Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.

Slides:

Advertisements

Similar presentations

Secure Mobile IP Communication

Advertisements

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Mobile IP. 2 N+I_2k © 2000, Peter Tomsu 02_mobile_ip Evolution of Data Services Mobile IP GSM GPRS CDMA Other Cellular Circuit Switched Data Today Packet.

Mobile and Wireless Computing Institute for Computer Science, University of Freiburg Western Australian Interactive Virtual Environments Centre (IVEC)

URP Usage Scenarios for NAS Yoshihiro Ohba August 2001 Toshiba America Research, Inc.

1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.

H ELSINKI U NIVERSITY OF T ECHNOLOGY AAA Architecture for hierarchical wireless Mobile IPv4 Tom Weckström Telecommunications Software and Multimedia Laboratory.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

UMA (Unlicensed Mobile Access) El Ayoubi Ahmed Hjiaj Karim.

A Seamless Handoff Approach of Mobile IP Protocol for Mobile Wireless Data Network. 資研一黃明祥.

SC-AllIP A- PathsTwdsAllIP_A Ericsson1 All-IP Evolution Paths Towards an All-IP network Ericsson.

Wireless, Mobile Networks – Mobility. Wireless, Mobile Networks6-2 Mobility: Vocabulary home network: permanent “home” of mobile (e.g., /24)

IPv4 and IPv6 Mobility Support Using MPLS and MP-BGP draft-berzin-malis-mpls-mobility-00 Oleg Berzin, Andy Malis {oleg.berzin,

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

All IP Network Architecture 2001 년 12 월 5 일 통신공학연구실 석사 4 차 유성균

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

Cellular IP: Proxy Service Reference: “Incorporating proxy services into wide area cellular IP networks”; Zhimei Jiang; Li Fung Chang; Kim, B.J.J.; Leung,

Omniran OmniRAN Wi-Fi Hotspot Roaming Use Case Date: Authors: NameAffiliationPhone Max RiegelNSN

Mobile IP Performance Issues in Practice. Introduction What is Mobile IP? –Mobile IP is a technology that allows a "mobile node" (MN) to change its point.

Slide 1, Dr. Wolfgang Böhm, Mobile Internet, © Siemens AG 2001 Dr. Wolfgang Böhm Siemens AG, Mobile Internet Dr. Wolfgang.

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

1 Chapter06 Mobile IP. 2 Outline What is the problem at the routing layer when Internet hosts move?! Can the problem be solved? What is the standard solution?

Host Mobility for IP Networks CSCI 6704 Group Presentation presented by Ye Liang, ChongZhi Wang, XueHai Wang March 13, 2004.

1 CIS 6930: Mobile Computing Mobile IP Sumi Helal Credit: majority of slides borrowed from one of Dave Johnson’s talks, 3.

1 Mohamed M Khalil Mobile IPv4 & Mobile IPv6. 2 Mohamed M Khalil Mobile IP- Why ? IP based Network Sub-network A Sub-network B Mobile workforce carry.

THE IP MOBILITY APPROACH 발표자 : 이진우. Tables 1. Introduction 2. Domain Based Micro Mobility Supporting Protocols 2.1 Cellular IP Network Architecture,

An Integrated QoS, Security and Mobility Framework for Delivering Ubiquitous Services Across All IP-based Networks Haitham Cruickshank University of Surrey.

1 © 1999, Cisco Systems, Inc. AAA/Mobile IP For 3G CDMA Systems Gopal Dommety and Allen Long.

CELLULAR DATA NETWORKS Mr. Husnain Sherazi Lecture 5.

1 IPsec-based MIP6 Security Qualcomm Inc. Starent Inc. Notice: Contributors grant free, irrevocable license to 3GPP2 and its Organization Partners to incorporate.

Module 9: Designing Network Access Protection. Scenarios for Implementing NAP Verifying the health of: Roaming laptops Desktop computers Visiting laptops.

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

1 Notice Contributors grant a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained.

Identities and Network Access Identifier in M2M Page 1 © GPP2 3GPP2 and its Organizational Partners claim copyright in this document and individual.

1 cdma2000 Packet Data Security Assessment Christopher Carroll Verizon Wireless April 11, 2001.

WLAN-GPRS INTEGRATION FOR NEXT-GENERATION MOBILE DATA NETWORKS 通訊工程所蔡名岳

July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...

1 Presentation_ID © 1999, Cisco Systems, Inc. Cisco All-IP Mobile Wireless Network Reference Model Presentation_ID.

EAP Authentication for SIP & HTTP V. Torvinen (Ericsson), J. Arkko (Ericsson), A. Niemi (Nokia),

AAA and Mobile IPv6 Franck Le AAA WG - IETF55. Why Diameter support for Mobile IPv6? Mobile IPv6 is a routing protocol and does not deal with issues related.

3GPP2 Vision: System Release 6 & 7 Jane Brownley Chair, Vision Ad Hoc 1.

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

All-IP Access Network Issues 1 TSG-A/3GPP2 All IP Access Network Issues -- TSG-A View -- February

Introduction to Mobile IPv6

MOBILITY Beyond Third Generation Cellular Feb

Spring 2004 Mobile IP School of Electronics and Information Kyung Hee University Choong Seon HONG

Security Mechanisms for Delivering Ubiquitous Services in Next Generation Mobile Networks Haitham Cruickshank University of Surrey workshop on Ubiquitous.

3GPP2 Charging Betsy Kidwell Chair, 3GPP2 TSG-X Lucent Technologies OMA-MCC Bangkok, Thailand June 2004.

Santhosh Rajathayalan ( ) Senthil Kumar Sevugan ( )

1 HRPD Roamer Authentication Zhibi Wang, Sarvar Patel, Simon Mizikovsky, Nancy Lee.

Ασύρματες και Κινητές Επικοινωνίες Ενότητα # 10: Mobile Network Layer: Mobile IP Διδάσκων: Βασίλειος Σύρης Τμήμα: Πληροφορικής.

Doc.: IEEE /345r0 Submission May 2002 Albert Young, Ralink TechnologySlide 1 Enabling Seamless Hand-Off Across Wireless Networks Albert Young.

Mobile IPv6 with IKEv2 and revised IPsec architecture IETF 61

September 28, 2006 Page 1 3GPP2 MMD Status for IMS Workshop Jack Nasielski

Draft-ietf-aaa-diameter-mip-15.txt Tom Hiller et al Presented by Pete McCann.

Mobile IP 순천향대학교 전산학과 문종식

1 SAMSUNG BCMCS Security Architecture and Key Management JUNHYUK SONG SAMSUNG Incorporated grants a free, irrevocable license to 3GPP2 and its Organization.

Mobile IP THE 12 TH MEETING. Mobile IP  Incorporation of mobile users in the network.  Cellular system (e.g., GSM) started with mobility in mind. 

MIPv4-Diameter Update Tom Hiller Lucent Technologies.

1 BCMCS Framework TSG-X BCMCS Adhoc August 20, 2003.

Introduction Wireless devices offering IP connectivity

Mobile Networking (I) CS 395T - Mobile Computing and Wireless Networks

2002 IPv6 技術巡迴研討會 IPv6 Mobility

Pat R. Calhoun Sun Microsystems, Inc.

Application Layer Mobility Management Scheme for Wireless Internet

Mobile IP Outline Homework #4 Solutions Intro to mobile IP Operation

Mobile IP Outline Intro to mobile IP Operation Problems with mobility.

Presentation transcript:

Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.

Introduction This presentation will detail some of the current cellular architectures, and their security requirements and designs. I will also provide some insight on the current security model being considered in 3GPP2/TIA architectures.

Sun Microsystems, Inc. Introduction – SDO’s The information that I will present come from three different cellular standards (or standards setting) groups: –Telecommunications Industry Association (TIA). –3 rd Generation Partnership Project Number 2 (3GPP 2). –Mobile Wireless Internet Forum (WMIF).

Sun Microsystems, Inc. Introduction – SDO’s The TIA and 3GPP2 architecture and requirements stated in this presentation apply to CDMA networks only. MWIF is a group that is attempting to define a consistent architecture for both 3GPP2 (CDMA) and 3GPP (GSM) networks. MWIF is not an SDO.

Sun Microsystems, Inc. Disclaimer The ramblings found in this presentation are my own interpretation of the work in progress. I am not representing the SDOs. Note that in some cases, the presenter does not necessarily agree with the design decisions (please, don’t shoot the messenger).

Sun Microsystems, Inc. 3GPP2 – TSG-P The 3 rd Generation Partnership Project 2 (3GPP2) TSG-P Working Group is responsible for creating the data architecture components of the 3 rd generation CDMA network. The WG made a conscious decision to base as much as it could of its architecture on IETF protocols.

Sun Microsystems, Inc. Legacy Mobile IP Trust Model Mobile IP, as defined in RFC 2002, requires that a Mobile Node share a static security association (SA) with its Home Agent. The protocol also allows the Mobile Node to share an SA with Foreign Agents, which in turn can share SAs with Home Agents

Sun Microsystems, Inc. Mobile IP Trust Model

Sun Microsystems, Inc. Mobile IP Trust Model When all three entities use authentication, a N x N number of security associations is required. This problem becomes much more important in inter-domain mobility scenarios. In 3G networks, the optional Mobile IP authentication extensions (MN-FA, FA-HA) are used.

Sun Microsystems, Inc. Interim Security Solution Due to the fact that AAA standards aren’t available today, TSG-P’s interim solution involves RADIUS. When a Mobile Node is authentication, the RADIUS server includes a long-lived key to be used with the Foreign Agent to authentication messages with the Home Agent.

Sun Microsystems, Inc. Interim Security Solution 1 The Foreign Agent uses the long lived key to secure messages with the Home Agent. This means that any Foreign Agent on the ‘net that has a valid (authenticated) Mobile Node will get access to the long lived key!! There is no authentication between the Mobile Node and the Foreign Agent. 1 of lack thereof

Sun Microsystems, Inc. Interim Security Solution The interim solution requires that the RADIUS server be contacted for every hand-off, and re-registration, increasing the hand-off latency.

Sun Microsystems, Inc. Legacy Hand-off Performance When all Mobility entities share static security associations, the latency imposed by a hand-off process can be very small. Hand-off performance is very important for the cellular carriers, as they expect to provide a service that is at least equivalent to today’s service.

Sun Microsystems, Inc. Hand-off in TSG-P network

Sun Microsystems, Inc. Triangular Route Mobile IP introduces a triangular route for traffic destined for the Mobile Node. The farther (topologically) the Mobile Node moves away from its Home Agent, the longer the latency in packet delivery.

Sun Microsystems, Inc. TSG-P Hand-off Solution Route Optimization is still considered as a “research topic” by the cellular carriers, so they require a Mobile Node to be assigned a dynamic Home Agent. When the Mobile Node initially registers, a Home Agent that is topologically near the MN is assigned. The farther the MN moves away, the larger the triangular route.

Sun Microsystems, Inc. TSG-P Hand-off Solution The TSG-P architecture document also allows the Mobile Node to have a Home Agent assigned in a visited domain, which is a big departure from RFC2002.

Sun Microsystems, Inc. TSG-P Architecture Source: TSG-P Standards baseline architecture specification. FA

Sun Microsystems, Inc. AAA/Mobile IP Trust Model TSG-P has adopted an architecture where all Mobile Nodes share a security association with their respective Home AAA Servers (AAAH). Furthermore, all Mobility Agents share a security association with their own AAA Server(s).

Sun Microsystems, Inc. Proposed Mobile IP/AAA Trust Model PKI

Sun Microsystems, Inc. AAA/Mobile IP Trust Model As previously noted, TSG-P’s architecture requires the three way SA for Mobile IP message authentication. When successfully authenticated, the AAAH creates three encrypted keysets 1 : –K1: MN-FA keyset –K2: FA-HA keyset –K3: MN-HA keyset 1 May use symmetric or asymmetric cryptography

Sun Microsystems, Inc. AAA/Mobile IP Trust Model When the keysets are distributed, the Mobile IP messages are authenticated using the new keys.

Sun Microsystems, Inc. AAA/Mobile IP Trust Model The keysets have a lifetime, and can be used to authenticate all Mobile IP messages until they expire. The Mobile IP registration normally expires well before the keysets expire, allowing the keys to be re-used. The AAA infrastructure only need to be contacted when the keys expire, or when the Mobile Node enters a new domain.

Sun Microsystems, Inc. Advantages The dynamic Security Association proposal assumes that all mobility entities inherently trust their AAA servers. The registration and key distribution occurs in a single round trip (it is assumed that the AAA servers communicate frequently enough that they already have each other’s validated certificates). The PKI is still used in the network, but mostly where trust is weak, such as in Inter-Domain communication.

Sun Microsystems, Inc. IKE and Mobile IP The question that comes to mind is why aren’t we using IKE to secure Mobile IP messages? if Mobile Node has a static IP address, IKE could be run between the Mobile Node and the Foreign Agent, and between the Foreign Agent and the Home Agent.

Sun Microsystems, Inc. IKE and Mobile IP One problem is that Mobile IP isn’t IKE- compatible (for MN-HA Mobile IP message authentication), since the Mobile IP messages are processed at the application layer by the Foreign Agent.

Sun Microsystems, Inc. IKE Issues The cellular carriers haven’t seriously considered IKE to protect the Mobile IP messages due to the large overhead required in order to setup the IKE Security Association (large number of round trips).

Sun Microsystems, Inc. Route Optimization The real solution is route optimization, but this requires a whole security infrastructure. This could be achieved for cellular devices, but land-line devices would also need to be part of the security infrastructure. Without it, real-time applications in cellular networks is difficult to do.

Sun Microsystems, Inc. Data Privacy Since the Mobile Node is connected to the network, end-to-end security may be used via IP Security or some other security mechanism. Note that the data is protected over the air (just how secure this really is, is subject to a longer discussion).

Sun Microsystems, Inc. Data Privacy One of TSG-P’s main goal is to provide enterprise network access. Ideally, the mobile’s traffic would be secured end-to-end. TSG-P decided to provide a feature that allows the data to be encrypted by the PDSN towards the Home Agent.

Sun Microsystems, Inc. Data Privacy The data is in the clear between the RAN and the PDSN, but it is encrypted over the air 1. This minimizes the per-packet overhead over the air. 1 The author would like to request that any flames be directed to 3GPP2.

Sun Microsystems, Inc. End-to-End Security If one is willing to live with the IP Security per-packet overhead, or use end-to-end TLS, Mobile IP offers some advantages. Since the Mobile’s IP address doesn’t change during a hand-off, the existing IKE Sas (or TLS sessions) can be re-used.

Sun Microsystems, Inc. Header compression and Security Since end-to-end security is desired, doing so eliminates many of the advantages of header compression over the air.

Sun Microsystems, Inc. 3GPP2 All-IP Ad-Hoc 3GPP2 recently formed an ad-hoc committee that is responsible for defining the architecture for an All-IP cellular network. What All-IP is, and where IP resides in the network, is still in question, but many people believe that IP should be moved down to the base station.

Sun Microsystems, Inc. All-IP Architecture The All-IP group is not only concerned with IP- enabled mobiles, but also the legacy voice-only devices. Mobility Management is a big component of the cellular network, and it seems as if Mobile IP may be the right protocol for the job. Mobile IP would be moved as close as possible to the Base Station Controller as possible

Sun Microsystems, Inc. Hand-off in All-IP network Mobile IP is invoked!

Sun Microsystems, Inc. Hand-off in All-IP network In the All-IP network, hand-off that involve Mobile IP are much more frequent, so the additional latency involved in securing the messages become even more of an issue. The carriers want to provide a service that is at least equivalent to the service customers get today. This is especially noticeable for voice services.

Sun Microsystems, Inc. Hand-off in All-IP network The registration process during a hand-off still needs to be authenticated. Again, an optimized key distribution approach is desired by the cellular carriers.

Sun Microsystems, Inc. The future of the HLR TSG-P’s architecture introduces a duplicate AAA path. AAA for IP-based terminals, and IS-41 for legacy (voice) devices. There is some interest in the All-IP networks to move away from the HLR, and make use of AAA for all devices. A gateway function would be needed to communicate with legacy (SS7) networks.

Sun Microsystems, Inc. Cellular Standards Issues Although the cellular standards bodies are willing to adopt IETF-standardized protocol, they have many concerns about our ability to deliver. Today’s Working Groups have charters that include milestones, but these milestones rarely observed, and seldom is any effort done to meet them.

Sun Microsystems, Inc. Conclusions The Mobile IP WG must complete its work to bind Mobile IP and AAA. If we want to remove Triangular routing introduced by Mobile IP, we need to work on the security infrastructure that is required.

Sun Microsystems, Inc. Conclusions The AAA Working Group must complete its requirements, and begin the protocol design phase. Future AAA work may be necessary to support the legacy devices. This MAY be better handled by the cellular SDOs.

Sun Microsystems, Inc. Conclusions The cellular carriers would like to make use of a standardized security service, but IKE imposes too much of an overhead. The IETF could investigate if a security service that imposes a lower latency in the hand-off process.