5Security features of 2G_3G_4G and 5G Mobile n/w

avatar
Created by
CGPS BSNL

Cards (43)

  • Extensive measures have been taken, when specifying the GSM system, to substantially increase security with regard to both call theft and equipment theft
    View source
  • Mobile Equipment (ME)

    Unique number coded into it when it is manufactured, can be checked against a database every time the mobile makes a call to validate the actual equipment
    View source
  • Subscriber Identity Module (SIM)
    Smart card that allows the network to check a MS subscriber against a database for authentication
    View source
  • Digital air interface in GSM
    • Noise robust, enabling the use of tighter frequency re-use patterns and minimizing interference problems
    • Incorporates error correction, thus protecting the traffic that it carries
    • Offers greatly enhanced privacy to subscribers and security to network providers
    View source
  • Temporary Mobile Subscriber Identity (TMSI) allocation

    1. VLR controls the allocation
    2. TMSI updated frequently, making it very difficult for the call to be traced and providing a high degree of security for the subscriber
    3. TMSI may be updated on call setup, on entry to a new LAI, on entry to a new VLR
    View source
  • GSM offers the capability to encrypt all signaling over the air interface
    View source
  • GSM security
    • Authentication processes for both the ME and subscriber
    • Encryption of the air interface signals
    • Frequency hopping, each burst transmitted on a different frequency
    View source
  • SIM card
    Designed to be difficult to duplicate, can be protected by a Personal Identity Number (PIN) password to prevent unauthorized use
    View source
  • Encryption
    Process of protecting voice or data information from being obtained by unauthorized users, using a data processing algorithm and secret keys
    View source
  • GSM voice privacy encryption process
    1. Uses the Vernam Cipher algorithm (called A5)
    2. Modifies all the data bits that are to be transmitted with an encryption code
    3. Encryption code (cipher mask) continuously varies and is synchronized to the hyper-frame counter at both the base and mobile stations
    View source
  • Cipher mask
    Random ever changing group of 116 bits for each normal burst, synchronized between base and mobile stations
    View source
  • Cipher mask generation
    Uses a secret number called Kc, set to a different value for each call, together with the hyper-frame counter in a process involving repeated re-arrangement and modulo 2 addition of the bits
    View source
  • Ciphering
    Security function that ciphers the information sent and received by the MS, requires the cipher key Kc
    View source
  • Ciphering start procedure
    1. Initiated from the MSC/VLR by sending the cipher mode command with the Kc, which is removed by the BTS before sending to the MS
    2. MS sends the cipher mode complete message in the cipher mode using the calculated Kc stored on the SIM card
    3. If the BTS can decipher this message, it will inform the MSC/VLR that ciphering has started
    View source
  • 3G security improvements over GSM
    • Mandatory integrity protection for signaling over the air
    • Authentication and Key Agreement: UMTS AKA provides key freshness guarantee by use of sequence number
    • Encryption terminates in protected location (RNC)
    • Public design and evaluation of strong cryptographic algorithms
    • Sufficiently long encryption and integrity keys CK, IK of 128bits each
    • Core network signalling protected by Network Domain Security (a profile of IPsec/IKE)
    View source
  • No false base station attacks is impossible in 3G
    View source
  • User traffic on core network interfaces is not protected in a standardized way in 3G, as it is typically less security critical than signaling traffic
    View source
  • IMSI catching by an active attack is still possible in 3G, as the possible solutions would have been too complex
    View source
  • Session keys CK, IK delivered to one 3G network can be used in any other 3G network, meaning a security breach in one network may affect others
    View source
  • Session keys CK, IK are handed from one RNC to another in 3G, which is not a problem as the RNCs are in protected locations
    View source
  • Security types in 5G network
    • Network access security: Authentication, Integrity and ciphering of Signalling and data
    • Domain Security: Secure communication between different Network nodes
    • Application domain security: Security mechanism between peer applications
    • Two different kinds of authentication
    View source
  • Ciphering Algorithms in 5G
    • NEA1 (AES-CTR)
    • NEA2 (AES-CTR)
    • NEA3 (ZUC-CTR)
    View source
  • Integrity Algorithms in 5G
    • NIA1 (AES-CMAC)
    • NIA2 (AES-CMAC)
    • NIA3 (ZUC-HMAC)
    View source
  • 5G AKA Authentication Procedure
    1. AMF initiates authentication procedure with UE
    2. AMF sends Nausf_UEAuthentications Request to AUSF
    3. AUSF sends Nudm_UEAuthentication_Get Request to UDM
    4. UDM calculates 5G HE AV and sends it to AUSF
    5. AUSF derives 5G SE AV and sends it to AMF
    6. AMF sends NAS Authentication Request to UE
    7. UE verifies the MAC and calculates RES*
    8. AMF compares HRES* with HXRES* and sends RES* to AUSF
    9. AUSF compares RES* with XRES* and sends Authentication Event notification to UDM
    View source
  • SUPI and SUCI
    5G identifiers
    View source
  • UE Uses Milenage functions to derive

    1. XMAC
    2. RES
    3. CK
    4. IK
    View source
  • UE Verify the MAC received in AUTN with XMAC calculated above to authenticate the network and check the freshness of AUTN
    If the comparison fails then it will send authentication failure with AUTS
    View source
  • UE derives RES* as follows using HMAC-SHA-256(K, S) KDF function

    1. Using keys calculated above
    2. Sends RES* to AMF
    View source
  • AMF Calculates HRES*
    HRES* is 128 bit MSB of the output of SHA-256 hash, calculated by passing RAND || RES* as input to SHA-256 algorithm
    View source
  • SUPI (Subscription Permanent Identifier)

    A 5G globally unique Subscription Permanent Identifier allocated to each subscriber
    View source
  • SUCI (Subscription Concealed Identifier)
    A privacy preserving identifier containing the concealed SUPI
    View source
  • Valid SUPI
    • IMSI (International Mobile Subscriber Identifier)
    • NAI (Network Access Identifier)
    View source
  • SUCI
    • The MSIN part of the SUPI gets concealed by the protection scheme while the home network identifier i.e. MCC/MNC gets transmitted in plain-text
    • It uses an ECIES-based protection scheme with the public key of the Home Network that was securely provisioned to the USIM during the USIM registration
    View source
  • Identity Exchange between UE and Network
    1. When UEs tries to register first time, UE encrypt SUPI into SUCI and send a Initial Registration Requested with SUCI
    2. AMF forward this SUCI to AUSF & UDM to retrieve the SUPI with Authentication Request
    3. AUSF shall reply with Authentication Response with SUPI information
    4. AMF generates a GUTI for this SUPI and keeps the GUTI to SUPI mapping for further registrations or PDU session requests
    5. In subsequent Registration request UE send registration request with GUTI
    6. If AMF able to generate SUPI using GUTI and SUPI mapping, authentication with AUSF can be completed using SUPI
    7. If AMF not able to generate SUPI, AMF request UE for identity request and UE then may respond with the Identity Response, containing the SUCI
    View source
  • 5G-GUTI (5G Global Unique Temporary Identifier)

    A core network temporary identifier allocated by Access and Mobility Management function (AMF) to the UE
    View source
  • 5G-GUTI
    • It is 80 bits long
    • It consists of PLMN + AMF ID + TMSI
    • It is a temporary identifier so its association is not fixed to a specific subscriber or mobile
    • Single 5G-GUTI can be used for accessing 3GPP and non-3GPP technologies security context within the AMF
    • An AMF may re-assign a new 5G-GUTI to the UE at any time under specified conditions
    • When the UE is in CM-IDLE, the AMF may delay in the assignment of a new 5G-GUTI until the next NAS transaction happens
    View source
  • When AMF provides a New 5G-GUTI
    1. Upon receiving Registration Request message of type "initial registration" or "mobility registration update" from a UE, the AMF shall send a new 5G-GUTI to the UE in Registration Accept message
    2. Upon receiving Registration Request message of type "periodic registration update" from a UE, the AMF should send a new 5G-GUTI to the UE in Registration Accept message
    3. Upon receiving network triggered Service Request message from the UE (i.e., Service Request message sent by the UE in response to a Paging message), the AMF shall use a UE Configuration Update procedure to send a new 5G-GUTI to the UE
    View source
  • It is left to implementation to re-assign 5G-GUTI more frequently than in cases mentioned above
    View source
  • It is left to implementation to generate 5G-GUTI containing 5G-TMSI that uniquely identifies the UE within the AMF
    View source
  • GUAMI (Globally Unique AMF ID)

    It identifies one or more AMF(s). When the GUAMI identifies only one AMF, the 5G-TMSI identifies the UE uniquely within the AMF. However, when AMF assigns a 5G-GUTI to the UE with a GUAMI value used by more than one AMF, the AMF shall ensure that the 5G-TMSI value used within the assigned 5G-GUTI is not already in use by the other AMF(s) sharing that GUAMI value.
    View source