Thursday 24 April 2008

Security Upgrade from Release 7

For those familiar with the 3G Security (Ciphering + Integrity) architecture will know this well that there is only one Integrity algorithm (UIA1) defined and it is mandatory. On the other hand there are two ciphering algorithms (UEA0 and UEA1) defined. UEA0 in reality means no Ciphering ;). UIA1 and UEA1 are both based on Kasumi algorithm. UEA1 is f8 and UIA1 is f9 algorithms of Kasumi. (Please feel free to correct my terminology if you think its wrong).

From Release 7 there are some additional provisions made for increasing the security.

First lets talk about GSM. Initially only a5_1 and a5_2 algorithms were defined for GSM. They have not been compromised till date and are still secure. Still some new algorithms have been defined to make sure there is a backup if they are ever compromised. a5_3, a5_5 and a5_8 have been defined for GSM/GPRS and GEA3 defined for EDGE.

For UMTS, UEA2 and UIA2 have been defined. They are based on 'Snow 3G' algorithm. Kasumi is a 'blockcipher' algorithm whereas Snow 3G is 'streamcipher'. The interesting thing as far as I understand is that even though this is defined and mandatory for UEs and N/w from Rel7, it wont be used but will only serve as backup. More on this topic can be learnt here.

More detailed information on UIA2 and UEA2 is available here.

There are some enhancements coming in the SIM as well. At present all the Keys are 128bits but there should be a provision that in future, 256 bits can be used.

There are some extensive overhauling of IMS security as well but I havent managed to get a good understanding of that yet.

All the reports from the 3rd ETSI Security Workshop held on Jan 15-16 2008 are available here.

No comments: