UMTS being such a massive cellular network and that too wireless, security in UMTS becomes an important aspect. There can be some kind of attack by intruders which may bring down the entire network. One can jam channels which may result deny access for legitimate users. An unwanted and unauthorized user access the network and use services for free. An attacker may eavesdrop and intercept confidential calls results into leaking of confidential information and he may change the contents of data.
1. User Identity Confidentiality
2. Authentication
3. Integrity Protection
4. Ciphering
1. User Identity Confidentiality
The UMTS network does not disclose the identity of the subscriber and for the same network allocates temporary identifier TMSI or P-TMSI to UEs. TMSI (Temporary Mobile Subscriber Identity) applies to CS domain and P-TMSI to PS domain.
TMSI is unique within location area (LA) and hence to make the identifier unique globally, TMSI is used in combination with LAI. Similary, P-TMSI is unique within routing area (RA) and hence to make it unique globally P-TMSI is used in combination with RAI.
2. Authentication
In UMTS, authentication is bi-directional i.e. here UE authenticates network and network authenticates UE.
It is based on secret key known to both network and UE.
The home network on the request generates security information known as Authentication Vectors (AVs) and supplies to the serving network. Next, the serving network select one of the AV and sends two of the elements of the selected AV, RAND (a random number) and AUTN (authentication token) to the UE. UE checks that AUTN is valid and a counter within the AUTN is in the correct range and this way authenticates the network. UE then computes a RES (response) using an algorithm within the USIM. UE sends this RES to the CN and CN compared this with the XRES (expected response) received from home network. If both same, UE is successfully authenticated.
3. Integrity Protection
Integrity protection is applied to access stratum messages to detect whether the messages have been corrupted or not. With this procedure the integrity of the message is maintained. In this, with the help of certain inputs and an algorithm, MAC-I is calculated and attached with the message. The receiver calculate the expected MAC-I and compare both MAC-I. If the received MAC-I is same as calculated MAC-I, received message is not modified.
All RRC message are integrity protected except few which are listed below:
RRC CONNECTION REQUEST
RRC CONNECTION SETUP
RRC CONNECTION COMPLETE
RRC CONNECTION REJECT
RRC CONNECTION RELEASE
PAGING TYPE1
PUSCH CAPACITY REQUEST
HANDOVER TO UTRAN COMPLETE
PHYSICAL SHARED CHANNEL ALLOCATION
SYSTEM INFORMATION
SYSTEM INFORMATION CHANGE INDICATION
IK = Integrity key(128 bits)
COUNT-I = RRC HFN(28 bits) + RRC Sequence Number(4 bits)
FRESH = A 32 bits network generated random value
DIRECTION = the direction of the message either uplink or downlink
MESSAGE = message to be integrity protected
4. Ciphering
Ciphering used to provide data confidentiality so that an attacker (man in the middle) could not read the message. Ciphering is done either at RLC or MAC. For TM RLC, it is done at MAC and for the rest, it is done at RLC.
CK = Ciphering key(128 bits)
COUNT-C = 32 bits counter. It can take any of one of the three based on RLC mode.
For TM: COUNT-C = MAC-D HFN(25 bits) + CFN(7 bits)
For UM: COUNT-C = RLC HFN(25 bits) + SN(7 bits)
For AM: COUNT-C = RLC HFN(20bits) + SN(12 bits)
BEARER = RB identifier(4 bits)
LENGTH = length of the required key-stream (16 bits)
DIRECTION = whether its uplink or downlink for the message to be ciphered (1 bit - 0 for uplink and 1 for downlink)
>>The 20 MSB of both counter is initialized to a value called START. START values defined individually both for CS and PS domain and these are stored in USIM. UE first share this to network in the RRC CONNECTION SETUP COMPLETE message.
>>For the SRBs, the START value of latest configured CN domain is applicable.
1. User Identity Confidentiality
The UMTS network does not disclose the identity of the subscriber and for the same network allocates temporary identifier TMSI or P-TMSI to UEs. TMSI (Temporary Mobile Subscriber Identity) applies to CS domain and P-TMSI to PS domain.
TMSI is unique within location area (LA) and hence to make the identifier unique globally, TMSI is used in combination with LAI. Similary, P-TMSI is unique within routing area (RA) and hence to make it unique globally P-TMSI is used in combination with RAI.
2. Authentication
In UMTS, authentication is bi-directional i.e. here UE authenticates network and network authenticates UE.
It is based on secret key known to both network and UE.
The home network on the request generates security information known as Authentication Vectors (AVs) and supplies to the serving network. Next, the serving network select one of the AV and sends two of the elements of the selected AV, RAND (a random number) and AUTN (authentication token) to the UE. UE checks that AUTN is valid and a counter within the AUTN is in the correct range and this way authenticates the network. UE then computes a RES (response) using an algorithm within the USIM. UE sends this RES to the CN and CN compared this with the XRES (expected response) received from home network. If both same, UE is successfully authenticated.
3. Integrity Protection
Integrity protection is applied to access stratum messages to detect whether the messages have been corrupted or not. With this procedure the integrity of the message is maintained. In this, with the help of certain inputs and an algorithm, MAC-I is calculated and attached with the message. The receiver calculate the expected MAC-I and compare both MAC-I. If the received MAC-I is same as calculated MAC-I, received message is not modified.
All RRC message are integrity protected except few which are listed below:
RRC CONNECTION REQUEST
RRC CONNECTION SETUP
RRC CONNECTION COMPLETE
RRC CONNECTION REJECT
RRC CONNECTION RELEASE
PAGING TYPE1
PUSCH CAPACITY REQUEST
HANDOVER TO UTRAN COMPLETE
PHYSICAL SHARED CHANNEL ALLOCATION
SYSTEM INFORMATION
SYSTEM INFORMATION CHANGE INDICATION
IK = Integrity key(128 bits)
COUNT-I = RRC HFN(28 bits) + RRC Sequence Number(4 bits)
FRESH = A 32 bits network generated random value
DIRECTION = the direction of the message either uplink or downlink
MESSAGE = message to be integrity protected
4. Ciphering
Ciphering used to provide data confidentiality so that an attacker (man in the middle) could not read the message. Ciphering is done either at RLC or MAC. For TM RLC, it is done at MAC and for the rest, it is done at RLC.
COUNT-C = 32 bits counter. It can take any of one of the three based on RLC mode.
For TM: COUNT-C = MAC-D HFN(25 bits) + CFN(7 bits)
For UM: COUNT-C = RLC HFN(25 bits) + SN(7 bits)
For AM: COUNT-C = RLC HFN(20bits) + SN(12 bits)
BEARER = RB identifier(4 bits)
LENGTH = length of the required key-stream (16 bits)
DIRECTION = whether its uplink or downlink for the message to be ciphered (1 bit - 0 for uplink and 1 for downlink)
>>The 20 MSB of both counter is initialized to a value called START. START values defined individually both for CS and PS domain and these are stored in USIM. UE first share this to network in the RRC CONNECTION SETUP COMPLETE message.
>>For the SRBs, the START value of latest configured CN domain is applicable.