE during the run of the Ub protocol

L.3 Finding the GBA key Ks during or after the Ub protocol run Word-p. 74

L.4 Bidding down attack

M (Normative) GBA_Digest [R11]

M.2 Reference model

M.3 Network elements Word-p. 75

M.3.1 Bootstrapping server function (BSF)

M.3.2 Network application function (NAF)

M.3.3 Zn-Proxy Word-p. 76

M.3.5 UE Word-p. 77

M.4 Bootstrapping architecture and reference points

M.4.1 Reference point Ub

M.4.2 Reference point Ua

M.4.3 Reference point Zh

M.4.4 Reference point Zn

M.4.5 Reference point Dz

M.5 Requirements and principles for bootstrapping Word-p. 78

M.5.1 General Requirements

M.5.2 Access independence

M.5.3 Authentication methods

M.5.5 Requirements on reference point Ub Word-p. 79

M.5.6 Requirements on reference point Zh

M.5.7 Requirements on reference point Zn

M.5.8 Requirements on Bootstrapping Transaction Identifier Word-p. 81

M.5.9 Requirements on reference point Ua

M.5.10 Requirements on reference point Dz

M.5.11 Requirements on GBA keys and parameters handling

M.6.2 Initiation of bootstrapping

M.6.3 Bootstrapping procedures Word-p. 82

M.6.4 Procedures using bootstrapped Security Association Word-p. 85

M.6.5 Procedure related to service discovery Word-p. 88

M.7 TLS Profile

M.7.2 Authentication of the BSF

M.7.3 Authentication of the UE Word-p. 89

M.7.4 Set-up of Security parameters

N Change history Word-p. 90