LTE的GAA架构，LTE如何使用TLS

TR133919中给出GAA的架构

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

其中，GBA包括HTTP Digest, Pre-Shared Key TLS, IKE with pre-shared secret and a priori any mechanism based on username and password等， SSC assumes that the
entity that needs to be authenticated (one or both partners in the communication) possesses a (public, private) key pair and a corresponding digital certificate. The latter validates the key pair and binds the key pair to its legitimate owner. Well-known protocols whose authentication is based on (public, private) key pairs include PGP and HTTP over TLS,
RFC 2818 [5] (the later is commonly called by its protocol identifier, "HTTPS").

 

GBA给出了一种基于3GPP AKA的应用实现机制，向client和application server提供一个shared secret，该shared secret可以用于认证client和application server之间的通信；GAA还提出了一种新的network element(NE)叫做Bootstrapping Server Function（BSF），UE与HSS之间的认证通过BSF来完成。From the resulting (CK, IK), a session key is derived in BSF and UE. An application server (called Network Application Function (NAF) in TS 33.220 [2]) can fetch this session key from the BSF together with subscriber profile information. In this way the application server (NAF) and the UE share a secret key that can subsequently be used for application security, in particular to authenticate UE and NAF at the start of the application session (possibly also for integrity and/or confidentiality protection although that might not be strictly in the scope of GAA). The communication between the UE and the BSF as well as that between NAF and BSF and between BSF and HSS are application independent and are described in TS 33.220

If only SIM cards or SIMs on UICC is available, and 2G_GBA is allowed, the BSF and UE mutually authenticates using the 2G AKA and TLS protocol.

 

SSC给出了一种为mobile subscriber动态颁发数字证书的机制；If a mobile subscriber wants to have and make use of a (public, private) key pair, the key pair and a certificate should either be preloaded or the subscriber must have the means to either generate or obtain a key pair and dynamically obtain a corresponding digital certificate.

为了请求证书，需要用户向home operator的PKI portal发送一个适当的证书请求，该过程即可视为一个mobile application的例子。且该过程需要双方实体的相互认证。如果双方已存在可用的证书，可以用已有证书认证，否则，需要执行GBA来获得一个shared secret并用于认证，最后获取新的证书。As with many mobile applications it requires authentication of the communicating entities, in this case the UE and the PKI portal (the latter plays the role of the application server). As for any other application there are 2 options for this authentication: pre-shared secret based or based on asymmetric cryptography and certificates. The latter is only an option when a new certificate is requested from the PKI portal while another still valid certificate is already loaded in the UE. The former method requires a shared secret between the PKI portal and the UE. If the shared secret is not pre-configured, GBA can be used to obtain such a shared secret.

 

HTTPS常用于UE和application server之间保护application sesstion安全。It is envisaged that HTTPS (or HTTP/TLS) may be used in a number of services to secure the application session between the UE and the application server (Ua interface in TS 33.220, see TS 33.222 [4]). TS 33.222 [4] describes the details of the possible authentication options when HTTPS is used between a UE and an application server. Any existing or future application based on HTTPS or Pre-Shared Key TLS can refer to TS 33.222 [4] for details on authentication and the set up of a secure HTTP session. 此种情形下有四种应用类型：

       HTTPS with Authentication Proxy: UE可以通过AP同时连接多个AS，可以节省AV，节省UE需要开启和维护的TLS会话数

       HTTPS without Authentication Proxy

       Pre-Shared Key TLS：HTTP client和server用GBA实现认证，通过BSF获得的session key被NAF提取作为shared secret，该shared secret可以作为TLS会话中的master secret用于在TLS协议中生成会话密钥。

 

      总结，在LTE的应用层，3GPP给了一个通用的认证架构GAA，通过该架构可以实现独立于application server和authentication proxy的用户和server的相互认证机制，当然，独立的AS可以开发特定的认证方式。总的来说采用GAA可以降低应用开发的复杂性，且该机制可以内置到USIM卡存储中。