Tech-invite  3GPPspecsRELsGlossariesSIP
Info21222324252627282931323334353637384‑5x

Top   in Index   Prev   Next

TR 33.859SA3
Study on the introduction of Key Hierarchy in UTRAN

use "3GPP‑Page" to get the Word version
for a better overview, the Table of Contents (ToC) is reproduced
V11.1.0 (Wzip)  2012/03  67 p.

Rapporteur:  Mr. Norrman, Karl

Deployments of HSPA UTRAN with part of the RNC functionality, including user plane and signaling protection, moved to HSPA NodeBs present the same threat environment as encountered by E-UTRAN eNBs. To help counter the threats towards the base stations, E UTRAN has introduced a key hierarchy and a key-refresh mechanism, making security breaches of the keys used on the air-interface much less severe. With the current key management in UTRAN it is impossible to achieve the same level of protection as in E-UTRAN.
The introduction of a key hierarchy in UTRAN gives an increased protection level and achieves additional benefits by yielding more secure interworking between UTRAN and E-UTRAN. It also implies a simpler handling in the sense that key management becomes more aligned in the two systems.
The objective of this work item is to study potential solutions for introducing an "E-UTRAN-like" key hierarchy in UTRAN, to improve the security level in UTRAN in the presence of the new deployment scenarios and to ensure that a security breach in UTRAN will not propagate into E-UTRAN. The study covers the technical feasibility and consequences. The impacts of such potential solution on UTRAN of earlier releases are identified. Interworking with earlier releases of UTRAN, GERAN and E-UTRAN is also studied.
The UTRAN key hierarchy is assumed to be built on top of (R99+) UMTS AKA, without requiring any changes to the authentication protocol or USIM. Therefore, it could in principle be used also in GERAN as long as USIMs are used and the SGSN, MSC/VLR, and ME are updated. However, the benefit of introducing the key hierarchy in GPRS is smaller than for the circuit switched part, as the traffic protection already terminates in the core network. Solution details for GERAN are not discussed further.
The study covers both PS and CS part of UTRAN.

full Table of Contents for  TR 33.859  Word version:   11.1.0

Here   Top
1  ScopeWord-p. 8
2  References
3  Definitions, symbols and abbreviationsWord-p. 9
4  GeneralWord-p. 11
5  Analysis and design
5.1  Proposed solution 1Word-p. 20
5.1.1  General
5.1.2  Key handling capability negotiation
5.1.3  Signalling procedures
5.1.4  Inter-working with GERAN procedures
5.1.5  Inter-working with E-UTRAN
5.1.6  Summary of changes to messages
5.2  Proposed solution 2
5.2.1  General
5.2.2  Overview of the solutionWord-p. 33
5.2.3  Proposed PS solutionUp
5.2.4  CS related procedures
5.3  Proposed solution 3
5.4  Proposed solution 4
6  Comparison of proposed Solutions
7  Complexity versus benefit analysisWord-p. 61
8  Conclusions
A  Change historyWord-p. 67

Up   Top