UMTS接入安全的研究与改进
摘要
移动通讯的发展正影响着无线通讯的未来。然而,无线接入固有的安全缺陷和移动性带来的安全高风险使第三代移动通信系统面临着严重的安全威胁。支持更高接入速率的高级网络组织结构和满足任何时间任何地点接入的复杂网络拓扑结构也会增加潜在攻击的数量和强度。
在UMTS网络中,用户可以通过自己的移动终端获取许多新的服务,而网络接入安全是所有这些服务的基础。本文首先概括性的介绍了目前移动通信网络的安全现状,指出位于移动设备UE和UMTS地面无线接入网UTRAN空中接口是安全的薄弱环节,容易受到攻击,然后阐述了研究接入安全协议的形式化分析工具,BAN逻辑的使用方法,详细介绍了接入安全协议的运行过程,运用BAN逻辑对协议进行分析,发现其中的缺陷,并提出改进的方案。最后依据测试规程,针对目前的商用设备进行测试,发现其中的不足,提出改进的措施。
The development of mobile communication play a significant role on the future of wireless communication.Otherwise The 3rd mobile communication system is confronting a serious security threaten for the nature flaw of wireless access and high risk of mobile.The advanced network architecture,which supporting high access rating,and the complicated network framework,which guaranteeing users to access the network at any time in any place,both will increase the amount and the intensity of attack.
In UMTS network,users can achieve many new services through their mobile stations.The network access security is the base of the services.This article first intruduce the current security situation of mobile communication network,point out that the air interface between the user equipment and UMTS radio access network is the weak point of security chain and is tended to be attacked. This article then describles the tool for analysing access security protocol,BAN logic,introduces the running process of the protocol,analyse the protocol by means of BAN logic,then table the scheme for the flaw detected.At last based on the test regulation,testing the commercial system.
在UMTS网络中,用户可以通过自己的移动终端获取许多新的服务,而网络接入安全是所有这些服务的基础。本文首先概括性的介绍了目前移动通信网络的安全现状,指出位于移动设备UE和UMTS地面无线接入网UTRAN空中接口是安全的薄弱环节,容易受到攻击,然后阐述了研究接入安全协议的形式化分析工具,BAN逻辑的使用方法,详细介绍了接入安全协议的运行过程,运用BAN逻辑对协议进行分析,发现其中的缺陷,并提出改进的方案。最后依据测试规程,针对目前的商用设备进行测试,发现其中的不足,提出改进的措施。
The development of mobile communication play a significant role on the future of wireless communication.Otherwise The 3rd mobile communication system is confronting a serious security threaten for the nature flaw of wireless access and high risk of mobile.The advanced network architecture,which supporting high access rating,and the complicated network framework,which guaranteeing users to access the network at any time in any place,both will increase the amount and the intensity of attack.
In UMTS network,users can achieve many new services through their mobile stations.The network access security is the base of the services.This article first intruduce the current security situation of mobile communication network,point out that the air interface between the user equipment and UMTS radio access network is the weak point of security chain and is tended to be attacked. This article then describles the tool for analysing access security protocol,BAN logic,introduces the running process of the protocol,analyse the protocol by means of BAN logic,then table the scheme for the flaw detected.At last based on the test regulation,testing the commercial system.
引文
[1] 李婧,刘正军,谭水英 ·UMTS 接入安全研究·信息安全与通信保密·2004 (1):40-42
[2] 中兴通讯股份有限公司·移动通信基本知识·第一版·深圳:中兴通讯股份有限公司,1999
[3] Christian Barnes · Hack Proofing Your Wireless Network · Second Edition · United States of American: Syngress Media, 2002
[4] 束妮娜,王亚弟·密码协议的形式化分析·计算机应用研究·2001 (1):113-116
[5] 范红,冯登国·安全协议理论与方法·第一版·北京:科学出版社,2003
[6] 许剑卓,戴英侠,左英男·类BAN 逻辑基本模型及缺陷·软件学报·2000 (11):1660-1665
[7] the 3rd Generation Partnership Project· Gerneral Packet Radio Service · Stage2 · France: Global System For Mobile Communication, 2003
[8] Global System For Mobile Communication·Mobile Station - Serving GPRS Support Node Logic Link Control Layer Specification ·Stage2·France: Global System For Mobile Communication, 2001
[9] the 3rd Generation Partnership Project · Mobile Application Part Specification · Stage2· France: Global System For Mobile Communication, 2003
[10] the 3rd Generation Partnership Project· Serving GPRS Support Node - Visitors Location Register; Gs Interface Network Service Specification ·Stage2 ·France: Global System For Mobile Communication, 2002
[11] the 3rd Generation Partnership Project · GPRS Tunnelling Protocol across the Gn and Gp Interface· Stage2 · France: Global System For Mobile Communication, 2003
[12] the 3rd Generation Partnership Project · Security Architecture · Stage2 · France: Global System For Mobile Communication, 2003
[13] the 3rd Generation Partnership Project ·Security Threats and Requirements ·Stage2 · France: Global System For Mobile Communication, 2003
[14] the 3rd Generation Partnership Project· Mobile Radio Interface Layer3 Specification · Stage2 · France: Global System For Mobile Communication, 2001
[15] the 3rd Generation Partnership Project · 3G Security, Security Principles and Objectives · Stage2 · France: Global System For Mobile Communication, 2000
[16] the 3rd Generation Partnership Project · Specification of the 3GPP confidentiality
and integrity algorithms ·Stage2 ·France: Global System For Mobile Communication,2003
[17] the 3rd Generation Partnership Project · Vocabulary for 3GPP Specifications · Stage2 · France: Global System For Mobile Communication, 2003
[18] the 3rd Generation Partnership Project · Architecture Requirements for Release 99 · Stage2 · France: Global System For Mobile Communication, 2003
[19] the 3rd Generation Partnership Project · Security Mechanisms for the SIM application toolkit·Stage2 ·France: Global System For Mobile Communication, 2002
[20] the 3rd Generation Partnership Project · Specification of the 3GPP confidentiality and integrity algorithms ·Stage2 ·France: Global System For Mobile Communication, 2002
[21] the 3rd Generation Partnership Project · USIM Application Toolkit · Stage2 · France: Global System For Mobile Communication, 2003
[22] the 3rd Generation Partnership Project · RRC Protocol Specification · Stage2 · France: Global System For Mobile Communication, 2003
[2] 中兴通讯股份有限公司·移动通信基本知识·第一版·深圳:中兴通讯股份有限公司,1999
[3] Christian Barnes · Hack Proofing Your Wireless Network · Second Edition · United States of American: Syngress Media, 2002
[4] 束妮娜,王亚弟·密码协议的形式化分析·计算机应用研究·2001 (1):113-116
[5] 范红,冯登国·安全协议理论与方法·第一版·北京:科学出版社,2003
[6] 许剑卓,戴英侠,左英男·类BAN 逻辑基本模型及缺陷·软件学报·2000 (11):1660-1665
[7] the 3rd Generation Partnership Project· Gerneral Packet Radio Service · Stage2 · France: Global System For Mobile Communication, 2003
[8] Global System For Mobile Communication·Mobile Station - Serving GPRS Support Node Logic Link Control Layer Specification ·Stage2·France: Global System For Mobile Communication, 2001
[9] the 3rd Generation Partnership Project · Mobile Application Part Specification · Stage2· France: Global System For Mobile Communication, 2003
[10] the 3rd Generation Partnership Project· Serving GPRS Support Node - Visitors Location Register; Gs Interface Network Service Specification ·Stage2 ·France: Global System For Mobile Communication, 2002
[11] the 3rd Generation Partnership Project · GPRS Tunnelling Protocol across the Gn and Gp Interface· Stage2 · France: Global System For Mobile Communication, 2003
[12] the 3rd Generation Partnership Project · Security Architecture · Stage2 · France: Global System For Mobile Communication, 2003
[13] the 3rd Generation Partnership Project ·Security Threats and Requirements ·Stage2 · France: Global System For Mobile Communication, 2003
[14] the 3rd Generation Partnership Project· Mobile Radio Interface Layer3 Specification · Stage2 · France: Global System For Mobile Communication, 2001
[15] the 3rd Generation Partnership Project · 3G Security, Security Principles and Objectives · Stage2 · France: Global System For Mobile Communication, 2000
[16] the 3rd Generation Partnership Project · Specification of the 3GPP confidentiality
and integrity algorithms ·Stage2 ·France: Global System For Mobile Communication,2003
[17] the 3rd Generation Partnership Project · Vocabulary for 3GPP Specifications · Stage2 · France: Global System For Mobile Communication, 2003
[18] the 3rd Generation Partnership Project · Architecture Requirements for Release 99 · Stage2 · France: Global System For Mobile Communication, 2003
[19] the 3rd Generation Partnership Project · Security Mechanisms for the SIM application toolkit·Stage2 ·France: Global System For Mobile Communication, 2002
[20] the 3rd Generation Partnership Project · Specification of the 3GPP confidentiality and integrity algorithms ·Stage2 ·France: Global System For Mobile Communication, 2002
[21] the 3rd Generation Partnership Project · USIM Application Toolkit · Stage2 · France: Global System For Mobile Communication, 2003
[22] the 3rd Generation Partnership Project · RRC Protocol Specification · Stage2 · France: Global System For Mobile Communication, 2003