Efficient security mechanism in 3GPP-WLAN interworking

3GPP-WLAN interworking에서의 효율적인 보안 메커니즘

  • 신상욱 (부경대학교 전자컴퓨터정보통신공학부)
  • Published : 2004.06.01

Abstract

3GPP(3rd Generation Project Partnership)-WLAN(Wireless Local Area Network) interworking refers to the utilization of resources and access to services within the 3GPP system by the WLAN UE(User Equipment) and user respectively. The intent of 3GPP-WLAN Interworking is to extend 3GPP services and functionality to the WALN access environment. We propose an efficient mechanism for the setup of UE-initiated tunnels in 3GPP-WLAN interworking. The proposed mechanism is based on a secret key which is pre-distributed in the process of authentication and key agreement between UE and 3GPP AAA(Authentication, Authorization Accounting) server. Therefore it can avoid modular exponentiation and public key signature which need a large amount of computation in UE. Also the proposed scheme provides mutual authentication and session key establishment between UE and PDGW(Packet Data Gateway).

References

  1. 3GPP TS 23.234 3GPP system to Wireless Local Area Network(WLAN) Interworking:System Description
  2. 3GPP TR 23.934 3GPP system to WLAN Interworking:Functional and architectural definition
  3. 3GPP TS 33.102 3G Security:Security Architecture
  4. 3GPP TS 33.234 WLAN Interworking Security
  5. 3GPP TR 35.205 3G Security:Specification of the MILENAGE Algorithm Set:An example algorithm set for the 3GPP authentication and key generation functions $f1^*$,f2,f3,f4,f5 and $f5^*:Document 1:General
  6. draft-arkko-oppext-eap-aka-11 EAP AKA Authentication
  7. draft-ietf-eap-rfc2284bis-06.txt PPP Extensible Authentication Protocol(EAP)
  8. draft-ietf-ipsec-esp-v3-06.txt IP Encapsulating Security Payload(ESP)
  9. draft-ietf-ipsec-ikev2-12.txt Internet Key Exchange(IKEv2) Protocol
  10. IEE Std 802.11i/D2.0 Draft Supplement to Standard for Telecommunications and Information Exchange Between Systems-LAN/MAN Specific Requirements-Wireless Medium Access Control(MAC) and physical layer(PHY) specifications:Specification for Enhanced Security
  11. RFC 2865 Remote Authentication Dial In User Service(RADIUS)
  12. RFC 3588 Diameter base protocol