sipping ietf51 3gpp security and authentication l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
SIPPING IETF51 3GPP Security and Authentication PowerPoint Presentation
Download Presentation
SIPPING IETF51 3GPP Security and Authentication

Loading in 2 Seconds...

play fullscreen
1 / 21

SIPPING IETF51 3GPP Security and Authentication - PowerPoint PPT Presentation


  • 129 Views
  • Uploaded on

SIPPING IETF51 3GPP Security and Authentication. Peter Howard 3GPP SA3 (Security) delegate peter.howard@vodafone.com. Home. S -CSCF. I -CSCF. Visited. GGSN. SGSN. RAN. 3GPP IP Multimedia Subsystem (Release 5). Cx interface based on Diameter

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'SIPPING IETF51 3GPP Security and Authentication' - shiloh


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
sipping ietf51 3gpp security and authentication

SIPPING IETF513GPP Security and Authentication

Peter Howard

3GPP SA3 (Security) delegate

peter.howard@vodafone.com

3gpp ip multimedia subsystem release 5

Home

S-CSCF

I-CSCF

Visited

GGSN

SGSN

RAN

3GPP IP Multimedia Subsystem (Release 5)

Cx interface based on Diameter

SIP proxies get authorisation and authentication information

HSS

REGISTER/INVITE

REGISTER/INVITE

P-CSCF

UA

REGISTER/INVITE

SIP-based interfaces

SIP proxy servers

PS domain

3gpp release 5 security
3GPP Release 5 Security
  • Packet Switched (PS) domain
    • access security features retained from 3GPP Release 99 specifications
  • IP Multimedia Subsystem (IMS) domain
    • new access security features to be specified
      • to protect the access link to the IMS domain
      • independent of underlying PS domain security features
    • network domain security features to protect signalling links between network elements with the IMS domain
ip multimedia subsystem access security

Home

S-CSCF

I-CSCF

Visited

GGSN

SGSN

RAN

IP Multimedia Subsystem: Access Security

1. Distribution of authentication information

Draft 3GPP TS 33.203

4. Protection of SIP signalling

using agreed session key

HSS

REGISTER/INVITE

REGISTER/INVITE

P-CSCF

UA

REGISTER/INVITE

3. Session key distribution

2. Mutual authentication and session key agreement

ip multimedia subsystem network domain security

Home

S-CSCF

I-CSCF

Visited

GGSN

SGSN

RAN

IP Multimedia Subsystem: Network Domain Security

Draft 3GPP TS 33.210

HSS

REGISTER/INVITE

REGISTER/INVITE

P-CSCF

UA

REGISTER/INVITE

Per-hop protection of signalling using IPsec/IKE

access security authentication principles
Access Security: Authentication Principles
  • 3GPP authentication protocol (3GPP AKA)
    • based on secret key stored in UA’s tamper-proof subscriber identity module (SIM) and in the HSS
  • Authentication check located in S-CSCF
  • Working assumption is to authenticate only at SIP registrations with on-demand re-authentication requiring re-registration
  • Use SIP authentication rather than an outer layer protocol such as TLS or IKE in order to minimise roundtrips
integration of authentication protocol into diameter and sip
Integration of Authentication Protocol into DIAMETER and SIP
  • Distribution of authentication information to S-CSCF using DIAMETER
    • distribution of authentication vectors for 3GPP AKA
  • Integration of authentication protocol into SIP registration
    • 3GPP AKA protocol between UA and S-CSCF
    • distribution of session key to P-CSCF
slide8
Possible Information Flow for Authentication and Session Key Establishment (from draft 3GPP TS 33.203)

Changed to 407 Proxy Authentication Required

Cx-Put

Cx-Pull

use of extensible authentication protocol eap
Use of Extensible Authentication Protocol (EAP)
  • There is a desire to minimise impact on protocols and equipment if 3GPP AKA is updated or if other schemes are used
    • a generic/extensible scheme to carry the authentication messages is desirable
    • candidates include SASL, EAP, GSS_API
    • current working assumption is EAP which has much of the necessary machinery in place
eap aka in sip
EAP AKA in SIP

SIP

HTTP Authentication

PGP

HTTP Basic

HTTP Digest

HTTP EAP

EAP Token Card

EAP TLS

EAP GSM

EAP AKA

EAP ...

concrete authentication example in sip
Concrete Authentication Example in SIP

1.  REGISTER sip:… SIP/2.0

Authorization: eapbase64_eap_identity_response

...

2.  SIP/2.0 407 Proxy Authentication Required

WWW-Authenticate: eapbase64_eap_aka_challenge_request

3.  REGISTER sip:… SIP/2.0

Authorization: eapbase64_eap_aka_challenge_response

4.  SIP/2.0 200 OK

WWW-Authenticate: eapbase64_eap_aka_success

...

eap aka in diameter
EAP AKA in DIAMETER

DIAMETER base

EAP Extensions

EAP Token Card

EAP TLS

EAP GSM

EAP AKA

EAP ...

access security security mode establishment between ua and p cscf
Access Security: Security Mode Establishment between UA and P-CSCF
  • Determines when to start applying protection and which algorithm to use
    • includes secure algorithm negotiation
  • Uses session key derived during authentication
  • Integration into SIP registration with no new roundtrips
access security protection of sip signalling between ua and p cscf
Access security: Protection of SIP signalling between UA and P-CSCF
  • Integrity protection of SIP signalling between UA and P-CSCF
  • Uses session key derived during authentication
  • Symmetric scheme because of efficiency concerns
  • Candidate mechanisms include modified CMS and ESP
ip multimedia subsystem access security documentation
IP Multimedia Subsystem: Access Security Documentation

3GPP

IETF

High level architecture

TS 23.228

(SA2)

TS 33.203

(SA3)

Other specs

(e.g. AKA)

(SA3)

SIPPING

WG

TS 24.228

(CN1)

TS 29.228

(CN4)

TS 24.229

(CN1)

TS 29.229

(CN4)

AAA, PPPEXT, IPsec, …

Protocol detail

summary of 3gpp dependencies on ietf relating to security
Summary of 3GPP dependencies on IETF relating to security
  • 3GPP AKA in EAP
    • draft-arkko-pppext-aka-00.txt
  • EAP and session key transport in SIP
    • draft-torvinen-http-eap-00.txt (to appear)
  • EAP and session key transport in DIAMETER
  • SIP extensions to support security mode establishment
references
References
  • Draft 3GPP TS 33.203, Access security for IP-based services (Release 5).
  • Draft 3GPP TS 33.210, Network domain security; IP network layer security (Release 5).
  • J. Arkko and H. Haverinen, “EAP AKA Authentication” draft-arkko-pppext-aka-00.txt.
  • V. Torvinen, J. Arkko, A. Niemi, “HTTP Authentication with EAP”, draft-torvinen-http-eap-00.txt (to appear).
  • L. Blunk, J. Vollbrecht, “PPP Extensible Authentication Protocol (EAP)”, RFC 2284.
  • P. Calhoun et al. “DIAMETER NASREQ Extensions”, draft-ietf-aaa-diameter-nasreq-06.txt.
questions

Questions?

Peter Howard

peter.howard@vodafone.com

authentication and key agreement protocol 3gpp aka
Authentication and Key Agreement Protocol (3GPP AKA)

S-CSCF

ISIM/UA

HSS

Authentication vector request

Authentication vector response

  • Three party protocol
  • Two-pass mutual authentication protocol between UA and S-CSCF
  • Each authentication vector is good for one authentication
  • Authentication vectors can be distributed in batches to minimise signalling/load on HSS

Authentication request

Authentication response

Distribution of session key to P-CSCF

P-CSCF

other ip multimedia subsystem security issues 1
Other IP Multimedia Subsystem Security Issues (1)
  • Hide caller’s public ID from called party
    • by encrypting remote party ID header at caller’s S-CSCF and decrypting by same S-CSCF
    • is there a requirement to hide caller’s IP addresses that are dynamically assigned?
  • Network configuration hiding
    • mechanism being developed to hide host domain name of CSCFs and number of CSCFs within one operator’s network
other ip multimedia subsystem security issues 2
Other IP Multimedia Subsystem Security Issues (2)
  • Session transfer
    • guidance on security aspects based on GSM call transfer feature
      • authorisation and accounting of transferred leg needs to involve transferring party who has dropped out of session
      • should there be a limit to the number of transferred sessions?
      • should final destination be hidden from calling party?
  • Security aspects of other IP multimedia subsystem services?
  • End-to-end security