1 / 14

Location Service Security

Location Service Security. Philip Hawkes phawkes@qualcomm.com. Colour Notation. GREEN: Entities/Things Mobile phones, network entities Purple: operations Functions, algorithms Protocols (who does what when) BLUE: Values Stored secrets Publicly known values (time)

coy
Télécharger la présentation

Location Service Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Location Service Security Philip Hawkes phawkes@qualcomm.com

  2. Colour Notation • GREEN: Entities/Things • Mobile phones, network entities • Purple: operations • Functions, algorithms • Protocols (who does what when) • BLUE: Values • Stored secrets • Publicly known values (time) • Orange: Important things

  3. H-PS MS : X MS MALBA: X MALBA MS: position request MALBA MS: X MSH-PS: X HALBA H-PS : X H-PSMS:X MS H-PS : X H-PSHALBA: X H-PSS-PS: X HALBA H-PS: IP_LOC_REQ MS H-PS: SUPL_START H-PS MS: SUPL_INIT MS has pos_info? Proxy Mode? MS has pos_info? MS has pos_info? Periodic? MS H-PS:SUPL_START(pos_info) H-PSMS: pos_info H-PS use cached pos_info? H-PS use cached pos_info? Home or Roaming? H-PS S-PS: PS_REQ/PS_ACK S-PS Assigns PDE,Modes agreed PDE (S-PS) H-PS PDE_RESPONSE H-PS assigns PDE Modes agreed SUPL_POS direct H-PSMS: SUPL_RESPONSE SUPL_POS via H-PS MS MALBA: pos_info Pos_info is now known at MS (and H-PS where applicable) H-PS HALBA: IP_LOC_RESPONSE/REPORT Stage 1 Application Request Yes No No Yes Yes Yes Stage 2 Session Negotiation No Home Roaming Yes Stage 3 Service (Positioning) No No Yes Stage 4 Application Report Stage 5: Canceling Periodic Reporting Yes

  4. In-Scope Countermeasures (1) Stage 1: SUPL_INIT see Outstanding Problems Stage 2: • MSH-PS (SUPL_START/RESPONSE): • Mutual Authentication H-PSUIM • Integrity/Replay + Encrypt • TLS-PSK, fresh key generated in UIM: PSKA? • (Periodic Mode) Association can be restored for SUPL_CANCEL • Association restored for anotherSUPL_START/RESPONSEsession???

  5. In-Scope Countermeasures (2) Stage 3 • MSPDE (SUPL_POS): • Mutual Authentication PDEUIM • Integrity/Replay + Encrypt • TLS-PSK, key gen’d in UIM • Fresh key for each SUPL_POS session? Stage 4: No in-scope countermeasures

  6. In-Scope Countermeasures (3) Stage 5 • MSH-PS (SUPL_CANCEL): • Authentication of UIM by H-PS • Integrity/Replay + Encrypt • TLS-PSK, fresh key gen’d in UIM: • H-PS  MS (SUPL_END): • Authentication of H-PSbyUIM • Integrity/Replay + Encrypt • TLS-PSK, fresh key gen’d in UIM:

  7. Out-of-Scope Countermeasure Requirements (1) Stage 1+4 MS Initiated • LBAMSrequest/response msgs: • Authenticationof LBA by MS • Integrity/Replay + Encrypt Stage 1+4 Network Initiated • LBAH-PS (IP_LOC_REQ/RESP): • Mutual Authentication • Integrity/Replay + Encrypt

  8. Out-of-scope Countermeasure Requirements (2) Stage 2 • H-PSS-PS: PS_REQ/PS_ACK • Mutual Authentication • Integrity/Replay + Encrypt Stage 3 • S-PSH-PS: PS_RESPONSE/PS_REPORT • Mutual Authentication • Integrity/Replay + Encrypt

  9. Out-of-scope Countermeasure Requirements (3) Stage 5: Cancelling Periodic Session • LBA H-PS/MS: Cancel msg • Already authenticated • Integrity/Replay + Encrypt • H-PSS-PS: PS_REQ_CANCEL • Already authenticated • Integrity/Replay + Encrypt

  10. Outstanding Problems (1) Stage 1 MS-Initiated • LBAMSrequest/response msgs: • Authenticationof LBA by H-PS? Stage 1 Network-Initiated • LBAH-PSIP_LOC_REQ/RESP: • Authenticationof LBA by MS? • (Is this REALLY the LBA I wanted)

  11. Outstanding Problems (2) Stage 1 Network-Initiated • H-PSMS (SUPL_INIT): • MS Authenticates H-PS • Integrity/Replay + Encrypt • Problem: not IP based • (Authenticationof LBA by MS?) Stage 2 • H-PSAuthorizesMS+LBA • Any mechanisms required?

  12. Outstanding Problems (3) Stage 4 • H-PSHALBA: IP_LOC_RESP • Integrity/Replay verification byMS? • Is this necessary?

  13. Three TLS sessions? • MSH-PS (SUPL_START/SUPL_RESPONSE): • Mutual Authentication H-PSUIM • Integrity/Replay + Encrypt • TLS-PSK, fresh key generated in UIM • MSPDE (SUPL_POS): • Mutual Authentication PDEUIM • Integrity/Replay + Encrypt • TLS-PSK, key gen’d in UIM • Fresh key for each SUPL_POS session? • MSH-PS(SUPL_CANCEL) or H-PSMS(SUPL_END): • Authentication ofSender • Integrity/Replay + Encrypt • TLS-PSK, fresh key generated in UIM

  14. How? • 1,3: MSH-PS • UIM+H-PS establish fresh Master Key • Initiate TLK_PSK • 2: ?

More Related