• No results found

How to secure an LTE-network: Just applying the 3GPP security standards and that's it?

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "How to secure an LTE-network: Just applying the 3GPP security standards and that's it?"

Copied!
20
0
0

Loading.... (view fulltext now)

Download now ( 20 Page )

Full text

(1)

How to secure an LTE-network:

Just applying the 3GPP security

standards and that's it?

Telco Security Day @ Troopers 2012

Peter Schneider

(2)

Public

Intro / Agenda

answer the title question:

not only a simple “obviously not”

3GPP security architecture of the

Evolved Packet System

,

aka “(SAE/)LTE-network”, “4G mobile network”

IP network security, network element security for the EPS

many names:

3GPP: 3.Generation Partnership Project

LTE: Long Term Evolution

SAE: System Architecture Evolution

EPS: Evolved Packet System

4G Mobile Network

(3)

4G Radio Access Network

4G Mobile Core Network (Evolved Packet Core)

The Evolved Packet System (4G Mobile Network)

Control plane Internet Mobile HSS MME Relay Node PCRF Charging Systems Trusted Non-3GPP Access Network Untrusted Non-3GPP Access Network 3GPP AAA Server ePDG Serv.GW SAE-GW PDN-GW eNB Corporate IP Networks IMS / Operator Services SeGW HeNB SEG

(4)

Public

EPS Key Hierarchy and Radio Interface Security

Mobile MME HSS

KASME KASME KASME KNASint KNASenc KNASint KNASenc eNB KeNB-RRCint KeNB-RRCenc KeN-UPenc KeNB-RRCint KeNB-RRCenc KeN-UPenc

KeNB K

eNB

KeNB

NAS signaling integrity NAS signaling encryption

RRC sign. integrity RRC sign. encryption

user plane encryption key transport

key derivation key usage

USIM

AuC

The shared long term secret that never leaves the USIM or the AuC K

K

CK/IK CK/IK

ASME Access Security Mgmt. Entity AuC Authentication Centre

CK Cipher Key

eNB Evolved Node B IK Integrity Key

MME Mobility Management Entity

NAS Non Access Stratum RRC Radio Resource Control USIM UMTS Subscriber Identity

(5)

EPS Key Hierarchy and Radio Interface Security

(continued)

Authentication and Key Agreement (AKA) based on long term shared secrets (in USIM and AuC)

key hierarchy providing key separation

5 independent 128bit keys

binding of keys to serving network identities

integrity and confidentiality protection of Non Access Stratum (NAS) and Access Stratum (AS) signaling

strong algorithms: SNOW 3G, AES, optionally ZUC

integrity protection mandatory, encryption recommended

no integrity for the user plane (issue with transmission errors)

user and terminal identity confidentiality (against passive attacks only)

(6)

Public

Backhaul Link Security

IKEv2/IPsec with integrity and confidentiality protection mandatory for all traffic (control/user/management plane)

well, not mandatory in all cases:

“In case S1 and X2 user plane interfaces are trusted (e.g. physically protected), the use of IPsec/IKEv2 based protection is not needed.”

[3GPP TS 33.401 V11.2.0 (2011-12)]

and this holds also for control and management traffic S1

S1

eNB

User plane Control plane

MME

eNB

X2

Serving GW SEG

IPsec Tunnels

(7)

profiling of IKEv2/IPsec specified; IKEv2 based on certificates

eNB comes equipped with id, private/public key pair, manufacturer

certificate, can be integrated into the operator PKI via certificate enrolment

“plug and play” solution

alternatively: pre-installed operator certificate for mutual authentication when initially connecting to the core network  more secure and more expensive

a highly secure backhauling solution is specified (but less secure ones are not excluded)

IPsec

Operator RA/CA • manufacturer root

certificate installed

Security Gateway

• operator signed certificate and operator root

certificate installed eNB

• manufacturer key pair and manufacturer signed certificate pre-installed

CMPv2

Backhaul Link Security (continued)

obtain operator signed

certificate and operator root certificate via CMPv2

(8)

Public

Security for Core Interfaces

(NDS/IP – Network Domain Security for IP)

IKE/IPsec profiles specified similar as for backhaul link (IKEv2 or v1, peer authentication based on certificates, IPsec ESP in tunnel mode)

IPsec mandatory to use for integrity protection of control traffic between “security domains”

– example: GTP-C traffic between serving network and home network when roaming

in specific cases, also encryption is mandatory

– e.g. interface between core and 3G radio network controller, if they are in different security domains  protects 3G radio interface keys sent to the controller

– seems that this has been forgotten (?) for the interface between MME in serving network and HSS in home network (S6a when roaming)

all other IPsec protection is optional

Security Gateways (SEGs) to be used at security domain borders

terminate IKE/IPsec

not specified: firewall functions (not required for interoperability)

standard gives hints - but in the end the operator has to decide where and how to use NDS/IP

(9)

Secure Environment

eNB (4G Base Station) Security

Mobile

eNB

User plane encryption

NAS signaling User plane

Radio interface

Control plane protection

SEG

User plane Control plane Management plane

Backhaul Link

(10)

Public

eNB (4G Base Station) Security (continued)

performs the crypto specified for radio interface and backhaul link

has access to the cleartext in the user plane

may be exposed to tampering that can result in compromise - and then:

eavesdrop/modify user traffic, send maliciously crafted PDUs to the core, detach mobiles, discard traffic

mostly applicable to the local cell (possibly also to neighboring cells)

more to figure out …

3GPP requires a secure environment inside the eNB

stores keys, executes crypto, helps to secure boot

preserves integrity and confidentiality of its content

only authorized access

 standardized requirements, but no standardized solution for the secure environment (not required for interoperability)

(11)

HeNB (4G Femto Cell) Security

relevant functions within the security architecture – like the regular eNBs

even more exposed to tampering and compromise - and can be easily set up where required (increase transmission power if necessary)

 targeted attack against victim users, e.g. “celebrity attack”: eavesdrop the celebrity’s calls

plus attacks against the core network (see eNB)

3GPP requires

a Trusted Environment inside the HeNB

– built on a HW-based root of trust, secure boot, load only verified components

– assure the eNB secure environment for crypto, key storage etc.

a device integrity check on boot (in case of failure no access to credentials)

standardized strong requirements, but no standardized solution

(not relevant for interoperability)

a typical operator business case requires cheap HeNBs, low TCO

(12)

Public

HeNB (4G Femto Cell) Security (continued)

HeNB may be in closed mode (can only be used by a CSG – Closed

Subscriber Group) – this can protect other subscribers (in Rel 11)

mutual authentication with IKEv2 when connecting to the core

optional hosting party authentication

IPsec used to be mandatory for all communication with the core network (in Rel 9), but in Rel 11 the standard says:

“If the operator chooses not to use IPsec, mutual authentication

between the H(e)NB device and the SeGW shall be performed and the interface between the H(e)NB and SeGW shall be secured with a

mechanism that provides layer 2 security for confidentiality and

integrity protection of communications. This mechanism then shall also bind this secure communications to device authentication ... “

[3GPP TS 33.320 V11.4.0 (2011-12)]

Would you like to implement it this way?

most of the above holds also for 3G femto cells

(13)

Other EPS Security Mechanisms

cover

usage of relay nodes

non-3GPP access to the core network

mobility

intra LTE

between LTE and 2G/3G networks

between 3GPP and non-3GPP access networks

security for the IP multimedia subsystem ( voice over LTE)

generic bootstrapping architecture

and more

(14)

Public

Threat mitigation

3GPP addresses security of interfaces mainly

security specified for radio interface, backhaul link, core interfaces protects traffic against interception, modification, replay

subscriber authentication

protects against theft of service, impersonation of other subscribers, fraud

there’s a new trend in 3GPP to cover also platform security – by

standardizing requirements (solutions are proprietary)

this leaves a lot to address otherwise:

flooding, crashing or compromising nodes by exploiting implementation flaws, compromising network elements via weak O&M procedures, …

IP network security, network element security

out of scope here: physical site protection, organizational security measures (e.g. malicious insider threat)

(15)

EPS Traffic Separation Example

IMS PDN-GW Serv.GW The Internet Corporate IP network LI Gateway LEA Appl. Server HSS PCRF Untrusted non 3GPP access ePDG Mobile Station

other PLMN / GRX

EPS

MME

eNB

backhaul network

SEG SAE-GW

Control Plane Charging O&M User Plane (intra PLMN) GRX LI IP Services

(16)

Public

EPS Perimeter Security Example

IMS PDN-GW Serv.GW The Internet Corporate IP network LI Gateway LEA Appl. Server HSS PCRF Untrusted non 3GPP access ePDG Mobile Station

other PLMN / GRX

EPS

MME

eNB

backhaul network

SEG SAE-GW SGi FW

ACLs

ACLs S8 FW ACLs

(17)

IP Network Security Measures

traffic separation

perimeter security

secure operation and maintenance (O&M)

secure operation of services/protocols like DNS, NTP, IP routing etc.

additional, enhanced security measures

if required to mitigate a specific threat scenario

if enhanced security is part of the service the MNO offers to the subscribers

examples:

enhanced packet inspection, intrusion detection and prevention

enhanced security support for IP based mobile stations (e.g. antivirus, antiphishing, parental control, health check etc.)

(18)

Public

Network Element Security

threat and risk analysis per network element

network element security architecture

secure coding

hardening

security testing

security audit

security vulnerability monitoring

process for timely patching

This is really essential!

(19)

Summary: How to Secure an LTE-Network?

Comply with the 3GPP recommendations

… and choose the good options!

Do all the other stuff:

use IP network security mechanisms

use network elements designed and

implemented with security in mind

organizational security measures,

physical site protection, …

monitor your network

(20)

Public

Some Abbreviations

3GPP 3. Generation Partnership Project ASME Access Security Management Entity AuC Authentication Centre

CA Certificate Authority

CMP Certificate Management Protocol CK Cipher Key

eNB Evolved Node B enc Encryption

EPC Evolved Packet Core

ePDG Evolved Packet Data Gateway EPS Evolved Packet System

ESP Encapsulating Security Payload GRX GPRS Roaming eXchange Network GTP-C GPRS Tunneling Protocol - Control GW Gateway

HeNB Home eNB HNB Home Node B

HSS Home Subscriber Server IK Integrity Key

IMS IP Multimedia System

int Integrity

K Key

LEA Law Enforcement Agency LI Lawful Interception

LTE Long Term Evolution

MME Mobility Management Entity NAS Non Access Stratum

PCRF Policy and Charging Rules Function PDN Packet Data Network

PKI Public Key Infrastructure PLMN Public Land Mobile Network RA Registration Authority

RRC Radio Resource Control

SAE System Architecture Evolution SEG Security Gateway

SeGW Security Gateway Serv.GW Serving Gateway

UMTS Universal Mobile Telecomunication System UP User Plane

References

Download now ( PDF - 20 Page - 799.94 KB )

Related documents

Best Practices for Energy Cost Savings In New York State Schools. Prepared for New York Power Authority by: Optimal Energy, Inc.

Furthermore, across New York State, the Energy Services for Schools Program has identified and installed numerous photovoltaic solar panel sites as an education tool

Performance of wall panels with grouted sleeve connector under shear and bending

Then, the connector tested under shear and bending test to study the connection's performance between the bonding of grout and precast concrete wall and analysed the types of failure

African Caribbean peoples' experience of mental health services and factors moderating length of hospital stay

mental health care provision. The other 11 studies aimed to explore African Caribbean people's experiences of mental health services either through interviews, focus groups

Industry Leader in Yacht Sales, Charter & New Construction 65 FLYBRIDGE. 65' 0" / 19.81m MONTE CARLO YACHTS Staterooms

The en-suite head is aft and to port and features many of the same furnishings that are in the master bath including a large stall shower, beautiful basin sink and faucet, and

Colocation vs. Cloud:

Both colocation and cloud computing (which, for our purposes, includes shared hosting and Virtual Private Server [VPS]) were a natural progression of the outsourcing of IT

A needs analysis approach to ESP syllabus design in Greek tertiary education: A descriptive account of students’ needs

It is acknowledged that the target group of learners despite the fact that they are all adults, are far from what could be categorized as a homogeneous group (Mc Kay & Tom,

Needs Assessment in ESP: A Review

Moreover in medical and health care unit Dafa-Allah (2012) investigated on ESP learners’ needs in a case study of medicine students at Sudanese Universities, Gass (2012) designed

Esp Needs Analysis for Midwifery Students: a Learner Centered Approach

To do so the study investigated types of problems midwifery students face in improving their proficiency in English writing and speaking, sorts of teaching aids