Professional Documents
Culture Documents
broadcast communications
– wireless usually means radio, which has a broadcast nature
– transmissions can be overheard by anyone in range
– anyone can generate transmissions,
• which will be received by other devices in range
• which will interfere with other nearby transmissions and may prevent their correct
reception (jamming)
¾ eavesdropping is easy
¾ injecting bogus messages into the network is easy
¾ replaying previously recorded messages is easy
¾ illegitimate access to the network and its services is easy
¾ denial of service is easily achieved by jamming
1
GSM Security
main security requirement
– subscriber authentication (for the sake of billing)
• challenge-response protocol
• long-term secret key shared between the subscriber and the home
network operator
• supports roaming without revealing long-term key to the visited networks
2
GSM authentication and cipher key setup
mobile phone visited home
+ SIM card network network
IMSI PRNG
IMSI
RAND K
A3 A8 SRES'
RAND SRES CK
?
SRES' CK' SRES = SRES'
Ciphering in GSM
A5 A5
A5
A5
CIPHERING CIPHERING
SEQUENCE SEQUENCE
Sender Receiver
(Mobile Station or Network) (Network or Mobile Station)
3
Conclusion on GSM security
4
3GPP authentication vectors
PRNG K SQN AMF
RAND
f2 f3 f4 f5 f1
AK
RAND AUTN
SQN ⊕ AK AMF MAC
f5f5
AK ⊕
SQN
K
XMAC RES CK IK
(Expected MAC) (Response) (Cipher (Integrity
Key) Key)
••Verify
Verifythat
thatSQN
SQNisisininthe
thecorrect
correctrange
range
••Verify
VerifyMAC
MAC==XMAC
XMAC USIM: User Services Identity Module
5
Conclusion on 3GPP security
Some improvement with respect to 2nd generation
– Cryptographic algorithms are published
– Integrity of the signalling messages is protected
Quite conservative solution
Privacy/anonymity of the user not completely protected
2nd/3rd generation interoperation will be complicated and
might open security breaches