Details

<p>Preface xiii</p> <p>Foreword to the First Edition xv</p> <p>Acknowledgements xix</p> <p>Copyright Acknowledgements xix</p> <p><b>1 Overview of the Book 1</b></p> <p><b>2 Background 5</b></p> <p>2.1 Evolution of Cellular Systems 5</p> <p>2.2 Basic Security Concepts 10</p> <p>2.3 Basic Cryptographic Concepts 13</p> <p>2.4 Introduction to LTE Standardization 21</p> <p>2.5 Notes on Terminology and Specification Language 26</p> <p><b>3 GSM Security 29</b></p> <p>3.1 Principles of GSM Security 29</p> <p>3.2 The Role of the SIM 30</p> <p>3.3 Mechanisms of GSM Security 31</p> <p>3.4 GSM Cryptographic Algorithms 34</p> <p><b>4 Third-Generation Security (UMTS) 37</b></p> <p>4.1 Principles of Third-Generation (3G) Security 37</p> <p>4.2 Third-Generation Security Mechanisms 40</p> <p>4.3 Third-Generation Cryptographic Algorithms 49</p> <p>4.4 Interworking between GSM and 3G Security 55</p> <p>4.5 Network Domain Security 59</p> <p>4.6 Architectures with RNCs in Exposed Locations 65</p> <p><b>5 3G–WLAN Interworking 67</b></p> <p>5.1 Principles of 3G–WLAN Interworking 67</p> <p>5.2 Security Mechanisms of 3G–WLAN Interworking 75</p> <p>5.3 Cryptographic Algorithms for 3G–WLAN Interworking 81</p> <p><b>6 EPS Security Architecture 83</b></p> <p>6.1 Overview and Relevant Specifications 83</p> <p>6.2 Requirements and Features of EPS Security 89</p> <p>6.3 Design Decisions for EPS Security 97</p> <p>6.4 Platform Security for Base Stations 103</p> <p><b>7 EPS Authentication and Key Agreement 109</b></p> <p>7.1 Identification 109</p> <p>7.2 The EPS Authentication and Key Agreement Procedure 112</p> <p>7.3 Key Hierarchy 123</p> <p>7.4 Security Contexts 129</p> <p><b>8 EPS Protection for Signalling and User Data 133</b></p> <p>8.1 Security Algorithms Negotiation 133</p> <p>8.2 NAS Signalling Protection 136</p> <p>8.3 AS Signalling and User Data Protection 138</p> <p>8.4 Security on Network Interfaces 141</p> <p>8.5 Certificate Enrolment for Base Stations 143</p> <p>8.6 Emergency Call Handling 151</p> <p><b>9 Security in Intra-LTE State Transitions and Mobility 155</b></p> <p>9.1 Transitions to and from Registered State 156</p> <p>9.2 Transitions between Idle and Connected States 157</p> <p>9.3 Idle State Mobility 158</p> <p>9.4 Handover 161</p> <p>9.5 Key Change on the Fly 169</p> <p>9.6 Periodic Local Authentication Procedure 170</p> <p>9.7 Concurrent Run of Security Procedures 171</p> <p><b>10 EPS Cryptographic Algorithms 175</b></p> <p>10.1 Null Algorithms 176</p> <p>10.2 Ciphering Algorithms 177</p> <p>10.3 Integrity Algorithms 180</p> <p>10.4 Key Derivation Algorithms 180</p> <p><b>11 Interworking Security between EPS and Other Systems 183</b></p> <p>11.1 Interworking with GSM and 3G Networks 183</p> <p>11.2 Interworking with Non-3GPP Networks 193</p> <p><b>12 Security for Voice over LTE 215</b></p> <p>12.1 Methods for Providing Voice over LTE 215</p> <p>12.2 Security Mechanisms for Voice over LTE 220</p> <p>12.3 Rich Communication Suite and Voice over LTE 230</p> <p><b>13 Security for Home Base Station Deployment 233</b></p> <p>13.1 Security Architecture, Threats and Requirements 234</p> <p>13.2 Security Features 241</p> <p>13.3 Security Procedures Internal to the Home Base Station 244</p> <p>13.4 Security Procedures between Home Base Station and Security Gateway 247</p> <p>13.5 Security Aspects of Home Base Station Management 261</p> <p>13.6 Closed Subscriber Groups and Emergency Call Handling 275</p> <p>13.7 Support for Subscriber Mobility 277</p> <p><b>14 Relay Node Security 281</b></p> <p>14.1 Overview of Relay Node Architecture 281</p> <p>14.2 Security Solution 284</p> <p><b>15 Security for Machine-Type Communications 293</b></p> <p>15.1 Security for MTC at the Application Level 294</p> <p>15.2 Security for MTC at the 3GPP Network Level 301</p> <p>15.3 Security for MTC at the Credential Management Level 306</p> <p><b>16 Future Challenges 309</b></p> <p>16.1 Near-Term Outlook 309</p> <p>16.2 Far-Term Outlook 314</p> <p>Abbreviations 319</p> <p>References 327</p> <p>Index 337</p>

<b>Dan Forsberg, Poplatek Oy, Finland</b><br /> Dr. Dan Forsberg is currently a development manager at Poplatek Oy where he takes care of the payment terminals area and also works with payment card industry security. Earlier, Dan led the SAE/LTE security standardization work in Nokia. He was also nominated as one of the Nokia top inventors in 2007-2008. Dan started his Ph.D. studies while working in Nokia and has published several scientific papers in the area of "improving and distributing session key management for mobile networks". He joined Helsinki University of Technology in 2009 and finalized his PhD studies there before the end of 2009. <p><b>Günther Horn, Nokia Siemens Networks, Germany</b><br /> Dr Horn is a senior standardization expert at Nokia Siemens Networks. The focus of his work is on the standardization of 3G and SAE/LTE security in the 3GPPP security group (SA3), of which he has been a member since it started in 1999.</p> <p><b>Wolf-Dietrich Moeller, Nokia Siemens Networks, Germany</b><br /> Wolf-Dietrich Moeller is a senior researcher with Nokia Siemens Networks.</p> <p><b>Valtteri Niemi, University of Turku, Finland and Nokia Corporation, Finland</b><br /> Dr Niemi is a Professor of Mathematics in University of Turku, Finland and also a Nokia Fellow, for which role he is based at the Nokia Research Center in Helsinki, Finland. Prof. Niemi’s work has been on security and privacy issues of future mobile networks and terminals, the main emphasis being on cryptological aspects. He participated in the 3GPP SA3 (security) standardization group from the beginning, and during 2003-2009 he was the chairman of the group.</p>

<p><b>A concise, updated guide to LTE Security </b> </p> <p>This is a welcome Second Edition of the successful book on LTE Security (2010) addressing the security architecture for LTE as specified by 3GPP. Since 2010, LTE has established itself as the unrivalled mobile broadband technology of the fourth generation (4G), with significant commercial deployments around the world and a fast growing market.The subject of this book is hence even more relevant than it has been at the time of the first edition.  The authors explain in detail the security mechanisms employed in LTE and give an overview of the ones in GSM and 3G, which LTE security substantially extends. </p> <p>The specifications generated by standardization bodies inform how to implement the system (and this only to the extent required for interoperability), but almost never inform readers about why things are done the way they are.  Furthermore, specifications tend to be readable only for a small group of experts and lack the context of the broader picture. LTE Security Second Edition describes the essential elements of LTE Security, written by leading experts who participated in decisively shaping LTE security in the relevant standardization body, 3GPP, and explains the rationale behind the standards specifications giving readers a broader understanding of the context to these specifications.</p> <ul> <li>Includes two new chapters covering 3GPP work on Relay Node Security and on system enhancements for Machine-type Communication (MTC), plus application layer security in ETSI TC M2M and embedded smart card in ETSI SCP </li> <li>Updates existing chapters , including Voice over LTE, Home base stations, and New Cryptographic Algorithms.</li> </ul>

GB