Académique Documents
Professionnel Documents
Culture Documents
The Universal Mobile Telecommunication System (UMTS) 3G Mobile Telephony provides full support and a Radio Net Subsystem (RNC) enhancement for existing 2G/2.5G/2.75G GSM/HSCSD/GPRS/EDGE technologies. UMTS operates the frequency ranges 1920-1980 for uplink and 2110-2170 MHz for downlink. UMTS enables high bit rates - up to 384 kbit/s for circuit switched data communication and up to 2 Mbit/s for packet switched data communication and multimedia services.
Standards
3G TS 23.110 3G TS 25.301 3G TS 25.321 3G TS 25.322 3G TS 25.323 3G TS 25.324 3G TS 25.331 3G TS 25.401 3G TS 25.410 3G TS 25.411 3G TS 25.413 3G TS 25.420 3G TS 25.423 3G TS 25.430 3G TS 25.433 3G TS 29.060 UMTS Access Stratum Services and Functions Radio Interface Protocol Architecture Medium Access Control (MAC) Protocol Specification Radio Link Control (RLC) Protocol Specification Packet Data Convergence Protocol (PDCP) protocol Radio Interface for Broadcast/Multicast Services Radio Resource Control (RRC) Protocol Specification UTRAN Overall Description UTRAN Iu Interface: General Aspects and Principles UTRAN Iu interface Layer 1 UTRAN Iu Interface: RANAP Signaling UTRAN Iur Interface: General Aspects and Principles UTRAN Iur interface RNSAP Signaling UTRAN Iub Interface: General Aspects and Principles UTRAN Iub interface NBAP Signaling GPRS tunneling protocol (GPT) across the Gn and Gp interface, CCITT Rec. E.880, field data collection and evaluation on the performance of equipment, network, and services
System Architecture
Figure umts1 shows the system architecture of UMTS. The NSS, the OSS, and the GPRS support nodes SGSN and GGSN of the GSM/GPRS system constitute the Core Network (CN) in the UMTS system. CN has two logial domains 1. the Circuit Switched Domain (CSD) connected to PSTN 2. the Packet Switched Domain (PSD) connected to a Packet Data Network (PDN), usually an IP or an X.25 network.
Uu: UE to Node B (UTRA, the UMTS WCDMA air interface Iu: RNC to GSM Phase 2+ CN interface (MSC/VLR or SGSN) i. Iu-CS for circuit-switched data ii. Iu-PS for packet-switched data
Iub: RNC to Node B interface Iur: RNC to RNC interface, not comparable to any interface in GSM.
The Iu, Iub, and Iur interfaces are based on ATM transmission principles.
o o o o o o o o
Radio Resource Control Admission Control Channel Allocation Power Control Settings Handover Control Macro Diversity Ciphering Segmentation / Reassembly
o o
A UTRAN Node B is the physical unit for radio transmission/reception with cells. One or more cells may be served by a Node B which also can be co-located with a GSM BTS. The UMTS enhancement of the SIM in a GSM/GPRS Mobile Station (MS) is the Universal SIM (USIM) in a User Equipment (UE). A UMTS UE can operate in one of three modes of operation. The different UMTS UE operation modes are defined as follows:
PS (Packet Switched) mode: The UE/MS is attached to the PSD only and may only operate services on the PSD. However, this does not prevent the offering of CS-like services over PS (e.g., voice over IP). CS (Connection Switched) mode: The UE/MS is attached to the CSD only and may only operate services of the CSD. However, this does not prevent the offering of PS-like services over CS. PS/CS mode: The UE/MS is attached to both the PSD and the CSD. The MS is capable of simultaneously operating both PS and CS services. All combinations of different operation modes as described for GSM and UMTS UE/MSs will be allowed for GSM and UMTS multisystem terminals.
A GSM/EDGE BSS must however be modified in order to be used as a radio access network to a 3G UMTS CN. Real time services are not supported in a 2G CN. The GSM/EDGE Radio Access Network (GERAN) standard ETSI TS 143 051 (3GPP TS 43.051) specifies a BSS with the ability to interface also with a 3G UMTS core network over the lu interface used in UTRAN, see Figure umts4. The same GERAN can thus support separate 2G and 3G CNs, see Figure umts5
Figure umts6. User Plane UMTS Protocol Architecture in CSD. The Radio Link Control (RLC) protocol is used for the radio interface Uu.
In Figure umts7 it can be seen that some layers are the same as GPRS layers. The new layers are
Packet Data Convergence Protocol (PDCP), which maps higher-level characteristics onto the characteristics of the underlying radio interface protocols. PDCP supports IPv4, PPP, and IPv6, among other protocols. GPRS Tunneling Protocol for the User Plane (GTP-U), which tunnels user data between UTRAN and the 3G-SGSN, and between the GSNs in the backbone network.
The UMTS Control Plane Protocol Architecture for PSD is shown in Figure umts8. SCCP is the SS7 signaling protocol in the GSM protocol architecture for the control plane (see Figure gsm11). New protocols are Radio Resource Control (RRC) and Radio Access Network Application Part (RANAP). Packet switched services of the 3G-SGSN are
GPRS Mobility Management (GMM) Session Management (SM) SMS. The UMTS Control Protocol Architecture for CSD is the same as in Figure umts8 but for the services
Mobility Management (MM) UMTS Mobility Management (UMM) Call Control (CC) Signalling Subsystem (SS)
of the 3G-MSC.
The User Plane Protocol Architecture for GERAN is shown in Figure umts9. The most noticeable differences of the packet switching mode are, that
the packet data convergence protocol (PDCP) is used as a radio link layer protocol for operation over the Iu-ps interface instead of the SNDCP/LLC protocols, which are used for operation over the Gb interface
to a GSM/GPRS/EGPRS CN
In the circuit switching mode, the Iu-cs interface partly uses the same protocol stack as the Iu-ps interface, but operates with RLC/MAC protocol layers in transparent mode. The protocol stack for the A interface to a GSM/HSCSD/ECSD CN is unchanged.
The Control Plane Protocol Architecture for GERAN is shown in Figure umts10. The PS and CS channels are handled by the Radio Resource Control (RRC) protocol when the Iu interface is used. The radio resource (RR) protocol of GSM/GPRS is reused for the A/Gb interface. The only exception is for common control channels, such as the Broadcast Control Channel (BCCH). For such channels, the RR protocol is used regardless of service.
Air interface Transmission / Reception Modulation / Demodulation CDMA Physical Channel coding Micro Diversity Error Handing Closed loop power control The modulation scheme is Quadrature Phase-Shift Keying (QPSK).
Cell Search with asynchronous base station operation Random Access Packet Access Paging with discontinuous reception Dedicated channel synchronisation. The physical layer processing chain consists of CRC detection, convolutional coding, turbo coding,
Streaming class
REAL TIME
Interactive class
BEST EFFORT
Background class
BEST EFFORT
- Preserves time relation (variation) between information Fundamental entities of the streamcharacteristics Conversational pattern (stringent and low delay) voice
- Destination is not expecting the data within a certain time- Preserves data integrity
Application
streaming video
web browsing
download of emails
example
Traffic class ('conversational', 'streaming', 'interactive', 'background') Maximum bit rate (kbps) Guaranteed bit rate (kbps) Delivery order (y/n) Maximum Service Data Unit (SDU) size (octets) SDU format information (bits) SDU error ratio Residual bit error ratio Delivery of erroneous SDUs (y/n/-) Transfer delay (ms) Traffic handling priority Allocation/Retention Priority Source statistics descriptor ('speech'/'unknown')
Security
The security functions of UMTS are based on what was implemented in GSM. Some of the security functions have been added and some existing have been improved. Encryption algorithm is stronger and included in base station (NODE-B) to radio network controller (RNC) interface , the application of authentication algorithms is stricter and subscriber confidentially is tighter. SECURITY FEATURES ADOPTED FROM GSM ARE
Authentication of subscribers for service access. All subscribers have to be authenticated before allowed to use the requested services. The authentication process ensures that the real identity of a subscriber is the same as the one claimed by the subscriber. Sometimes, the authentication process can be optional. In that case, UMTS security clarifies the condition how optional authentication can be used.
Radio interface encryption. The transmission of signalling and user data over the radio interface are encrypted to protect against eavesdrop by unauthorised individuals. In UMTS the encryption schemes intend to be more powerful to provide improved protection against sophisticated attacks. The increasing and available computing power improves the possibilities of cryptanalysis nowadays and in the near future. However, UMTS security addresses the fact that the method of negotiating which encryption algorithm to be used is open to attack.
Subscriber identity confidentiality. The mobile station and the radio interface keeps the permanent identity of a subscriber confidential. The network allocates a temporary identity with no reference to the permanent identity. UMTS aims to providing a more secure mechanism for allocating temporary identities.
Subscriber Identity Module (SIM) to be removable from UE hardware. UMTS uses also like GSM a removable security module in the UE. This User Services Identity Module (USIM) personalises and
implements the security features in the UE. The network operator can manage and program this
module. SIM application toolkit. These security features are retained for providing a secure application layer channel between the USIM and the home network server. Independent operation of security features. The operation of security features is independent of the user. The user does not have to do anything to operate the security features.
Security against using false base stations with mutual authentication. Encryption is extended from the radio interface only to include also the Node-B to RNC connection. Radio interface ciphering/deciphering in performed in RNC in the network side and in UE devices. Security data in the network will be protected in data storages and while transmitting ciphering keys and authentication data in the system.
Core network traffic between RNCs, MSCs and other networks is not ciphered and operators can implement protections for their core network transmission links, but that is unlike to happen. MSCs will have by design a lawful interception capabilities and access to Call Data Records (SDR), so all switches will have to have security measures against unlawful access.
Network access security: the set of security features, i.e. identification, encryption and authentication, providing users with secure access to 3G services. These security features in particular protect against attacks on the (radio) access link; Network domain security: the set of security features that enable nodes in the provider domain to securely exchange signalling data. These security features protect against attacks on the wireline network;
User domain security: the set of security features providing secure user access to UE devices. These features include the user to USIM authentication and the USIM-ME authentication. The user to USIM authentication ensures that the access to the USIM is restricted until the USIM has authenticated the user. The USIM-UE authentication ensures that access to a ME device is restricted to an authorised
USIM. The USIM and the ME must share a secret that is stored securely in the USIM and the ME. Application domain security: the set of security features that enable applications in the user domain and in the provider domain to securely exchange messages. Application domain security includes a security mechanism for accessing the user profile data and IP security. In addition, it includes a mechanism for secure messaging between the network and the USIM, e.g. to protect messages transferred over the network to applications on the USIM.
Visibility and configurability of security: the set of features that enables the user to inform himself whether a security feature is in operation or not and whether the use and provision of services should depend on the security feature.
UMTS SPECIFICATION HAS THE FOLLOWING USER IDENTITY CONFIDENTIALITY SECURITY FEATURES:
User identity confidentiality: the property that the permanent user identity (IMSI) of a user to whom a services is delivered cannot be eavesdropped on the radio access link; User location confidentiality: the property that the presence or the arrival of a user in a certain area cannot be determined by eavesdropping on the radio access link; User untraceability: the property that an intruder cannot deduce whether different services are delivered to the same user by eavesdropping on the radio access link.
a random challenge RAND, 128 bit an expected response XRES, variable length a cipher key CK, 128 bit an integrity key IK, 128 bit
RAND and XRES are utilized by the network to authenticate the UE as a MS is authenticated by a GSM/GPRS network. AUTN, a concatenation of three individual parameters, AUTN = SQN AK || AMF || MAC is utilized by the UE to authenticate the UMTS network. An overview of the AKA protocol is shown in Figure umts13.
Figure umts13. Authentication and Key Agreement (AKA) in UMTS (Chatzinotas, 2006).
After the mutual authentication, the UE and the UMTS network can agree on the calculated Ciphering Key (CK) and the Integrity Key (IK). These keys will be used throughout the rest of the session
Figure umts15 depicts the operation of UIA which is based on the f9 algorithm. UIA is utilized to protect both communication and signalling.
Figure umts15. UMTS Integrity Algorithm (UIA) for UE/RNC as sender/receiver (Chatzinotas, 2006).
6.4 USER CONFIDENTIALITY UMTS utilizes the same mechanism as GSM to provide user confidentiality. Instead of the IMSI, a temporary identity (TMSI) assigned by VLR is used to identify the subscriber in the communication messages exchanged with the BS. However, the IMSI is still transmitted in cleartext over the air while establishing the TMSI. This has been proved to be a starting point for security attacks against UMTS. 6.5 GSM COMPATIBILITY UMTS has been designed to be backwards compatible with GSM. It includes standardized security features in order to ensure world-wide interoperability and roaming. More specifically, GSM user parameters are derived from UMTS parameters using a set of predefined conversion functions. However, GSM subscribers roaming in UMTS networks are supported by the GSM security context, which is vulnerable to the aforementioned GSM vulnerabilities. 6.6 SECURITY VULNERABILITIES Although UMTS security has been greatly improved in comparison with GSM, there are still some vulnerabilities, which are related to the backwards compatibility UMTS with GSM. (Meyer & Wetzel, 2004a; Meyer & Wetzel, 2004b) have presented a man-in-the-middle attack which can be mounted even if the subscriber utilizes a UMTS enabled device within a UMTS coverage area. Furthermore, for an attack described in this paper, UMTS subscribers are vulnerable to what is called a false base station attack, even if subscribers are roaming in a pure UMTS network and even though UMTS authentication is applied. This attack can be c ategorized as a rollback attack. This category of attacks exploits weaknesses of old versions of algorithms and protocols by means of the mechanisms defined to ensure backward compatibility of newer and stronger versions. According to this technique, the attacker acts on behalf of the victim mobile station in order to obtain a valid authentication token AUTN from any real network. It is assumed that the attacker has already retrieved the IMSI of the targeted subscriber, since the latter is sent in cleartext when establishing a TMSI. The attacker can capture the AUTN by
initiating the AKA procedure with any legitimate network. The next step is to impersonate a valid GSM base station to the victim mobile station. The mobile station connects and verifies the rogue BS, since it posses a valid AUTN. Furthermore, the rogue BS is configured by the attacker to utilize no encryption or weak encryption. Finally, the attacker can send to the mobile station the GSM cipher mode command including the chosen encryption algorithm. The man-in-the-middle attack is mounted and the attacker can use passive or active eavesdropping without being detected.