Tech-invite3GPPspaceIETFspace
21222324252627282931323334353637384‑5x
Top   in Index   Prev   Next

TR 33.701
Study on mitigations against bidding down Attacks

3GPP‑Page   fToC   Partial Content
V19.0.0 (Wzip)  2024/09  31 p.
Rapporteur:
Dr. Ben Henda, Noamen
Huawei Technologies Sweden AB

full Table of Contents for  TR 33.701  Word version:  19.0.0

each clause number in 'red' refers to the equivalent title in the Partial Content
Here   Top
1Scope  p. 7
2References  p. 7
3Definitions of terms, symbols and abbreviations  p. 7
3.1Terms  p. 7
3.2Symbols  p. 7
3.3Abbreviations  p. 7
4Key issues  p. 8
4.1Key Issue #1: Bidding down attacks from LTE/NR to decommissioned GERAN/UTRAN  p. 8
4.1.1Description  p. 8
4.1.2Threats  p. 8
4.1.3Potential requirements  p. 9
5Solutions  p. 9
5.1Solution #1: Securely notification to UE when the GERAN/UTRAN networks are decommissioned  p. 9
5.1.1Introduction  p. 9
5.1.2Details  p. 9
5.1.3Evaluation  p. 9
5.2Solution #2: Provisioning of information on restricted RAT types using NAS message  p. 10
5.2.1Introduction  p. 10
5.2.2Details  p. 10
5.2.3Evaluation  p. 10
5.3Solution #3: Mitigation against bidding down attacks from LTE/NR to decommissioned GERAN/UTRAN  p. 11
5.3.1Introduction  p. 11
5.3.2Details  p. 12
5.3.3Evaluation  p. 13
5.4Solution #4: Solution for mitigating GERAN UTRAN bidding down attack  p. 13
5.4.1Introduction  p. 13
5.4.2Details  p. 13
5.4.3Evaluation  p. 14
5.5Solution #5: Solution for access restrictions to decommissioned UTRAN and GERAN  p. 15
5.5.1Introduction  p. 15
5.5.2Details  p. 15
5.5.3Evaluation  p. 16
5.6Solution #6: Using allowlist to avoid bidding down attack from LTE/NR to decommissioned GERAN/UTRAN  p. 16
5.6.1Introduction  p. 16
5.6.2Details  p. 16
5.6.3Evaluation  p. 16
5.7Solution #7: Registration-based provisioning of decommissioned system list  p. 17
5.7.1Introduction  p. 17
5.7.2Details  p. 17
5.7.3Evaluation  p. 18
5.8Solution #8: UPU-based provisioning of decommissioned system list  p. 18
5.8.1Introduction  p. 18
5.8.2Details  p. 18
5.8.3Evaluation  p. 19
5.9Solution #9: Reuse SoR procedure for bidding down attack mitigation  p. 20
5.9.1Introduction  p. 20
5.9.2Details  p. 20
5.9.3Evaluation  p. 20
5.10Solution #10: Solution for configured operator indication  p. 21
5.10.1Introduction  p. 21
5.10.2Details  p. 21
5.10.3Evaluation  p. 21
5.11Solution #11: Solution to prevent GERAN/UTRAN bidding down attack using UICC Configuration  p. 21
5.11.1Introduction  p. 21
5.11.2Details  p. 22
5.11.3Evaluation  p. 22
5.12Solution #12: Solution to prevent bidding down to GERAN/UTRAN by restricting inter RAT handover  p. 22
5.12.1Introduction  p. 22
5.12.2Solution details  p. 22
5.12.3Evaluation  p. 23
5.13Solution #13: Solution to prevent bidding down by restricting UE access to GERAN/UTRAN in its location  p. 24
5.13.1Introduction  p. 24
5.13.2Solution details  p. 24
5.13.3Evaluation  p. 25
5.14Solution #14: configuration in UE per country  p. 26
5.14.1Introduction  p. 26
5.14.2Details:  p. 26
5.14.3Evaluation  p. 27
5.15Solution #15: Mitigation of Roaming Attack based on UE Implementation  p. 27
5.15.1Introduction  p. 27
5.15.2Solution details  p. 27
5.15.2.1PLMN Selection Logic  p. 27
5.15.2.2Mitigation of Attack Scenario 1  p. 28
5.15.2.3Mitigation of Attack Scenario 2  p. 28
5.15.3Evaluation  p. 28
5.16Solution #16: configuration in UE  p. 29
5.16.1Introduction  p. 29
5.16.2Details:  p. 29
5.16.3Evaluation  p. 29
6Conclusion  p. 29
AGuidance for legacy devices  p. 30
A.1Description  p. 30
A.2Approaches  p. 30
A.2.1Approach #1: Raising user awareness  p. 30
BChange history  p. 31

Up   Top