Click to edit the title text format,,Click to edit the outline text format,,Second Outline Level,,Third Outline Level,,Fourth Outline Level,,Fifth Outline Level,,Sixth Outline Level,,Seventh Outline Level,,,*,wimax,入网过程,Jade 2013,,目录,概述,,免认证入网,,认证入网,,,Wimax,网络架构,PSTN: Public Switched Telephone Network,公共交换电话网络,,AAA: Authentication,、,Authorization,、,Accounting,认证/鉴权/计费服务器,,ASN: Access Service Network,接入网,(BS/MS/ASN GW),,BS: Base station,,SS: Subscriber station,AAA Server,Internet,PSTN,IP Core,Portal,SS,SS,SS,PCMCIA,ASN GW,BS,,Wimax,网络参考模型,ASN: Access Service Network; CSN: Connectivity Service Network/Core Network ASP: Application Service Provider,,NSP: Network Service Provider NAP: Network Access Provider Home NSP: Home Network Service Provider (,可理解为用户所属的运营商,) Visited NSP: Visited NSP(,用户漫游到和,Home NSP,有漫游协议的,NSP),,Bearer plane:,承载平面,用户承载业务数据流,Control plane:,控制平面,用户逻辑实体间的信令交互,,O&M plane,:管理平面,用于逻辑实体操作维护信息的交互,网络参考模型定义各个逻辑功能实体的功能,/,以及他们直接按的参考接口,,各个逻辑功能实体可能对应实际物理组网中一个或多个设备,,从左图可以看到主要逻辑功能实体有,ASN/CSN/MS(MS,也可算,ASN,的一部分,),,实际组网过程中,可能涉及终端用户,/,网络接入服务商,/,网络服务提供商,/,应用服务提供商,,NAP/NSP/ASP,等在,wimax,出现前已存在,,wimax,重点在于,ASN,,进一步请参考:《,WMF-T32-002-R010v05_Network-Stage2-Part1,》,,ASN,参考模型,BS: base station,,按照,IEEE Std 802.16,协议实现,wimax MAC/PHY,层的逻辑实体,功能包括但不限于对无线空口上下行资源的调度,/,管理,和,ASN-GW,业务连接的管理等。
ASN-GW: ASN,网络对外接口功能实体,在网络上具有承上启下的作用,对内完成无线资源管理;对外完成相关控制面信令的承载,/,转发和业务面承载关于,ASN,侧完成的逻辑功能在,BS,和,ASN-GW,间的分解,/,分配请参考《,WMF-T32-003-R010v05_Network-Stage2-Part2,》中,8. ASN Profile Introduction,章节ASN,网络由,BS/ASN-GW/MS,等实体组成,,典型的,MS,初始接入涉及的接口为,R1/R6,口,,R3/R4,接口可能涉及,但不需重点关注,,R1,口为空口,为,wimax,协议的重中之重,,进一步请参考《,WMF-T32-002-R010v05_Network-Stage2-Part1,》,,接口协议栈,same,different,different,Convergence Sublayer(CS),,The IEEE Std 802.16 defines multiple convergence sub layers. The network architecture framework SHALL support the following CS types:,,Ethernet CS and IPv4/IPv6 over Ethernet CS,,,IPv4 CS,,,IPv6 CS.,,请参考《,WMF-T32-003-R010v05_Network-Stage2-Part1/Part2,》,,R1,接口参考模型,SAP: Service Access Point,,C-SAP: Control SAP M-SAP: Management SAP,,OFDM: orthogonal frequency division multiplexing,,OFDMA:orthogonal frequency division multiplex access,,OFDMA,物理层和,OFDM,物理层最根本的区别在于前者,,在上行和下行均支持子信道化,,,后者仅在上行方向支持子信道化,,并且,OFDMA,在空口资源上分配方式更加灵活(右图),,Wimax,标准定义了,R1,口的,MAC,层和,PHY,层,,MAC,层:包括,CS,/,CPS,/,SS,三个子层:,CS,执行外部网络数据的转换或映射到,CPS,子层;,CPS,执行,MAC,核心功能,包括系统接入/带宽分配/连接建立与维护;,SS,子层主要完成安全相关功能,包括鉴权/密钥交换/加密。
PHY,层:随着协议的演进,协议规定了,3,类主要的物理层技术:,,WirelessMAN-SC,,WirelessMAN-OFDM,,WirelessMAN-OFDMA,,差别在于支持的频段/是否支持移动/空口性能,目前主流是支持移动的,OFDMA,技术,,更多细节请参考,《,IEEE Std 802.16e-2005, IEEE Standard for Local and metropolitan area networks – Part 16: Air Interface for Fixed and Mobile Broadband Wireless Access Systems,》,,,目录,概述,,免认证入网流程,,认证入网,,,免认证入网流程,MS,BS,ASN-GW,DCD,UCD,DL-MAP,UL-MAP,1.MS,侦听,,周期广播,CDMA code,RNG-RSP(status:Continue),loop,CDMA code,RNG-RSP(status:Success),2.cdma,码,,调整&测距,RNG-REQ,RNG-RSP,SBC-REQ,SBC-RSP,3.,基本能力协商,REG-REQ,REG-RSP,DSA-REQ,DSA-RSP,DSA-ACK,loop,4.,注册,5.,建立业务流,,连接,DHCP,获取,IP,MS_PreAttachment_Req,MS_PreAttachment_Rsp,MS_PreAttachment_Ack,MS_Attachment_Req,MS_Attachment_Rsq,MS_Attachment_Ack,RR_Req,RR_Rsp,RR_Ack,入网的,5,个步骤:,,1. MS,与,BS,取得同步,,2.,初始测距,,3.,基本能力协商(,PHY,层能力/安全能力参数等等),,4.,注册(高层能力协商),,5.,建立业务流连接,,message,注释:,,D/DL,代表,Downlink,,U/UL,代表,Uplink,,RNG: Ranging,,DCD: DL channel descriptor,,UCD: UL channel descriptor,,SBC:SS basic capability,,DSA: Dynamic service flow add,可选的认证流程,,1. MS,侦听下行广播,MS,侦听,BS,下行广播信息目的:,,和,BS,取得物理层同步,,MS,开机后扫描可能的连续下行频带,直到找到,,一个正确的下行信道,和,BS,取得时间和频率上同步,,,和,BS,取得下行,MAC,层同步,- Obtain DL parameters,,MS,和,BS,取得物理层同步后,尝试搜索,DL-MAP,,和,DCD,消息,能够连续解出这,2,个消息将保持,MAC,,同步状态,,,取得上行通道参数,- Obtain UL parameters,,取得下行,MAC,层同步后,搜索,UL-MAP,和,UCD,消息,,,获取上行发射参数,能够连续解出这,2,条消息将保持,,同步状态,,,Ms,和,BS,取得,MAC,层同步后,具备了发起,Ranging,的条件。
进一步参考《,IEEE Std 802.16e-2005, IEEE Standard for Local and,,,metropolitan area networks,》中,节,MS,DCD,,(,DIUC,检索表,/,BSEIRP,/,TTG,/,RTG,等),UCD,,(,UIUC,检索表,/,上行接入的,ranging,相关信息等),DL-MAP,,(物理帧,symbol,数,/PHY,同步信息,/,DCD count,/,BSID/DL_MAP IE,等),UL-MAP,,(物理帧,symbol,数,/,UCD count,/,UL_MAP IE,等),BS,图示说明:,,DIUC:DL interval usage code,,UIUC:U,L interval usage code,,UIUC/DIUC,分别对应上下行不同的调制,/,编码方式索引,,EIRP,:有效全向辐射功率,,TTG,:,transmit/receive transition gap,,RTG,:,receive/transmit transition gap,,,2. cdma,码调整&测距,测距目的,,不断调整,SS,的,Timing offset/Freq offset/power offset,,使得,SS,的发射和接收达到最优,,过程要点,,初始测距是一个反复的过程,,Ms,在上行,ranging,时机随机选择,CDMA code,,测量出,MS,的时偏,/,频偏,/,功率偏差等信道参数,然后响应,RNG-RSP,,告诉,MS,应该如何调整信道参数,如此反复,直到信道参数达到最优,在最后的,RNG-RSP,中携带给,MS,分配的相关资源,,MS,在得到分配的资源后,可以继续后续的接入流程,,如果,MS,已经入过网且所在位置未变,/BS,侧配置未变时,,MS,复位,初始测距可能不需反复,一次可以成功(,MS,将相关信息记录到了,FALSH,中),,更多信息可参考,《,IEEE Std 802.16e-2005, IEEE Standard for Local and metropolitan area networks,》中的,章节,,MS,BS,RNG-REQ/CDMA code,RNG-RSP(status:Continue),loop,RNG-REQ/CDMA code,RNG-RSP(status:Success),RNG-REQ,RNG-RSP,CDMA code,为一个特殊的消息序列,且任意,2,个序列之间不具有相关性,,3.,基本能力协商,目的,,匹配,MS,和,BS,间的基本能力,包括,PHY,能力,/,安全能力,,过程说明,,MS,将自身的基本支持能力通过,SBC-REQ,上报,BS,,BS,向,ASN-GW,发送消息(可携带需要到,GW,协商的能力),通知,GW,该,MS,入网,,ASN-GW,响应,BS,,,BS,将,MS,上报的支持能力和网络侧的支持能力取交集下发,MS,,,更多信息可参考,:,,《,IEEE Std 802.16e-2005, IEEE Standard for Local and metropolitan area networks,》中的,章节,,《,WMF-T33-001-R015v03_Network-Stage3-Base,》中,4.5,节,MS,BS,ASN-GW,SBC-REQ,SBC-RSP,MS_PreAttachment_Req,MS_PreAttachment_Rsp,MS_PreAttachment_Ack,,4.,注册,目的,,匹配,MS,和网络侧高层支持能力,包括,CS,支持能力,/,移动性参数,/,切换支持能力等,,过程,,MS,通过,REG-REQ,携带自身的高层支持能力向,BS,发起注册请求,,BS,向,ASN-GW,发送消息(可携带需要到,GW,协商的能力),通知,GW,该,MS,发起注册,,GW,侧准备发起业务流建立,,ASN-GW,响应,BS,,,BS,将,MS,上报的支持能力和网络侧的支持能力取交集下发,MS,,,更多信息可参考,:,,《,IEEE Std 802.16e-2005, IEEE Standard for Local and metropolitan area networks,》中的,章节,,《,WMF-T33-001-R015v03_Network-Stage3-Base,》中,4.5,节,MS,BS,ASN-GW,REG-REQ,REG-RSP,MS_Attachment_Req,MS_Attachment_Rsq,MS_Attachment_Ack,,5.,业务流建立,目的,,建立预配置业务流,即建立端到端的业务承载通道,,过程,,ASN-GW,侧在收到,MS,的,REG-REQ,时,主动发起预配置业务流建立,携带业务流相关参数向,BS,下发,RR_REQ,消息,,BS,向,MS,下发,DSA_REQ,消息将业务流信息通知,MS,,MS,通过,DSA_RSP,响应,BS,,并向,MS,返回,DSA_ACK,,BS,向,ASN-GW,返回,RR_RSP,完成业务流建立,,业务流建立完成后,可以进行业务,随后发起的,DHCP,过程即使用第一条预配置业务流(,ISF,)来承载,,第一条建立的预置业务流成为初始业务流,(ISF),,用来承载对于时延不敏感的业务,比如随后的,DHCP,过程,,ISF,只有一条,除,ISF,外的预置业务流可以有多条,,MS,BS,ASN-GW,DSA-REQ,DSA-RSP,DSA-ACK,loop,通过预配置业务流承载,DHCP,协议获取,IP,RR_Req,RR_Rsp,更多信息可参考,:,,《,IEEE Std 802.16e-2005, IEEE Standard for Local and metropolitan area networks,》中的章节,,《,WMF-T33-001-R015v03_Network-Stage3-Base,》中节,,目录,概述,,免认证入网,,认证入网,,,认证基础,- EAP,概述,EAP,:,Extensible Authentication Protocol,,是一个认证框架,在此框架上可以支持或者说承载多种认证协议/方法,比如,EAP-TLS,/,EAP-TTLS,,交互方式采用,lock-step,,同时只能有一个报文在传输,等到对方响应后才可以发送下一个报文一般是,request/response,[,1,,,n,],success/failure[1],,支持重传,但是不支持分片和重组,,认证由,server,发起,而不是,client,,2.,通用包格式定义,,,,,Code,:,1byte,,目前只有,4,种定义:,,1 Request,,2 Response,,3 Success,,4 Failure,,Identifier : 1byte,,认证双方通信时用的,transId,,匹配一个,Request,和,Response,,Length: 2byte,,报文长度,从,Code,字段开始。
Data,:报文内容,根据,Code,取值不同,需要进一步扩展认证消息交互基本框架,,认证基础,- EAP,消息格式,Request,和,Response,报文格式,进一步请参考,RFC3748 Extensible Authentication Protocol,Type,定义,:,Type,字段可以由,EAP,承载的认证协议扩展,比如,EAP-TTLS,,,Type,字段为,21,;,EAP-TLS,,,Type,取值为,13.,,Nak,用于接收方向发送方反馈,接收方不支持发送方指定的,type,,同时携带接收方支持的,type,通知发送方可以用这些,type,(下文设备认证将看到此应用),Success,和,Failure,报文格式,,认证基础,- EAP-TTLS,概述,,EAP-TTLS,:,Extensible Authentication Protocol Tunneled Transport Layer Security Authenticated Protocol Version 0 (EAP-TTLSv0),,是,EAP,承载的一种方法,其封装了,TLS,协议,认证过程划分为,2,个阶段:,,Phase1,:,Handshake,,完成,client,和,server,的双向认证,或者只是完成,server,到,client,的认证,同时协商出,2,阶段,tunnel,使用的,cipher suite,,保障,tunnel,阶段数据的安全传输。
Phase2,:,Tunnel,,通过,TLS record layer,建立的隧道在,client,和,server,间传输任意数据,完成特定的功能包括,client,到,server,的认证,在,Tunnel,承载的认证协议可以是,PAP, CHAP, MS-CHAP, or MS-CHAP-V2,,,MD5,等CPE,使用用户认证方式时,采用,EAP-TTLS,协议,第一阶段完成,server,到,CPE,的认证,第二阶段使用指定的认证承载协议(可配置为,PAP,/,CHAP,/,MS-CHAP,/,MS-CHAP-V2,/,MD5,)完成,CPE,到,server,的认证,,2.,协议分层模型,进一步参考,RFC5281 EAP-TTLS,AVP,,,attribute-value pairs,,类似,TLV,,认证基础,- EAP-TTLS,消息格式,包格式,进一步参考,RFC5281 EAP-TTLS,Code(Request/Response),/,Identifier,/,Length,/,Type(21),见,EAP,协议;,,Flags,Data,,认证基础,- EAP-TTLS,密钥,(MSK),生成,Key Derivation,,进一步参考,RFC5281 EAP-TTLS,EAP-TTLS,协商完毕后,将按如上算法生成,MSK,/,EMSK,,此值将用于后续的密钥生成。
TLS PRF(pseudo-random function) function,参考,rfc5216/rfc2246 .,,,,认证基础,- EAP-TLS,EAP,承载的认证方法,,支持,client,和,server,间基于证书的相互认证/密钥生成,,流程基本同,EAP-TTLS,,相比,EAP-TTLS,少了,tunnel,阶段,安全性略差,由于只支持基于证书的相互认证,,CPE,设备认证可以采用该协议,用户认证需要使用,EAP-TTLS,协议,,进一步请参考,RFC5216 EAP-TLS,,左图为典型的交互流程:包含,identify,/证书,,交换/密钥(,premaster secret,)交换等过程,,,进一步参考,RFC5281 EAP-TTLS,,认证基础,-TLS,概述,TLS: Transport Layer Security,,提供,Internet,网络的传输安全,对于,client,和,server,间的数据传输提供了防窃听,防篡改,防伪造功能包括,2,层:,the TLS Record Protocol and the TLS Handshake Protocol.,,TLS Record Layer,用于封装各种高层协议(例如可以封装,TLS Handshake Protocol,),安全性说明:,,TLS Record Layer,通过对称加密算法保证传输数据的私密性,,通过,MAC,(,message authentication code,)保证传输数据的完整性,将待传输数据(压缩(可选)后加密前)联合密钥通过,HASH,算法(,MD5/SHA,)生成,MAC code,,供接收方校验完整性,,TLS Handshake,用于服务器和客户端相互认证和协商应用层协议的加密算法和加密密钥,,,,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS,安全参数,安全参数生成,,加密算法:,rc4, rc2, des, 3des, des40, idea, aes,,可以为,null,,加密算法类型:,block,方式/流方式,,MAC,算法:,md5, sha,,压缩算法,可以为空,,双方共知的,48byte secret,,client,端,random,,,server,端,ramdom,,进一步参考,RFC2246 TLS1.0,,block,加密使用,,non-export block ciphers,,方式通过此方式生成,,exportable block ciphers,,方式需要进一步算法生成,,,,认证基础,-TLS,通用包格式,TLS Record Layer,包格式,进一步参考,RFC2246 TLS1.0,Type,:承载的协议类型,,change_cipher_spec: 20,,alert: 21,,handshake: 22,,application_data: 23,,version:,版本号,,目前有,1.0(RFC2246)/1.1(RFC4346)/1.2(RFC?),,抓包看到华为,wimax,是,0301,,对应,1.0(RFC2246),,由于,TSL,基于,SSL3.0,演变而来,所以消息编码为,3.1,(,0301,)。
length,:后续数据长度,,fragment,:协议报文,,当,fragment,经过压缩,/,加密后,格式路略有变化,具体参考协议,,认证基础,-TLS,通用包格式,TLS Record Layer,包格式,进一步参考,RFC2246 TLS1.0,Type,:承载的协议类型,,change_cipher_spec: 20,,alert: 21,,handshake: 22,,application_data: 23,,version:,版本号,,目前有,1.0(RFC2246)/1.1(RFC4346)/1.2(RFC?),,抓包看到华为,wimax,是,0301,,对应,1.0(RFC2246),,由于,TSL,基于,SSL3.0,演变而来,所以消息编码为,3.1,(,0301,)length,:后续数据长度,,fragment,:协议报文,,当,fragment,经过压缩,/,加密后,格式路略有变化,具体参考协议,,认证基础,-TLS Handshake Protocol,TLS Handshake Protocol,,用于双方协商安全参数/相互认证,,包含,3,个子协议:,,Change cipher spec protocol,,用于在安全参数协商过后,通知对方随后的交互将使用之前刚刚协商的安全参数进行加密处理,,该子协议只包含,change_cipher_spec(1),这,1,条消息,,Alert protocol,,传递告警信息,,Handshake protocol,,见下页,进一步参考,RFC2246 TLS1.0,Handshake,过程:,,协商加密算法,/,交换,random,,交换信息双方生成一致的,premaster secret,,交换证书和加密信息并认证,,生成,Master secret,,给,record layer,提供加密参数,,验证双方生成了相同的安全参数,,认证基础,-TLS Handshake Protocol,包格式,Handshake protocol,用于协商安全参数,,包格式定义:,进一步参考,RFC2246 TLS1.0,包含的消息类型,,认证基础,-TLS hello message,Handshake type,之,hello message,,包括,hello request / client hello / server hello,三个消息,这,3,个消息用于双方协商安全能力:加密能力,/,压缩能力,,Hello request,,只用于,server,请求,client,发送,client hello,消息,即,server,要求,client,发起协商,,,Client hello,,用于,client,主动向,server,发起协商流程,,消息中包含,random,值(,32byte,(,4byte GMT TIME+28byte random,))/,client,支持的,CipherSuite list,/,client,支持的压缩算法,,Server hello,,server,对,client,的,hello,消息的响应,,消息中包含,random,值,/server,选择的,CipherSuite/server,选择的压缩算法以及分配的,session id,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Server certificate,Handshake type,之,Server certificate,,Server,发送证书给,client,,证书格式参考,X.509v3,,证书的,key,和签名必须,,和,hello,协商的,Ciphersuite,,指定加密方式一致,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Server key exchange message,Handshake type,之,Server key exchange message,,The server key exchange message is sent by the server only when the server certificate message (if sent) does not contain enough data to allow the client to exchange a premaster secret.,,This message conveys cryptographic information to allow the client to communicate the premaster secret,:,either an RSA public key to encrypt the premaster secret with, or a Diffie-Hellman public key with which the client can complete a key exchange,,帮助,client,计算,server,的,premaster,值,,进一步参考,RFC2246 TLS1.0,和附录,1 DH,密钥交换算法,,认证基础,-TLS Certificate request,Handshake type,之,Certificate request,,用于,server,向,client,请求证书(可选),,目前认证流程不涉及,进一步信息参考协议,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Server hello done,Handshake type,之,Server hello done,,The server hello done message is sent by the server to indicate the end of the server hello and associated messages.,,目前认证流程不涉及,进一步信息参考协议,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Client certificate,Handshake type,之,Client certificate,,发送,client,端证书,,证书格式参考,X.509v3,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Client key exchange message,Handshake type,之,Client key exchange message,,With this message, the premaster secret is set, either though direct transmission of the RSA-encrypted secret, or by the transmission of Diffie-Hellman parameters which will allow each side to agree upon the same premaster secret.,,用于,client,通知,server,客户端的,premaster secret,,比如密钥交换算法选择,RSA,时,,client,用,server,段下发证书中的,public key,将自身产生的,48byte,的,premaster secret,加密,发给,server,;采用密钥交换算法采用,DH,时,,client,和,server,互换,DH,计算参数,从而双方生成一致的,premaster secret,,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Certificate verify message,Handshake type,之,Certificate verify,,This message is used to provide explicit verification of a client certificate.,,When sent, it will immediately follow the client key exchange message.,,包格式,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Finished message,Handshake type,之,Finished,,A finished message is always sent immediately after a change cipher spec message to verify that the key exchange and authentication processes were successful.,,,The finished message is the first protected with the just-negotiated algorithms, keys, and secrets. Recipients of finished messages must verify that the contents are correct.,,进一步参考,RFC2246 TLS1.0,,认证基础,-TLS Handshake message,总结,Handshake type,之,Finished,,原则上述消息必须按照上文描述的顺序发送,只有,2,个例外:,,the Certificate message is used twice in the handshake (from server to client, then from client to server), but described only in its first position.,,The one message which is not bound by these ordering rules in the Hello Request message, which can be sent at any time, but which should be ignored by the client if it arrives in the middle of a handshake.,,进一步参考,RFC2246 TLS1.0,,认证基础,-MS-CHAP-V2,MS-CHAP-V2: Microsoft PPP CHAP Extensions, Version 2.,,MS,基于,PPP CHAP,协议的扩展增强版本,主要增强了用户认证功能,,通过,3-way handshake,验证,peer,的身份:,,,,,1. authenticators,发送生成并发送,challenge code,(随机数),消息中携带了用户名,,2. Client,根据,16-octet challenge Value,/,username,/,password,经过一定算法生成,RADOM,值(,24byte,),发送给,authenticator,,3. authenticator,经过同样算法计算得到,Hash,值,与,Client,发来的,RADOM,值比较成功时,返回,Success,,CPE,采用用户认证方式时,由,CPE,发起,Challenge,,在该消息中,,CPE,根据,CPE challenge,值/,username,/,pass,/,peer challenge,值经过一定算法成生,24byte,的,RADOM,值,连同,CPE challenge,值/,username,/,peer challenge,值一并发给,server,;,server,根据,Challenge,中的,username,获取到对应的密码,根据同样的算法生成,RADOM,值,和,CPE,发送来的,RADOM,比较,一致返回,success,,否则返回失败。
进一步参考,RFC1994 CHAP,/,RFC2433 MS-CHAP,/,RFC2759 MS-CHAP-V2,,CPE,认证分类,认证的目的在于双方互相判断对方是否合法,同时协商加密信息,用于后续报文的安全传输认证分类:,,免认证,,用户认证,,CPE,认证,AAA based on X.509 certificate,,AAA,认证,CPE,基于用户名/密码,,CPE,和,AAA,间基于,EAP-TTLS,认证协议,,设备认证,,CPE,和,AAA,相互认证,based on X.509 certificate,,CPE,和,AAA,间基于,EAP-TLS,认证协议,,认证协议栈,进一步请参考:,,参考《,WMF-T32-001-R015v02_Network-Stage2-Base,》,7.4,节,,参考,RFC5281 EAP-TTLS,从协议栈可以看出,认证过程在,MS,和,AAA,间完成,中间网络节点提供,EAP,通道,,在,R1,口,EAP,通过,PKMV2,(,wimax,定制)承载,,EAP,属于一个认证流程的处理框架,其上可以承载多种具体的安全协议,/,认证协议,,CPE,采用用户认证时,可以配置,EAP,具体承载的认证协议来安全的传输,CPE,的用户名和密码信息给,AAA,,支持如下,5,种协议:,,MS-CHAP/MS-CHAP V2,,CHAP(Challenge Auth. Protocol),,MD5,,PAP(Password Auth. Protocol),,CPE,采用设备认证时,由于,AAA,使用证书认证,CPE,,不需传递用户名,/,密码,所以不需配置认证协议。
用户认证,) / EAP-TLS(,设备认证),设备认证不需要,,安全子层,PKM,:,privacy key management,,进一步请参考《,P80216Rev_03,》,7,节,,Traffic data....:,业务面加解密,/,业务面分包认证,,Message Authentication Processing,:控制面分包认证,(HMAC/CMAC/short-HMACs),,Control Message Processing:PKM,消息分发处理,,PKM Control Management,:,SS,控制管理层,密钥生成分发,,RSA-based Authentication,:基于,RSA,的,X.509,数字证书的认证处理,,Authorization/SA Control:,认证状态机和业务加密密钥状态机控制,,EAP Encapsulation/Decapsulation:,,EAP,接口处理层,,EAP,参考前文认证基础,,PKMv1 provides support for only Device Authentication whereas PKMv2 provides a flexible solution that supports device and user authentication between MS and home CSN.,,WIMAX,密钥体系一,进一步请参考《,P80216Rev_03,》,7,节,MSK,:经过,EAP,认证后网络侧和,MS,都生成了同样的,MSK(Master session key),,PMK,:取,MSK,的,160bit,作为,PMK(pairwise master key),,PMK,联合,SSID,/,BSID,/,PMK,生成,AK(authorization key,,),,,AK,用于进一步派生其他密钥,,WIMAX,密钥体系二,进一步请参考《,P80216Rev_03,》,7,节,MAC(message authentication code),模式,:CMAC/HMAC,分别是基于加密和基于,hash,方式生成,MAC,值,,CMAC_PREKEY_U/D,用于在,CMAC,模式生成,MAC,值,,HMAC_KEY_U/D,用于在,HMAC,模式生成,MAC,值,,KEK(key encryption key),用于加密其他密钥,比如,TEK(Traffic encryption key)/GTEK(group TEK),,TEK(Traffic encryption key),用于业务面加密,,MAC,消息中通用头不加密,只有,payload,才会加密,由,BS,负责生成,下发,MS,。
其他非重要,KEY,参见协议,,CPE,认证配置说明,1.,业务面加密配置:业务面加密选项,,wimax,协议上有四种:,DES-CBC,/,ASE-CCM,/,AES-CBC,/,ASE-CTR,,从配置上看,只能配置,2,种,具体使用哪种由,BS,配置给,MS,,AES,:,advanced encryption standard CTR,:,counter mode encryption CBC,:,cipher block chaining,,CBC-MAC,:,cipher block chaining message authentication code CCM,:,CTR mode with CBC-MAC,,ECB,:,electronic code book,,2.,密钥交换配置:,,AES-Key Wrap,:是否使能,AES key wrap algorithm,,,BS,发送给,CPE,的业务面,key,将经过该算法处理,,,MS,根据相同算法还原该,key,,AES-ECB,:,BS,发送给,CPE,的业务面,KEY,是否经过,AES ECB,加密,,上述是,TEK,配置给,MS,时,,BS,侧采用的加密方式,协议上支持,4,种:,3-DES,/,RSA,/,AES-ECB,/,AES-Key Wrap,,具体采用哪种由,BS,配置给,MS,。
EAP Mode,: 认证承载协议,Internal Mode:,认证方法(用户认证时使用),,Anonymous ID: NAI,(,Network access identifier,),,,用于认证时,CPE,上报,AAA,,帮助中继设备转发到合适的服务器3.,证书配置:用于,CPE,验证,AAA,下发的,AAA,证书是否合法,,进一步参考《,WMF-T32-001-R015v02_Network-Stage2-Base,》,7,节,3,2,1,,CPE,认证配置说明,1.,业务面加密配置:业务面加密选项,,AES,:,advanced encryption standard CTR,:,counter mode encryption CBC,:,cipher block chaining,,CBC-MAC,:,cipher block chaining message authentication code CCM,:,CTR mode with CBC-MAC,,ECB,:,electronic code book,,2.,密钥交换配置:,,AES-Key Wrap,:是否使能,AES key wrap algorithm,,,BS,发送给,CPE,的业务面,key,将经过该算法处理,,,MS,根据相同算法还原该,key,,AES-ECB,:,BS,发送给,CPE,的业务面,KEY,是否经过,AES ECB,加密,,EAP Mode,: 认证承载协议,Internal Mode:,认证方法(用户认证时使用),,,可以是,PAP/CHAP/MSCHAPV2/MD5,。
Anonymous ID: NAI,(,Network access identifier,),,,用于认证时,CPE,上报,AAA,,帮助中继设备转发到合适的服务器3.,证书配置:用于,CPE,验证,AAA,下发的,AAA,证书是否合法,,进一步参考《,WMF-T32-001-R015v02_Network-Stage2-Base,》,7,节,3,2,1,,wimax,认证整体流程,CPE,和,AAA Server,双向认证阶段:,,双向认证完毕后,,CPE,和,AAA S,,ERVER,将生成相同的,MSK,和,EMSK,,SA,生成阶段:,CPE,和,GW,,根据,MSK,,各自生成相同,,的,PMK,,再由,PMK,联合,MSID,/,BSID,,生,AK,和,AK,上下文,,AK,由,GW,下发,BS,密钥下发阶段:通过,3,次握手(,6,),,完成,SA,/,AK,验证以及,Primary,,SA,的分配;同时通过(,7,)完成每,,个,SA,关联的,2,个,TEK(traffic,,encryption key),的生成和下发,,CPE,,进一步参考, 7.3.10,和, PART16,中,节,,wimax,认证流程,-,双向认证,进一步信息参考前文,TLS,协议,MS,BS,EAP request/Identify,ASN-GW,AAA,EAP response/Identify-NAI,EAP-reponse/identify over AAA,EAP request/TTLS-Start,EAP-request/TTLS-Start over AAA,EAP response/TTLS/,,TLS: Client hello,EAP request/TTLS/,,TLS: Server hello/ certificate,,Server key exchange/,,Server hello done,,EAP over AAA,EAPover AAA,EAP response/TTLS/,,TLS: Client key exchange/,,Change cipher spec/finished,,EAP over AAA,EAP over AAA,EAP request/TTLS/,,TLS: Change cipher spec/finished,EAP response/TTLS/,,TLS: Peer response/challenge,,EAP request/TTLS/,,TLS: success/Authenticator response,EAP response/TTLS(no data),EAP over AAA,EAP over AAA,EAP Success,EAP over AAA,EAP over AAA,基本能力协商后,,ASN-GW,发起,EAP,,Identify,流程,,MS,将响应,EAP Identify/NAI,,,ASN-GW,根据,NAI,指定的域名将消息转发,,AAA,,随后后续的流程实际上都是经过,GW,,透传给,MS,,,1.MS,和,AAA,通过,TLS,完成,AAA,到,MS,的,,认证(采用数字证书方式),同时完成了,,PRE MSK,的交换(通过,DH,或,RSA,),,2.,左图为用户认证方式,如果为设备认证时,,MS,侧也需要将自己的证书发送发送,AAA,,完成,MS,到,AAA,的认证,,3.,经过此步后,,AAA,和,MS,可以生成的,,MSK/EMSK, AAA,会将,MSK,下发给,GW,,,,GW,进一步生成,PMK/AK,,并下发,BS,,1.,当认证方式为用户认证时,进一步通过认证,,协议完成,MS,到,AAA,的认证(认证协议可以,,是,mschapv2/mschap/chap/md5/pap,),,,,当设备认证时,不含此步骤,,,wimax,认证流程,-,用户认证双向认证实例,MS,BS,EAP request/Identify,ASN-GW,EAP response/Identify-NAI,EAP request/TTLS-Start,EAP response/TTLS/,,TLS: Client hello,EAP request/TTLS/,,TLS: Server hello/ certificate,,Server key exchange/,,Server hello done,EAP response/TTLS/,,TLS: Client key exchange/,,Change cipher spec/finished,,EAP request/TTLS/,,TLS: Change cipher spec/finished,EAP response/TTLS/,,TLS: Peer response/challenge,,EAP request/TTLS/,,TLS: success/Authenticator response,EAP response/TTLS(no data),EAP Success,server,的证书较长,再加上,Server hello/,,Server key exchange/,,Server hello done,等消息,需要,2,条消息交互,Finished,是第一条使用刚刚协商后的加密参数,,加密的消息,,wimax,认证流程,-,设备认证双向认证实例,由于设备认证时,认证,EAP-TLS,,所以,CPE,响应,Nak,,,告知,AA。
