3GPP SA3 Interworking Security Issues II

1. 3GPP SA3 Interworking Security Issues II Andrew Myers British Telecommunications 13th July 2004 Andrew Myers, BT

2. Introduction • At the May 2004 meeting, 3GPP – WLAN interworking specific issues were introduction for consideration, discussion and possible development to ensure interoperability with the 3GPP specification from a security perspective. • These fall into 3 Categories • The provision of guidance to implementing the IEEE 802.11 standard. • Consideration for enhancements to the IEEE 802.11 specification. • Creation of liaison statements to be sent to 3GPP requesting enhancements or clarification of the 3GPP WLAN interworking specification where necessary. Andrew Myers, BT

3. Keying Material • The 3GPP specification states that it shall provide the keying material as required by the IEEE 802.11i WLAN specification. • 3GPP are unsure of IEEE 802.11’s detailed requirements for this material in terms of the requested bit length and entropy. • Can 3GPP treat the WLAN as a black box and simply pass in keying material? • Are there any specific 802.11 security requirements that impacts the cellular network? • Can the SG provide this information for 3GPP? • Background information can be found in the Liaison Statement S3-030166 Andrew Myers, BT

4. Link Layer Security • 3GPP does not specify any level of link layer security and permits interoperability to WEP, WPA and 802.11i (WPA2) networks indiscriminately. • These technologies do not provide any indication of security to the user. Also, no decisions are made from a 3GPP network perspective on the link layer security provided by the access network • i.e. a WLAN Access Network is treated as a black box into which 3GPP pass the keys required for link layer encryption. • Can the IEEE provide a view on: • Whether there is a need for indicating a security level to the user • The possible impacts of “support vs. non-support” of a security indicator within a device when requested by a 3GPP network e.g. the 3GPP networks may refuse connection based on network capability Andrew Myers, BT

5. Wa Interface Protection • Network to network issue (AP to Home Network) • Threats on the Wa interface are not clear yet within 3GPP. • 3GPP Wa Definition: The Wa reference point connects the IEEE 802.11 WLAN Access Network, possibly via intermediate networks, to the 3GPP Network. The prime purpose of the protocols crossing this reference point is to transport AAA information in a secure manner. • Background information can be found in slides IEEE 802.11-04/0408r2 • The proposal is for one of the SGs to conduct a threat analysis on the 3GPP Wa interface from IEEE 802.11’s perspective. Andrew Myers, BT

6. Access Control • Access Control related functionality in the network elements of the 3GPP-WLAN interworking reference model provides a number of alternative capabilities or possible configurations. • The alternative capabilities i.e. CAPWAP, may need to be examined in context of the combination of 3GPP and IEEE 802.11’s capabilities and an analysis made of the interoperability issues from a security perspective. Andrew Myers, BT

7. Conclusion • These slides have proposed a number of topic areas that are of interest to 3GPP and hopefully to this SG. • 3GPP require : • Detailed description of keying material • Preferential network selection • Protection analysis of 3GPP Wa interface • How the Indication of WLAN security system works (WEP, WPA, WPA2) • Next steps, generation of liaison to 3GPP, importance to WIEN SG Andrew Myers, BT