1. 2003/12/291 Security Aspects of 3G-WLAN Interworking 組別： 2 組員： 陳俊文 691410048, 李奇勇 691410051, 黃弘光 691430045, 林柏均 489410080

2. 2003/12/292 Why 3G-WLAN Interworking  WLAN systems offer bit rates surpassing those of 3G systems and are great for hot spot coverage ， while 3G systems provide global coverage and the necessary network and management infrastructure to cater for security ， roaming ， and charging requirements.

3. 2003/12/293 3G-WLAN Interworking  We want the subscription management ， roaming ， and security facilities of a 3G system and the hot spot capacity and low investment cost of WLAN systems.  An important challenge is to reconcile and consolidate the security architecture of the systems.

4. 2003/12/294 Wireless Local Area Network  IEEE 802.11b deploys confidentiality and integrity protection through a scheme called WEP. WEP suffers from manual key management and is also cryptographically broken.HYPERLAN/2 and HiSWAN have more advanced confidentiality and encryption mechanisms.

5. 2003/12/295 The 3GPP System  Cellular systems such as UMTS and GSM have excellent characteristics in terms of coverage and roaming.

6. 2003/12/296 Interworking Solution  In ETSI Project BRAN resulted in two fundamentally different solutions regarding the level of interworking.  Tight and Loose interworking according to the level of integration required between the systems.

7. 2003/12/297 Tight interworking  The tight interworking solution was based on the idea of making use of the WLAN radio interface as a bearer for UMTS with all network control entities in the core network integrated.  A tight interworking solution would mandate the full 3GPP security architecture and require the 3GPP protocol stacks and interfaces to be present in the WLAN system.

8. 2003/12/298 Loose interworking  There was little need to make changes to the WLAN standard.This solution has the benefit of not needing a convergence layer ， which is an important factor in development time and so on.  The loose interworking options merely require the 3GPP authentication method to be implemented.  Loose interworking was therefore adopted as the preferred solution in both the WLAN and 3GPP communities.

9. 2003/12/299 Loose interworking  To avoid link layer modifications ， the authentication protocol is allowed to run at the link layer using Internet protocols ─ EAP and AAA ─ as transport mechanisms.

10. 2003/12/2910 3GPP-WLAN Interworking Architecture

11. 2003/12/2911 Security concerns in 3G-WLAN Interworking  A fundamental requirement in 3GPP has been that 3GPP-WLAN interworking shall not compromise the UMTS security architecture.  Therefore ， it is required that the authentication and key distribution be based on the UMTS AKA challenge- response procedure.

12. 2003/12/2912 UICC & USIM  The UMTS AKA procedure relies on the availability of a tamper-resistant smartcard at the terminal.  The smartcard ， called a UICC ， in UMTS ， will run an application called USIM.  The USIM application that runs the cryptographic algotithms during the execution of the UMTS AKA.

13. 2003/12/2913 The Entities and Domains of 3GPP-WLAN architecture  HE ‧ HSS ‧ 3GPP AAA Server  SN ‧ 3GPP AAA proxy ‧ NAS ‧ AP  UE ‧ UICC/USIM ‧ MS ‧ Computing device

14. 2003/12/2914 Simplified 3GPP-WLAN architecture

15. 2003/12/2915 Trust Issues  Which entities do we trust ?  On what basis do we trust these domains/entities ?  What type of security features are needed to “ enforce ” the trust ?  What would be the goal of an adversary ?

16. 2003/12/2916 Trust relationship  User HE  HE UICC/USIM  HE SN  SN WLAN access network  User user equipment

17. 2003/12/2917 User Identity Privacy  Location Privacy is problematic since there is often a strong connection between the logical identity of the user and the routable address associated with the user device.  To mitigate this problem ， one often turns to protected temporary identities.

18. 2003/12/2918 Lawful Interception  Lawful interception functionality is a mandatory requirement for most 3G operators.There is no reason to expect the 3GPP-WLAN interworking architecture to be exempt from lawful interception requirements.

19. 2003/12/2919 Authentication,Confidentiality,and Integrity  3GPP-WLAN architecture shall use the UMTS AKA procedure ， the issue of authentication and key distribution is already taken care of.  Confidentiality is targeted at protecting the system and user data against passive attacks.3GPP-WLAN confidentiality services are provided by symmetric key encryption.  Cryptographic integrity protection is a security service aimed at protecting data against active attacks.3GPP-WLAN integrity service is implemented by symmetric keyed cryptographic checksum functions.

20. 2003/12/2920 UMTS AKA sequence

21. 2003/12/2921 3GPP-WLAN interworking AKA procedure  For the 3GPP-WLAN interworking scenario the AKA procedure is executed globally.  The drawback is that the signaling paths and thus the round-trip delay may increase.  The advantage is improved home control since there is no need to distribute AVs or authentication control to the SN.

22. 2003/12/2922 UMTS AKA challenge-response mechanism

23. 2003/12/2923 3GPP-WLAN security architecture  The two key glue components of the interworking solution are the AAA and EAP technologies.These are used to execute the UMTS AKA protocol from the 3G system ’ s home domain toward the WLAN user equipment.

24. 2003/12/2924 A successful UMTS AKA procedure

25. 2003/12/2925 The Role of the EAP  EAP is a key element in the 3GPP- WLAN security architecture.  EAP provides a generic peer-to-peer based request-response transaction environment for authentication dialogs ， and supports multiple authentication mechanisms.

26. 2003/12/2926 AAA  To manage roaming traffic ， the AAA framework is chosen as the basis for the 3GPP-WLAN architecture.  Both Diameter and RADIUS are generic protocols and are intended to provide support for a diverse set of AAA applications ， including network access ， IP mobility ， and interoperator roaming.

27. 2003/12/2927 Summary and Conclusion  The idea of interworking between mobile systems and WLANs holds great promise.Security-wise the interworking is mostly unproblematic ， but there are areas identified that contain weaknesses.  Identity privacy is important and will probably become even more important in the future as technology advances.