1/19 bcmcs support in is-820-c (stage 2) lijun zhao qualcomm lzhao@qualcomm.com 1-858-651-9420 july...

1/19

BCMCS Support In IS-820-C(Stage 2)

Lijun ZhaoQUALCOMM

lzhao@qualcomm.com1-858-651-9420

July 20th, 2004

2/19

Copyright

Notice©2004 QUALCOMM Incorporated. All rights reserved.QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include portions of the contribution; and at the Organization Partner’s sole discretion to permit others to reproduce in whole or in part such contributions or the resulting Organizational Partner’s standards publication. Qualcomm Incorporated is also willing to grant licenses under such contributor copyrights to third parties on reasonable, non-discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution.This document has been prepared by Qualcomm Incorporated to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on Qualcomm Incorporated. Qualcomm Incorporated specifically reserves the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of Qualcomm Incorporated other than provided in the copyright statement above.Qualcomm Incorporated may hold one or more patents or copyrights that cover information contained in this contribution. A license will be made available to applicants under reasonable terms and conditions that are demonstrably free of any unfair discrimination. Qualcomm Incorporated reserves the right to use all material submitted in this contribution for its own purposes, including republication and distribution to others.

3/19

BCMCS Status Overview

Current status:

X.P0022 V0.1.0 (TSG-X BCMCS) and S.P0083 V1.2 (TSG-S BCMCS security framework) are currently in very stable shape, V&V now, will be published soon.

C.S0054 (HRPD BCMCS) and IS-2000-D (BCMCS feature included) have been published.

TSG-A IOS A.S0019 is in V&V, will be published in July-August

In order to support end-to-end BCMCS, RUIM is lagging behind.

Objective:

• To support BCMCS service in RUIM standard for cdma2000 and cdma2000 HRPD network

4/19

Overview of KEYS

• Registration/Root Key: RK

• Broadcast Access Key: BAK

– Should be delivered to R-UIM, not divulged to ME

• Short term Key: SK

– Should be derived in R-UIM from BAK and delivered to ME

• TK: Derived from RK, used to encrypt/decrypt BAK

• Authentication-Key: Auth-Key

– Derived from RK, used to generate digest response

5/19

Key Management

• RUIM is provisioned with RK

• RUIM derives TK from RK and TK_RAND using SHA-1 (f0)

• RUIM uses TK to decrypt BAK, BAK is stored in RUIM but ME can not access to it

• RUIM derives SK from BAK and SK_RAND using SHA-1 (f3) and then passes SK to ME

• RUIM generates Auth_Key for authentication of BCMCS Information Acquisition

• RUIM generates authorization signature from BAK and timestamp by using EHMAC algorithm (BAK Hash)

• RUIM generates SRTP session Encryption Key using AES

6/19

Encryption

• SK provides Link Layer Encryption:

RUIM generates SK from BAK and SK_RAND

• SRTP provides Higher Layer Encryption:

RUIM generates SRTP Session Encryption Key from BAK, SK_RAND and Packet Index

7/19

RUIM Vs. ME in terms of BCMCS

8/19

Responsibility of RUIM • Generate TK from RK and decrypt BAK by using TK• Compute SK and pass it to ME • Store Registration Key, BAK, BCMCS_Flow_ID, BAK_ID and BAK_ Expire, • Generate Auth-Key from RK and calculate digest response• Generate SRTP session Encryption Key using AES• Generate authorization signature from BAK and timestamp

by using EHMAC algorithm (BAK Hash)

9/19

Responsibility of ME

• Use SK to decrypt BCMCS content

• Determine whether to issue RetrieveSK command by checking BAK_ID and SK_RAND

• Initiate BAK Request and then issue update BAK command

• Can store BCMCS_FLOW_ID, BAK_ID, BAK_EXPIRE, SK and SK_RAND

• Determine the expiry of BAK and send delete BAK command

10/19

New UIM EFs/Hidden Files

EFs:

• BAK_Para: Linear Fixed

{BCMCS_Flow_ID,BAK_ID,BAK_Expire}

• UpdatedBAK_Para: Cyclic EF

{BCMCS_Flow_ID,BAK_ID, BAK_Expire}

HFs (Hidden File):

• BAK: currently used

• UpdatedBAK

11/19

ACCESS CONDITIONS

BAK_Para

UpdatedBAK_Para

READ CHV1

UPDATE ADM

INVALIDATE ADM

REHABILITATE ADM

12/19

RUIM Computation

• Generate SK

• Generate TK

• Decrypt BAK using TK

• Generate Auth_Key

• Calculate digest response

• Generate SRTP session encryption key

• Generate authorization signature

13/19

New Commands/Responses

• Retrieve SK

Command Parameters: Number of parameters: BCMCS_Flow_ID, BAK_ID, SK_RAND

Response Parameters: Number of parameters: BCMCS_Flow_ID, SK

• ManagementOperation

Command Parameters: OP_ID, OP_Body

Response Parameters: OK, etc

• Retrieve SRTP SK

Command Parameters: BAK_ID, SK_RAND, Packet Index

Response Parameters: SRTP SK

14/19

New Commands/Responses(Cont’)

• Generate Authorization Signature

Command Parameters: BCMCS_Flow_ID, BAK_ID, Time Stamp

Response Parameters: Auth Signature

• BCMCS Authentication

Command Parameters: RAND, Challenge

Response Parameters: response

15/19

Retrieve SK

Upon receipt of Encrypted Content IP packet flow from CE:

If

BCMCS_Flow_ID and BAK_ID are found in EF(BAK_Para), use the corresponding BAK from HF(BAK) to generate SK.

Otherwise

If the ID pair matches any record in EF(UpdatedBAK_Para), copy the 3 parameters into the EF(BAK_Para), copy the corresponding BAK from HF(UpdatedBAK) to HF(BAK) and use this BAK to generate SK.

Otherwise,

Return an error status word

16/19

BAK Management

• Update BAK:

– To create a new entry in EF(UpdatedBAK_Para) and put the decrypted BAK into a record in HF(UpdatedBAK) appropriately (one-to-one mapping)

– OP_Body: BCMCS_Flow_ID, BAK_ID, BAK_Expire, [BAK], TK_RAND

• Delete BAK:

- To delete record in HF(UpdatedBAK) and EF(UpdatedBAK_Para)

- OP_Body: BCMCS_Flow_ID, BAK_ID

17/19

Service Table

• Add BCMCS service entry in CDMA Service Table.

18/19

BCMCS Exchange Flow

RUIM ME Network

ManageOperation(Update BAK)

BAK Update

OK

Auth Signature

BAK RequestBCMCS

Auth(Challenge,TimeStamp)

Response

BAK Request w/digestresponse

BCMCS HTTP 401

Retrieve (SRTP)SK

(SRTP)SK

Generate AuthorizationSignature

[Content Flow]

Registration Message

19/19

Further Stage 3 Work

• Define details of EFs/HFs, and Command/Responses

• Write the requirements/procedures