5g security - haic · microsoft powerpoint - 5g security.pptx author: admin created date: 3/20/2019...
TRANSCRIPT
![Page 1: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/1.jpg)
5G Security
Alf Zugenmaier, Munich University of Applied Sciences
March 1, 2019
![Page 2: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/2.jpg)
5G Security 2 A. Zugenmaier
Warning
This presentation has a high density of acronyms.
If you would like to be reminded of their meanings, please ask or
look up at http://webapp.etsi.org/Teddi/.
![Page 3: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/3.jpg)
5G Security 3 A. Zugenmaier
Agenda
� 5G Standardization Process
� 5G Architecture
� 5G's Security Goals
� 5G Key Enhancements
� Summary
![Page 4: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/4.jpg)
5G Security 4 A. Zugenmaier
Agenda
� 5G Standardization Process
� 5G Architecture
� 5G's Security Goals
� 5G Key Enhancements
� Summary
![Page 5: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/5.jpg)
5G Security 5 A. Zugenmaier
5G Standardization Process - Actors
� ITU-T
� High level requirements (IMT2020)
� IETF
� RFCs – protocols
� IPsec
� TLS
� EAP
� 3GPP
� System specification
� Interoperability
� Standards bodies
� ETSI, etc.
![Page 6: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/6.jpg)
5G Security 6 A. Zugenmaier
5G Standardization Process – 3GPP
� Industry Association
� Organizational Partners
� ARIB, ATIS, CCSA, ETSI, TSDSI, TTA, TTC
� Members can attend meetings
� Companies, Ministries, etc.
� Output
� Technical reports
� Feasibility study
� Technical specifications
� System specification of procedures (API like view)
![Page 7: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/7.jpg)
5G Security 7 A. Zugenmaier
3GPP Process
� Structure
� Technical Specification Groups (SA, CT, RAN)
� Working Groups (e.g. WG SA3: security)
� Project planning
� Study items (e.g. Study on Next Generation Security Architecture)
� Output: none
� Work items (e.g. 5G Phase 1 security)
� Output: TS 33.501
� Releases
� 5G phase 1 – R15
� Stages
� Requirements, architecture, protocols
![Page 8: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/8.jpg)
5G Security 8 A. Zugenmaier
3GPP process
� Input
� Contribution driven
� Textual modifications to specifications
� Member company contributions
� Consensus
� Lack of sustained objection
� Voting: more than 71% in favour
![Page 9: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/9.jpg)
5G Security 9 A. Zugenmaier
Agenda
� 5G Standardization Process
� 5G Architecture
� 5G's Security Goals
� 5G Key Enhancements
� Summary
![Page 10: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/10.jpg)
5G Security 10 A. Zugenmaier
Mobile Network Architecture in a Nutshell
Other
Network(s)
Radio Access Network
Security
Gateway
Gateway
Core Network
![Page 11: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/11.jpg)
5G Security 11 A. Zugenmaier
Mobile Network Architecture in a Nutshell
Other
Network(s)
Radio Access Network
Security
Gateway
Gateway
Core Network
![Page 12: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/12.jpg)
5G Security 12 A. Zugenmaier
Mobile Network Architecture in a Nutshell
Other
Network(s)
Radio Access Network
Security
Gateway
Access Stratum Security Network Domain
Security
Network Domain
Security
Gateway
Core Network
![Page 13: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/13.jpg)
5G Security 13 A. Zugenmaier
5G Mobile Network Architecture in a Nutshell
Other
Network(s)
Radio Access Network
Security
Gateway
Access Stratum Security Network Domain
Security
Network Domain
Security
Gateway
Core Network
DU
CU
AMF SMF
UPF
DU: Distributed Unit of gNodeB
CU: Central Unit of gNodeB
AMF: Access Management Function
SMF: Session Management Function
UPF: User Plane Function
UDM: Unified Data Management
ARPF: Authentication credential
Repository and Processing Function
UDM ARPF
Non-Access Stratum Security
![Page 14: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/14.jpg)
5G Security 14 A. Zugenmaier
gNB
5G Mobile Network Architecture
DU CU
AMF SMF
UPF
gNB: 5G base station
AMF: Access Management Function
SEAF: Security Anchor Function
SMF: Session Management Function
UPF: User Plane Function
UDM: Unified Data Management
ARPF: Authentication credential Repository
and Processing Function
N3IWF: Non-3GPP InterWorking Function
UDM ARPF
Non-3GPP access
(e.g. WLAN)
N3IWF
SEAFexternal AAA for secondaryauthentication
Home network
Visited / home network
![Page 15: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/15.jpg)
5G Security 15 A. Zugenmaier
RAN architecture option
� Non standalone with 4G core
� Dual Connectivity
� 5G NR to increase capacity
� eNB as master node
� gNB as secondary node
� Security as in 4G
![Page 16: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/16.jpg)
5G Security 16 A. Zugenmaier
Agenda
� 5G Standardization Process
� 5G Architecture
� 5G's Security Goals
� 5G Key Enhancements
� Summary
![Page 17: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/17.jpg)
5G Security 17 A. Zugenmaier
5G Security Goals
� At least as good as 4G
� Subscriber authentication
� Encryption on radio interface
� Protection of subscriber identity
� Network authentication
� Key separation
� Good for homogenous security requirements
� Same security applied to all users and services
� Make it better
� Evolution instead of revolution
![Page 18: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/18.jpg)
5G Security 18 A. Zugenmaier
5G Security Goals
� Fix known weaknesses
� Some of them
� Provide unified framework for authentication
� Enable secondary authentication for applications
� Network and service flexibility
![Page 19: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/19.jpg)
5G Security 19 A. Zugenmaier
Agenda
� 5G Standardization Process
� 5G Architecture
� 5G's Security Goals
� 5G Key Enhancements
� Summary
![Page 20: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/20.jpg)
5G Security 20 A. Zugenmaier
SUPI (IMSI) Privacy
� 4G
� Initial attach with permanent identity
� Response to identity request in clear
� 5G
� Encryption of SUPI with public key of home operator (SUCI)
� Routing information (home network ID) in clear
� SUPI revealed to VPLMN only after authentication
� Binding of SUPI into key
� UE and HPLMN have to use the same SUPI: requested for lawful
intercept purposes
� Respond to identifier request with SUCI
� No SUPI based paging
![Page 21: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/21.jpg)
5G Security 21 A. Zugenmaier
More Privacy
� Service request messages
� Network may have lost UE keys
� UE sends in clear only information for locating security context
� Initial NAS protection
� Reallocation of temporary IDs
� After security set up
� On every periodic mobility registration update
� After use in paging
![Page 22: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/22.jpg)
5G Security 22 A. Zugenmaier
Unified Security Framework
� Credential storage on secure hardware (UICC)
� Access via 3GPP radio and non-3GPP radio
� Authentication
� EAP AKA' for 3GPP and non 3GPP
� Native AKA for 5G access
� One security context for both access technologies
![Page 23: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/23.jpg)
5G Security 23 A. Zugenmaier
Radio Network Security
� Integrity protection
� Finally!
� Split of gNB into Central and Distributed Unit (CU/DU)
� CU performs security functions (confidentiality/integrity)
� Can be located closer to the core
� Visibility
� Requirement to enable applications to check security being applied to
the connection
![Page 24: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/24.jpg)
5G Security 24 A. Zugenmaier
Increased home network control
� Proof of presence
� UE is in visited network
� Native to EAP AKA
� 5G AKA
� Challenge Response with UE
� Visited network receives hash of response
� Response has to be forwarded to home network
� Linking of subsequent procedures
� Registration procedure only accepted after successful authentication
![Page 25: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/25.jpg)
5G Security 25 A. Zugenmaier
Trust model – non roaming
� Separation of AMF (mobility) and SEAF (security)
ME
UDM
ARPF
AUSFSEAFAMFCUDUUSIM ME
![Page 26: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/26.jpg)
5G Security 26 A. Zugenmaier
Key hierarchy
� Key separation
between trust domains
� Future proofing:
bid down protection
by ABBA parameter in
KAMF derivation KAMF
KNASencKNASint
KRRCint KRRCenc KUPint KUPenc
AMF
KN3IWF KgNB, NH
N3IWF gNB
SEAF
AUSF ME
ME
ME
ME ME
UE sideNetwork side
K
5G AKA EAP-AKA'
USIM
ME
UDM/ARPF
UDM/ARPF
CK, IK
KAUSF
KSEAF
CK', IK'
KAUSF
HPLMN
VPLMN
![Page 27: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/27.jpg)
5G Security 27 A. Zugenmaier
Trust model - roaming
ME
UDM
ARPF
AUSFSEAFAMFCUDUUSIM ME SEPP SEPP
Visited network Home network
![Page 28: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/28.jpg)
5G Security 28 A. Zugenmaier
Requirements for Interoperator Interconnect
� End to end confidentiality and integrity
� Authenticity of the sending network
� Support addition, deletion, modification of information elements
by intermediate nodes
Operator A Operator BIPX A IPX B
![Page 29: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/29.jpg)
5G Security 29 A. Zugenmaier
Security for Interoperator Interconnect
cSEPP pSEPP
pIPXcIPX
NF NF
Clear text IEs
Encrypted IEs
(JWE)
Meta data
JSON patch
IPX Id
JWS Signature
JSON patch
IPX Id
JWS Signature
Clear text IEs
Encrypted IEs
(JWE)
Meta data
HTTP/2 Request HTTP/2 Request
N32-c
N32-f
JWE
JWS
JWS
Public key
cIPX
Public key
pIPX
JSON Patch
modification(s)
JSON Patch
modification(s)
Symmetric
key A
Symmetric
key A
Private key
cIPX
Private key
pIPX
![Page 30: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/30.jpg)
5G Security 30 A. Zugenmaier
Steering of Roaming
� UE connects to "best" network
� Home operator may want to reconfigure UE about "best"
� Inclusion of steering list in registration accept
� Optional confirmation
![Page 31: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/31.jpg)
5G Security 31 A. Zugenmaier
Agenda
� 5G Standardization Process
� 5G Architecture
� 5G's Security Goals
� 5G Key Enhancements
� Summary
![Page 32: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/32.jpg)
5G Security 32 A. Zugenmaier
gNB
5G Security Architecture
DU CU
AMF SMF
UPF
UDM ARPF
SEAF
Home network
Visited / home network
Security Gateway
User plane security
AS (Radio) control plane security
NAS security
Interconnect security
NDS/IP (IPsec)
TLS
SEPP
SEPP
![Page 33: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/33.jpg)
5G Security 33 A. Zugenmaier
Summary
� Evolution of 4G security
� More privacy
� Unified security framework
� RAN security
� Integrity
� Security termination point
� Future proofing
� Interconnect Security
![Page 34: 5G security - HAIC · Microsoft PowerPoint - 5G security.pptx Author: Admin Created Date: 3/20/2019 3:22:28 PM](https://reader034.vdocuments.net/reader034/viewer/2022042320/5f099ea97e708231d427b445/html5/thumbnails/34.jpg)
5G Security 34 A. Zugenmaier
Thank you for your attention