Professional Documents
Culture Documents
3
University of Engineering and Technology Taxila, Pakistan
asim.shahzad@uettaxila.edu.pk
It can be seen from Figure 8 and 9 that after the intruder has
captured IMSI, it will send this IMSI to VLR/SGSN and has
authenticated itself as an original MS although it is an
attacker that is acting as an authenticated user. Figure 9. An intruder launches the attack
11. Conclusion key generation functions f1, f1*, f2, f3, f4, f5 and f5*,
Document 2: Algorithm Specification, April 2001.
AKA procedures in UMTS have increased security [10] 3GPP TR 35.909 V4.0.0, Technical Specification
compared with GSM. The new feature of two-way Group Services and System Aspects, 3G Security,
authentication eliminates the problem with false base Specification of the MILENAGE. Algorithm Set: An
stations. This is a very important security improvement. example algorithm set for the 3GPP authentication
Even though the security has improved in some areas, there and key generation functions f1, f1*, f2, f3, f4, f5 and
are still security features that should be improved. It is not f5*, design and evaluation, April 2001.
sufficient to just require integrity protection on signaling [11] C. J. Mitchell, “Security for Mobility”, Institute of
messages. All messages should be integrity checked, but Electrical Engineers, December, 2004.
indirectly by requiring confidentiality protection together [12] 3GPP TS 33.102 (5.2.0), “3G Security; Security
with integrity. AKA concept is used to perform Architecture”, Release 5, June, 2003.
authentication of the user and network, as opposed to 2G [13] ISO/IEC 9798-4: "Information technology – Security
systems, which only authenticated users in a system. The techniques - Entity authentication - Part 4: Mechanisms
confidentiality algorithm is stronger than its GSM using a cryptographic check function"
predecessor. The integrity mechanism works independent of [14] Evaluation of UMTS security architecture and services
confidentiality protection and provides protection against 1-4244-9701-0/06/$20.00 ©2006 IEEE
active attacks. The design of cryptographic algorithms is [15] “Extension of Authentication and Key Agreement
open and they are extensively crypto analyzed. Moreover, Protocol (AKA) for Universal Mobile
the architecture is flexible and more algorithms can be Telecommunication System (UMTS)International
added easily. Journal of Theoretical and Applied Computer
Although 3G Security marks a large step forward however Sciences” Volume 1 Number 1 (2006) pp. 109–118 (c)
there are some short comings. IMSI is sent in clear text GBS Publishers and Distributors (India)
when allocating TMSI to the user. In this paper this http://www.gbspublisher.com/ijtacs.htm
problem is discussed in detail with the help of simulation [16] UMTS Security by K. Boman, G. Horn, P. Howard,
scenarios. Some future work on UMTS security architecture and V. Niemi October 2002 issue of IEE Electronics &
is also elaborated in this paper. Communication Engineering Journal.
[17] UMTS Authentication and Key Agreement - A
comprehensive illustration of AKA procedures within
the UMTS system By Jon Robert Dohmen , Lars Sømo
References Olaussen, , Grimstad - Norway, May 2001
[1] “3G Security; Security principles and objectives”, [18] M. Matsui, “Block encryption algorithm MISTY” in
Release 4, March, 2001. Proceedings of Fast Software Encryption (FSE’97),
[2] Johnson, M. (2002). Revenue Assurance, “Fraud and Volume 1267, Springer-Verlag, 1997.
Security in 3G Telecom Services. VP Business [19] 3GPP TR 33.909 V1.0.0 (2000-12) Technical Report;
Development Visual Wireless AB”, Journal of 3rd Generation Partnership Project; Technical
Economic Management, 2002, Volume 1, Issue 2. Specification Group Services and System Aspects;
[3] Stalling, W. Cryptography and Network Security, Report on the Evaluation of 3GPP Standard
Principles and Practice. 3rd edition. USA, Prentice Confidentiality and Integrity Algorithms (Release
Hall. 2003 1999)
[4] Stefan, P, and Fridrich R. (1998). “Authentication [20] S. Babbage and L. Frisch, “On MISTY1 higher order
Schemes for 3G mobile radio Systems”. The Ninth differential cryptanalysis”, in Proceeding of
IEEE International Symposium on, 1998. International Conference on Information Security and
[5] Zhang, M. and Fang, Y. (2005).” Security Analysis Cryptology (ICISC 2000), Lecture Notes in Computer
and Enhancements of 3GPP Authentication and Key Science Volume. 2015, Springer-Verlag, 2001.
Agreement Protocol”. IEEE Transactions on wireless [21] U. Kühn, “Cryptanalysis of reduced-round MISTY”,
Communications, Vol. 4, No. 2. 2005 in Proceedings of Eurocrypt’01, Lecture Notes in
[6] 3GPP TS 21.133. “3GPP Security; Security Computer Science, Volume 2045, Springer-Verlag,
Architecture”. 2001.
[7] 3GPP TS 33.102, Technical Specification Group [22] G. M. Koien, “Privacy enhanced cellular access
Services and System Aspects,” 3G Security. Security security” ACM - 2005
Architecture”, V 4.2.0 September 2001. [23] ” S.Y. A.-R. A. Mustafa Al-Fayoumi, Shadi Nashwan,
[8] Daemen J, Rijmen V. AES Proposal: Rijndael. “A new hybrid approach of symmetric/asymmetric
Available: authentication protocol for future mobile networks
IEEE - 2007
http://csrc.nist.gov/encryption/aes/round2/AESAlgs/Rij
ndael
[9] 3GPP TS 35.206 V4.0.0, Technical Specification Group
Services and System Aspects, 3G Security,
Specification the MILENAGE Algorithm Set: An
example algorithm set for the 3GPP authentication and