U.S. patent application number 10/746985 was filed with the patent office on 2004-12-02 for method for processing security message in mobile communication system.
This patent application is currently assigned to LG Electronics Inc.. Invention is credited to Chun, Sung Duck, Lee, Young Dae, Yi, Seung June.
Application Number | 20040242195 10/746985 |
Document ID | / |
Family ID | 36167036 |
Filed Date | 2004-12-02 |
United States Patent
Application |
20040242195 |
Kind Code |
A1 |
Chun, Sung Duck ; et
al. |
December 2, 2004 |
Method for processing security message in mobile communication
system
Abstract
Disclosed is a method for processing security message in mobile
communication system. The present invention provides a method of
securing integrity protection for a received security message and
includes the steps of receiving the security message, storing
previous security-relating variables, carrying out security check
on the security message, discarding or processing the security
message according to a result of the security check, and updating
the security-relating variables. Accordingly, the present invention
enables to carry out integrity check by storing the
security-relating variables previously even if the security message
itself is discarded.
Inventors: |
Chun, Sung Duck; (Seoul,
KR) ; Yi, Seung June; (Seoul, KR) ; Lee, Young
Dae; (Gyeonggi-do, KR) |
Correspondence
Address: |
LEE, HONG, DEGERMAN, KANG & SCHMADEKA, P.C.
801 SOUTH FIQUEROA STREET
14TH FLOOR
LOS ANGELES
CA
90017
US
|
Assignee: |
LG Electronics Inc.
|
Family ID: |
36167036 |
Appl. No.: |
10/746985 |
Filed: |
December 23, 2003 |
Current U.S.
Class: |
455/410 |
Current CPC
Class: |
H04W 12/10 20130101;
H04W 12/037 20210101; H04W 88/02 20130101; H04L 63/123
20130101 |
Class at
Publication: |
455/410 |
International
Class: |
H04M 001/68 |
Foreign Application Data
Date |
Code |
Application Number |
Feb 11, 2003 |
KR |
2003-8512 |
Claims
What is claimed is:
1. A method for processing security message in mobile communication
system, comprising the steps of: receiving the security message;
storing previous security-relating variables; carrying out security
check on the security message; discarding or processing the
security message according to a result of the security check; and
updating the security-relating variables.
2. The method of claim 1, wherein the security check is integrity
check.
3. The method of claim 2, the integrity check comprising the steps
of: performing an integrity check algorithm by receiving the
security-relating variables; and comparing an authentication code
calculated by performing the integrity check algorithm to a
received authentication code transmitted from a transmitting
party.
4. The method of claim 3, the step of discarding or processing the
security message is carried out in a manner that the security
message is processed if the received authentication code is equal
to a message authentication code transmitted from the transmitting
party or that the security message is discarded if the received
authentication code is not equal to the message authentication
code.
5. The method of claim 1, wherein the step of updating the
security-relating variables is carried out in a manner that the
stored security-relating variables are restored if the security
message is discarded or that the security-relating variables
included in the received security message are updated into new
security-relating variables if the security message is
processed.
6. The method of claim 1, wherein the security message is an RRC
(radio resource control) message.
7. The method of claim 1, wherein the security message is a
signaling message.
Description
[0001] This application claims the benefit of the Korean
Application No. P2003-08512 filed on 3 Feb., 2003, which is hereby
incorporated by reference.
BACKGROUND OF THE INVENTION
[0002] 1. Field of the Invention
[0003] The present invention relates to a message processing method
applied to mobile communication, and more particularly, to a method
for processing a security message in a RRC layer.
[0004] 2. Discussion of the Related Art
[0005] UMTS (universal mobile telecommunications system) includes
UE (user equipment), UTRAN (UMTS terrestrial radio access network),
and CN (core network). Moreover, the UTRAN comprises a plurality of
RNSs (radio network subsystems). Each of the RNS comprises RNC
(radio network controller) and a plurality of Node Bs managed by
the RNC. A Node B receives uplink signals transmitted from UE and
transmits downlink signals to the UE. The RNC takes charge of
allocation and management of radio resource, and plays a role of an
access point to connect the Node Bs to the CN. Each UE connected to
the UMTS is managed by a specific RNC in the UTRAN, and the
specific RNC is called SRNC (serving RNC).
[0006] The UTRAN configures, maintains, and manages RABs (radio
access bearers) for the communications between the UE and the CN.
The CN applies end-to-end QoS (quality of service) requirements to
the RAB, and the RAB supports QoS requirements set up by the CN.
The UTRAN therefore configures, maintains, and manages the RAB,
thereby enabling to meet the end-to-end QoS requirements.
[0007] A radio interface protocol vertically comprises a physical
layer, a data link layer, and a network layer and horizontally
comprises a user plane for providing data information and a control
plane for providing signaling. The protocol layers are grouped into
L1 (layer 1), L2 (layer 2), and L3 (layer 3) based on three lower
layers of an OSI (open system interconnection) reference model. The
L1 provides upper layers with information transfer service using
various radio transmission techniques. And, the L1 is connected to
a MAC (medium access control) layer of the upper layers via
transport channels.
[0008] A RLC layer supports data transmission reliably and carries
out segmentation and concatenation on RLC SDUs (service data units)
transferred from the upper layers. The RLC SDUs transferred from
the upper layers are divided into RLC data units that can be
processed in the RLC layer, and header information is added to the
divided RLC data units to transfer to the MAC layer as a form of
PDU (protocol data unit).
[0009] A PDCP (packet data convergence protocol) layer is disposed
over the RLC layer. The PDCP layer makes data, which is transferred
through the network protocol, be transmitted efficiently over a
radio interface of which bandwidth is relatively narrow. A BMC
(broadcast/multicast control) layer schedules UEs to which a CB
(cell broadcast) message transferred from the CN will be
transmitted, and transfers the CB message to the corresponding UEs
located in specific cell(s) on the basis of the scheduling.
[0010] On request from higher layers, A RRC (radio resource
control) layer controls transport and physical channels to perform
the establishment, reconfiguration, and release of RBs (radio
bearers). In this case, the RB means a service provided by the L2
for data transfer between the UE and UTRAN.
[0011] Meanwhile, various channels for receiving/transmitting data
are defined between the UEs and the UTRAN to use. Data are sent and
received between the PHY layer of UE and that of the UTRAN using
the physical channel. In addition to physical channel, data
transport paths between the protocol layers are defined as
transport and logical channels in the radio access network of the
UMTS. The logical channels are provided for data exchange between
the RLC and MAC layer, while the transport channels are provided
for data exchange between the MAC and PHY layer. Mapping between
transport channels is performed in the MAC layer, while another
mapping between the transport and physical layers is performed in
the physical layer.
[0012] Various kinds of messages are received/transmitted between
the terminal and UTRAN. `Security check` is mostly carried out to
protect data contained in the messages. Such `security check`
includes `ciphering` and `integrity check`.
[0013] The ciphering adds a specific mask, which is known to both
of transmitting and receiving parties only, to a message so that a
third party failing to know the mask is unable to recognize the
contents of the message.
[0014] And, the integrity check is used for checking whether an
unauthorized third party has altered the contents of the message or
whether the transmission is made by an unauthenticated party.
Namely, the integrity check is performed for integrity protection
and is a procedure required for checking whether the contents of
the received message are intentionally and previously changed by
the third party.
[0015] In the UMTS, the ciphering and the integrity check are
simultaneously carried out on most of the messages transferred to
the RRC layer and most of the control messages transmitted to the
upper layers of the RRC layer. And, the ciphering is carried out on
other general user data only. Such integrity check can be carried
out in the RRC layer.
[0016] Thus, if the message of which contents are changed by the
third party between the transmitting and receiving parties is
received, or in order to filter a message transmitted from the
unauthenticated transmitting party, the receiving party carries out
the integrity check on the received message. Hence, the received
message is normally processed or discarded according to whether the
received message passes the integrity check or not.
[0017] For instance, one of the received messages may be a security
setup control message. In connection between the UE and the network
(ex. UTRAN), the security setup control message is used for
initiating to secure messages that will be transmitted thereafter.
Moreover, the security setup control message can be used for
controlling security-relating environment variables that are used
for the connection on which the security process has been carried
out.
[0018] Information, which is related to controlling the
security-relating environment variables, among the contents
contained in the security setup control message is called
security-relating environment setup information. Yet, the
security-relating information contained in the security setup
control message itself can be changed by the unauthenticated third
party or can be transmitted by the unauthenticated transmitting
party, whereby it is unable to rely on such security-relating
information.
SUMMARY OF THE INVENTION
[0019] Accordingly, the present invention is directed to a method
for processing a security message in mobile communication system
that substantially obviates one or more problems due to limitations
and disadvantages of the related art.
[0020] An object of the present invention is to provide a security
setup control message processing method including security check of
a security message itself.
[0021] Additional advantages, objects, and features of the
invention will be set forth in part in the description which
follows and in part will become apparent to those having ordinary
skill in the art upon examination of the following or may be
learned from practice of the invention. The objectives and other
advantages of the invention may be realized and attained by the
structure particularly pointed out in the written description and
claims hereof as well as the appended drawings.
[0022] To achieve these objects and other advantages and in
accordance with the purpose of the invention, as embodied and
broadly described herein, a method for processing security message
in mobile communication system according to the present invention
includes the steps of receiving the security message, storing
previous security-relating variables, carrying out security check
on the security message, discarding or processing the security
message according to a result of the security check, and updating
the security-relating variables.
[0023] The present invention is characterized in that the security
check of the security message itself is performed to secure
integrity protection.
[0024] It is to be understood that both the foregoing general
description and the following detailed description of the present
invention are exemplary and explanatory and are intended to provide
further explanation of the invention as claimed.
BRIEF DESCRIPTION OF THE DRAWINGS
[0025] The accompanying drawings, which are included to provide a
further understanding of the invention and are incorporated in and
constitute a part of this application, illustrate embodiment(s) of
the invention and together with the description serve to explain
the principle of the invention. In the drawings:
[0026] FIG. 1 illustrates a flowchart of a general message
processing method;
[0027] FIG. 2 illustrates a flowchart of a method for processing a
security setup control message according to a first embodiment of
the present invention;
[0028] FIG. 3 illustrates a flowchart of a method for processing a
security setup control message according to a second embodiment of
the present invention;
[0029] FIG. 4 illustrates a diagram of one embodiment representing
COUNT-I in security-relating environment variables; and
[0030] FIG. 5 illustrates a diagram for explaining one embodiment
of generating an authentication value in integrity check.
DETAILED DESCRIPTION OF THE INVENTION
[0031] Reference will now be made in detail to the preferred
embodiments of the present invention, examples of which are
illustrated in the accompanying drawings. Wherever possible, the
same reference numbers will be used throughout the drawings to
refer to the same or like parts.
[0032] FIG. 1 illustrates a flowchart of a general message
processing method.
[0033] Referring to FIG. 1, UE (user equipment) firstly receives a
general message (S11) and then carries out integrity check on it
(S12). In accordance with a result of the integrity check, the
message is normally processed or discarded. Namely, if the message
passes the integrity check, it is normally processed (S13) If the
message fails to pass the integrity check, it is discarded since
there exists a security problem (S14).
[0034] FIG. 2 illustrates a flowchart of a method for processing a
security setup control message according to a first embodiment of
the present invention.
[0035] Referring to FIG. 2, UE (user equipment) receives a security
setup control message (S21). And, security-relating environment
variables are updated using security-relating environment setup
information contained in the received security setup control
message (S22). The UE (ex. terminal) carries out security check on
the security setup control message itself using the updated
security-relating environment variables (S23). The security check
includes integrity check. If the security setup control message
passes the integrity check, the message is normally processed
(S24). Yet, if the security setup control message fails to pass the
integrity check, the message is judged as abnormal so that the
received security setup control message is discarded (S25).
Moreover, it is unable to rely on the security-relating environment
setup information included in the security setup control message.
Hence, it is unable to use the security-relating environment setup
information.
[0036] In the first embodiment of the present invention, once a
receiving party receives the security setup control message, the
previously set security-relating environment variables are updated
with the security-relating environment setup information included
in the message, and the previous security-relating environment
variables are discarded. Hence, the security-relating environment
variables of the receiving party do not coincide with those of a
transmitting party anymore, it is unable to further exchange
messages, and the receiving party cannot be provided with further
requested services.
[0037] FIG. 3 illustrates a flowchart of a method for processing a
security setup control message according to a second embodiment of
the present invention.
[0038] Referring to FIG. 3, a method For processing a security
setup control message is carried out in a following manner.
[0039] First of all, UE (user equipment) receives a security setup
control message (S31). Before the UE carries out security check on
the security setup control message itself, security-relating
environment variables which were previously set are temporarily
stored (S32). And, the security-relating environment variables are
updated using security-relating environment setup information
included in the received security setup control message (S33).
[0040] The UE (ex. terminal) carries out security check on the
security setup control message itself using the updated
security-relating environment variables (S34). And, the security
check includes integrity check. If the security setup control
message passes a result of the integrity check, the temporarily
stored security-relating environment variables are deleted (S35).
Thereafter, security check is carried out on messages received
later using the updated security-relating environment variables and
the message is normally processed (S36).
[0041] However, if the security setup control message fails to pass
the integrity check, it is handled such that the security setup
control message is not received. Namely, if it is judged that the
message is abnormal, the received security setup control message is
discarded (S37). Moreover, the security-relating environment setup
information included in the security setup control message cannot
be used since it is not reliable. Thus, in case that the security
setup control message is unable to pass the security check, the
security setup control message is discarded as well as the
temporarily stored security-relating environment variables are
restored (S38). And, messages received later are processed using
the restored security-relating environment variables.
[0042] In accordance with the second embodiment of the present
invention, even if the message of which contents are changed in the
middle of transmission from the UTRAN to UE is received, or even if
the security setup control message provided from an unauthenticated
party is received, it is able to maintain the security-relating
environment variables to be equal to those of the terminal using
the previously set security-relating environment variables by
storing and restoring them. Hence, if the security-relating
environment setup variables are deleted instead of being stored, it
is able to prevent the case that the message cannot be processed
later due to the difference between the security-relating
environment variables of the UE and the UTRAN.
[0043] A method of performing the integrity check is explained in
detail as follows. For such explanation, parameters required for
performing the integrity check are explained. In order to perform
the integrity check, required are such parameters as IK (integrity
key), COUNT-I, MESSAGE, DIRECTION (direction identifier, 1 bit),
and FRESH.
[0044] FIG. 4 illustrates a diagram of one embodiment representing
COUNT-I in security-relating environment variables.
[0045] COUNT-I is one of security-relating environment variables.
Namely, the COUNT-I is a value corresponding to a sequence number
for integrity check.
[0046] Referring to FIG. 4, the COUNT-I includes a pair or areas.
One area of the two includes RRC HFN (hyper frame number) of 28
bits, while the other area of the two includes RRC SN (sequence
number) of 4 bits.
[0047] A procedure of updating the security-relating environment
variables is carried out in a manner that HFN as a value of upper
28 bits of the COUNT-I is reset. Namely, the reset HFN may be a
START value transmitted recently by a terminal, 0, or a specific
value. And, UE carries out security check on the received security
setup control message using the updated security-relating
environment variables.
[0048] The IK among the parameters for performing the integrity
check indicates an integrity key, which is generated from an
authentication procedure in an upper layer of the RRC layer to have
the RRC layer be informed of. A value of the IK is not transmitted
via a radio interface, but the upper layer of the RRC layer in the
terminal and a network (ex. UTRAN) calculate values of the IK to
use based on specific input values, respectively.
[0049] A value of the START is read from an SIM card when the
terminal initiates connection between RRC layers of the UTRAN and
the terminal, and is transmitted to the UTRAN. The value of the
START, which is included in a message transmitted from the upper
layer of the RRC layer of the terminal, may be transmitted to the
UTRAN. While the connection between the RRC layers of the UTRAN and
terminal is activated, the value of the START is defined as the
greatest number of upper 20 bits of the currently used values of
the COUNT-I or COUNT-C (which is used for ciphering and plays a
role similar to the COUNT-I) And the value of the START currently
used between the RRC layers of the terminal and UTRAN is stored in
the SIM card when the connection between the RRC layers of the
terminal and UTRAN ends.
[0050] The MESSAGE means a message which is transmitted itself. The
DIRECTION is a direction discriminator and its value varies in
accordance with uplink or downlink. The DIRECTION can be set as `0`
or `1` on uplink or downlink. The FRESH is a value given to each
terminal independently, and is a value that UTRAN transmits to UE
on an initial state of the RRC connection. Namely, the value of the
FRESH is an arbitrary number that UTRAN transmits to UE, which is
for securing the security of the UTRAN from the terminal reusing
the values of the COUNT-I and MAC-I in a manner that UTRAN provides
UE with a new value every RRC connection. A value of the MAC-I
(message authentication code-I) is a message authentication code
calculated using UIA (UMTS integrity algorithm) with
security-relating environment values, which is an integrity
checksum inserted in RRC PDU.
[0051] If there is no procedure of updating the value of the FRESH,
a security invader easily makes the security of UTRAN vulnerable by
requesting that the value of the START that will be used as an
upper value of the COUNT-I should be set into a very small value
when new connection between RRC layers is requested and then by
using a pair of vales of the SN and MAC-I which was used for the
previous connection between the RRC layers. Yet, such vulnerability
of the security can be prevented by assigning a new value of the
FRESH in UTRAN whenever the connection between RRC layers is newly
established.
[0052] FIG. 5 illustrates a diagram for explaining one embodiment
of generating an authentication value in integrity check, in which
`f9` is a standardized integrity check authentication generation
algorithm adopted by 3GPP.
[0053] Referring to FIG. 5, UTRAN and terminal use values of the
parameters as input values, thereby generating values of MAC-I and
XMAC-I using such an algorithm as `f9`. The MAC-I is an integrity
check authentication value generated from the UTRAN, and the XMAC-I
is an integrity check authentication value generated from the
terminal. If all input values of the UTRAN and terminal are equal
to each other, the values of the MAC-I and XMAC-I generated from
the procedure of FIG. 3 will be equal to each other. Yet, if the
message is changed in the middle of processing, input values of
MESSAGE of receiving and transmitting parties are different from
each other so that the value of the XMAC-I is not equal to that of
the MAC-I.
[0054] Hence, if the values of the MAC-I and XMAC-I are not equal
to each other as a result of comparison, the terminal judges that
contents of the received security setup control message are
intentionally changed during transmission or that the received
security setup control message is transmitted from an
unauthenticated party. In such a case the security setup control
message is judged as invalid, thereby failing to pass the integrity
check. UTRAN changes a portion of the input values used for the
procedure in FIG. 3 whenever sending a new message. And, the UTRAN
generates a new MAC-I each time using the partial change of input
values. This is performed to prevent that an unauthorized party
reuses the value of the MAC-I to pass the integrity check.
[0055] For this, the UTRAN increases the SN value of the COUNT-I by
increment of `1` whenever sending a message. As mentioned in the
foregoing description, the SN value constructs lower 4 bits of the
COUNT-I. Being 4 bits, the SN value can have values ranging between
0.about.15 and sequentially increases by `1` from `0`. Once the SN
value becomes `15`, the next SN value becomes `0` and then
increases by the increment of `1` again. Thus, HFN corresponding to
upper value of the COUNT-I value is increased by `1` whenever the
SN becomes back to `0` from 15.
[0056] Hence, such a method brings about the effect that the
COUNT-I increases by `1` each time, whereby the input values are
changed in part in a ciphering authentication value calculation
procedure.
[0057] Meanwhile, if the terminal recognizes the SN value of the
received message and judges that the SN value has completed one
cycle, the terminal increases its HFN value by `1`. Thus, the
COUNT-I can coincide with that of the transmitting party. If such a
method is used, the terminal and UTRAN can have the same COUNT-I
information even if SN information is sent only. Besides, security
information leakage, which may occur when the entire COUNT-I is
sent, to a third party can be prevented. Hence, UTRAN enables the
receiving party to accurately calculate the XMAC-I value as well as
adds the SN value as lower value of the COUNT-I to the message of
each message transmission to prevent the unauthorized third party
from passing the integrity check. And, the LMAC-I value, which will
be used as a reference for the terminal to perform the integrity
check, is added to the message to transmit.
[0058] Once UE receives the security setup control message, it is
necessary to perform the security check of the SN value. For this,
UE manages its local parameter SN only using the SN values received
so far. If the SN value transmitted together with the security
setup control message is equal to the local parameter SN value of
the terminal, it can be assumed that a third party sends the
message using the same security information of the transmitting
party or that the same message is transmitted again from the
authenticated UTRAN. In such a case, the terminal immediately
discards the security setup control message.
[0059] The terminal configures COUNT-I using the SN value received
together with the security setup control message and calculates
XMAC-I using the parameters set previously in COUNT-I and UE. The
parameters set previously in UE include MESSAGE, DIRECTION,
FRESH.
[0060] By comparing the MAC-I value transmitted together with the
security setup control message to the XMAC-1 value calculated by
UE, the UE performs the integrity check of the security setup
control message.
[0061] Once the received security setup control message passes the
integrity check, the receiving party stores the SN value included
in the message in the local parameter SN and uses it for the SN
value check of the next message.
[0062] Accordingly, the method according to the present invention
is implemented as a program and can be stored in recording media
(CD ROM, floppy disk, hard disk, optical magnetic disk, etc.) as a
form that can be read by computer. Such a process is apparent to
those skilled in the art, whereby its explanation is skipped in
this description.
[0063] It will be apparent to those skilled in the art that various
modifications and variations can be made in the present invention.
Thus, it is intended that the present invention covers the
modifications and variations of this invention provided they come
within the scope of the appended claims and their equivalents.
* * * * *