1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.

Slides:

Advertisements

Similar presentations

Use cases for Device Binding 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

Advertisements

WLAN IW Enhancement for Multiple Authentications Support Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to.

Dynamic HA Assignment for MIPv4 in WLAN Interworking Raymond Hsu, Qualcomm Inc., Wing C. Lau, Qualcomm Inc., Notice:

XHRPD Example Scenario for MSS Masa Shirota Qualcomm Inc. July 15, GPP2 Dalian Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants a.

1 Notice Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained.

3GPP2 A r0 3GPP2 C xxxr0 TSG-A WG3 and TSG-C WG2 Title: HRPD Redirect on EPC Unavailable Source: Mike DolanAlcatel-Lucent Dave.

1 IP Service Authorization Support and Mobility Selection for X.S0011-E Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,

xxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxx Title: Proposal for adding a key hierarchy based approach in the security.

1 UATI-IP address mapping Peerapol Tinnakornsrisuphap David Ott Qualcomm.

1 Title: TDF support in cdma2000 1x and HRPD Networks Sources: China Telecom, ZTE, Huawei Contact: CT: Heng Nie ( ), Congjie Mao(

China Telecomm Peirong Xie ZTE Corporation Rajesh Bhalla Huawei Jixing Liu

1 Title: Need for the Message Integrity of User traffic Abstract: From both: competitive and security standpoints, UMB standard should add the option of.

3GPP2 Network Evolution: Inter-working Across Technologies January 08, 2007 QUALCOMM Inc Notice Contributors grant a free, irrevocable license to 3GPP2.

1 cdma2000® Data Service Transition to NULL Support Jun Wang Ravi Patwardhan June 5, 2003 Recommendation -

© Alcatel-Lucent | M2M Numbering | April 12, GPP2 M2M TITLE Numbering in 3GPP2 for M2MSOURCE Mike Dolan, Alcatel-Lucent, Mike.

Broadcast Area Based Management for BCMCS Quanzhong Gao Weidong Wu 04/05/2005.

Security Framework for (e)HRPD 1 S GPP2 TSG-S WG4 Source: QUALCOMM Incorporated Contact(s): Anand Palanigounder

1 IPsec-based MIP6 Security Qualcomm Inc. Starent Inc. Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

Authentication Profile for UICC- less eHRPD Terminals QUALCOMM Incorporated Contact(s): Anand Palanigounder Jun Wang.

The contributing companies grant a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable.

Broadcast/Multicast Priority List JUNHYUK SONG SAMSUNG Incorporated grants a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

QUALCOMM PROPRIETARY 3GPP2 Network Evolution Architecture Dec. 04, 2006 Lucent Technologies Nortel Networks Qualcomm Inc. Hitachi, Ltd Huawei Technologies.

C August 24, 2004 Page 1 SMS Spam Control Nobuyuki Uchida QUALCOMM Incorporated Notice ©2004 QUALCOMM Incorporated. All rights reserved.

1 SeGW Certificate profile (Revised) 3GPP2 TSG-S WG4 /TSG-X WG5 (PDS) S X xx Source: QUALCOMM Incorporated Contact(s): Anand.

Page 1 January 16, 2008 Source: 3GPP2 TSG-S WG4 (Security) Contacts: Anand Palanigounder, Chair, TSG-S WG4 ( Zhibi Wang,

Proposed 1x Device Binding Solution Based on SX & SX GPP2 TSG-SX WG4 SX Source(s): Qualcomm Incorporated.

80-VXXX-X A July 2008 Page 1 QUALCOMM Confidential and Proprietary PCC Support for cdma2000 QUALCOMM Inc. Jun Wang, George Cherian, Masa Shirota

Proposed Solution for Device Binding 3GPP2 TSG-S WG4 S Source: Qualcomm Incorporated Contact(s): Anand Palanigounder,

May 12, 2008 Alcatel Lucent, Cisco, Motorola, Nortel, Verizon ABSTRACT: Proposed is additional key hierarchy and derivation for EPS access over eHRPD.

1 Title: eHRPD offline charging proposal Sources: China Telecom Contact: CT: Peirong Wenyi ZTE:

Mobility Management in WLAN IW Inma Carrion, Vijay DevarapalliNokia Raymond HsuQualcomm Inc. Pete McCann, Frank AlfanoLucent Serge ManningSprint Notice:

1 Authentication and User Profile April 24, 2007 Jun Wang QUALCOMM Inc. Notice Contributors grant a free, irrevocable license to 3GPP2 and its Organization.

Source companies grant a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable material contained.

Jun Wang Anand Palanigounder Peerapol Tinnakornsrisuphap

ABSTRACT: This contribution introduces the inter-RAT fast handover solution. TITLE: Inter-Radio Access Technology Fast Handover TSG-A WG4 RECOMMENDATION:

UMB AIS Document Structure Ravi Patwardhan, Qualcomm QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2 and its Organizational.

July 21, 2008 Alcatel Lucent ABSTRACT: Proposed is key derivation for eHRPD RAN Handoff. RECOMMENDATION: Review and approve. Notice Contributors grant.

1 | L2-Tunnel based – Inter-tech. HO | October 29, 2007 Title: An L2-Tunnel based method for UMB-HRPD Inter-Technology handoff Source: Alcatel-Lucent,

Background Both RoHCv1 and RoHC v2 are supported in 3GPP LTE R8 and R9

Supporting Local Breakout in HRPD Femto Peerapol Tinnakornsrisuphap Qualcomm Doug Knisely

August 25, 2008 Alcatel Lucent ABSTRACT: 1x System Reliability is important in the face of major events, such as an earthquake. There are several ways.

Jun Wang Anand Palanigounder Peerapol Tinnakornsrisuphap

3GPP2 Network Evolution: UMB->HRPD Handoff October 16, 2007 Qualcomm Inc. Contact: Jun Wang Notice Contributors grant a free, irrevocable license to 3GPP2.

Remote access to Local IP network via Femto Peerapol Tinnakornsrisuphap Anand Palanigounder

X xxx ZTE Discussion on cdma2000 Charging with PCC Title: Inter-RAT RAN information management protocol Stack Sources: NSN Contact: Scott Marin,

Comment to Limited Idle Mode Nortel Networksgrants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable.

1 Remote IP Access - Stage 2 Architecture proposal for adoption Peerapol Tinnakornsrisuphap Anand.

Jun Wang Anand Palanigounder Peerapol Tinnakornsrisuphap

EAP over HRPD Comments Qualcomm, Inc. Vidya Narayanan, Dondeti, Lakshminath, Jun Wang, Pete Barany Notice: QUALCOMM Incorporated grants a free, irrevocable.

1 MAPSUP in eHRPD: Data forwarding Tunnel Sources: ZTE Contact: Bi YiFeng Rajesh Bhalla

X xx CT+ZTE PCC for cdma2000 MS Init Call Flows 1 1 Title: PCC for cdma2000 – MS-Init Call Flow Example Sources: CTC, ZTE Contact: CHINA TELECOM.

1 Title: Performance of Default Parameters for 1xEV-DO RTCMAC Source: Christopher Lott, QUALCOMM Incorporated , Date: Februrary.

May 14, 2007 Simon Mizikovsky, Zhibi Wang, Alcatel-Lucent ABSTRACT: A security architecture for the UMB RAN-AGW is provided. Multiple PMIP tunnels from.

Idle-State Data Buffering and Paging Framework June 04, 2007 Source companies grant a free, irrevocable license to 3GPP2 and its Organizational Partners.

1 Notice (c) ZTE CORPORATION. ZTE Corporation, grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other.

1 PPP Free Operation Mobility Management January 16, 2006 Jun Wang, Pete Barany, Raymond Hsu Qualcomm Inc Notice: Contributors grant free, irrevocable.

Adding LTE-1x CSFB IOS specification in 3GPP2 Sources: China Telecom, Contact: Li Wenyi ABSTRACT: This contribution is to analyze the.

1 On 3GPP2 Femto Security Anand Palanigounder Qualcomm Inc. Notice: Contributors grant a free, irrevocable license to 3GPP2 and its Organization.

1 OMP for Dual Rx AT in LTE tunneled mode Contributors grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text.

Signaling Packet Routing for Layer 3 approach in UMB-HRPD/1x interworking KDDI Corporation, Tsunehiko Chiba, Osamu.

C August 19, 2003 Page 1 SMS Push Teleservice Nobuyuki Uchida QUALCOMM Incorporated Notice ©2003 QUALCOMM Incorporated. All rights reserved.QUALCOMM.

Benefits of eBS for UMB Qualcomm Inc. January 08, 2007 Notice Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners.

1 MSI (Multiple Service Instances) Ravindra Patwardhan QUALCOMM Incorporated Review and approve for D Notice QUALCOMM.

WLAN IW Enhancement for Multiple Authentications Support QUALCOMM Inc.: Raymond Hsu, QUALCOMM Inc.: Masa Shirota,

3GPP2 A r0 3GPP2 C xxxr0 TSG-A WG3 and TSG-C WG2 Title: M2M Congestion Control in the RAN Source: Mike Dolan Dave Rossetti Satish.

Clarifications on Work Split among TSG-X/A for 3GPP2 Network Evolution March 26, 2007 Airvana/Alcatel-Lucent/CTC/Fujitsu/ Hitachi/KDDI/NEC/Qualcomm/ZTE.

1 IP Service Authorization Support and Mobility Selection Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,

C R1 1 3GPP2 TSG-C WG3 TITLE : FL BRCH Full Buffer Simulation Results in AWGN for Calibration SOURCE: KDDI Corporation Toshihiko Komine,

Source: Qualcomm Incorporated Contact: Jun Wang, George Cherian March 1, 2010 Page 1 3GPP2 Femtocell Phase II Femto Access Control Enhancement Notice ©

Requirement for Proxy Mobile IP tunnel for AGW-eBS data tunnel Qualcomm, Inc. Contributors grant a free, irrevocable license to 3GPP2 and its Organization.

Presentation transcript:

1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture for the UMB RAN-AGW is provided. RECOMMENDATION: Review and approve. Notice: Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include portions of the contribution; and at the Organization Partner’s sole discretion to permit others to reproduce in whole or in part such contributions or the resulting Organizational Partner’s standards publication. Contributors are also willing to grant licenses under such contributor copyrights to third parties on reasonable, non-discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution. This document has been prepared by the contributors to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on the contributors. Contributors specifically reserve the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of the contributors other than provided in the copyright statement above. UMB Access Authentication Architecture 3GPP2 TSG-S WG4

2 Access Authentication in UMB Initial authentication –AT authenticates to the H-AAA using EAP; S-RNC is the authenticator –The Master Session Key (MSK) is delivered via AAA to the S-RNC AT and the H-AAA derive the MSK as part of the EAP method execution If EAP Re-authentication Protocol (ERP) is supported, the AT and the H-AAA derive the DSRK –The H-AAA delivers the DSRK to the L-AAA via AAA protocol –AT initiates a 3-way key exchange protocol (KEP) with eBS to derive Transient Session Keys (TSKs) Subsequent communication between the AT and eBS are protected by TSK If the MSK lifetime is close to expiry, a full EAP authentication is required through the S-RNC. In the S-RNC relocation case, a full EAP authentication may be required through the S-RNC. When a New eBS is added to the active set, –The AT may run full EAP authentication via the eBS. In this case, the S-RNC sends MSK’ (derived from MSK) to the eBS as part of the session. MSK’ derivation does not require interactions with AAA. –eBS may obtain MSK’ from S-RNC without performing a full EAP authentication. –The AT may run the EAP Re-authentication Protocol (ERP) via the eBS as the ER Authenticator. In this case, rMSK is delivered to the eBS from the Local AAA.

3 EAP Authentication and use of MSK’

4 Introduction to Derived MSKs Derived MSK is delivered as part of session transfer –Standardization of EAP Re-authentication Protocol (described later) may not happen in time for UMB release Steps: –When AT performs EAP, an MSK is delivered to the SRNC –SRNC derives a PMK from the MSK and performs KEP with AT PMK = EHMAC-SHA-256 (MSK, “PMK”) –When AT adds an eBS to the active set, the eBS fetches session from SRNC –SRNC computes MSK’ and provides that to the eBS along with the session MSK’ = EHMAC-SHA-256 (MSK, “Temp MSK”, RouteCounter) –RouteCounter is monotonically increasing for every RouteOpen message –RouteCounter is sent by the AT and verified by the SRNC. –eBS receives the MSK’ and makes it its MSK eBS computes PMK from its MSK and runs KEP with the AT –Temp MSK or MSK’ has a configurable lifetime eBS runs ERP or EAP full authentication before the lifetime expires

5 EAP Re-authentication Protocol (ERP) EAP Re-authentication Protocol (ERP) streamlines fast re-authentication process. –AT re-authenticates with Local AAA (L-AAA) using the Domain- Specific Root Key (DSRK). –DSRK is computed from EMSK and delivered to the L-AAA during the initial EAP procedure. –When SRNC moves, effectively moving Authenticator, there is no need for full EAP authentication with HAAA. EAP Re-authentication (ERP), bootstrapping, and key hierarchy are specified in IETF draft-ietf-hokey-erx-01

6 EAP Authentication and ERP

7 MSK’ Derivation MSK SRNC PMK SRNC = F2(MSK SRNC ) TSK SRNC = F3(PMK SRNC ) MSK eBS1 PMK eBS1 = F2(MSK eBS1 ) TSK eBS1 = F3(PMK eBS1 ) Keys between SRNC & AT Keys between eBS1 & AT MSK‘ eBS1 = F1(MSK SRNC ) F1: MSK’ = EHMAC-SHA-256 (MSK, “Temp MSK”, RouteCounter) F2: PMK = EHMAC-SHA-256 (MSK, “PMK”) F3: As defined in the air interface spec for Key Exchange Protocol (KEP)