The Universal Mobile Telecommunications System (UMTS) is currently being specified by 3GPP. To achieve the 2002 work plan specified for initial commercial deployment, the Phase-1 UMTS specifications had to be finalised by 1999. This was an ambitious goal. The USECA project was specifically concerned with the security architecture of UMTS. Its aim was to support the specification process by developing a viable and complete UMTS security architecture that could then be used as a basis for standardization.
The main areas under investigation:
a) Security Features and Requirements
The first task of USECA is to determine a current set of requirements for UMTS security.
To compile such a list the sources used are existing ETSI technical standards and reports
as defined in UMTS 30.00, FPLMTS/IMT-2000 documents, the Link 3GS3 project, and the ASPeCT
project. Once compiled, this list will be reviewed, and then offered up to SMG10 for
consideration.
Once the security features and requirements list is compiled, it will be continuously
reviewed and modified as required. Any changes will be distributed throughout the project
and to SMG10.
b) Security Mechanisms
Security mechanisms provide the building blocks for the realisation of security features.
Using the list of security features and requirements, this work area will determine and
develop the appropriate security mechanisms required for the UMTS security architecture.
These will include both technical and organisational mechanisms.
The criteria used to determine which mechanisms are appropriate include fitness for
purpose, proof of security, algorithm maturity, communications, administration, processing
and hardware overheads, and adherence to international standards.
c) Security Architecture
The starting point of this work is the general UMTS architecture as described at a high
level in UMTS ETS 23.01. The physical aspects are modelled using the domain concept and
the logical aspects are modelled using the stratum concept.
The relevant domains considered are USIM, Terminal, Access Network, Serving Network, Home
Network and Application Network. The Core Network is currently used to reference the
Serving Network and the Home Network. Once the required security functions are defined
they will be assigned to the appropriate domain.
d) Public Key Infrastructure (PKI)
Public key cryptography allows parties to communicate securely without prior exchange of
secret key material. It is expected to be an essential part of UMTS security. The
supporting infrastructure for public key cryptography consists of a network of Trusted
Third Parties (TTPs) who provide key management and certification services.
An effective public key infrastructure requires appropriate standards to be in place.
Hence the first part of the work will be the analysis of existing standards, and the
results of collaborative research programmes such as the INFOSEC project. These will then
be used to propose a full set of standards against which the UMTS PKI can be developed.
In addition to the technical issues surrounding PKI, the legal aspects of PKI are being
studied, with particular reference to the use of digital signatures.
e) The USIM
As part of the development of UMTS, the functional capabilities of the USIM that is
expected to control access to networks and services needs to be defined. In defining
these, the USIM is expected to have a broader use than just authentication and the storing
of some personal data, as it may also be host to electronic payment systems and other
applications. Clearly the current specifications of smartcards are too restrictive for
such a proposal, but major manufacturers have announced memory ranges of up to 70k within
the next two years. Therefore, not only the requirements for UMTS have to be looked at,
but also what is possible with the expected card specifications. The project will propose
required USIM specifications accordingly.
f) Terminal Security
The work on terminal security is concerned with both logical and physical security. The
logical security is to do with the division of the authentication and other functionality
between the USIM and the terminal, whilst the physical security is concerned with issues
such as theft, terminal cloning, terminal abuse, defective terminals, and non-type
approval.
In addition to the six main areas of technical work, a demonstrator was developed that
will provide an initial validation of the results of the USIM and Terminal Security
groups.
The goal of this project was to develop a complete and viable security architecture,
and present this for use in the standardisation process. The success of the project can
clearly be measured in its impact on the UMTS Security Specification. With such ambitious
time schedules, USECA had the ability to provide a parallel development and analysis path,
which could greatly enhance the chance of producing a robust security specification.
Contact:
Dr Nigel Jefferies
Technical Manager - Future, Networks, Security and Modelling
Vodafone Group Research and Development
Tel: +44 1635 673883
Fax: +44 1635 233440
Email: nigel.jefferies@vodafone.com
| Vodafone | UK |
| Giesecke & Devrient GmbH | DE |
| Katholieke Universiteit Leuven | BE |
| Panasonic PMDC | UK |
| Siemens AG | DE |
| Siemens Atea | BE |