PTCRB 3G/4G/5G无线蜂窝加密Encryption和算法完整性Integrity Algorithms测试
发布日期:2022-09-26
点击次数:1612
在2G/3G/4G/5G等无线蜂窝系统产品,在通信过程中,会对链路的数据进行加密,来确保通信的安全和数据到达终端复原后的完整性,算法里面还可以根据校验位来监测遗漏的数据位。
作为一致性方面的测试,PTCRB 3G/4G/5G无线蜂窝加密Encryption和算法完整性Integrity Algorithms测试用到的测试标准有:
(1)3GPP TS 33.501 5.11
(2)3GPP TS 34.123-1
(3)3GPP TS 34.123-3
(4)3GPP TS 36.523-1等
算法方面可以根据客户的情况选取其中一些来进行传导性测试,试验的过程需要能配合AT命令进行控制,算法方面测试内容有:
(1)3G 算法测试有UEA0,UEA1,UEA2,UIA0,UIA1,UIA2。
(2)4G 算法测试有EEA0,EIA0,EEA1,EEA2,EIA1,EIA2,EIA3,EEA3(ZUC)。
(3)5G 算法测试有NEA0,128-NEA1,128-NEA2,128-NEA3,NIA0,128-NIA1,128-NIA2,128-NIA3。
以完整性保护测试为例,目的是确认UE在完整性保护激活后丢弃任何包含错误消息认证码或RRC消息序列号或不包含IE“Integrity Check Info”的RRC消息,3GPP的一致性内容如下:
(1)check the value of the IE "RRC message sequence number" included in the IE "Integrity check info";
(2)if the "Downlink RRC Message sequence number" is not present in the variable INTEGRITY_PROTECTION_INFO:
(3)initialise the "Downlink RRC Message sequence number" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO with the value of the IE "RRC message sequence number" included in the IE "Integrity check info" of the received message.
(4) if the "Downlink RRC Message sequence number" is present in the variable INTEGRITY_PROTECTION_INFO:
(5)if the RRC message sequence number is lower than the "Downlink RRC Message sequence number" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO:
(6)increment "Downlink RRC HFN" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO with one.
(7) if the RRC message sequence number is equal to the "Downlink RRC Message sequence number" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO:
(8) discard the message.
(9) calculate an expected message authentication code in accordance with subclause 8.5.10.3 of TS 25.331;
(10) compare the expected message authentication code with the value of the received IE "message authentication code" contained in the IE "Integrity check info";
(11)if the expected message authentication code and the received message authentication code are the same, the integrity check is successful:
(12) update the "Downlink RRC Message sequence number" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO with the value of the IE "RRC message sequence number" included in the IE "Integrity check info" of the received RRC message.
(13)if the calculated expected message authentication code and the received message authentication code differ:
(14)if the IE "RRC message sequence number" included in the IE "Integrity check info" is lower than the "Downlink RRC Message sequence number" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO (in this case the "Downlink RRC HFN" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO was incremented by one, as stated above):
(15)decrement "Downlink RRC HFN" for signalling radio bearer RBn in the variable INTEGRITY_PROTECTION_INFO by one.
(16) discard the message.
3GPP测试程序:
(1)The UE is in CELL_DCH state, radio access bearer and integrity protection is already activated in generic setup procedure. The SS transmits UE CAPABILITY ENQUIRY message on the downlink DCCH using RLC-UM mode on SRB1. The UE shall respond to with a UE CAPABILITY INFORMATION message on the uplink DCCH using RLC-AM. The SS then sends UE CAPABILITY INFORMATION CONFIRM message to the UE. This procedure is used to initialise the downlink RRC message sequence number in the UE.
(2)SS transmits RRC CONNECTION RELEASE message which does not include the IE "Integrity Check Info" on downlink DCCH. The UE shall discard this message and shall not respond using RRC CONNECTION RELEASE COMPLETE message.
(3)Then SS transmits RRC CONNECTION RELEASE message which includes wrong message authentication code on downlink DCCH. The UE shall discard this message and shall not respond using RRC CONNECTION RELEASE COMPLETE message.
(4)Then SS transmits RRC CONNECTION RELEASE message which includes IE"RRC Message sequence number" as set to the same sequence number as the number in previous received RRC message. The UE shall discard this message and shall not respond using RRC CONNECTION RELEASE COMPLETE message.
(5)Then SS transmits RRC CONNECTION RELEASE message which includes correct RRC Message sequence number and message authentication code. The UE shall transmit RRC CONNECTION RELEASE COMPLETE message on uplink DCCH and enter the idle state.
以上为例的测试流程看起来很多,实际设备调试好,在系统上面进行测试速度还是蛮快的。
这类项目如果是出海设备,提出单独要求做该类测试的话,按照深光标准技术经验,墨西哥客户是最主要的客户群体,因为墨西哥电信运营商要求设备制造商提供此类测试。
同步经常遇到的还有‘IMEI SVN’的测试,这个一般是制造商提供,用于识别每个经批准的商用软件版本。网络可以从任何Phase 2或更高版本的设备请求IMEI SV获取。一个典型的IMEISVN由TAC NNXXXXXX+ Serial No ZZZZZZ+ SVN SS组成。
SVN应增加当修改设备软件时,2位SVN的分配由报告机构,SVN“99”保留供将来使用。
以上的3G,4G,5G算法和完整性测试,深光标准技术已经协助多家设备制造企业完成过项目,欢迎咨询我们该项目测试!