تجزیه و تحلیل مدیریت کلیدی LTE به وسیله کلید های متن

Handover key management in mobile wireless networks targets to minimize the effects of a possible key compromise in the access points. We describe and analyze how the new 3GPP Long Term Evolution (LTE) security architecture and handover keying management fulfills this target. We discuss possible LTE handover key management enhancements and implementation alternatives without losing interoperability over the air interface. We have chosen to compare it with our session keys context concept to see what the strengths in both are to get some perspective for deployments that benefit from distributed key management.

Key management for wireless mobile networks has been an active topic. In the past IEEE groups like 802.11 Task Group R, 802.21, and 802.16 (WiMAX) have been working to improve and specify key management techniques. Extensible Authentication Protocol (EAP) working group in the IETF has been working with key hierarchies and key derivation issues [1] and [2]. IETF PANA (Protocol for carrying Authentication for Network Access) working group has been tackling the issue of mobility optimizations for the PANA protocol [3], [4] and [5]. Handover keying working group (HOKEY) is also working on efficient key management for handovers [2], [6], [7], [8] and [9].

We analyzed LTE key management security properties together with the session keys context concept (SKC) that we proposed for the LTE in the beginning, to see how much they differ and in which ways. We noticed that, the security properties are quite similar in the sense of key separation but the complexity and flexibility are different. Our analysis shows that the LTE key management is a combination of multiple key management mechanisms, namely the LTE S1 (key-request) and X2 based handover-keying mechanisms (modified pre-distribution), which makes it complex. But, it also allows different implementation realizations as we have shown.