1 Title: Need for the Message Integrity of User traffic Abstract: From both: competitive and security standpoints, UMB standard should add the option of explicitly message authenticating user traffic. Source: Kenneth Henriksen Sprint-Nextel, Chua Jia, China Unicom, Sarvar Patel, Alec Brsilovsky, Zhibi Wang Alcatel-Lucent {spatel, abrusilovsky, Date: Feb 12, 2007 Recommendation: Review and adopt Notice Alcatel-Lucent grants a free, irrevocable license to 3GPP2 and its Organization Partners to incorporate text or other copyrightable material contained in the contribution and any modifications thereof in the creation of 3GPP2 publications; to copyright and sell in Organizational Partner’s name any Organizational Partner’s standards publication even though it may include portions of the contribution; and at the Organization Partner’s sole discretion to permit others to reproduce in whole or in part such contributions or the resulting Organizational Partner’s standards publication. Sprint Nextel is also willing to grant licenses under such contributor copyrights to third parties on reasonable, non-discriminatory terms and conditions for purpose of practicing an Organizational Partner’s standard which incorporates this contribution. This document has been prepared by the contributor to assist the development of specifications by 3GPP2. It is proposed to the Committee as a basis for discussion and is not to be construed as a binding proposal on the contributor. Sprint Nextel specifically reserves the right to amend or modify the material contained herein and nothing herein shall be construed as conferring or offering licenses or rights with respect to any intellectual property of the contributor other than provided in the copyright statement above.

2 Agenda Evolution of Security Competitiveness of the 3GPP2 standard New Security Layer is a natural fit for Traffic Integrity Recommendation

3 Evolution Towards Greater Security The cellular standards have evolved from a complete lack of security on the link layer to an almost comprehensive security solution for the link layer. A glaring omission from any comprehensive security solution for the link layer would be the lack of message integrity for user traffic. The standard should, as a minimum, have the option of allowing user traffic to be message authenticated. A natural evolution for a next generation standard, like UMB, would be to continue the improvements in security; to create a comprehensive security solution for the link layer.

4 Competitiveness of the 3GPP2 standard Some of the various wireless standards that have incorporated message integrity for user traffic include: i - this spans a/b/g/n (WIMAX) (ZigBee) for low power radios for personal area networks ae: although it is for wired Ethernet link, it shows another link layer technology (not end to end) that specifies message integrity. UMB standards should be competitive with the best practices in the industry and should not aim low. Since competing wireless standards do/will have message integrity for user traffic, there is an expectation for the inclusion of message integrity for acceptable security. UMB will be at a market disadvantage, unless it meets this expectation.

5 New layer is a natural fit for traffic integrity Desire for integrity on user traffic existed in past but was prohibitively expensive due to the placement of the security layer Past standards would have required integrity tags per MAC frame because the security layer was placed close to the physical layer. New UMB security layer placement makes addition of user message integrity a natural. Negligible bandwidth overhead Security layer placement above RLP allows us to add integrity tags per wireless application pkt rather than per MAC frame. this dramatically lowers the overhead incurred by amortizing the cost of the integrity tag over a larger amount of bits. 0.27% overhead for a 1500 byte pkt and.69% for a 576 byte pkt with a 32 bit integrity tag

6 Requirement needed The system should support air interface user traffic encryption and integrity protection.