©1994-2010ChinaAcademicJournalElectronicPublishingHouse.Allrightsreserved.(2009)09-0027-063GPPLTE/SAE31,1,2,1,2,2(1.,400065;2.,100190):3GPPLTE/SAERelease8,LTE/SAELTE/SAE,LTE/SAE,,LTE,LTE/SAE,LTE/SAE:3GPP;;;;:TN918.91:Adoi:10.3969/j.issn.1001-893x.2009.09.0063GPPLTE/SAESecurityMechanismanditsRealizationinProtocolStackDENGYa-ping1,FUHong1,2,XIEXian-zhong1,ZHANGYu-cheng2,SHIJing-lin2(1.CollegeofComputerScienceandTechnology,ChongqingUniversityofPostsandTelecommunications,Chongqing400065,China;2.InstituteofComputingTechnology,ChineseAcademyofScience,Beijing100190,China)Abstract:BasedontherecentlyreleasedLTE/SAER8standardby3GPP,thesecurityarchitectureofLTE/SAEanditsrealizationmechanisminradioprotocolstackarepresented.Firstly,thesecurityfunctionofLTE/SAEissummarized,thenthesecurityarchitectureandmechanismofSAE/LTEarestudied,andsomedefectsarepointedout.Finally,incombinationwiththeresearchworkonLTEpro2tocolstack,thesecuritymechanismofaccesslayerforLTE/SAEisdesignedandrealized.Thisso2lutionissimpleandisimportantforsecurityofLTE/SAE.Keywords:3GPP;securitymechanism;accessstratum;non-accessstratum;protocolstack15:,,,,,[1]ETSIGSM,,[2]3GPP,GSM,[3][4]723:2009-04-29;:2009-06-15:(90604016)©1994-2010ChinaAcademicJournalElectronicPublishingHouse.Allrightsreserved.(LTE),IP(SAE),,,10,[5]LTE/SAERelease8,,LTE/SAE[6]:(EvolutionPacketSystem,EPS);;;;3GPPLTE/SAE,LTE/SAE,,LTE,LTE/SAE,LTE/SAE2LTE/SAE2.13GPPLTE/SAE,,:(UserEquipment,UE)(MobilityManagementEntity,MME)(HomeSubscriberServer,HSS),UEHSSK,UEHSSSQNmsSQNhss,SQNmsSQNhss0f1f2,f3f4f5s10,[2]3GPPSAE1,AUTN=SQNÝAK||AMF||MAC,AV=(RAND||XRES||KASME||AUTN),RANDHSS,AK=f5(RAND),MAC=f1(SQN||RAND||AMF),XRES=f2(RAND),CK=f3(RAND),IK=f4(RAND),KASMECK,IKs10,||,Ý13GPPSAE3GPPLTE/SAE:(1)MMEMME,HSSIMSI,SNID,;(2)HSSMME,SNID,HSS,,SQNhssRAND,AVMME,MME,UEMME12HSS,2HSS;2(3)MME,,82©1994-2010ChinaAcademicJournalElectronicPublishingHouse.Allrightsreserved.(4)UEMME,AUTNAMF,XMAC,AUTNMAC,AMFXMACMAC,MME,,UERESKASME,KASMECKIKSNIDs10,RESMME34,,;3USIM(5)MMEUERES,RESAVXRES,,KASME,,2.2,UEHSSK,[7]:(1)VLRUEUEHSS;(2)UEVLR;(3)UEVLR,[8,9]:(1)UEHSSVLRUE,UEVLR,;(2),,;(3),IMSI,IMSI,;(4)SQN;(5)UEHSSK,,,,;(6)3GPPLTE/SAERelease8,MMEHSS,,MMEHSS,:(1)UE3GPPLTE/SAE,MMEHSS,(SNID),HSSSNID,HSSMME,UEUE(HN),localSNIDUE,UE,localSNIDMMEUE,IMSI,SNIDHN,SNIDvisitSNID,HSS,,;(2)SQN3GPPLTE/SAE,MMEHSS,UEMMESQNMME,MME,,SQN,3GPPLTE/SAE92©1994-2010ChinaAcademicJournalElectronicPublishingHouse.Allrightsreserved.(Non-accessStra2tum,NAS),UENASMMEUENASUENASKASMEKSIASME,UENASRRCNASNAS,KSIASMEKASMEUENAS,,UENAS,NASMMENASNAS,KSIASMEKASMENAS,ME,MENAS4NAS2.4,,,ENBUE(EvolvedNodeBase,ENB)UE(AccessStratum,AS),UEASENBUEASASKSIASME,RRC,RRCKASME,KASMEKSIASMEUEENBASASRRC,RRCKASMEAS,ME,MEAS5AS3UEUEEPC,UEMMEKASME,MME,,KASMEKNASencKNASint,LTE(PacketDataConvergeProtocol,PDCP),PDCP(RadioResourceControl,RRC)RRC[10]UERRCRRC,UE,03©1994-2010ChinaAcademicJournalElectronicPublishingHouse.Allrightsreserved.(EvolvedEncryptionArithmetic,EEA)4bitUEENBRRC128-EEA0128-EEA1128-EEA21EPS00002128-EEA000012128-EEA1SNOW3G00102128-EEA2AES6PDCP,EEA,,,(PacketDataUnit,PDU)MAC-I,PDU,PDU,,,,PDUBEARER(RB,8bit),DIRECTION(0,1,1bit),KEY(,128bit),LENGTH(,32bit),COUNT6PDCPRRC,UEENBRRCPDCP,PDCP,LTE/SAE128bit,EPS(EvolvedIntegrali2tyArithmetic,EIA)4bit,UEeNBRRC128-EIA1128-EIA22EPS00012128-EIA1SNOW3G00102128-EIA2AES7PDCP,MAC_I,XMAC-IPDU,mac_ixmac_i,,KEYRRCRRC,,PDUBEARER(RB)DIRECTION(0,1)KEY()COUNT7PDCP3GPPLTE/SAE,,,,,LTE/SAE4,3GPPLTE/SAERelease8,LTE/SAERelease8,3GPPLTE/SAE,,3GPPLTE13©1994-2010ChinaAcademicJournalElectronicPublishingHouse.Allrightsreserved.:[1]GSMTechnicalSpecification02.09,SecurityAspects[S].[2]3GPPTS33.102V8,3rdGenerationPartnershipPro2ject;TechnicalSpecificationGroupServicesandSys2temAspects;3GSecurity;Securityarchitecture[S].[3],,.3G[J].,2005,8(8):1328-1332.[4]JuangWen-Shen,WuJing-Lin.Efficient3GPPAu2thenticationandKeyAgreementWithRobustUserPri2vacyProtection[C]//ProceedingofWCNC2007.HongKong:IEEE,2007:2551-2556.[5].[J].,2006,22(6):29-33.[6]3GPP.TS33.401V8,3rdGenerationPartnershipPro2ject;TechnicalSpecificationGroupServicesandSystemAspects;3GPPSystemArchitectureEvolution(SAE);Securityarchitecture[S].[7],,.3G[J].,2002,5(5):23-26.[8],,.3GPPAKA[J].,2008,48(11):19-23.[9]ZhangM,FangY.SecurityAnalysisandEnhance2mentsof3GPPAuthenticationandKeyAgreementProtocol[J].IEEETransactionsonWirelessCommu2nications,2005,4(2):734-742.[10]3GPP.TS36.323V8,3rdGenerationPartnershipPro2ject;TechnicalSpecificat