Next Generation Security in 3GPP

Alf Zugenmaier
NTT DOCOMO & Munich University of Applied Sciences
Vice Chair 3GPP SA3

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 1

 Disclaimer

lPresentation is based on first draft of 3GPP

document not stable and contains several
highly contentious topics

lOpinions are my own

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 2

 5G Time Line

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 3

Source: http://www.3gpp.org/images/articleimages/2015_03_5G-timeline
 Current status in 3GPP SA3

lStudy on the security aspects of the next

generation system TR33.899

lStarting from use cases

Derive security requirements
Update security requirements from 4G when required

lSA3 started to discuss 5G security in May 2016

Beginning of study
End of study phase in 9 months
Results to be carried into normative work
NTT DOCOMO, INC., Copyright 2016, All rights reserved. 4
 Scope

Investigation of

lSecurity threats and requirements

lSecurity architecture

lAccess security

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 5

 Security Areas
l Security architecture
l Authentication
l Security context and key management
l Security for Next Generation radio interface and radio
access network
l Security within Next Generation User Equipment
l Authorization
l Subscriber privacy
l Network slicing security
service access, network function sharing and isolation
l Relay security
l Network domain security
l Security visibility and configurability
l Credential provisioning

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 6

 Structure

lSecurity Areas
Key issues
Threats
Requirements
Solution proposals
Evaluations
lConclusions

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 7

 Architectural aspects of 5G security

l Architecture not well defined, yet

l Requirements will be on LTE Security Architecture Overview
Protection of reference points
Optional or mandatory
To use
To support

l Potential requirements: Source TS33.401 R13

Placement of authentication functionality in well protected

core
Integrity protection for C-plane
Addition of U-plane integrity protection
Confidentiality protection for C- and U-plane (caveat LI)

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 8

 Authentication

Potentially required
l Of subscribers
l Of devices, or groups of devices
l Of commands (such as kill switch)
l Of network towards UE

l Using what type of credentials and what kind of

authentication methods?
l How are the credentials stored?

l Consider impact of secret leakage

l Consider the impact of simultaneous authentications
NTT DOCOMO, INC., Copyright 2016, All rights reserved. 9
 Security context and key management

lTaking into account the inter-operator

interconnect
lPotentially, the UE may trigger key updates

lAlgorithm agility
lAlgorithm negotiation
The UE may know the applied application level
security

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 10

 RAN security

lPotential requirements
Authenticity of cell broadcasts

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 11

 Security within Next Generation UE

lHighly contentious

lHardware root of trust vs. allow anything

approach

lArguments
Assured minimum level of security
Cheaper production for low value transactions

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 12

 Authorization

lNew deployment models such as factory

automation may require new authorization
models

lAuthorization of a network to serve a UE may

potentially be strengthened

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 13

 Subscriber privacy

Source: TR33.899 v0.2.0

l Tied to subscriber identifier or location

l Unlawful / unauthorized exposure, tracking or usage
l Potential requirements include
Use of temporary identifiers when possible
UE triggered change of identifier

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 14

 Network slicing security

Key issues may include

l Security isolation of network slices;
l Security differentiation slices
l Security on UEs access to slices;
l Security on sensitive network elements;
l Security on management of slicing;
l Security on interacting with third party;
l Security of inter slice communications

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 15

 Relay security

Key issues include

lMutual network and UE authentication even if
going over a relay UE
lIntegrity and confidentiality protection of C- and
U-plane
lSecure session continuity on mobility to and
from relay UE

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 16

 Network domain security

Key issues are

lNetwork overload with C-plane messages
lAuthentication and integrity of core network
signalling

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 17

 Security visibility and configurability

Key issues are

lService dependant security requirements
lUser awareness of security
lUser control of security
lOn demand security framework

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 18

 Credential provisioning

Again highly contentious similar to security within

UE

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 19

 Summary

l5G standardization process has just started

lNew use cases still being worked out impact

to security requirements

lThe contents of this presentation are a snapshot

only
The process is continuing

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 20

 Thank you for your attention

Questions?

NTT DOCOMO, INC., Copyright 2016, All rights reserved. 21