Lect 2 - Sec Sys Exa..

36
2004/02/23 NCTU Internet Security - Lecture 2 [v.2] 1 Lecture II : Lecture II : Security System Development Security System Development Introduction to Internet Security NCTU/CSIE–93S John K. Zao, PhD SMIEEE 93/02/23

Transcript of Lect 2 - Sec Sys Exa..

Page 1: Lect 2 - Sec Sys Exa..

2004/02/23 NCTU Internet Security - Lecture 2 [v.2] 1

Lecture II : Lecture II : Security System Development Security System Development

Introduction to Internet SecurityNCTU/CSIE–93S

John K. Zao, PhD SMIEEE93/02/23

Page 2: Lect 2 - Sec Sys Exa..

2004/02/23 NCTU Internet Security - Lecture 2 [v.2] 2

Use of IPsec & IKE in Use of IPsec & IKE in Universal Mobile Telecommunication Universal Mobile Telecommunication SystemSystem

Dr. John K. ZaoSr. Scientist, Information Security

Verizon Communications / BBN Technologies

BBN TechnologiesAn Operating Unit of

IPSEC 2000Paris La Defense - France 10/26/2000

Page 3: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

3 BBN TechnologiesAn Operating Unit of

Motivation

Why are we thinking of putting IPsec & IKE into 3G?Because … IP (with XML payloads) is likely to become internetworking

protocol for future Wireless Internet. IPsec & IKE will become widely deployed. GSM/GPRS/UMTS Security Architecture is complex &

fragmented. Use of USIM will make PK technology more accessible. …

What will be the major show stoppers? Wireless voice traffic will not be over IP in near future. Wireless signaling & control traffic is not over IP either.

Page 4: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

4 BBN TechnologiesAn Operating Unit of

Outline

Overview: 3G Wireless Data Networks Architecture Domains Strata

Analysis: UMTS Security

Proposal: Possible Use of IPsec & IKE in UMTS Security

Page 5: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

5 BBN TechnologiesAn Operating Unit of

Wireless Data Network Development

2G 2.5G 3G

Europe

USA

Page 6: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

6 BBN TechnologiesAn Operating Unit of

GPRS / UMTS System Architecture

MSC

EIR

MESIM

AuC

HLR VLR

BSC

BSC

BTS

BTS

BTS

BTS

PSTN / ISDNPSPDN / CSPDN

MESIM

MESIM

MESIM

MSC

Access Netw orkDomain

Core Netw orkDomain

Serving Netw orkDomain

Transit Netw orkDomain

User EquipmentDomain

InfrastructureDomain

MobileEquipment

DomainUSIM

Domain

Home Netw orkDomain

Page 7: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

7 BBN TechnologiesAn Operating Unit of

UMTS Domain Hierarchy

Access Netw orkDomain

Serving Netw orkDomain

Transit Netw orkDomain

User EquipmentDomain

InfrastructureDomain

MobileEquipment

Domain

USIMDomain

Home/Remote Netw orkDomain

ME USIM

MT SNAN HN / RN

HE / TE

TN

Cu Uu Iu [Yu] [Zu]

SN

User Apps Provider Apps

Domain – a high-level group of UMTS entities; reference points (interfaces) are defined between domains

Page 8: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

8 BBN TechnologiesAn Operating Unit of

UMTS MT-HN Strata

Home StratumService Stratum

Transport StratumAccess Stratum

Access Netw orkDomain

Serving Netw orkDomain

Transit Netw orkDomain

User EquipmentDomain

InfrastructureDomain

MobileEquipment

Domain

USIMDomain

Home/Remote Netw orkDomain

ME USIM

MT SNAN HN / RN

HE / TE

TN

Cu Uu Iu [Yu] [Zu]

SN

User Apps Provider Apps

Stratum – a group of UMTS protocols that are relevant to one aspect of the services provided by one or more domains

Page 9: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

9 BBN TechnologiesAn Operating Unit of

UMTS MT-RN Strata

Service Stratum

Transport StratumAccess Stratum

Application Stratum

Access Netw orkDomain

Serving Netw orkDomain

Transit Netw orkDomain

User EquipmentDomain

InfrastructureDomain

MobileEquipment

Domain

USIMDomain

Home/Remote Netw orkDomain

ME USIM

MT SNAN HN / RN

HE / TE

TN

Cu Uu Iu [Yu] [Zu]

SN

User Apps Provider Apps

Stratum – a group of UMTS protocols that are relevant to one aspect of the services provided by one or more domains

Page 10: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

10 BBN TechnologiesAn Operating Unit of

UMTS 3G-Mobile Security Analysis

ASSET

IDENTIFICATIONCONFIG

PLANNI NG PRACTI CE

ASSET

EVALUATION

THREAT

IDENTIFICATION

THREAT

EVALUATION

POLICY/ MEASURE

FORMULATION

HARDEN

DETECT

RESPONSE

IMPROVE

VulnerabilityAnalysis

GoalEstablishment Preventive

Reactive

CorrectiveStrategyDevelopment

Vulnerability Analysis

Service Selection

Mechanism Implementation

Page 11: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

11 BBN TechnologiesAn Operating Unit of

Outline

Overview: 3G Wireless Data Networks

Analysis: UMTS Security Security Threads Security Architecture Security Services Security Mechanisms

Proposal: Possible Use of IPsec & IKE in UMTS Security

Page 12: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

12 BBN TechnologiesAn Operating Unit of

3G Security: Threats BasicThreads

Confidentiality Violation

Integrity Violation

Denial of Services

Illegitimate Uses

Repudiation

EnablingThreads

Eavesdropping, User Traffic

Alteration,User Traffic

Intervention,Physical

Masquerading,User

Repudiation,Charge

Eavesdropping, Signal & Control

Alteration,Signal & Control

Intervention,Protocols

Masquerading,Service Net

Repudiation,Traffic Origin

Masquerading,User

Alteration,ME Download

Masquerading,Net Elements

Masquerading,Home Environment

Repudiation,Traffic Delivery

Masquerading,Net Elements

Alteration,USIM Download

Privilege Misuse Privilege Misuse,User

Traffic Analysis, Passive

Alteration,System Data

Service Abuse Privilege Misuse,Service Net

Traffic Analysis, Active

Masquerading,Net Elements

Stealing,Terminals

Unauthorized Access, System Data

Masquerading, Download Origins

Information Leakage User Location

Source: 3G Security; Security Threats & Requirements [3G TS 21.133]

Page 13: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

13 BBN TechnologiesAn Operating Unit of

3G Security : Threats, Radio Interface

BasicThreads

Confidentiality Violation

Integrity Violation

Denial of Services

Illegitimate Uses

Repudiation

EnablingThreads

Eavesdropping, User Traffic

Alteration,User Traffic

Intervention,Physical

Masquerading,User

Repudiation,Charge

Eavesdropping, Signal & Control

Alteration,Signal & Control

Intervention,Protocols

Masquerading,Service Net

Repudiation,Traffic Origin

Masquerading,User

Alteration,ME Download

Masquerading,Net Elements

Masquerading,Home Environment

Repudiation,Traffic Delivery

Masquerading,Net Elements

Alteration,USIM Download

Privilege Misuse Privilege Misuse,User

Traffic Analysis, Passive

Alteration,System Data

Service Abuse Privilege Misuse,Service Net

Traffic Analysis, Active

Masquerading,Net Elements

Stealing,Terminals

Unauthorized Access, System Data

Masquerading, Download Origins

Information Leakage User Location

Relevant Threads Significant Threads

Major Threads Radio Eavesdropping & Traffic Analysis

User & Net Element Masquerading

Page 14: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

14 BBN TechnologiesAn Operating Unit of

3G Security : Threats, ME-USIM InterfaceBasicThreads

Confidentiality Violation

Integrity Violation

Denial of Services

Illegitimate Uses

Repudiation

EnablingThreads

Eavesdropping, (USIM) User Traffic

Alteration, (USIM) User Traffic

Intervention,Physical

Masquerading, User (Stolen ME & USIM)

Repudiation,Charge

Eavesdropping, (USIM) Signal & Control

Alteration, (USIM) Signal & Control

Intervention,Protocols

Masquerading,Service Net

Repudiation,Traffic Origin

Masquerading,User (ME/USIM)

Alteration,ME Download

Masquerading,Net Elements

Masquerading,Home Environment

Repudiation,Traffic Delivery

Masquerading,Net Elements

Alteration,USIM Download

Privilege Misuse Privilege Misuse, (Borrowed USIM)

Traffic Analysis, Passive

Alteration,System Data (ME)

Service Abuse Privilege Misuse, Service Net

Traffic Analysis, Active

Masquerading,Net Elements

Stealing,Terminals (ME)

Unauthorized Access, System Data (USIM)

Masquerading, Download Origins

Information Leakage, User Location

Relevant Threads Significant Threads

Major Threads ME/USIM Masquerading ME/USIM Data Alteration & Access ME/USIM Download Alteration &

Eavesdropping

Page 15: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

15 BBN TechnologiesAn Operating Unit of

3G Security : Threats, General System

BasicThreads

Confidentiality Violation

Integrity Violation

Denial of Services

Illegitimate Uses

Repudiation

EnablingThreads

Eavesdropping, User Traffic

Alteration,User Traffic

Intervention,Physical

Masquerading,User

Repudiation,Charge

Eavesdropping, Signal & Control

Alteration,Signal & Control

Intervention,Protocols

Masquerading,Service Net

Repudiation,Traffic Origin

Masquerading,User

Alteration,ME Download

Masquerading,Net Elements

Masquerading,Home Environment

Repudiation,Traffic Delivery

Masquerading,Net Elements

Alteration,USIM Download

Privilege Misuse Privilege Misuse,User

Traffic Analysis, Passive

Alteration,System Data

Service Abuse,Emergency Service

Privilege Misuse,Service Net

Traffic Analysis, Active

Masquerading,Net Elements

Stealing,Terminals

Unauthorized Access, System Data

Masquerading, Download Origins

Information Leakage User Location Relevant Threads Significant

ThreadsMajor Threads Privilege Misuse

Network Element Masquerading Wired Link Eavesdropping

Page 16: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

16 BBN TechnologiesAn Operating Unit of

Outline

Overview: 3G Wireless Data Networks

Analysis: UMTS Security Security Threads Security Architecture Security Services

Network Access Security Network Domain Security User Domain Security Application Domain Security

Security Mechanisms

Proposal: Possible Use of IPsec & IKE in UMTS Security

Page 17: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

17 BBN TechnologiesAn Operating Unit of

UMTS Security Architecture

Service Stratum

Transport StratumAccess Stratum

Application Stratum

Access Netw orkDomain

Serving Netw orkDomain

Transit Netw orkDomain

User EquipmentDomain

InfrastructureDomain

MobileEquipment

Domain

USIMDomain

Home/Remote Netw orkDomain

ME USIM

MT SNAN HN / RN

HE / TE

TN

Cu Uu Iu [Yu] [Zu]

SN

User Apps Provider Apps

Network Access Security

Network Domain Security

User Domain Security

Application Domain Security

User Domain Security – protection against attacks on ME - USIM/USIM interfaces

Network Access Security – protection against attacks on radio (access) links Network Domain Security – protection against attacks on wired network

infrastructure Application Domain Security – protection on user &

provider application exchanges Security Management – monitoring & managing user - provider security

features

Page 18: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

18 BBN TechnologiesAn Operating Unit of

Network Access Security

User Identity ConfidentialityUser Identity ConfidentialityServicesServices Identity Confidentiality Location Confidentiality Untraceability

Entity AuthenticationEntity AuthenticationServicesServices Authentication Mechanism

Agreement User Authentication Network Element Authentication

Data ConfidentialityData ConfidentialityServicesServices Cipher Algorithm Agreement Cipher Key Agreement User Data Confidentiality Signal / Control Data Confidentiality

Data IntegrityData IntegrityServicesServices

Integrity Algorithm Agreement Integrity Key Agreement Signal & Control Data Integrity Signal & Control Data Origin

Authentication

Page 19: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

19 BBN TechnologiesAn Operating Unit of

Network Domain Security

Entity AuthenticationEntity AuthenticationServicesServices Mechanism Agreement Network Element Authentication

Data ConfidentialityData ConfidentialityServicesServices Cipher Algorithm Agreement Cipher Key Agreement Signal / Control Data Confidentiality

Data IntegrityData IntegrityServicesServices Integrity Algorithm Agreement Integrity Key Agreement Signal / Control Data Integrity Signal / Control Data Origin

Authentication

Page 20: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

20 BBN TechnologiesAn Operating Unit of

User Domain Security

User - USIM AuthenticationUser - USIM AuthenticationServicesServices PIN-based Authentication

USIM - ME AuthenticationUSIM - ME AuthenticationServicesServices Shared Secret Authentication

Page 21: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

21 BBN TechnologiesAn Operating Unit of

Application Domain Security

Secure USIM Download & MessagingSecure USIM Download & MessagingServicesServices Application Identity Authentication Application Data Confidentiality Application Data Origin Authentication Application Data Integrity Application Exchange Sequence Integrity Application Exchange Replay Protection Application Data Non-repudiation

IP SecurityIP Security[TBD][TBD]

User Traffic ConfidentialityUser Traffic ConfidentialityServiceService End-to-End Data Confidentiality

User Profile ConfidentialityUser Profile Confidentiality[TBD][TBD]

Page 22: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

22 BBN TechnologiesAn Operating Unit of

Outline

Overview: 3G Wireless Data Networks

Analysis: UMTS Security Security Threads Security Architecture Security Services Security Mechanisms

Mobile User Identity AllocationEntity Authentication & Key AgreementUser Traffic ConfidentialityNetwork Domain Security

Proposal: Possible Use of IPsec & IKE in UMTS Security

Page 23: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

23 BBN TechnologiesAn Operating Unit of

Mobile User Identity (MUI) Exchanges

Temporary MUI (TMUI) Allocation

Permanent MUI (IMUI) Identification

Similar to Mobile IP Registration

Source: UMTS Security Architec-ture [3G TS 33.102]

Page 24: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

24 BBN TechnologiesAn Operating Unit of

Entity Authentication & Key Agreement

ParametersAuthentication Vector

AV(i) := RAND(i)||XRES(i)||CK(i)||IK(i)||AUTN(i)

AUTN,CK,IK,XRES derived from RAND,SQN,AMF

Authentication Data RequestAuthen_Req := IMUI || HLR_MSG

Authentication Data RequestAuthen_Res := [IMUI] || AV(1..n)

CommentsAuthentication is conducted between

HE/AuC & MS/USIMHE is authentication & key distribution

centerSN/VLR is trusted mediator If HE is off-line then MS-SN authenti-

cate using shared integrity key & protect their traffic using old (CK,IK)

Page 25: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

25 BBN TechnologiesAn Operating Unit of

User Traffic Confidentiality

Key Management

Cipher Key (Ks) Initialization Vector (IV)

Cipher Algorithms Synchronous Stream Cipher

Data stream XOR with key stream

Synchronization controlled by IV

Issues Encryption synchronization TFO voice protection adaptation Data traffic protection

adaptation Encryption termination at

gateways Encryption management

Page 26: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

26 BBN TechnologiesAn Operating Unit of

Network Domain Security

Similar to Multi-Realm Kerberos

Layer I Symmetric Session Key

Negotiation using PK technology

Layer II Session Key Distribution

within each Operator

Layer III Secure communication

between Elements of different Operators

Page 27: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

27 BBN TechnologiesAn Operating Unit of

Outline

Overview: 3G Wireless Data Networks

Analysis: UMTS Security

Proposal: Possible Use of IPsec & IKE in UMTS Security Motivation Use of IPsec with IKE Use of IPsec with UMTS Key Management Use of IKE with UMTS Cipher Mechanisms Use of IPsec with Stateful Header Compression

Page 28: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

28 BBN TechnologiesAn Operating Unit of

Use of IPsec with IKE in UMTS

Application Domain Security [Strong Case] User Traffic Confidentiality

Network Domain Security [Possible but Unlikely Case] Entity Authentication Data Confidentiality Data Integrity First, UMTS Core Network must speak IP …

Page 29: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

29 BBN TechnologiesAn Operating Unit of

Use of IPsec with UMTS Key Management

Network Domain Signaling & Control Security [Possible Case] Entity Authentication Data Confidentiality Data Integrity More likely than IPsec protection for entire UMTS Core

Network Use UMTS Key Management is reasonable for

compatibility Still, UMTS Signaling & Control must speak IP …

Page 30: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

30 BBN TechnologiesAn Operating Unit of

Use of IKE with UMTS Cipher Mechanisms

Not so unlikely as we think because … UMTS uses USIM-HE exchanges to establish user

security USIM & HE/AuC may use IKE technology

Entity Authentication & Cipher/Integrity Key Agreement Network Access Security Application Domain Security

Page 31: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

31 BBN TechnologiesAn Operating Unit of

Use of IPsec with Header Compression

Justification Wireless Data Network may have limited bandwidth Wireless Access & Network Domains support stateful L2

switching

Approach Adopt technologies from IETF Robust Header

Compression WG Consider possible IPsec header compression ?

Page 32: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

32 BBN TechnologiesAn Operating Unit of

Summary

Key Issue Putting Internet onto 3G is adding IP onto voice network Compatibility with 2G/2.5G technologies is a must for future

wireless data networks

Preliminary Thoughts Shall/can we separate IPsec & IKE?

IKE & other key/policy management protocols are application layer protocols providing a service

IPsec & UMTS cipher protocols are link/network layer protocols for secure communication

Shall/can we develop a key/policy management service for wireless data/voice network? Can we provide this generic service to both wireless voice/data apps? What kind of API(s) shall we develop?

Can/shall we integrate wireless key/policy(/network) management with wired internet key/policy/network management? How?

Page 33: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

33 BBN TechnologiesAn Operating Unit of

Bibliography

3G 3G Partnership Project, Technical Specification Group Partnership Project, Technical Specification Group (TSG) SA(TSG) SA 3G TS 21.133 - 3G Security; Security Threats & Requirements

3G TS 21.120 - 3G Security; Security Principles & Objectives

3G TS 33.105 - 3G Security; Cryptographic Algorithm Requirements

3G TS 33.102 - UMTS; 3G Security; Security Architecture

3G TS 23.101 - UMTS; General UMTS Architecture

GSM DocumentsGSM Documents GS 02.60 – GPRS; Service Description; Stage 1

GS 03.60 – GPRS; Service Description; Stage 2

GS 02.09 – Security Aspects

GS 03.20 – Security Related Network Functions

Source: http://www.etsi.org/

Page 34: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

34 BBN TechnologiesAn Operating Unit of

Review: Security System Planning

Procedure Vulnerability Analysis Service Selection Mechanism

Implementation

Page 35: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

35 BBN TechnologiesAn Operating Unit of

Review: Vulnerability Analysis BasicThreads

Confidentiality Violation

Integrity Violation

Denial of Services

Illegitimate Uses

Repudiation

EnablingThreads

Eavesdropping, User Traffic

Alteration,User Traffic

Intervention,Physical

Masquerading,User

Repudiation,Charge

Eavesdropping, Signal & Control

Alteration,Signal & Control

Intervention,Protocols

Masquerading,Service Net

Repudiation,Traffic Origin

Masquerading,User

Alteration,ME Download

Masquerading,Net Elements

Masquerading,Home Environment

Repudiation,Traffic Delivery

Masquerading,Net Elements

Alteration,USIM Download

Privilege Misuse Privilege Misuse,User

Traffic Analysis, Passive

Alteration,System Data

Service Abuse Privilege Misuse,Service Net

Traffic Analysis, Active

Masquerading,Net Elements

Stealing,Terminals

Unauthorized Access, System Data

Masquerading, Download Origins

Information Leakage User Location

Source: 3G Security; Security Threats & Requirements [3G TS 21.133]

Page 36: Lect 2 - Sec Sys Exa..

IPSEC 2000Paris La Defense - France 10/26/2000

36 BBN TechnologiesAn Operating Unit of

Review: Security Services & Architecture

Service Stratum

Transport StratumAccess Stratum

Application Stratum

Access Netw orkDomain

Serving Netw orkDomain

Transit Netw orkDomain

User EquipmentDomain

InfrastructureDomain

MobileEquipment

Domain

USIMDomain

Home/Remote Netw orkDomain

ME USIM

MT SNAN HN / RN

HE / TE

TN

Cu Uu Iu [Yu] [Zu]

SN

User Apps Provider Apps

Network Access Security

Network Domain Security

User Domain Security

Application Domain Security

User Domain Security – protection against attacks on ME - USIM/USIM interfaces

Network Access Security – protection against attacks on radio (access) links Network Domain Security – protection against attacks on wired network

infrastructure Application Domain Security – protection on user &

provider application exchanges Security Management – monitoring & managing user - provider security

features