1 / 6

Simplified MSK Key Hierarchy for eHRPD

S40-20080616-003 X50-20080616-0xx. 3GPP2 TSG-S WG4 / TSG-X WG5 (PDS). Simplified MSK Key Hierarchy for eHRPD. Source: Qualcomm Incorporated Contact(s) Anand Palanigounder ( apg@qualcomm.com ) / Jun Wang ( jwang@qualcomm.com ) Recommendation: Discuss and adopt. Introduction.

isla
Download Presentation

Simplified MSK Key Hierarchy for eHRPD

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. S40-20080616-003 X50-20080616-0xx 3GPP2 TSG-S WG4 / TSG-X WG5 (PDS) Simplified MSK Key Hierarchy for eHRPD Source: Qualcomm IncorporatedContact(s) Anand Palanigounder (apg@qualcomm.com) / Jun Wang (jwang@qualcomm.com) Recommendation: Discuss and adopt

  2. Introduction • Contribution S40-20080512-004 to the TSG-S WG4 meeting at Osaka proposed a new key hierarchy (KH) for eHRPD • Subsequently, an updated contribution was provided to PDS CC (on 05/29) in X50-20080529-007 • In this contribution, we identify some issues with the MSK KH proposed in that contribution and propose a simplified MSK KH

  3. Issues with the proposed approach • PMK derivation in X50-20080529-007: PMK = KDF (MSK, ANID) • where ANID was defined as “ANID – the identity of the serving Radio Access Network” • Notes on ANID: In HRPD/1x networks • ANID does not identity a node (e.g., RNC or BSC) • it’s an identity shared by all the nodes (e.g., RNCs or BSCs) that have connection (A10/A11) with a PDSN • We assume that the same will be true for eHRPD as well • Issues with using ANID: • AT may not always have the ANID or the new (target) ANID (CANID) – so security association between the AN and AT may fail due to ANID mismatch • New keys can not be pre-computed • Introduces unnecessary latency to hand-off procedures • OTA Security can not be turned on until the ANID is available to the AT (this unnecessary restriction may introduce additional security vulnerabilities into HRPD) • Note: including ANID does not provide any key separation between different nodes within the same AN • there is no security gain of using ANID instead of some other fixed value

  4. Simplified MSK KH Proposal • We propose that the PMK at the authenticator/AT in eHPRD be derived using a well-defined fixed input, such as: PMK = KDF (MSK, “PMK”) • Advantages: • Does not rely on the availability of ANID at the AT • Simpler, keys can be pre-computed • has the same security benefit as the ANID based PMK derivation • The Simplified MSK KH is given in the next slide

  5. Simplified MSK KH

  6. Conclusion & Proposal • Conclusion: Same level of security achieved with a pre-defined input for deriving PMK from MSK instead of ANID • Proposal : Adopt the Simplified MSK KH for eHPRD

More Related