lte security threats
Post on 31-Dec-2015
108 Views
Preview:
DESCRIPTION
TRANSCRIPT
LTE NETWORK ARCHITECTURE
A. Mobility Management Entity
B. User Equipment
m C. Evolved Node B (eNodeB)
D. Serving Gateway (S-GW)
E. Home Subscriber Server (HSS)
F. Policy and Charging Rules Function
G. PDN Gateway
◦
SECURITY ARCHITECTURE Network access security
Network domain security
User domain security
Application domain security
Non 3GPP domain security
VULNERABILITIES IN LTE A) LTE architecture vulnerability
-Flat IP
- Rogue Base Station attacks
B) LTE access procedure vulnerability
-User Privacy
-DOS attacks
C) LTE Handover Procedure Vulnerability
-Lack of backward security
-Replay Attacks
D) LTE IMS Security Mechanism
VULNERABILITIES (continued)D) LTE HeNB Security Mechanism
-Mutual authentication
-Denial of Service
E) MTC architecture Vulnerability
-False network attack
-User Privacy
-Tracking
-Tampering
-Signal Congestion
SOLUTIONS TO VULNERABILITES Solutions to Access Procedure
A new subscriber module ESIM instead of the USIM to provide mutual authentication between ESIM and the MME or the HSS.
Security enhanced authentication and key agreement.
EPS-AKA protocol is replaced by Juggling (J-PAKE) protocol for password authentication.
Solutions to Handover Procedure
Simple and robust handover procedure based on proxy signatures.
Dynamic password is associated with a public-key to provide non-repudiation service
SOLUTIONS (CONTINUED)Solutions to IMS Security
One-pass AKA procedure to reduce authentication overhead.
Identity Based Cryptography (IBC) to enhance the security of the IMS authentication process.
Solutions to HeNodeB Security
Location and identity tracking at the air interface by assigning and changing identifiers.
Solutions to MTC Security
By ensuring, triggering of UEs happens only when the triggers are received from authorized network entities.
Keeps a list of MTC servers authorized to send trigger to a given UE and the type of trigger the MTC server is authorized to send.
Construction of a managed group and choosing a group leader.
Group based authentication and key agreement (GAKA) for a group of UEs roaming from the same home network (HN) to a serving network (SN).
REFERENCES [1] C. Vintila, V. Patriciu, and I. Bica, ”Security Analysis of LTE Access Network”, Proceedings of The Tenth International Conference on Networks (ICN 2011), January 2011, pp. 29-34.
[2] R. Rajavelsamy and S. Choi, ”Security Aspects of Inter-accessSystem Mobility between 3GPP and Non-3GPP networks,” Proceedings of Communication Systems Software and Middleware and Workshops (COMSWARE), January 2008, pp.209-213.
[3] C. K. Han, H. K. Choi and I. H. Kim, ”Building Femtocell More Secure with Improved Proxy Signature”, Proceedings of IEEE GLOBECOM 2009, USA, December 2009, pp. 1-6.
[4] Jin Cao, Maode Ma, and Hui Li, ”A Group-based Authentication and Key Agreement for MTC in LTE Networks”, Proc. IEEE GLOBECOM 2012, Dec. 2012, accepted for publication.
[5] 3rd Generation Partnership Project; Technical Specification Group Services and System Aspects; System Improvements for Machine-Type Communications (Rel 11), 3GPP TR 23.888 V11.0.0, Sep. 2012.
top related