Course Number: 6032
Length: 3 Days
College Credits: 15
Having completed this course the participant will be able to understand how security is implemented, deployed and managed in GSM, EGPRS, UMTS, HSPA/HSPA+ and LTE networks, understand security concepts, understand the benefits of new security techniques applied and how they are implemented.
Who Should Attend
Anyone who is interested in an in-depth knowledge of the security in the HSPA/HSPA+ and LTE family of wireless networks. The course is essential for network security & wireless specialists, operators and manufacturers, wireless network researcher, academics, security professionals, researchers and consultants.
Objectives
The goal of this course is to give the participant a strong and intuitive understanding of what security in the wireless systems is and how the security functions are implemented in HSPA/HSPA+ and LTE radio and core network. The course focuses both on the air interface and the enhanced core network.
Outline
oVERVIEW OF SECURITY CONCEPTS
- Basic security concepts
- Authentication
- Privacy
- Integrity
- Authorization
- Non-repudiation
Encryption
- Encryption Technologies
- Cryptography Keys
- Symmetric and Asymmetric
- Ciphers
- Cipher Suites
- Certificates
Overview of Wireless Security Requirements
- Wireless security needs
- Basic GSM, GPRS, UMTS and LTE security functions
GSM, EGPRS, UMTS/HSPA/HSPA+ and LTE Security Framework
- GSM, EGPRS and UMTS/HSPA/HSPA+ and LTE Security Functions
- GSM Security Review
- GPRS Security Review
- UMTS Security Overview
- LTE Security Overview
- Ciphering, Authentication and Authorization Procedures
- RAN Security
- Core Network Security
- Lawful Intercepttion (LI)
- Mobile Application Part Security
- MAPsec overview
UMTS Security Architecture
- GSM, EGPRS Security Architecture
- UMTS and HSPA/HSPA+ security features
- Network access mechanisms
- UMTS authentication and authorization procedures
- Key agreement
- Local authentication
- UMTS ciphering procedures
- Security threats to UMTS and LTE
Security in UTRAN
- Typical threats in UTRAN
- Mutual authentication
- Cryptography for authentication
- UTRAN encryption
- Integrity protection of RRC signalling
Security in UMTS Core Network
- Typical Threats in Core Network
- Denial of Services
- IPSec
- Authentication Server
- Network Domain
- MAP application layer security
Authentication and Key Management (AKA)
- Authentication parameters
- AV and K
- RAND
- SQN and AK
- AMF and MAC
- CK and IK
- RES and X-RES
- AUTN and AUTS
- Normal AKA procedure
- AKA procedure in the AuC
- AKA procedure in the USIM
- AKA procedure in the VLR/SGSN
AKA Algorithms
- AKA Functions with their outputs
- Cryptographic functions and algorithms
- Key generating functions
- Authentication parameters
- Integrity function
- Confidentiality function
- f0, f1 and f1*
- f2, f3 and f4
- f5, f5*, f8 and f9
LTE (Long Term Evolution) Security
- Security procedures performed within the Evolved Packet System (EPS)
- Evolved Packet Core (EPC)
- Evolved UTRAN (E-UTRAN)
- LTE/SAE and Home (e)NB Security
- System Architecture Evolution (SAE) Security Architecture
- Authentication and Key Agreement
- HSS Authentication Data and MME
- Overview of Diameter Protocol
- Challenge-response Authentication and Key Agreement Procedure between MME and UE
- Confidentiality and Integrity of Signaling
- User Plane Confidentiality
- Cryptographic Network Separation
- Home (e) Node B security
- Threats
- Countermeasures
- Security Performance Measurements
- Managing Mobile App Security
LTE Security Procedures
- Security Procedures between UE and EPC Network Elements
- Security Procedures between UE and EPC Access Network Elements
- Security mechanisms for non-access stratum signaling
- Security interlocking between E-UTRAN and UTRAN
- Security interworking between E-UTRAN and GERAN