Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dec. 20033GPP2 TSG-X PDS 1 BCMCS Higher-Layer Encryption Raymond Hsu, Jun Wang Qualcomm Inc. Dec. 2003 Notice QUALCOMM Incorporated grants a free, irrevocable.

Published byGinger Burns Modified over 8 years ago

Similar presentations

Presentation on theme: "Dec. 20033GPP2 TSG-X PDS 1 BCMCS Higher-Layer Encryption Raymond Hsu, Jun Wang Qualcomm Inc. Dec. 2003 Notice QUALCOMM Incorporated grants a free, irrevocable."— Presentation transcript:

1 Dec. 20033GPP2 TSG-X PDS 1 BCMCS Higher-Layer Encryption Raymond Hsu, Jun Wang Qualcomm Inc. Dec. 2003 Notice QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include portions of the contribution; and at the Organization Partner’s sole discretion to permit others to reproduce in whole or in part such contributions or the resulting Organizational Partner’s standards publication. QUALCOMM Incorporated is also willing to grant licenses under such contributor copyrights to third parties on reasonable, non-discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution. This document has been prepared by QUALCOMM Incorporated to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on QUALCOMM Incorporated. QUALCOMM Incorporated specifically reserves the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of QUALCOMM Incorporated other than provided in the copyright statement above.

2 Dec. 20033GPP2 TSG-X PDS 2 Outline BCMCS higher-layer encryption methods –End-to-end IPSec –Last-hop IPSec –Secure RTP (SRTP) Recommendation Annex – Some SRTP detail for BCMCS

3 Dec. 20033GPP2 TSG-X PDS 3 End-to-End IPSec CS generates SK from BAK and Security Parameter Index (SPI). CS uses SK to encrypt the ESP payload & trailer. –ESP transport mode is used. –ESP authentication feature is not used. If MS doesn’t have the SK associated with the received SPI, the MS generates the SK from BAK and the received SPI. Concerns: –Some companies have concerns of using SPI as a parameter to generate SK. –Transport overhead concern (see next page).

4 Dec. 20033GPP2 TSG-X PDS 4 Transport & IPSec Overhead The total overhead per packet ranges from 66 to 81 bytes with the average of 74 bytes. Blue header fields are encrypted and cannot be compressed. IV cannot be compressed because it changes randomly for every packet. If ROHC’s ESP/IP profile is used, red header fields can be compressed from 28 to about 2 bytes. This reduces the average overhead per packet to 48 bytes.

5 Dec. 20033GPP2 TSG-X PDS 5 Last-Hop IPSec PDSN receives from CS the BCMCS content in clear-text or protected by a CS-PDSN IPSec tunnel. PDSN uses SK to encrypt the BCMCS content. Issues & concerns: –Does PDSN generate SK? How? –How the SK is distributed to MS? –Transport overhead concern

6 Dec. 20033GPP2 TSG-X PDS 6 SRTP SRTP provides a framework for encryption and message authentication of RTP and RTCP streams. –For BCMCS, we can leverage the RTP encryption aspect of SRTP to protect BCMCS content from CS to MS. SRTP provides key hierarchy. –SRTP master key corresponds to the BCMCS BAK. –SRTP session key corresponds to the BCMCS SK. Total overhead per packet is 41 bytes (see next page). –RTP/UDP/IP header is 40 bytes. –MKI is optional and is minimum 1 byte. »If the SRTP master key is BAK, then MKI is BAK_ID. SRTP has better transport efficiency than IPSec –If ROHC’s RTP profile is used, the RTP/UDP/IP header can be compressed to about 2 bytes. –This reduces the total overhead to 3 bytes per packet. SRTP is in the RFC-editor queue since 2003/11/18. –draft-ietf-avt-srtp-09.txt

7 Dec. 20033GPP2 TSG-X PDS 7 SRTP Packet Format 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |V=2|P|X| CC |M| PT | sequence number | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | timestamp | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | synchronization source (SSRC) identifier | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | payload... | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ~ SRTP MKI (OPTIONAL) ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ The RTP payload (in red) is encrypted.

8 Dec. 20033GPP2 TSG-X PDS 8 Recommendation If BCMCS higher-layer encryption is desired, we recommend using SRTP. We can request for expedited processing to get an RFC number for SRTP before the BCMCS spec deadline.

9 Dec. 20033GPP2 TSG-X PDS 9 Annex – Some SRTP Detail for BCMCS

10 Dec. 20033GPP2 TSG-X PDS 10 SRTP Initialization CS is configured with the SRTP parameters for a particular BCMCS content. MS obtains the SRTP parameters from BCMCS Controller during Information Acquisition. SRTP parameters: –Master key (e.g., BAK), –Master salt (may be a public value), –Master Key Index (MKI), –Hashing algorithm for key derivation, –Key derivation rate, –encryption algorithm, –Initial RTP sequence number, –etc.

11 Dec. 20033GPP2 TSG-X PDS 11 SRTP Session Keys Generation Session Encryption Key (Required) –Used in generating a keystream to encrypt the RTP payload. –Default encryption algorithm is AES in Counter Mode (AES-CM). –Default key length is 128 bits. –This corresponds to the BCMCS SK Session Salt Key (Required) –Used in generating an Initialization Vector (IV) for encryption. –Default key length is 112 bits. Session Authentication Key is not required for BCMCS.

12 Dec. 20033GPP2 TSG-X PDS 12 SRTP Session Keys Generation Session keys are generated from the master key, master salt, packet index, and key label. –Master key is the BAK. –Packet index = 2 16 * ROC + SEQ »SEQ is the RTP sequence number (2 bytes) of the packet where the session keys need to be refreshed according to the key derivation rate. »ROC is the roll-over-counter that tracks the number of time SEQ rolls over from the start of an RTP session. –Key label is a 1-byte constant value identifying the session key type. –Default key derivation algorithm is AES-CM. Initial session keys are derived using the initial packet index value computed with –ROC = 0, and –SEQ = Initial RTP sequence number. Session keys are refreshed according to the key derivation rate.

Download ppt "Dec. 20033GPP2 TSG-X PDS 1 BCMCS Higher-Layer Encryption Raymond Hsu, Jun Wang Qualcomm Inc. Dec. 2003 Notice QUALCOMM Incorporated grants a free, irrevocable."

Similar presentations

WLAN IW Enhancement for IMS Support

WLAN IW Enhancement for IMS Support
Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu Qualcomm Inc. Notice: QUALCOMM Incorporated grants a free, irrevocable license.

Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu Qualcomm Inc. Notice: QUALCOMM Incorporated grants a free, irrevocable license.
Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu, Qualcomm Inc., Sanket S. Nesargi, Nortel, Nanying Yin,

Mobile IPv4 FA CoA Support in WLAN Interworking Raymond Hsu, Qualcomm Inc., Sanket S. Nesargi, Nortel, Nanying Yin,
Dynamic HA Assignment for MIPv4 in WLAN Interworking Raymond Hsu, Qualcomm Inc., Wing C. Lau, Qualcomm Inc., Notice:

Dynamic HA Assignment for MIPv4 in WLAN Interworking Raymond Hsu, Qualcomm Inc., Wing C. Lau, Qualcomm Inc., Notice:
Www.huawei.com MIP6-HA-Local-Assignment-Capability indication to MS Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners.

MIP6-HA-Local-Assignment-Capability indication to MS Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners.
IP Connectivity for E911 in HRPD/PDS Networks Page 1 IP Connectivity for Emergency Calls in HRPD/PDS Networks 3GPP2 Meeting, 1/07 IP Connectivity for Emergency.

IP Connectivity for E911 in HRPD/PDS Networks Page 1 IP Connectivity for Emergency Calls in HRPD/PDS Networks 3GPP2 Meeting, 1/07 IP Connectivity for Emergency.
XHRPD Example Scenario for MSS Masa Shirota Qualcomm Inc. July 15, 2014 3GPP2 Dalian Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants a.

XHRPD Example Scenario for MSS Masa Shirota Qualcomm Inc. July 15, GPP2 Dalian Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants a.
3GPP2 A30-20110907-008r0 3GPP2 C20-20110926-xxxr0 TSG-A WG3 and TSG-C WG2 Title: HRPD Redirect on EPC Unavailable Source: Mike DolanAlcatel-Lucent Dave.

3GPP2 A r0 3GPP2 C xxxr0 TSG-A WG3 and TSG-C WG2 Title: HRPD Redirect on EPC Unavailable Source: Mike DolanAlcatel-Lucent Dave.
HRPD Femto Local IP Access: Overview Peerapol Tinnakornsrisuphap Qualcomm October 27 th, 2008 3GPP2 Seoul,

HRPD Femto Local IP Access: Overview Peerapol Tinnakornsrisuphap Qualcomm October 27 th, GPP2 Seoul,
1 IP Service Authorization Support and Mobility Selection for X.S0011-E Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,

1 IP Service Authorization Support and Mobility Selection for X.S0011-E Source: QUALCOMM Inc.: Masa Shirota, George Cherian, Jun Wang,
1 UATI-IP address mapping Peerapol Tinnakornsrisuphap David Ott Qualcomm.

1 UATI-IP address mapping Peerapol Tinnakornsrisuphap David Ott Qualcomm.
1 Title: Need for the Message Integrity of User traffic Abstract: From both: competitive and security standpoints, UMB standard should add the option of.

1 Title: Need for the Message Integrity of User traffic Abstract: From both: competitive and security standpoints, UMB standard should add the option of.
1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.

1 May 14, 2007 Zhibi Wang, Simon Mizikovsky – Alcatel-Lucent Vidya Narayanan, Anand Palanigounder – QUALCOMM ABSTRACT: Access authentication architecture.
Air-Interface Application Layer Security: A follow up to C20-2006-327-011 Source: Lucent Technologies, Inc. S.Patel, G.Sundaram, R.Rance, S.Mizikovsky,

Air-Interface Application Layer Security: A follow up to C Source: Lucent Technologies, Inc. S.Patel, G.Sundaram, R.Rance, S.Mizikovsky,
1 cdma2000® Data Service Transition to NULL Support Jun Wang Ravi Patwardhan June 5, 2003 Recommendation -

1 cdma2000® Data Service Transition to NULL Support Jun Wang Ravi Patwardhan June 5, 2003 Recommendation -
Broadcast Area Based Management for BCMCS Quanzhong Gao Weidong Wu 04/05/2005.

Broadcast Area Based Management for BCMCS Quanzhong Gao Weidong Wu 04/05/2005.
Security Framework for (e)HRPD 1 S40-20100621-005 3GPP2 TSG-S WG4 Source: QUALCOMM Incorporated Contact(s): Anand Palanigounder

Security Framework for (e)HRPD 1 S GPP2 TSG-S WG4 Source: QUALCOMM Incorporated Contact(s): Anand Palanigounder
1 IPsec-based MIP6 Security Qualcomm Inc. Starent Inc. Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

1 IPsec-based MIP6 Security Qualcomm Inc. Starent Inc. Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.
Enhanced xHRPD Overview Masa Shirota and Jun Wang Qualcomm Inc. March 18, 2014 3GPP2 Kyoto Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants.

Enhanced xHRPD Overview Masa Shirota and Jun Wang Qualcomm Inc. March 18, GPP2 Kyoto Meeting Recommendation: FYI Notice QUALCOMM Incorporated grants.
IP Packet Tunneling and Routing in UMB March 26 th, 2007 Qualcomm/Alcatel-Lucent/Hitachi Notice Contributors grant a free, irrevocable license to 3GPP2.

IP Packet Tunneling and Routing in UMB March 26 th, 2007 Qualcomm/Alcatel-Lucent/Hitachi Notice Contributors grant a free, irrevocable license to 3GPP2.

Similar presentations

Ads by Google