`
`3GPP TSG SA WG3 (Security) Meeting #88Bis
`09 – 13 October, 2017, Singapore
`
`Source:
`Title:
`Document for:
`Agenda Item:
`
`Ericsson
`Discussion on protection of Network Steering Information
`Approval
`4.2.15 Others
`
`
`
`S3-172482
`
`revision of S3-17xabc
`
`Decision/action requested
`1
`SA3 received an LS from SA2 in S3-171733/S2-175286 requesting SA3 to consider the requirements in the LS for
`finding a security solution which securs the Network Steering Information from the HPLMN to the UE.
`
`2
`[1]
`
`[2]
`
`[3]
`
`[4]
`172866)
`
`3
`
`
`
`References
` S3-171733/S2-175286: LS on PLMN and RAT selection policies for roaming
`
` S3-172034: Securing the Network Steering Information (discussion paper from Samsung in SA3#88)
`
`S3-17xxxx/S1-173478: LS on PLMN and RAT selection policies for roaming
`
`S3-17xxxx/C1-173751: Reply LS to LS on PLMN and RAT selection policies for roaming (S2-175286/C1-
`
`Rationale
`
`3.1 S3-171733/S2-175286: LS on PLMN and RAT selection policies
`for roaming
`An LS from SA2 was received in SA3 #88 in [1]. The LS from SA2 in [1] states that there is a need to define a
`standardized way to allow a given HPLMN to provide its roaming UEs with information about preferred networks and
`RAT depending on the UE current location.
`
`SA2 did submit for consideration the following requirements in [1]:
`
`- a control plane solution is used from the HPLMN to the UE.
`
`- VPLMN is able to relay this information to the UE.
`
`- VPLMN shall not be able to alter the information sent by the HPLMN; i.e. UE needs to be able to check the
`integrity of the information provided to it.
`
`- UE shall be able to detect if VPLMN alter or remove those information and act accordingly.
`
`SA1 replied in S1-173478 [3] with references to corresponding service requirements in TS 22.261 (subclauses 5.1.2.1
`and 6.19), and TS 22.011 (subclause 3.2.2.8). SA1 requiremements seem to stress that the HPLMN needs to be able to
`steer or redirect the UE for a specific VPLMN at any time.
`
`CT1 indicated in C1-173751 that CT1 is responsible for the stage 2 specification (TS 23.122), and asks SA3 to
`investigate end-to-end security solution based on requirements in [1] before CT1 specifies any solution to the
`requirements.
`
`3.2 S3-172034: Securing the Network Steering Information
`In addition another paper in [2] was submitted to SA3 #88 on this topic.
`
`APPLE 1014
`
`1
`
`
`
`
`
`
`
`Two different alternatives were discussed in [2]. The two potential security credentials to be considered to secure the
`information from the AUSF (in the HPLMN) to the UE were:
`1. Using HN asymmetric key
`
`2. Using an anchor key resulted from primary authentication.
`
`In the conclusion in [2], the second alternative - Using an anchor key resulted from primary authentication – was
`preferred.
`
`As all operators may not support a HN asymmetric key, using an anchor key resulted from primary authentication,
`seems like the most promising solution.
`
`Detailed proposal
`4
`The following solution is using a key (i.e. configuration key) derived from Kausf resulted from primary authentication
`to secure the Network Steering Information (preferred PLMN and RAT list) from the HPLMN to the UE. The AUSF in
`HPLMN calculates a message authentication code over the Network Steering Information using this configuration key.
`In this proposal, we don't consider encryption even though we acknowledge that it may be required. Confidentiality
`protection requirements should be clarified.
`
`Some additional potential parameters to consider as well could be:
`
`- Configuration key identifier:
`o This identifier could tie the configuration key to the Kausf from which is has been derived. It could
`for example be the RAND;
`
`- Integrity protection algorithm identifier:
`o
`
`If the integrity algorithm is not identified separately, it could be the well-known KDF function
`typically used in 3GPP networks, i.e. HMAC-SHA-256 (cf. 3GPP TS 33.401 Annex A, and TGPP
`TS 33.220 Annex B);
`
`- Counter:
`o
`
`If the same configuration key needs to be used to calculate more than one MAC, then an additional
`counter is preferred as a parameter for detecting replay protection in the UE.
`
`
`Figure 4-1 demonstrates an example of the UE Registration procedure when the AUSF in home network performs
`the integrity protection of the Network Steering Information and includes the security protected Network Steering
`Information over N12 interface to the AMF/SEAF in VPLMN. The AMF/SEAF sends the protected Network
`Steering Information to the UE in a NAS message (e.g. Registration Accept message). Note that the example is an
`optimization, and the HPLMN needs to be able to send the Network Steering Information at any time to the UE, i.e.
`not only during Registration procedure.
`
`2
`
`
`
`
`
`
`
`UE
`
`AMF/
`SEAF
`
`1. Registration & authentication
`
`AUSF
`
`UDM
`
`2. Kausf generated
`
`2. Kausf generated
`
`3. Network Steering Information
`
`4. Kconf derived from
`Kausf. MAC-1 calculation
`
`5. Network Steering Information,
`MAC-1
`
`6. Network Steering Information, MAC-1
`
`7. Kconf derived from Kausf.
`MAC-1 verification,
`MAC-2 calculation
`
`8. Network Steering ACK, MAC-2
`
`10. MAC-2 verification
`
`
`Figure 4-1: Signalling flow showing provisioning of the Network Steering Information from home PLMN to UE
`
`1. The UE registers to the VPLMN, and is authenticated by AUSF.
`
`2. UE and AUSF generate Kausf.
`
`3. A node in the HPLMN (e.g. UDM) sends the Network Steering Information to AUSF. This example assumes that
`AUSF protects the Network Steering Information, however, it could be some other node, e.g. Policy Control
`Function.
`
`4. AUSF derives the configuration key (Kconf) from the home network root key (Kausf), and calculates the Message
`Authentication Code (MAC-1) over Network Steering Information.
`
`5. AUSF forwards the protected Network Steering Information to AMF/SEAF.
`
`6.AMF/SEAF forwards the protected Network Steering Information to the UE. This message could be confidentiality
`protected over the air with NAS security. Depending on the final architecture, the Network Steering Information
`could be piggybacked e.g. in Registration Accept message.
`
`7.The UE derives the configuration key (Kconf) from the home network root key (Kausf), and verifies the MAC-1.
`Depending on the final protocol design, UE may send an acknowledgement message (“Network Steering ACK”) to
`the HPLMN, and protect that information with the MAC-2.
`
`8. The UE sends the protected ACK message to the AMF/SEAF.
`
`9.The AMF/SEAF forwards the protected ACK to the AUSF.
`
`10. AUSF verifies the MAC-2 in the protected Network Steering ACK message.
`
`11. AUSF forwards the ACK to the original source of the Network Steering Information.
`
`Figure 4-2 demonstrates the case when a node other than AUSF (e.g. the Policy Control Function, PCF) is in charge of
`delivering the Network Steering Information.
`
`3
`
`
`
`
`
`
`
`UE
`
`AMF/
`SEAF
`
`1. Registration & authentication
`
`AUSF
`
`PCF
`
`2. Kausf generated
`
`2. Kausf generated
`
`3. Key request
`
`4. Kconf derived from Kausf.
`
`7. Network Steering Information, MAC-1
`
`6. MAC-1 calculation
`
`8. Kconf derived from Kausf.
`MAC-1 verification,
`MAC-2 calculation
`
`10. MAC-2 verification
`
`
`Figure 4-2: Signalling flow showing provisioning of the Network Steering Information from home PLMN to UE
`
`1. The UE registers to the VPLMN, and is authenticated by AUSF.
`
`2. UE and AUSF generate Kausf.
`
`3. A node in the HPLMN (e.g. PCF) sends a key request to AUSF. This example assumes that AUSF only derives
`further keys from the home network root key (Kausf), and acts as an key management server, and distributes such
`keys in HPLMN.
`
`4. AUSF derives the configuration key (Kconf) from the home network root key (Kausf).
`
`5. AUSF sends the Key response with the configuration key (Kconf) to the PCF.
`
`6. The PCF constructs the Network Steering Information, and protects it with MAC-1.
`
`7. The PCF sends the protected Network Steering Information to the UE. There may be intermediate nodes between
`the PCF and the UE.
`
`8.The UE derives the configuration key (Kconf) from the home network root key (Kausf), and verifies the MAC -1.
`Depending on the final protocol design, UE may send an acknowledgement message (“Network Steering ACK”) to
`the PCF, and protect that information with the MAC-2.
`
`9. The UE sends the protected ACK message to the PCF. There may be intermediate nodes between the node and the
`UE.
`
`10. The PCF verifies the MAC-2 in the protected Network Steering ACK message.
`
`The requirement of the UE detecting the removal of Network Steering Information by the VPLMN is very difficult to
`solve. This would require that the UE is able to expect such message to arrive, and AUSF would need to send the
`message (with the MAC) even when nothing needs to be configured. This is not efficient, and would not guarantee the
`delivery at any time but only when the UE expects them to arrive. Instead, we would propose the use of the
`acknowledge message back to the HPLMN, so that at least HPLMN is able to detect the failure of delivery.
`
`4
`
`
`
`
`
`
`
`Detailed proposal
`4
`It is proposed to send an LS back to SA2 and CT1, and report the following.
`- SA3 has agreed that if end-to-end solution is required, a node in the HPLMN (e.g. AUSF or PCF) could send an
`integrity protected Network Steering Information to the UE. The solution would be based on the Kausf,
`direved from the primary authentication. This key would be known only by the UE and the HPLMN.
`
`- The solution could be enhanced with end-to-end encryption if SA2 has a requirement of hiding the Network
`Steering Information from the VPLMN. Confidentiality protection over the air interface can be achieved by
`NAS security. However, the usage of any form of confidentiality protection may be subject to regional or
`national regulatory policies.
`
`- SA3 has not found satisfactory solution for the requirement of UE detecting the removal of Network Steering
`Information by the VPLMN. Instead, SA3 would propose the usage of acknowledge message back to the
`HPLMN so that at least HPLMN knows if the UE received the information. The acknowledge information
`would need to be integrity protected by the UE.
`
`
`
`
`
`5
`
`
Accessing this document will incur an additional charge of $.
After purchase, you can access this document again without charge.
Accept $ Charge
Still Working On It
This document is taking longer than usual to download. This can happen if we need to contact the court directly to obtain the document and their servers are running slowly.
Give it another minute or two to complete, and then try the refresh button.
A few More Minutes ... Still Working
It can take up to 5 minutes for us to download a document if the court servers are running slowly.
Thank you for your continued patience.
This document could not be displayed.
We could not find this document within its docket. Please go back to the docket page and check the link. If that does not work, go back to the docket and refresh it to pull the newest information.
Your account does not support viewing this document.
You need a Paid Account to view this document. Click here to change your account type.
Your account does not support viewing this document.
Set your membership
status to view this document.
With a Docket Alarm membership, you'll
get a whole lot more, including:
- Up-to-date information for this case.
- Email alerts whenever there is an update.
- Full text search for other cases.
- Get email alerts whenever a new case matches your search.
One Moment Please
The filing “” is large (MB) and is being downloaded.
Please refresh this page in a few minutes to see if the filing has been downloaded. The filing will also be emailed to you when the download completes.
Your document is on its way!
If you do not receive the document in five minutes, contact support at support@docketalarm.com.
Sealed Document
We are unable to display this document, it may be under a court ordered seal.
If you have proper credentials to access the file, you may proceed directly to the court's system using your government issued username and password.
Access Government Site
