Module ocs_milenage

Description
Data Types
Function Index
Function Details

This module implements the MILENAGE algorithm set.

References

3GPP TS 35.206 3G Security; Specification of the MILENAGE algorithm set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 2: Algorithm specification

Description

This module implements the MILENAGE algorithm set.

Within the security architecture of the 3GPP system there are eight security functions; f0, f1, f1*, f2, f3, f4, f5 and f5* used for authentication and key generation. The operation of these functions is to be specified by each operator and as such is not fully standardised. The algorithms implemented here follow the examples produced on request from 3GPP by ETSI SAGE Task Force and are based on the block cipher Rinjindael now known as Advanced Encryption Standard (AES).

Data Types

ak()

ak() = binary()

amf()

amf() = binary()

ck()

ck() = binary()

ik()

ik() = binary()

k()

k() = binary()

mac()

mac() = binary()

op()

op() = binary()

opc()

opc() = binary()

rand()

rand() = binary()

res()

res() = binary()

sqn()

sqn() = binary()

Function Index

f0/0	Random challenge generating function.
f1/5	Network authentication function.
'f1*'/5	Re-synchronisation message authentication function.
f2/3	User authentication function.
f3/3	Cipher key derivation function.
f4/3	Integrity key derivation function.
f5/3	Anonymity key derivation function.
'f5*'/3	Anonymity key derivation function for re-synchronisation.
f2345/3	Computes response and keys.
opc/2	Encode the Operator Variant Algorithm Configuration Field (OP).

Function Details

f0/0

f0() -> RAND

RAND = rand()

Random challenge generating function.

Generate a strongly random 128-bit value.

f1/5

f1(OPc, K, RAND, SQN, AMF) -> MAC_A

OPc = opc()
K = k()
RAND = rand()
SQN = sqn()
AMF = amf()
MAC_A = mac()

Network authentication function.

Takes as input the derived OPc, subscriber key K, random challenge RAND, sequence number SQN and authentication management field AMF. Returns the network authentication code MAC-A.

'f1*'/5

'f1*'(OPc, K, RAND, SQN, AMF) -> MAC_S

OPc = opc()
K = k()
RAND = rand()
SQN = sqn()
AMF = amf()
MAC_S = mac()

Re-synchronisation message authentication function.

Takes as input the derived OPc, subscriber key K, random challenge RAND, sequence number SQN and authentication management field AMF. Returns the resynch authentication code MAC-S.

f2/3

f2(OPc, K, RAND) -> RES

OPc = opc()
K = k()
RAND = rand()
RES = res()

User authentication function.

f3/3

f3(OPc, K, RAND) -> CK

OPc = opc()
K = k()
RAND = rand()
CK = ck()

Cipher key derivation function.

f4/3

f4(OPc, K, RAND) -> IK

OPc = opc()
K = k()
RAND = rand()
IK = ik()

Integrity key derivation function.

f5/3

f5(OPc, K, RAND) -> AK

OPc = opc()
K = k()
RAND = rand()
AK = ak()

Anonymity key derivation function.

'f5*'/3

'f5*'(OPc, K, RAND) -> AK

OPc = opc()
K = k()
RAND = rand()
AK = ak()

Anonymity key derivation function for re-synchronisation.

f2345/3

f2345(OPc, K, RAND) -> {RES, CK, IK, AK}

OPc = opc()
K = k()
RAND = rand()
RES = res()
CK = ck()
IK = ik()
AK = ak()

Computes response and keys.

Takes as input the derived OPc, subscriber key K and random challenge RAND. Returns response RES, confidentiality key CK, integrity key IK and anonymity key AK.

opc/2

opc(OP, K) -> OPc

OP = op()
K = k()
OPc = opc()

Encode the Operator Variant Algorithm Configuration Field (OP).

Each operator chooses a value of OP to provide separation between the functionality of the algorithms when used by different operators. The value OPc is used as input for the security functions and is derived from OP and the subscriber key (K).

Generated by EDoc