Actions
Feature #2461
closedImprove "encryption" VTY parameter
Start date:
08/24/2017
Due date:
% Done:
100%
Spec Reference:
Description
Currently the "encryption" parameter lets define which cipher is allowed by BSC, but only one can be allowed at a given time: "encryption a5 (0|1|2|3)". Tests in osmo-gsm-tester showed that currently if "encryption a5 X" is set in osmo-msc, then same config (with X) must also be applied to osmo-bsc, otherwise the set of ciphers coming from MSC will be rejected. The osmo-bsc encryption settings need improvement.
The cipher should be negotiated between MSC, BSC and MS:
- the MSC allows a set of a5/x by VTY configuration (the MSC sends a "Cipher Mode Command" to the BSC with a bitmask stating the allowed ciphers).
- the BSC should know which a5/x the connected BTS hardware supports, which the user tells us by VTY configuration.
- The list of ciphers supported by MS is received as explained in 3GPP TS 24.008: classmark 1 says whether a5/1 is supported, classmark 2 has a5/3 and a5/2 and classmark 3 has the rest of them.
We need to intersect these three capabilites/requirements and pick the highest possible a5/x (except never allow a5/2), or send back a "Reject" if intersection is void.
projected osmo-bsc behavior:
- By default, accept all A5/x (except 2) in osmo-bsc.
- Allow the user to pick a subset of allowed a5/x via VTY command, globally.
- And/or we could allow setting an A5/x bitmask on per-BTS VTY config.
e.g.
encryption a5 <0..7> [<0..7>] [<0..7>] [<0..7>] [<0..7>] [<0..7>] [<0..7>]
allowing
encryption a5 0 1 3
Related issues
Actions