安全--终端错报其支持祖冲之算法导致无法驻留LTE网络

1、文档名称文档密级终端错报其支持祖冲之算法导致无法驻留LTE网络1 现象描述1、A型号手机在所有站下都无法驻留4G网络。2、其它手机可以正常驻留。3、Mifi可以正常驻留4G。2 告警信息不涉及3 原因分析附着过程中的信令发现“Security mode reject”，原因为“security mode rejected unspecified”。 eNodeB下发给终端的NASSecurityModeCommand消息中下发的加密和完整性保护算法分别为EEA3和EIA3。 但Mifi网络下发的RRC SecuritymodeCommand消息中下发的SecurityAlgorithmConf

2、ig下发的加密和完整性保护算法分别为EEA2和EIA2。经核查，X运营商要求打开祖冲之算法，核心网侧改成了“优选祖冲之算法”，当终端支持祖冲之算法时，优先使用祖冲之算法。当终端不支持祖冲之算法时，选用其他算法。基站侧的加密算法配置： 终端probe信令，收到核心网下发的NAS安全祖冲之算法后，返回安全模式失败。 协议33.401对NAS安全过程的一个描述：7.2.4.4            NAS security mode command procedureThe NAS SMC

3、procedure consists of a roundtrip of messages between MME and UE. The MME sends the NAS security mode command to the UE and the UE replies with the NAS security mode complete message. The NAS security mode command message from MME to UE shall contain the replayed UE security capabilities, the select

4、ed NAS algorithms, the eKSI for identifying KASME, and both NONEUE and NONCEMME in the case of creating a mapped context in idle mobility (see clause 9.1.2). This message shall be integrity protected (but not ciphered) with NAS integrity key based on KASME indicated by the eKSI in the message (see f

5、igure 7.2.4.4-1). The UE shall verify the integrity of the NAS security mode command message. This includes ensuring that the UE security capabilities sent by the MME match the ones stored in the UE to ensure that these were not modified by an attacker and checking the integrity protection using the

6、 indicated NAS integrity algorithm and the NAS integrity key based on KASME indicated by the eKSI. In addition, when creating a mapped context for the case described in clause 9.1.2, the UE shall ensure the received NONCEUE is the same as the NONCEUE sent in the TAU Request and also calculate K'

7、ASME from CK, IK and the two nonces (see Annex A.11). If the MME receives no response to a NAS Security Mode Command that included nonces to create a mapped context and it wishes to try again to create the mapped context, the MME shall use the same values of NONCEUE and NONCEMME. If the UE receives

8、a re-transmitted NAS Security Mode Command, i.e one containing the nonces, after it has successfully received a previous one (and hence created a mapped EPS NAS security context), the UE shall process the message as above, except that it is not required to re-generate the K'ASME or check the NON

9、CE UE if it does not re-generate the K'ASME. If the checks of the NAS Security Mode Command pass the UE shall respond with a NAS Security Mode Complete. The UE shall delete NONCE_UE once the TAU procedure is complete.If successfully verified, the UE shall start NAS integrity protection and ciphe

10、ring/deciphering with this security context and sends the NAS security mode complete message to MME ciphered and integrity protected The NAS security mode complete message shall include IMEISV in case MME requested it in the NAS SMC Command message.The MME shall de-cipher and check the integrity pro

11、tection on the NAS Security Mode Complete using the keys and algorithms indicated in the NAS Security Mode Command. NAS downlink ciphering at the MME with this security context shall start after receiving the NAS security mode complete message. NAS uplink deciphering at the MME with this context sta

12、rts after sending the NAS security mode command message. If any verification of the NAS security mode command is not successful in the ME, the ME shall reply with a NAS security mode reject message (see TS 24.301 9). The NAS security mode reject message and all following NAS messages shall be protec

13、ted with the EPS NAS security context, i.e., the EPS NAS security context used prior to the NAS security mode command that failed (until a new EPS NAS security context is established, e.g., via a new NAS security mode command procedure). If no EPS NAS security context existed prior to the NAS securi

14、ty mode command, the NAS security mode reject message cannot be protected. 由协议可知， 1、如果NAS层加密成功，终端需要给MME发送security mode complete消息。2、如果NAS security mode command消息认证不成功，终端应该回复reject消息。 从这一点看，因终端没有发security mode complete消息，所以推断A型号终端要么不支持祖冲之算法，要么因为别的原因安全模式失败。 需联系终端公司分析A型号在NAS安全的时候失败的原因。查看信令：终端发的附着请求中携带了所支持的加密算法： 附着请求解码后：可见终端上报的能力是支持祖冲之算法的。 再找终端确认发现当前版本并不支持祖冲之算法。由于终端版本误报的终端能支持的加密算法导致。需要升级版本解决。 升级后终端版本，从attach request消息中看终端上报的加密算法已经不支持祖冲之（EEA3&EIA3算法）。升级后验证发现，终端上报的加密算法去掉了祖冲之算法，这样即使网络支持祖冲之算法，因为终端不支持，最终协商结果也不会下发祖冲之算法给终端。所以，终端升级后，解决了之前版本误