Presentation is loading. Please wait.

Presentation is loading. Please wait.

SIPPING IETF51 3GPP Security and Authentication Peter Howard 3GPP SA3 (Security) delegate

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "SIPPING IETF51 3GPP Security and Authentication Peter Howard 3GPP SA3 (Security) delegate"— Presentation transcript:

1 SIPPING IETF51 3GPP Security and Authentication Peter Howard 3GPP SA3 (Security) delegate peter.howard@vodafone.com

2 3GPP IP Multimedia Subsystem (Release 5) Visited Home HSS RAN SGSN GGSN Cx interface based on Diameter SIP proxies get authorisation and authentication information P -CSCF REGISTER/INVITE I -CSCF REGISTER/INVITE S -CSCF REGISTER/INVITE SIP proxy serversSIP-based interfaces PS domain UA

3 3GPP Release 5 Security Packet Switched (PS) domain –access security features retained from 3GPP Release 99 specifications IP Multimedia Subsystem (IMS) domain –new access security features to be specified to protect the access link to the IMS domain independent of underlying PS domain security features –network domain security features to protect signalling links between network elements with the IMS domain

4 IP Multimedia Subsystem: Access Security Visited Home HSS RAN SGSN GGSN P -CSCF REGISTER/INVITE I -CSCF REGISTER/INVITE S -CSCF REGISTER/INVITE 4. Protection of SIP signalling using agreed session key 2. Mutual authentication and session key agreement 3. Session key distribution 1. Distribution of authentication information UA Draft 3GPP TS 33.203

5 IP Multimedia Subsystem: Network Domain Security Visited Home HSS RAN SGSN GGSN P -CSCF REGISTER/INVITE I -CSCF REGISTER/INVITE S -CSCF REGISTER/INVITE Per-hop protection of signalling using IPsec/IKE UA Draft 3GPP TS 33.210

6 Access Security: Authentication Principles 3GPP authentication protocol (3GPP AKA) –based on secret key stored in UA’s tamper-proof subscriber identity module (SIM) and in the HSS Authentication check located in S-CSCF Working assumption is to authenticate only at SIP registrations with on-demand re-authentication requiring re-registration Use SIP authentication rather than an outer layer protocol such as TLS or IKE in order to minimise roundtrips

7 Integration of Authentication Protocol into DIAMETER and SIP Distribution of authentication information to S- CSCF using DIAMETER –distribution of authentication vectors for 3GPP AKA Integration of authentication protocol into SIP registration –3GPP AKA protocol between UA and S-CSCF –distribution of session key to P-CSCF

8 Possible Information Flow for Authentication and Session Key Establishment (from draft 3GPP TS 33.203) Cx-Put Cx-Pull Changed to 407 Proxy Authentication Required

9 Use of Extensible Authentication Protocol (EAP) There is a desire to minimise impact on protocols and equipment if 3GPP AKA is updated or if other schemes are used –a generic/extensible scheme to carry the authentication messages is desirable –candidates include SASL, EAP, GSS_API –current working assumption is EAP which has much of the necessary machinery in place

10 EAP AKA in SIP HTTP EAP SIP HTTP AuthenticationPGP HTTP Digest HTTP Basic EAP AKA EAP GSMEAP TLSEAP...EAP Token Card

11 Concrete Authentication Example in SIP 1.  REGISTER sip:… SIP/2.0 Authorization: eap base64_eap_identity_response... 2.  SIP/2.0 407 Proxy Authentication Required WWW-Authenticate: eap base64_eap_aka_challenge_request … 3.  REGISTER sip:… SIP/2.0 Authorization: eap base64_eap_aka_challenge_response … 4.  SIP/2.0 200 OK WWW-Authenticate: eap base64_eap_aka_success...

12 EAP AKA in DIAMETER EAP Extensions DIAMETER base EAP AKA EAP GSMEAP TLSEAP...EAP Token Card

13 Access Security: Security Mode Establishment between UA and P-CSCF Determines when to start applying protection and which algorithm to use –includes secure algorithm negotiation Uses session key derived during authentication Integration into SIP registration with no new roundtrips

14 Access security: Protection of SIP signalling between UA and P-CSCF Integrity protection of SIP signalling between UA and P-CSCF Uses session key derived during authentication Symmetric scheme because of efficiency concerns Candidate mechanisms include modified CMS and ESP

15 IP Multimedia Subsystem: Access Security Documentation TS 23.228 (SA2) TS 24.228 (CN1) TS 29.228 (CN4) TS 29.229 (CN4) 3GPPIETF SIPPING WG TS 33.203 (SA3) TS 24.229 (CN1) AAA, PPPEXT, IPsec, … Other specs (e.g. AKA) (SA3) High level architecture Protocol detail

16 Summary of 3GPP dependencies on IETF relating to security 3GPP AKA in EAP –draft-arkko-pppext-aka-00.txt EAP and session key transport in SIP –draft-torvinen-http-eap-00.txt (to appear) EAP and session key transport in DIAMETER SIP extensions to support security mode establishment

17 References Draft 3GPP TS 33.203, Access security for IP-based services (Release 5). Draft 3GPP TS 33.210, Network domain security; IP network layer security (Release 5). J. Arkko and H. Haverinen, “EAP AKA Authentication” draft-arkko-pppext-aka-00.txt. V. Torvinen, J. Arkko, A. Niemi, “HTTP Authentication with EAP”, draft-torvinen-http-eap-00.txt (to appear). L. Blunk, J. Vollbrecht, “PPP Extensible Authentication Protocol (EAP)”, RFC 2284. P. Calhoun et al. “DIAMETER NASREQ Extensions”, draft-ietf-aaa-diameter-nasreq-06.txt.

18 Questions? Peter Howard peter.howard@vodafone.com

19 Authentication and Key Agreement Protocol (3GPP AKA) ISIM/UA S-CSCF HSS Authentication vector request Authentication request Authentication response Authentication vector response Three party protocol Two-pass mutual authentication protocol between UA and S-CSCF Each authentication vector is good for one authentication Authentication vectors can be distributed in batches to minimise signalling/load on HSS Distribution of session key to P-CSCF P-CSCF

20 Other IP Multimedia Subsystem Security Issues (1) Hide caller’s public ID from called party –by encrypting remote party ID header at caller’s S- CSCF and decrypting by same S-CSCF –is there a requirement to hide caller’s IP addresses that are dynamically assigned? Network configuration hiding –mechanism being developed to hide host domain name of CSCFs and number of CSCFs within one operator’s network

21 Session transfer –guidance on security aspects based on GSM call transfer feature authorisation and accounting of transferred leg needs to involve transferring party who has dropped out of session should there be a limit to the number of transferred sessions? should final destination be hidden from calling party? Security aspects of other IP multimedia subsystem services? End-to-end security Other IP Multimedia Subsystem Security Issues (2)

Download ppt "SIPPING IETF51 3GPP Security and Authentication Peter Howard 3GPP SA3 (Security) delegate"

Similar presentations

SIPPING 3GPP Requirements Ad Hoc Meeting Georg Mayer IETF#53, Minneapolis.

SIPPING 3GPP Requirements Ad Hoc Meeting Georg Mayer IETF#53, Minneapolis.
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
22-23 June 2004TISPAN-3GPP Workshop - Sophia-Antipolis 1 TISPAN NGN Architecture Overview Richard Brennan pulver.com, WG2 Chair

22-23 June 2004TISPAN-3GPP Workshop - Sophia-Antipolis 1 TISPAN NGN Architecture Overview Richard Brennan pulver.com, WG2 Chair
EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.

EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.
1 Requirements Catalog Scott A. Moseley Farbum Scotus.

1 Requirements Catalog Scott A. Moseley Farbum Scotus.
SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.
IP Multimedia Subsystem (IMS) 江培文. Agenda Background IMS Definition IMS Architecture IMS Entities IMS-CS Interworking.

IP Multimedia Subsystem (IMS) 江培文. Agenda Background IMS Definition IMS Architecture IMS Entities IMS-CS Interworking.
Henric Johnson1 Ola Flygt Växjö University, Sweden +46 470 70 86 49 IP Security.

Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.

World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.
Lawful Interception in 3G IP Multimedia Subsystem

Lawful Interception in 3G IP Multimedia Subsystem
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
SIP and the application of SIP as used in 3GPP Keith Drage - Lucent Technologies.

SIP and the application of SIP as used in 3GPP Keith Drage - Lucent Technologies.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
One-Pass GPRS and IMS Authentication Procedure for UMTS

One-Pass GPRS and IMS Authentication Procedure for UMTS
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Doc.: IEEE 802.11-04/0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
All IP Network Architecture 2001 년 12 월 5 일 통신공학연구실 석사 4 차 유성균

All IP Network Architecture 2001 년 12 월 5 일 통신공학연구실 석사 4 차 유성균
IP Multimedia Subsystem IMS

IP Multimedia Subsystem IMS
SIP Security Matt Hsu.

SIP Security Matt Hsu.
 3G is the third generation of tele standards and technology for mobile networking, superseding 2.5G. It is based on the International Telecommunication.

 3G is the third generation of tele standards and technology for mobile networking, superseding 2.5G. It is based on the International Telecommunication.

Similar presentations

Ads by Google