Internet DRAFT - draft-zhang-rrc-3gpp-recommend
draft-zhang-rrc-3gpp-recommend
Network Working Group S. Zhang
Internet-Draft J. Huang
Intended status: Experimental Southeast University
Expires: January 05, 2014 July 04, 2013
A recommendation for RRC agreement in 3rd Generation Partnership
Project(3GPP) standard
draft-zhang-rrc-3gpp-recommend-00
Abstract
This document contains a recommendation to the Third Generation
Partnership Project(3GPP) community regarding the RRC agreement.
Specifically, this document RECOMMENDS that a network credential MUST
be attributed to each user, and the user identity MUST be verified in
the RRC connection establishment phase.
Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on January 05, 2014.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
Zhang & Huang Expires January 05, 2014 [Page 1]
Internet-Draft Abbreviated-Title July 2013
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Overview of the RRC Connection Establishment Process . . 3
1.2. Meaning of Symbols . . . . . . . . . . . . . . . . . . . 4
2. Design Goals . . . . . . . . . . . . . . . . . . . . . . . . 4
3. The Recommendation for the RRC Agreement . . . . . . . . . . 5
3.1. Format of the ANI Credential . . . . . . . . . . . . . . 5
3.2. Improved Process of RRC Connection Establishment . . . . 6
4. Security Considerations . . . . . . . . . . . . . . . . . . . 10
5. Resource Considerations . . . . . . . . . . . . . . . . . . 12
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.1. Normative References . . . . . . . . . . . . . . . . . . 12
6.2. Informative References . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction
RRC is an acronym of the radio resource control protocol, mainly
responsible for the radio resource allocation and sending relevant
signaling. RRC connection[TR_21.905_3GPP] refers to a point-to-point
bi-directional connection between RRC peer entities on the UE and the
UTRAN sides, through which the control signaling between UE and UTRAN
and some signaling of the NAS(Non Access Stratum ) are transfered.
To access a 3G network, the user SHOULD establish a RRC connection
with the accesse network and achieve mutual authentication with the
core network. 3G network completes the user authentication tasks by
Zhang & Huang Expires January 05, 2014 [Page 2]
Internet-Draft Abbreviated-Title July 2013
the core network, but there is no mechanism in the RRC protocol to
judge the legitimacy of the requesting subscriber, which means that
any user who request to access the network will acquire a RRC
connection. If radio resources are occupied too much by the
attacker, the normal operation of the network MUST be affected. So,
in this profile, a user identity verification scheme is proposed for
the RRC agreement.
1.1. Overview of the RRC Connection Establishment Process
The main flow of RRC connection establishment[TS_25.331_3GPP] is
showed as figure 1.
MS NodeB RNC
| CCCH: RRC CONNECTION REQUEST |
| -------------------------|---------------------------->|
| | +-----------------------------+
| | | Admission judgement; RNTI |
| | |allocation;parameter setting |
| | +-----------------------------+
+---|--------------------------|-----------------------------|---+
| +-----------------+ | RADIO LINK SETUP REQUEST | |
| |Establish it on | |<----------------------------| |
| |dedicated channel| | RADIO LINK SETUP RESPONSE | |
| +-----------------+ |---------------------------->| |
| +-----------------------------------+ |
| | ALCAP SETUP AND ASYNCHRONIZATION | |
| +-----------------------------------+ |
+---|--------------------------|-----------------------------|---+
| | |
+---|--------------------------|-----------------------------|---+
| +-----------------+ | +------------------------+ |
| |Establish it on | | | Map the logical channel| |
| | public channel | | | to a public channel | |
| +-----------------+ | +------------------------+ |
+---|--------------------------|-----------------------------|---+
| CCCH/DCCH:RRC CONNECTION SETUP COMPLETE |
| <------------------------|---------------------------- |
| CCCH/DCCH: RRC CONNECTION SETUP |
| -------------------------|---------------------------> |
| | |
Figure 1 The normal process of RRC connection establishment
1) The MS(Mobile Station) sends a RRC request message RRC CONNECTION
REQUEST to the RNC(radio network controller) via the uplink CCCH,
requesting to establish a RRC connection.
Zhang & Huang Expires January 05, 2014 [Page 3]
Internet-Draft Abbreviated-Title July 2013
2) According to the establishment reason and the current resource
situation, RNC determines whether to accept the connection request
and to establish on a public channel or a dedicated channel. If RNC
has accepted the RRC connection request, he will allocate a radio
network temporary identifier U-RNTI to MS. After that, if he decides
to establish the connection on a public channel, he will also
allocate a cell radio network temporary identifier C-RNTI.
Otherwise, RNC will send a radio link setup request message RADIO
LINK SETUP REQUEST to the NodeB, and use the ALCAP protocol to
establish the Iub interface for the user data transmission.
3) RNC sends the connection establishment message RRC CONNECTION
SETUP to the MS through a downlink CCCH channel, containing the
information of channels assigned to the user.
4) If the RRC connection has been established successfully, MS will
send a RRC connection establishment complete message RRC CONNECTION
SETUP COMPLETE to the RNC through the attributed channel and end the
RRC connection establishment.
It is worth noting that during the channel distribution process, the
user can acquire the radio resource without identity verification.
1.2. Meaning of Symbols
The meanings of symbols used in this profile are as follow:
+------------+------------------------------------------------------+
| symbol | meaning |
+------------+------------------------------------------------------+
| RANDm | Random number maintained by MS and RNC |
| RANDr | Random number broadcast by RNC |
| TANI | Temporary accessing network credential |
| CGI | Cell Global Identifier |
| Kur | Public key of RNC |
| ANI | Accessing network credential |
| PKChlr | Public key certificate of the HLR, stored in the |
| | USIM card |
| f10 | One-way function to generate the authentication data |
| | block |
| f11 | Function to encrypt IMSI information |
+------------+------------------------------------------------------+
Table 1 Short list of the symbol meanings
2. Design Goals
Zhang & Huang Expires January 05, 2014 [Page 4]
Internet-Draft Abbreviated-Title July 2013
In the RRC(radio resource control) connection establishment phase,
upon receipt of a RRC connection request message, the RNC will decide
whether to accept this request according to the request reason and
the current resource situation, but won't consider whether the user
is legal. Once an adversary launches a connection request to the RNC
with the intercepted request message, RNC will also allocate radio
resources to him. With a large amount of radio resources occupied by
the attacker, the legal user MAY be refused by the network because of
resource shortage. In addition, the user authentication tasks are
completed by the core network, which means that a large amount of
bandwidth resources in the core network are consumed and various
attacks are easy to be introduced into the core network. The main
goal of this profile are outlined below:
1)To reduce radio resource consumption.
The radio resource is distributed by the RNC to the user. This
profile proposed that in the RRC connection establishment phase, the
user identity will be verified to avoid the radio resource being
occupied by attackers. If so, the system can reduce plenty of
resources consumption.
2)To prevent malious attacks.
According to the 3gpp standard, various attacks can be resisted by
the core network. However, this scheme will cause a large amount of
bandwidth resources being wasted. The method proposed in this
profile can avoid malious attacks being introduced into the core
network.
3. The Recommendation for the RRC Agreement
This profile suggests that when the user launches a RRC connection
request, he SHOULD submit a accessing network credential (ANI).
Through judging the legitimacy of ANI and its resource situation, RNC
decides whether to accept the connection request .
3.1. Format of the ANI Credential
+----------------------------------+
| Credential name |
+----------------------------------+
| Identification of HlR |
+----------------------------------+
| Digital signature of HLR |
+----------------------------------+
Figure 2 Format of ANI credential
Zhang & Huang Expires January 05, 2014 [Page 5]
Internet-Draft Abbreviated-Title July 2013
The format of ANI credential is as figure 2 shows. Each user has an
ANI credential which is stored in the USIM card and the attributed
HLR, consisting of three different attributes, that is, the
credential name, the identification of attributed HLR and the digital
signature of HLR. The public key certificate of HLR is stored in
USIM card, and HLR signs the credential name and the identification
of attributed HLR with its privacy key. When the user launches a RRC
connection request to the RNC, his ANI credential and the HLR public
key certificate are submitted. The RNC can use the certificate to
judge the ANI credential's legitimacy.
3.2. Improved Process of RRC Connection Establishment
According to whether or not the information of the accessed cell is
stored in the USIM card, the RRC connection can be divided into two
cases. The discussions about the improved method are as follow:
(1) when no information about the accessed cell is stored in USIM
card, the process is as figure 3 shows.
MS NodeB RNC
| RRC CONNECTION REQUEST |
| [PKChlr,E(Kur,ANI||CGI||RANDr)] |
| -------------------------|---------------------------->|
| | +-----------------------------+
| | | Admission judgement; RNTI |
| | |allocation;parameter setting |
| | +-----------------------------+
| | |
+---|--------------------------|-----------------------------|---+
| +-----------------+ | RADIO LINK SETUP REQUEST | |
| |Establish it on | | <---------------------------| |
| |dedicated channel| | RADIO LINK SETUP RESPONSE | |
| +-----------------+ | --------------------------->| |
| +-----------------------------------+ |
| | ALCAP SETUP AND ASYNCHRONIZATION | |
| +-----------------------------------+ |
+---|--------------------------|-----------------------------|---+
| | |
+---|--------------------------|-----------------------------|---+
| +-----------------+ | +------------------------+ |
| |Establish it on | | | Map the logical channel| |
| | public channel | | | to a public channel | |
| +-----------------+ | +------------------------+ |
+---|--------------------------|-----------------------------|---+
| RRC CONNECTION SETUP COMPLETE |
| [RANDnew,TANI xor hash(ANI||CGI||RANDr)] |
| <------------------------|---------------------------- |
Zhang & Huang Expires January 05, 2014 [Page 6]
Internet-Draft Abbreviated-Title July 2013
| RRC CONNECTION SETUP |
| -------------------------|---------------------------> |
| | |
Figure 3 The process of initial RRC connection establishment
1) The MS sends a initial RRC connection request message to RNC: RRC
CONNECTION REQUEST[PKChlr, E(Kur,ANI||CGI||RANDr)].
Kur and RANDr are broadcast by RNC. The RNC verifies the user
identity by HLR's public key certificate PKChlr. To prevent the
replay of initial RRC connection request message, a timing updated
parameter RANDr is used in this message. ANI||CGI||RANDr SHOULD be
encrypted with public key Kur to ensure that the ANI credential and
RANDr won't be interpolated by attackers.
2) When the RNC receives the RRC connection request message, the
request message is decrypted by his private key and is verified.
First, we SHOULD judge whether or not the initial RRC connection
request message is replayed. So, the RNC will inquire the maintained
random number record(RANDlast,RANDnow), RANDlast refers to the last
random number broadcast by RNC, and RANDnow refers to the random
number broadcast currently. If RANDr=RANDnew, we can define that
this message is not replayed. But because of the transmission delay
between MS and RNC, the broadcasted random number MAY have been
updated before the request message arrives RNC. The RNC will define
that this request message is replayed and refuse the connection
request because RANDr and RANDnow is not equal. In this profile, if
RANDr =RANDlast, but the interval is very short between present
moment and the update time, we SHOULD still define this RRC
connection request message is not replayed.
Next, RNC judges the correctness of the ANI credential. The RNC can
verify the digital signature with the public key certificate PKChlr,
and determine whether the network credential is correct or not.
Finally, the RNC will compare the CGI with the connected cell
Identifier. If they match, the RNC considers that the RRC connection
request message is legal, never being modified and redirected.
Otherwise, the RNC considers the connection request is illegal and
reject it.
3) According to the resource situation and the request reason, the
RNC determines whether to allocate radio resources to the user and
which kind of channel to allocate, dedicated channel or public
channel.
Zhang & Huang Expires January 05, 2014 [Page 7]
Internet-Draft Abbreviated-Title July 2013
If the RNC accepts the connection request, he will allocate radio
resources to the user and set all the parameters. Then RNC will
assign a temporary accessing network credential TANI and a random
number RANDm to the user. When MS access this cell again, TANI will
be used to represent the user identity, and RANDm will be used to
avoid the replay of initial RRC connection request message.
Form1(MS) Form2(RNC)
+-------------------+ +----------------------------------------+
| CGI | RANDm| TANI | |ANI credential name| CGI | RANDm | TANI |
|-------------------| |----------------------------------------|
| CGI1|RANDm1| TANI1| | ANI1 | CGI1| RANDm1| TANI1|
|-------------------| |----------------------------------------|
| CGI2|RANDm2| TANI2| | ANI2 | CGI2| RANDm2| TANI2|
|-------------------| |----------------------------------------|
| ... | ... | ... | | ... | ... | ... | ... |
|-------------------| |----------------------------------------|
| CGIn|RANDmn| TANIn| | ANIn | CGIn| RANDmn| TANIn|
|-------------------| |----------------------------------------|
Figure 4 Forms of maintained record set by MS and RNC
As figure 4, MS and RNC maintain Form1 and Form2 respectively.
Form1 includes three attributes, that is, Cell Global Identifier CGI,
random number RANDr and the TANI credential, which are used to store
the random number and the TANI credential corresponding to a cell.
Form2 includes four attributes, that is, credential name of ANI, Cell
Global Identifier CGI, random number RANDm and the TANI credential,
which are used to store the random number and the TANI credential
distributed to each user by RNC.
Each record in the Form1 and Form2 has a certain life time. If no
update occurs during a stipulated time, the corresponding record will
be deleted. To avoid producing two same initial RRC connection
request during the update interval of RANDr, the hold time of each
record in Form1 and Form2 SHOULD be much longer than the updating
interval of RANDr.
After the RNC completes the allocation of TANI and RANDm, he will
perform logical operation: TANI xor hash(ANI||CGI||RANDr). Then, the
RNC sends the RRC CONNECTION SETUP message to MS with the random
number RANDm, the information of allocated radio resources and TANI
xor hash(ANI||CGI||RANDr).
4) After MS receives a response message of RRC connection
establishment, calculating that:
Zhang & Huang Expires January 05, 2014 [Page 8]
Internet-Draft Abbreviated-Title July 2013
TANI=(TANI xor hash(ANI||CGI||RANDr) ) xor hash(ANI||CGI||RANDr)
When MS receives the random number RANDm, he will inquire the Form1
to define if there is the record about this cell. If none, we SHOULD
build a new record. Otherwise we SHOULD find the corresponding
record and update it. Then the MS sends RRC CONNECTION SETUP
COMPLETE message to the RNC, confirming the completion of RRC
connection establishment.
5) When the RNC receives the RRC connection establishment complete
message, he will update the record in Form2 immediately.
(2) if some information about the accessed cell is stored in USIM
card, the process is as figure 5 shows.
MS NodeB RNC
| RRC CONNECTION REQUEST |
| [TANI,f10(ANI credential name,RANDm,CGI)ms] |
| -------------------------|---------------------------->|
| | +-----------------------------+
| | | Admission judgement; RNTI |
| | |allocation;parameter setting |
| | +-----------------------------+
| | |
+---|--------------------------|-----------------------------|---+
| +-----------------+ | RADIO LINK SETUP REQUEST | |
| |Establish it on | | <---------------------------| |
| |dedicated channel| | RADIO LINK SETUP RESPONSE | |
| +-----------------+ | --------------------------->| |
| +-----------------------------------+ |
| | ALCAP SETUP AND ASYNCHRONIZATION | |
| +-----------------------------------+ |
+---|--------------------------|-----------------------------|---+
| | |
+---|--------------------------|-----------------------------|---+
| +-----------------+ | +------------------------+ |
| |Establish it on | | | Map the logical channel| |
| | public channel | | | to a public channel | |
| +-----------------+ | +------------------------+ |
+---|--------------------------|-----------------------------|---+
| RRC CONNECTION SETUP COMPLETE |
| [RANDnew] |
| <------------------------|---------------------------- |
| RRC CONNECTION SETUP |
| -------------------------|---------------------------> |
| | |
Figure 5 The process of non-initializing RRC connection establishment
Zhang & Huang Expires January 05, 2014 [Page 9]
Internet-Draft Abbreviated-Title July 2013
1) The MS sends a RRC connection request message to the RNC: RRC
CONNECTION REQUEST(TANI,f10(ANI credential name, RANDm,CGI)ms).
The MS inquires the Form1 and extracts the corresponding random
number RANDm. Then the MS computers the authentication data block
f10(ANI credential name,RANDm,CGI)ms with the one-way function f10.
2) Upon receipt of the RRC connection request message, the RNC judges
the legitimacy of this request message.
First, the RNC inquires Form2 corresponding to TANI and computers the
authentication block of RNC with f10. Then he will compares the
received f10(ANI credential name,RANDm ,CGI)ms with f10(ANI
credential name,RANDm ,CGI)rnc, if they match the RNC considers the
RRC connection request message to be legal and is produced in real
time, never being modified or redirected. Otherwise the RNC will
consider the request to be illegal.
3) According to the resource situation and the request reason, the
RNC determines whether to allocate radio resources to the user and
which kind of channel to allocate, dedicated channel or public
channel.
Upon receipt of the connection request, the RNC allocates radio
resources and a new random number RANDm to the legal user. Then he
will send the RRC CONNECTION SETUP message to the MS with the RANDm
and the information of the allocated radio resources.
4) Upon receipt of the RRC connection establishment message, the MS
updates the record in Form1. Then the MS sends RRC CONNECTION SETUP
COMPLETE message to the RNC, confirming the completion of the RRC
connection establishment.
5) Upon receipt of the RRC connection establishment complete message,
the MS updates the record in Form2.
4. Security Considerations
Considering the security performance, in this profile, the improved
RRC agreement can prevent malicious attack effectively. The specific
analyses are as follow:
(1) Resistance to replay attack
In this profile, MS and RNC maintain a random number RANDm, and a new
random number will be distributed to the user by RNC after a
successful RRC connection. The MS extracts the random number from
Form1 when launches a connection request, and RNC will decide whether
Zhang & Huang Expires January 05, 2014 [Page 10]
Internet-Draft Abbreviated-Title July 2013
the RRC connection request is replayed through the judgment of
equation f10(ANI credential name,RANDm ,CGI)ms= f10(ANI credential
name,RANDm,CGI)rnc.
Moreover, there is a parameter RANDr in the initial RRC connection
request message, which is broadcast by the RNC and updated in real
time to ensure the difference of every initial RRC connection request
message.
(2) Resistance to the man-in-the-middle attack
In this paper, the RRC connection request message contains a CGI. If
a disguised base station serves as a middleman, the CGI in
E(Kur,ANI||CGI||RANDr) or f10(ANI credential name,RANDm,CGI)ms will
be different from the CGI which the RNC connects to. Once the RNC
detects the attack, he will immediately refuse the connection
request.
(3)Resistance to the redirection attack
If the attacker leads the user data into a network which do not
provide encryption protection or the encryption strength is weak, the
attack can easily intercept the user data and may also bring a
charging attack on the user at the same time. In this profile, the
resistance against this kind of attack is also through the CGI. Once
the attacker use a disguised base station to redirect the user data,
the RNC of foreign serving network will also judge the RRC connection
request message. So,different CGI in the authentication data block
will makes the network refuse the connection request.
(4) Resistance to the Dos attack
Previously researchers think that for UMTS network, DoS attack mainly
consumes the resources in the core network, so some schemes focus on
useing AKA agreement in the core network to prevent the DoS attack.
These schemes ignore that when a DoS attack occurs, the attacker has
occupied a large number of radio resources, which may lead the legal
user not to get service normally. In this profile, we suggest that
the identification the MS SHOULD be verified in the RRC connection
establishment phase. The RRC connection is only for legal users.
Therefore, attacker cannot launch the DoS attack through transmitting
NAS information to the core network.
Zhang & Huang Expires January 05, 2014 [Page 11]
Internet-Draft Abbreviated-Title July 2013
5. Resource Considerations
Comparing with the 3gpp standard, in this profile, the improved RRC
agreement increases slightly the bandwidth resource consumption in
access layer. However, the scheme provides the judgment on user
identity in the access layer, which avoids providing radio resources
to illegal users and saves the bandwidth resources in core network.
6. References
6.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
6.2. Informative References
[TR_21.905_3GPP]
3GPP TR 21.905 V11.3.0, "Technical Specification Group
Services and System Aspects;Vocabulary for 3GPP
Specifications(Release 11)", December 2012.
[TS_25.331_3GPP]
3GPP TS 25.331 V11.4.0, "Technical Specification Group
Radio Access Network;Radio Resource Control (RRC);Protocol
specification(Release 11)", December 2012.
Authors' Addresses
Sha Zhang
Southeast University
N0.9, Mo Zhoudong street
Nan Jing, Jiang Su Province 210096
RPC China
Phone: 15251864199
Email: ShaZhangjs@aliyun.com
Jie Huang
Southeast University
N0.9, Mo Zhoudong street
Nan Jing, Jiang Su Province 210096
RPC China
Phone: 13675178016
Email: jhuang@seu.edu.cn
Zhang & Huang Expires January 05, 2014 [Page 12]