Lect 2 - Sec Sys Exa..
-
Upload
dominque23 -
Category
Technology
-
view
212 -
download
2
Transcript of Lect 2 - Sec Sys Exa..
2004/02/23 NCTU Internet Security - Lecture 2 [v.2] 1
Lecture II : Lecture II : Security System Development Security System Development
Introduction to Internet SecurityNCTU/CSIE–93S
John K. Zao, PhD SMIEEE93/02/23
2004/02/23 NCTU Internet Security - Lecture 2 [v.2] 2
Use of IPsec & IKE in Use of IPsec & IKE in Universal Mobile Telecommunication Universal Mobile Telecommunication SystemSystem
Dr. John K. ZaoSr. Scientist, Information Security
Verizon Communications / BBN Technologies
BBN TechnologiesAn Operating Unit of
IPSEC 2000Paris La Defense - France 10/26/2000
IPSEC 2000Paris La Defense - France 10/26/2000
3 BBN TechnologiesAn Operating Unit of
Motivation
Why are we thinking of putting IPsec & IKE into 3G?Because … IP (with XML payloads) is likely to become internetworking
protocol for future Wireless Internet. IPsec & IKE will become widely deployed. GSM/GPRS/UMTS Security Architecture is complex &
fragmented. Use of USIM will make PK technology more accessible. …
What will be the major show stoppers? Wireless voice traffic will not be over IP in near future. Wireless signaling & control traffic is not over IP either.
IPSEC 2000Paris La Defense - France 10/26/2000
4 BBN TechnologiesAn Operating Unit of
Outline
Overview: 3G Wireless Data Networks Architecture Domains Strata
Analysis: UMTS Security
Proposal: Possible Use of IPsec & IKE in UMTS Security
IPSEC 2000Paris La Defense - France 10/26/2000
5 BBN TechnologiesAn Operating Unit of
Wireless Data Network Development
2G 2.5G 3G
Europe
USA
IPSEC 2000Paris La Defense - France 10/26/2000
6 BBN TechnologiesAn Operating Unit of
GPRS / UMTS System Architecture
MSC
EIR
MESIM
AuC
HLR VLR
BSC
BSC
BTS
BTS
BTS
BTS
PSTN / ISDNPSPDN / CSPDN
MESIM
MESIM
MESIM
MSC
Access Netw orkDomain
Core Netw orkDomain
Serving Netw orkDomain
Transit Netw orkDomain
User EquipmentDomain
InfrastructureDomain
MobileEquipment
DomainUSIM
Domain
Home Netw orkDomain
IPSEC 2000Paris La Defense - France 10/26/2000
7 BBN TechnologiesAn Operating Unit of
UMTS Domain Hierarchy
Access Netw orkDomain
Serving Netw orkDomain
Transit Netw orkDomain
User EquipmentDomain
InfrastructureDomain
MobileEquipment
Domain
USIMDomain
Home/Remote Netw orkDomain
ME USIM
MT SNAN HN / RN
HE / TE
TN
Cu Uu Iu [Yu] [Zu]
SN
User Apps Provider Apps
Domain – a high-level group of UMTS entities; reference points (interfaces) are defined between domains
IPSEC 2000Paris La Defense - France 10/26/2000
8 BBN TechnologiesAn Operating Unit of
UMTS MT-HN Strata
Home StratumService Stratum
Transport StratumAccess Stratum
Access Netw orkDomain
Serving Netw orkDomain
Transit Netw orkDomain
User EquipmentDomain
InfrastructureDomain
MobileEquipment
Domain
USIMDomain
Home/Remote Netw orkDomain
ME USIM
MT SNAN HN / RN
HE / TE
TN
Cu Uu Iu [Yu] [Zu]
SN
User Apps Provider Apps
Stratum – a group of UMTS protocols that are relevant to one aspect of the services provided by one or more domains
IPSEC 2000Paris La Defense - France 10/26/2000
9 BBN TechnologiesAn Operating Unit of
UMTS MT-RN Strata
Service Stratum
Transport StratumAccess Stratum
Application Stratum
Access Netw orkDomain
Serving Netw orkDomain
Transit Netw orkDomain
User EquipmentDomain
InfrastructureDomain
MobileEquipment
Domain
USIMDomain
Home/Remote Netw orkDomain
ME USIM
MT SNAN HN / RN
HE / TE
TN
Cu Uu Iu [Yu] [Zu]
SN
User Apps Provider Apps
Stratum – a group of UMTS protocols that are relevant to one aspect of the services provided by one or more domains
IPSEC 2000Paris La Defense - France 10/26/2000
10 BBN TechnologiesAn Operating Unit of
UMTS 3G-Mobile Security Analysis
ASSET
IDENTIFICATIONCONFIG
PLANNI NG PRACTI CE
ASSET
EVALUATION
THREAT
IDENTIFICATION
THREAT
EVALUATION
POLICY/ MEASURE
FORMULATION
HARDEN
DETECT
RESPONSE
IMPROVE
VulnerabilityAnalysis
GoalEstablishment Preventive
Reactive
CorrectiveStrategyDevelopment
Vulnerability Analysis
Service Selection
Mechanism Implementation
IPSEC 2000Paris La Defense - France 10/26/2000
11 BBN TechnologiesAn Operating Unit of
Outline
Overview: 3G Wireless Data Networks
Analysis: UMTS Security Security Threads Security Architecture Security Services Security Mechanisms
Proposal: Possible Use of IPsec & IKE in UMTS Security
IPSEC 2000Paris La Defense - France 10/26/2000
12 BBN TechnologiesAn Operating Unit of
3G Security: Threats BasicThreads
Confidentiality Violation
Integrity Violation
Denial of Services
Illegitimate Uses
Repudiation
EnablingThreads
Eavesdropping, User Traffic
Alteration,User Traffic
Intervention,Physical
Masquerading,User
Repudiation,Charge
Eavesdropping, Signal & Control
Alteration,Signal & Control
Intervention,Protocols
Masquerading,Service Net
Repudiation,Traffic Origin
Masquerading,User
Alteration,ME Download
Masquerading,Net Elements
Masquerading,Home Environment
Repudiation,Traffic Delivery
Masquerading,Net Elements
Alteration,USIM Download
Privilege Misuse Privilege Misuse,User
Traffic Analysis, Passive
Alteration,System Data
Service Abuse Privilege Misuse,Service Net
Traffic Analysis, Active
Masquerading,Net Elements
Stealing,Terminals
Unauthorized Access, System Data
Masquerading, Download Origins
Information Leakage User Location
Source: 3G Security; Security Threats & Requirements [3G TS 21.133]
IPSEC 2000Paris La Defense - France 10/26/2000
13 BBN TechnologiesAn Operating Unit of
3G Security : Threats, Radio Interface
BasicThreads
Confidentiality Violation
Integrity Violation
Denial of Services
Illegitimate Uses
Repudiation
EnablingThreads
Eavesdropping, User Traffic
Alteration,User Traffic
Intervention,Physical
Masquerading,User
Repudiation,Charge
Eavesdropping, Signal & Control
Alteration,Signal & Control
Intervention,Protocols
Masquerading,Service Net
Repudiation,Traffic Origin
Masquerading,User
Alteration,ME Download
Masquerading,Net Elements
Masquerading,Home Environment
Repudiation,Traffic Delivery
Masquerading,Net Elements
Alteration,USIM Download
Privilege Misuse Privilege Misuse,User
Traffic Analysis, Passive
Alteration,System Data
Service Abuse Privilege Misuse,Service Net
Traffic Analysis, Active
Masquerading,Net Elements
Stealing,Terminals
Unauthorized Access, System Data
Masquerading, Download Origins
Information Leakage User Location
Relevant Threads Significant Threads
Major Threads Radio Eavesdropping & Traffic Analysis
User & Net Element Masquerading
IPSEC 2000Paris La Defense - France 10/26/2000
14 BBN TechnologiesAn Operating Unit of
3G Security : Threats, ME-USIM InterfaceBasicThreads
Confidentiality Violation
Integrity Violation
Denial of Services
Illegitimate Uses
Repudiation
EnablingThreads
Eavesdropping, (USIM) User Traffic
Alteration, (USIM) User Traffic
Intervention,Physical
Masquerading, User (Stolen ME & USIM)
Repudiation,Charge
Eavesdropping, (USIM) Signal & Control
Alteration, (USIM) Signal & Control
Intervention,Protocols
Masquerading,Service Net
Repudiation,Traffic Origin
Masquerading,User (ME/USIM)
Alteration,ME Download
Masquerading,Net Elements
Masquerading,Home Environment
Repudiation,Traffic Delivery
Masquerading,Net Elements
Alteration,USIM Download
Privilege Misuse Privilege Misuse, (Borrowed USIM)
Traffic Analysis, Passive
Alteration,System Data (ME)
Service Abuse Privilege Misuse, Service Net
Traffic Analysis, Active
Masquerading,Net Elements
Stealing,Terminals (ME)
Unauthorized Access, System Data (USIM)
Masquerading, Download Origins
Information Leakage, User Location
Relevant Threads Significant Threads
Major Threads ME/USIM Masquerading ME/USIM Data Alteration & Access ME/USIM Download Alteration &
Eavesdropping
IPSEC 2000Paris La Defense - France 10/26/2000
15 BBN TechnologiesAn Operating Unit of
3G Security : Threats, General System
BasicThreads
Confidentiality Violation
Integrity Violation
Denial of Services
Illegitimate Uses
Repudiation
EnablingThreads
Eavesdropping, User Traffic
Alteration,User Traffic
Intervention,Physical
Masquerading,User
Repudiation,Charge
Eavesdropping, Signal & Control
Alteration,Signal & Control
Intervention,Protocols
Masquerading,Service Net
Repudiation,Traffic Origin
Masquerading,User
Alteration,ME Download
Masquerading,Net Elements
Masquerading,Home Environment
Repudiation,Traffic Delivery
Masquerading,Net Elements
Alteration,USIM Download
Privilege Misuse Privilege Misuse,User
Traffic Analysis, Passive
Alteration,System Data
Service Abuse,Emergency Service
Privilege Misuse,Service Net
Traffic Analysis, Active
Masquerading,Net Elements
Stealing,Terminals
Unauthorized Access, System Data
Masquerading, Download Origins
Information Leakage User Location Relevant Threads Significant
ThreadsMajor Threads Privilege Misuse
Network Element Masquerading Wired Link Eavesdropping
IPSEC 2000Paris La Defense - France 10/26/2000
16 BBN TechnologiesAn Operating Unit of
Outline
Overview: 3G Wireless Data Networks
Analysis: UMTS Security Security Threads Security Architecture Security Services
Network Access Security Network Domain Security User Domain Security Application Domain Security
Security Mechanisms
Proposal: Possible Use of IPsec & IKE in UMTS Security
IPSEC 2000Paris La Defense - France 10/26/2000
17 BBN TechnologiesAn Operating Unit of
UMTS Security Architecture
Service Stratum
Transport StratumAccess Stratum
Application Stratum
Access Netw orkDomain
Serving Netw orkDomain
Transit Netw orkDomain
User EquipmentDomain
InfrastructureDomain
MobileEquipment
Domain
USIMDomain
Home/Remote Netw orkDomain
ME USIM
MT SNAN HN / RN
HE / TE
TN
Cu Uu Iu [Yu] [Zu]
SN
User Apps Provider Apps
Network Access Security
Network Domain Security
User Domain Security
Application Domain Security
User Domain Security – protection against attacks on ME - USIM/USIM interfaces
Network Access Security – protection against attacks on radio (access) links Network Domain Security – protection against attacks on wired network
infrastructure Application Domain Security – protection on user &
provider application exchanges Security Management – monitoring & managing user - provider security
features
IPSEC 2000Paris La Defense - France 10/26/2000
18 BBN TechnologiesAn Operating Unit of
Network Access Security
User Identity ConfidentialityUser Identity ConfidentialityServicesServices Identity Confidentiality Location Confidentiality Untraceability
Entity AuthenticationEntity AuthenticationServicesServices Authentication Mechanism
Agreement User Authentication Network Element Authentication
Data ConfidentialityData ConfidentialityServicesServices Cipher Algorithm Agreement Cipher Key Agreement User Data Confidentiality Signal / Control Data Confidentiality
Data IntegrityData IntegrityServicesServices
Integrity Algorithm Agreement Integrity Key Agreement Signal & Control Data Integrity Signal & Control Data Origin
Authentication
IPSEC 2000Paris La Defense - France 10/26/2000
19 BBN TechnologiesAn Operating Unit of
Network Domain Security
Entity AuthenticationEntity AuthenticationServicesServices Mechanism Agreement Network Element Authentication
Data ConfidentialityData ConfidentialityServicesServices Cipher Algorithm Agreement Cipher Key Agreement Signal / Control Data Confidentiality
Data IntegrityData IntegrityServicesServices Integrity Algorithm Agreement Integrity Key Agreement Signal / Control Data Integrity Signal / Control Data Origin
Authentication
IPSEC 2000Paris La Defense - France 10/26/2000
20 BBN TechnologiesAn Operating Unit of
User Domain Security
User - USIM AuthenticationUser - USIM AuthenticationServicesServices PIN-based Authentication
USIM - ME AuthenticationUSIM - ME AuthenticationServicesServices Shared Secret Authentication
IPSEC 2000Paris La Defense - France 10/26/2000
21 BBN TechnologiesAn Operating Unit of
Application Domain Security
Secure USIM Download & MessagingSecure USIM Download & MessagingServicesServices Application Identity Authentication Application Data Confidentiality Application Data Origin Authentication Application Data Integrity Application Exchange Sequence Integrity Application Exchange Replay Protection Application Data Non-repudiation
IP SecurityIP Security[TBD][TBD]
User Traffic ConfidentialityUser Traffic ConfidentialityServiceService End-to-End Data Confidentiality
User Profile ConfidentialityUser Profile Confidentiality[TBD][TBD]
IPSEC 2000Paris La Defense - France 10/26/2000
22 BBN TechnologiesAn Operating Unit of
Outline
Overview: 3G Wireless Data Networks
Analysis: UMTS Security Security Threads Security Architecture Security Services Security Mechanisms
Mobile User Identity AllocationEntity Authentication & Key AgreementUser Traffic ConfidentialityNetwork Domain Security
Proposal: Possible Use of IPsec & IKE in UMTS Security
IPSEC 2000Paris La Defense - France 10/26/2000
23 BBN TechnologiesAn Operating Unit of
Mobile User Identity (MUI) Exchanges
Temporary MUI (TMUI) Allocation
Permanent MUI (IMUI) Identification
Similar to Mobile IP Registration
Source: UMTS Security Architec-ture [3G TS 33.102]
IPSEC 2000Paris La Defense - France 10/26/2000
24 BBN TechnologiesAn Operating Unit of
Entity Authentication & Key Agreement
ParametersAuthentication Vector
AV(i) := RAND(i)||XRES(i)||CK(i)||IK(i)||AUTN(i)
AUTN,CK,IK,XRES derived from RAND,SQN,AMF
Authentication Data RequestAuthen_Req := IMUI || HLR_MSG
Authentication Data RequestAuthen_Res := [IMUI] || AV(1..n)
CommentsAuthentication is conducted between
HE/AuC & MS/USIMHE is authentication & key distribution
centerSN/VLR is trusted mediator If HE is off-line then MS-SN authenti-
cate using shared integrity key & protect their traffic using old (CK,IK)
IPSEC 2000Paris La Defense - France 10/26/2000
25 BBN TechnologiesAn Operating Unit of
User Traffic Confidentiality
Key Management
Cipher Key (Ks) Initialization Vector (IV)
Cipher Algorithms Synchronous Stream Cipher
Data stream XOR with key stream
Synchronization controlled by IV
Issues Encryption synchronization TFO voice protection adaptation Data traffic protection
adaptation Encryption termination at
gateways Encryption management
IPSEC 2000Paris La Defense - France 10/26/2000
26 BBN TechnologiesAn Operating Unit of
Network Domain Security
Similar to Multi-Realm Kerberos
Layer I Symmetric Session Key
Negotiation using PK technology
Layer II Session Key Distribution
within each Operator
Layer III Secure communication
between Elements of different Operators
IPSEC 2000Paris La Defense - France 10/26/2000
27 BBN TechnologiesAn Operating Unit of
Outline
Overview: 3G Wireless Data Networks
Analysis: UMTS Security
Proposal: Possible Use of IPsec & IKE in UMTS Security Motivation Use of IPsec with IKE Use of IPsec with UMTS Key Management Use of IKE with UMTS Cipher Mechanisms Use of IPsec with Stateful Header Compression
IPSEC 2000Paris La Defense - France 10/26/2000
28 BBN TechnologiesAn Operating Unit of
Use of IPsec with IKE in UMTS
Application Domain Security [Strong Case] User Traffic Confidentiality
Network Domain Security [Possible but Unlikely Case] Entity Authentication Data Confidentiality Data Integrity First, UMTS Core Network must speak IP …
IPSEC 2000Paris La Defense - France 10/26/2000
29 BBN TechnologiesAn Operating Unit of
Use of IPsec with UMTS Key Management
Network Domain Signaling & Control Security [Possible Case] Entity Authentication Data Confidentiality Data Integrity More likely than IPsec protection for entire UMTS Core
Network Use UMTS Key Management is reasonable for
compatibility Still, UMTS Signaling & Control must speak IP …
IPSEC 2000Paris La Defense - France 10/26/2000
30 BBN TechnologiesAn Operating Unit of
Use of IKE with UMTS Cipher Mechanisms
Not so unlikely as we think because … UMTS uses USIM-HE exchanges to establish user
security USIM & HE/AuC may use IKE technology
Entity Authentication & Cipher/Integrity Key Agreement Network Access Security Application Domain Security
IPSEC 2000Paris La Defense - France 10/26/2000
31 BBN TechnologiesAn Operating Unit of
Use of IPsec with Header Compression
Justification Wireless Data Network may have limited bandwidth Wireless Access & Network Domains support stateful L2
switching
Approach Adopt technologies from IETF Robust Header
Compression WG Consider possible IPsec header compression ?
IPSEC 2000Paris La Defense - France 10/26/2000
32 BBN TechnologiesAn Operating Unit of
Summary
Key Issue Putting Internet onto 3G is adding IP onto voice network Compatibility with 2G/2.5G technologies is a must for future
wireless data networks
Preliminary Thoughts Shall/can we separate IPsec & IKE?
IKE & other key/policy management protocols are application layer protocols providing a service
IPsec & UMTS cipher protocols are link/network layer protocols for secure communication
Shall/can we develop a key/policy management service for wireless data/voice network? Can we provide this generic service to both wireless voice/data apps? What kind of API(s) shall we develop?
Can/shall we integrate wireless key/policy(/network) management with wired internet key/policy/network management? How?
IPSEC 2000Paris La Defense - France 10/26/2000
33 BBN TechnologiesAn Operating Unit of
Bibliography
3G 3G Partnership Project, Technical Specification Group Partnership Project, Technical Specification Group (TSG) SA(TSG) SA 3G TS 21.133 - 3G Security; Security Threats & Requirements
3G TS 21.120 - 3G Security; Security Principles & Objectives
3G TS 33.105 - 3G Security; Cryptographic Algorithm Requirements
3G TS 33.102 - UMTS; 3G Security; Security Architecture
3G TS 23.101 - UMTS; General UMTS Architecture
GSM DocumentsGSM Documents GS 02.60 – GPRS; Service Description; Stage 1
GS 03.60 – GPRS; Service Description; Stage 2
GS 02.09 – Security Aspects
GS 03.20 – Security Related Network Functions
Source: http://www.etsi.org/
IPSEC 2000Paris La Defense - France 10/26/2000
34 BBN TechnologiesAn Operating Unit of
Review: Security System Planning
Procedure Vulnerability Analysis Service Selection Mechanism
Implementation
IPSEC 2000Paris La Defense - France 10/26/2000
35 BBN TechnologiesAn Operating Unit of
Review: Vulnerability Analysis BasicThreads
Confidentiality Violation
Integrity Violation
Denial of Services
Illegitimate Uses
Repudiation
EnablingThreads
Eavesdropping, User Traffic
Alteration,User Traffic
Intervention,Physical
Masquerading,User
Repudiation,Charge
Eavesdropping, Signal & Control
Alteration,Signal & Control
Intervention,Protocols
Masquerading,Service Net
Repudiation,Traffic Origin
Masquerading,User
Alteration,ME Download
Masquerading,Net Elements
Masquerading,Home Environment
Repudiation,Traffic Delivery
Masquerading,Net Elements
Alteration,USIM Download
Privilege Misuse Privilege Misuse,User
Traffic Analysis, Passive
Alteration,System Data
Service Abuse Privilege Misuse,Service Net
Traffic Analysis, Active
Masquerading,Net Elements
Stealing,Terminals
Unauthorized Access, System Data
Masquerading, Download Origins
Information Leakage User Location
Source: 3G Security; Security Threats & Requirements [3G TS 21.133]
IPSEC 2000Paris La Defense - France 10/26/2000
36 BBN TechnologiesAn Operating Unit of
Review: Security Services & Architecture
Service Stratum
Transport StratumAccess Stratum
Application Stratum
Access Netw orkDomain
Serving Netw orkDomain
Transit Netw orkDomain
User EquipmentDomain
InfrastructureDomain
MobileEquipment
Domain
USIMDomain
Home/Remote Netw orkDomain
ME USIM
MT SNAN HN / RN
HE / TE
TN
Cu Uu Iu [Yu] [Zu]
SN
User Apps Provider Apps
Network Access Security
Network Domain Security
User Domain Security
Application Domain Security
User Domain Security – protection against attacks on ME - USIM/USIM interfaces
Network Access Security – protection against attacks on radio (access) links Network Domain Security – protection against attacks on wired network
infrastructure Application Domain Security – protection on user &
provider application exchanges Security Management – monitoring & managing user - provider security
features