Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7: Security features

The present document gives an introduction and overview of the complete Digital Enhanced Cordless Telecommunications (DECT) Common Interface (CI). The present document specifies the security architecture, the types of cryptographic algorithms required, the way in which they are to be used, and the requirements for integrating the security features provided by the architecture into the DECT CI. It also describes how the features can be managed and how they relate to certain DECT fixed systems and local network configurations.
The security architecture is defined in terms of the security services which are to be supported at the CI, the mechanisms which are to be used to provide the services, and the cryptographic parameters, keys and processes which are associated with these mechanisms.
The security processes specified in the present document are each based on one of two cryptographic algorithms:
• an authentication algorithm; and
• a key stream generator.
The architecture is, however, algorithm independent, and either the DECT standard algorithms, or appropriate proprietary algorithms, or indeed a combination of both can, in principle, be employed. The use of the employed algorithm is specified in the present document. Integration of the security features is specified in terms of the protocol elements and processes required at the Network (NWK) and Medium Access Control (MAC) layers of the CI. The relationship between the security features and various network elements is described in terms of where the security processes and management functions may be provided. The present document does not address implementation issues. For instance, no attempt is made to specify whether the DSAA should be implemented in the PP at manufacture, or whether the DSAA or a proprietary authentication algorithm should be implemented in a detachable module. Similarly, the present document does not specify whether the DSC
should be implemented in hardware in all PPs at manufacture, or whether special PPs should be manufactured with the DSC or proprietary ciphers built into them. The security architecture supports all these options, although the use of proprietary algorithms may limit roaming and the concurrent use of PPs in different environments.

Digitalne izboljšane brezvrvične telekomunikacije (DECT) – Skupni vmesnik (CI) – 7. del: Varnostne lastnosti

General Information

Status
Published
Publication Date
28-Feb-2006
Current Stage
6060 - National Implementation/Publication (Adopted Project)
Start Date
01-Mar-2006
Due Date
01-Mar-2006
Completion Date
01-Mar-2006

Buy Standard

Standard
EN 300 175-7 V1.9.1:2006
English language
101 pages
sale 10% off
Preview
sale 10% off
Preview
e-Library read for
1 day

Standards Content (Sample)

SLOVENSKI STANDARD
SIST EN 300 175-7 V1.9.1:2006
01-marec-2006
'LJLWDOQHL]EROMãDQHEUH]YUYLþQHWHOHNRPXQLNDFLMH '(&7 ±6NXSQLYPHVQLN &, ±
GHO9DUQRVWQHODVWQRVWL
Digital Enhanced Cordless Telecommunications (DECT); Common Interface (CI); Part 7:
Security features
Ta slovenski standard je istoveten z: EN 300 175-7 Version 1.9.1
ICS:
33.070.30 'LJLWDOQHL]EROMãDQH Digital Enhanced Cordless
EUH]YUYLþQHWHOHNRPXQLNDFLMH Telecommunications (DECT)
'(&7
SIST EN 300 175-7 V1.9.1:2006 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST EN 300 175-7 V1.9.1:2006

---------------------- Page: 2 ----------------------

SIST EN 300 175-7 V1.9.1:2006

ETSI EN 300 175-7 V1.9.1 (2005-09)
European Standard (Telecommunications series)


Digital Enhanced Cordless Telecommunications (DECT);
Common Interface (CI);
Part 7: Security features

---------------------- Page: 3 ----------------------

SIST EN 300 175-7 V1.9.1:2006
 2 ETSI EN 300 175-7 V1.9.1 (2005-09)



Reference
REN/DECT-000232-7
Keywords
DECT, radio, security
ETSI
650 Route des Lucioles
F-06921 Sophia Antipolis Cedex - FRANCE

Tel.: +33 4 92 94 42 00  Fax: +33 4 93 65 47 16

Siret N° 348 623 562 00017 - NAF 742 C
Association à but non lucratif enregistrée à la
Sous-Préfecture de Grasse (06) N° 7803/88

Important notice
Individual copies of the present document can be downloaded from:
http://www.etsi.org
The present document may be made available in more than one electronic version or in print. In any case of existing or
perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF).
In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive
within ETSI Secretariat.
Users of the present document should be aware that the document may be subject to revision or change of status.
Information on the current status of this and other ETSI documents is available at
http://portal.etsi.org/tb/status/status.asp
If you find errors in the present document, please send your comment to one of the following services:
http://portal.etsi.org/chaircor/ETSI_support.asp
Copyright Notification
No part may be reproduced except as authorized by written permission.
The copyright and the foregoing restriction extend to reproduction in all media.

© European Telecommunications Standards Institute 2005.
All rights reserved.

TM TM TM
DECT , PLUGTESTS and UMTS are Trade Marks of ETSI registered for the benefit of its Members.
TM
TIPHON and the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members.
TM
3GPP is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners.
ETSI

---------------------- Page: 4 ----------------------

SIST EN 300 175-7 V1.9.1:2006
 3 ETSI EN 300 175-7 V1.9.1 (2005-09)
Contents
Intellectual Property Rights.7
Foreword.7
Introduction .7
1 Scope.10
2 References.10
3 Definitions and abbreviations.11
3.1 Definitions.11
3.2 Abbreviations.11
4 Security architecture.12
4.1 Background.12
4.2 Security services.13
4.2.1 Authentication of a PT.13
4.2.2 Authentication of an FT.13
4.2.3 Mutual authentication.13
4.2.4 Data confidentiality.13
4.2.5 User authentication.13
4.3 Security mechanisms.13
4.3.1 Authentication of a PT.13
4.3.2 Authentication of an FT.15
4.3.3 Mutual authentication.16
4.3.4 Data confidentiality.16
4.3.4.1 Derived Cipher Key (DCK) .16
4.3.4.2 Static Cipher Key (SCK).17
4.3.5 User authentication.17
4.4 Cryptographic parameters and keys .17
4.4.1 Overview.17
4.4.2 Cryptographic parameters.17
4.4.3 Cryptographic keys.19
4.4.3.1 Authentication key K.19
4.4.3.2 Authentication session keys KS and KS'.20
4.4.3.3 Cipher key CK .20
4.5 Security processes.21
4.5.1 Overview.21
4.5.2 Derivation of authentication key, K.21
4.5.2.1 K is derived from UAK.21
4.5.2.2 K is derived from AC.21
4.5.2.3 K is derived from UAK and UPI.22
4.5.3 Authentication processes.22
4.5.3.1 Processes for the derivation of KS and KS'.22
4.5.3.2 Processes for the derivation of DCK, RES1 and RES2.22
4.5.4 Key stream generation .23
4.6 Combinations of security services.23
5 Algorithms for security processes .24
5.1 Background.24
5.1.1 A algorithm.24
5.2 Derivation of session authentication key(s).25
5.2.1 A11 process.25
5.2.2 A21 process.25
5.3 Authentication and cipher key generation processes.25
5.3.1 A12 process.25
5.3.2 A22 process.26
6 Integration of security .26
ETSI

---------------------- Page: 5 ----------------------

SIST EN 300 175-7 V1.9.1:2006
 4 ETSI EN 300 175-7 V1.9.1 (2005-09)
6.1 Background.26
6.2 Association of keys and identities .26
6.2.1 Authentication key.26
6.2.1.1 K is derived from UAK.26
6.2.1.2 K derived from AC.27
6.2.1.3 K derived from UAK and UPI .27
6.2.2 Cipher keys.27
6.3 NWK layer procedures.28
6.3.1 Background.28
6.3.2 Authentication exchanges.28
6.3.3 Authentication procedures.29
6.3.3.1 Authentication of a PT .29
6.3.3.2 Authentication of an FT .30
6.3.4 Transfer of Cipher Key, CK.30
6.4 MAC layer procedures .30
6.4.1 Background.30
6.4.2 MAC layer field structure .30
6.4.3 Data to be encrypted .31
6.4.4 Encryption process.32
6.4.5 Initialization and synchronization of the encryption process.34
6.4.6 Encryption mode control.34
6.4.6.1 Background.34
6.4.6.2 MAC layer messages.35
6.4.6.3 Procedures for switching to encrypt mode .35
6.4.6.4 Procedures for switching to clear mode .38
6.4.7 Handover of the encryption process .39
6.4.7.1 Bearer handover, uninterrupted ciphering.39
6.4.7.2 Connection handover, uninterrupted ciphering .40
6.4.7.3 External handover - handover with ciphering .40
6.4.8 Modifications for half slot specifications.40
6.4.8.1 Background.40
6.4.8.2 MAC layer field structure .41
6.4.8.3 Data to be encrypted.41
6.4.8.4 Encryption process.41
6.4.8.5 Initialization and synchronization of the encryption process .42
6.4.8.6 Encryption mode control.42
6.4.8.7 Handover of the encryption process.42
6.4.9 Modifications for double slot specifications.42
6.4.9.1 Background.42
6.4.9.2 MAC layer field structure .42
6.4.9.3 Data to be encrypted.43
6.4.9.4 Encryption process.43
6.4.9.5 Initialization and synchronization of the encryption process .44
6.4.9.6 Encryption mode control.44
6.4.9.7 Handover of the encryption process.44
6.4.10 Modifications for multi-bearer specifications.44
6.4.11 Modifications for 4-level, 8-level, 16-level and 64-level modulation formats .45
6.4.11.1 Background.45
6.4.11.2 MAC layer field structure .45
6.4.11.3 Data to be encrypted.45
6.4.11.4 Encryption process.45
6.4.11.5 Initialization and synchronization of the encryption process .49
6.4.11.6 Encryption mode control.49
6.4.11.7 Handover of the encryption process.49
6.5 Security attributes.49
6.5.1 Background.49
6.5.2 Authentication protocols.50
6.5.2.1 Authentication of a PT .50
6.5.2.2 Authentication of an FT .51
6.5.3 Confidentiality protocols.52
6.5.4 Access-rights protocols.54
6.5.5 Key numbering and storage .55
ETSI

---------------------- Page: 6 ----------------------

SIST EN 300 175-7 V1.9.1:2006
 5 ETSI EN 300 175-7 V1.9.1 (2005-09)
6.5.5.1 Authentication keys.55
6.5.5.2 Cipher keys.55
6.5.6 Key allocation.56
6.5.6.1 Introduction.56
6.5.6.2 UAK allocation.56
7 Use of security features .57
7.1 Background.57
7.2 Key management options.58
7.2.1 Overview of security parameters relevant for key management.58
7.2.2 Generation of authentication keys .59
7.2.3 Initial distribution and installation of keys .60
7.2.4 Use of keys within the fixed network .60
7.3 Confidentiality service with a Cordless Radio Fixed Part (CRFP).65
7.3.1 General.65
7.3.2 CRFP initialization of PT cipher key.65
Annex A (informative): Security threats analysis.66
A.1 Introduction.66
A.2 Threat A - Impersonating a subscriber identity.67
A.3 Threat B - Illegal use of a handset (PP).67
A.4 Threat C - Illegal use of a base station (FP) .67
A.5 Threat D - Impersonation of a base station (FP) .68
A.6 Threat E - Illegally obtaining user data and user related signalling information .68
A.7 Conclusions and comments.69
Annex B (informative): Security features and operating environments .71
B.1 Introduction.71
B.2 Definitions.71
B.3 Enrolment options.71
Annex C (informative): Reasons for not adopting public key techniques.73
Annex D (informative): Overview of security features .74
D.1 Introduction.74
D.2 Authentication of a PT .74
D.3 Authentication of an FT .75
D.4 Mutual authentication of a PT and an FT.75
D.4.1 Direct method.75
D.4.2 Indirect method 1.75
D.4.3 Indirect method 2.75
D.5 Data confidentiality.75
D.5.1 Cipher key derivation as part of authentication.76
D.5.2 Static cipher key .76
D.6 User authentication.76
D.7 Key management in case of roaming .76
D.7.1 Introduction.76
D.7.2 Use of actual authentication key K.76
D.7.3 Use of session keys.77
D.7.4 Use of precalculated sets .77
Annex E (informative): Limitations of DECT security.78
E.1 Introduction.78
ETSI

---------------------- Page: 7 ----------------------

SIST EN 300 175-7 V1.9.1:2006
 6 ETSI EN 300 175-7 V1.9.1 (2005-09)
E.2 Protocol reflection attacks.78
E.3 Static cipher key and short Initial Vector (IV) .78
E.4 General considerations regarding key management.79
E.5 Use of a predictable challenge in FT authentication .79
Annex F (informative): Security features related to target networks .80
F.1 Introduction.80
F.1.1 Notation and DECT reference model .80
F.1.2 Significance of security features and intended usage within DECT.80
F.1.3 Mechanism/algorithm and process requirements .81
F.2 PSTN reference configurations .82
F.2.1 Domestic telephone.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.