Comparative analysis

Of

GSM and CDMA technologies

“A Security Perspective”

By

Sangram Gayal

and

Dr. S. A. Vetha Manickam

Network Security Solutions Ltd.

Pune.
 Table Of Contents

1. Abstract .............................................................................. 3

2. Introduction to GSM Architecture ....................................... 3

2.1 The security services provided by GSM............................... 3

2.2 GSM security issues and their vulnerabilities ..................... 4

2.3 SS7 Protocol ....................................................................... 8

3. Overview of CDMA technologies ....................................... 10

3.1THE CDMA CONCEPT .......................................................... 10

3.2 Advantages of CDMA technology ...................................... 12

3.3 Authentication and security in CDMA................................ 12

3.4 Authentication Signatures ................................................ 12

3.5 Signaling data privacy ...................................................... 13

3.6 CDMA Design Security and interception of signals .....................13

3.7 Security Concerns in CDMA............................................... 14

3.8 Comparison of Security in GSM and CDMA technologies ... 14

4. Conclusion ........................................................................ 14

References ............................................................................. 15

2
1. Abstract
Mobile telephone systems have gained a very bad reputation worldwide on
issues of security and authentication. It is estimated that eavesdropping and
other mobile telephony frauds have accounted for more than US$ 750M of
lost revenue in the United States in the year 2001. There are no such
estimates presently available for India due to the fact of unawareness.
Authentication, security, and Privacy are important issues to be looked into.
There are ongoing efforts to enhance security level of the system and new
technologies are reaching the market with added security features. This
paper attempts to compare the security features provided by GSM mobile
telephony standards and the CDMA standards promoted by 2.5G and 3G.

2. Introduction to GSM Architecture

Global System for Mobile communication (GSM) is a globally accepted
standard for digital cellular communication. GSM is the name of a
standardization group that was established in 1982 in an effort to create a
common European mobile telephone standard that would formulate
specifications for a pan-European mobile cellular radio system operating at
900 MHz. Today over 400 million people worldwide use GSM mobile phones
to communicate with each other, via voice and short-message-service (SMS)
text.

SS7 is TDM-based network architecture for performing out-of-band signaling

in support of call establishment, billing, and routing and info exchange. It is
used in telephonic communications.

2.1 The security services provided by GSM

Anonymity: Anonymity is provided so that it is not easy to identify the user
of the system. Using temporary identifiers provides it. When a user first
switches on his/her radio set, the real identity (IMSI 1 number) is used, and a
temporary identifier (TMSI 2 number) is then issued. From all future
communication, the temporary identifier is used till end of this session. Only
by tracking the user, it is possible to determine the temporary identity being
used.

Authentication: Authentication is provided so that the operator knows who

is using the mobile system for authorization and accounting purposes.
Authentication is performed by a challenge and response mechanism. A
random (RAND) challenge is issued to the Mobile Station (MS), the mobile
encrypts the challenge using the authentication algorithm (A3) and the key
assigned to the mobile (SIM card key [Ki]), and sends a response (Signed

3
Response [SRES]) back. The operator can check that, given the key of the
mobile, the response to the challenge is correct.

User Data Protection: Encryption is provided so that user data passing

over the radio path is protected. This is provided by A5 algorithm, input to
which is a session key (Kc) and frame number (Fn) and output is the
keystream, which is XOR’ed with the plain text to get the cipher text. Session
key is generated by the A8 algorithm, inputs to which are the SIM card key
and a random number (RAND) is sent over by Base Station (BTS).

COMP128 is a one-way (hash) function that is currently used in most GSM

networks for A3 and A8.

2.2 GSM security issues and their vulnerabilities

! Eavesdropping
This is the capability that the intruder eavesdrops signaling and data
connections associated with other users. Eavesdropping helps the hacker to
attack at two vulnerable points:

! Over-the-air data transfer:

Over-the-air data transfers include transmission of IMSI number, TMSI
number, RAND, SRES, cipher text, etc. This information can be of great help
to the attacker as anonymity of the user, one of the basic services provided
by GSM, is lost.
! Signaling Network beyond BTS:
The transmissions are encrypted only between the MS and the BTS. After the
BTS, the data is transmitted in plain text within the operator’s network. If the
attacker can access the operator's signaling network, he will be able to listen
to everything that is transmitted, including the actual phone call as well as
the RAND, SRES and Kc. The SS7 signaling network used in the operator's
GSM network is completely insecure if the attacker gains direct access to it.
Although the BTS are usually connected to the Base Station Controller (BSC)
through a cable, some of them are connected to the BSC through a
microwave or even a satellite link. This link would be relatively easy to attack
with the right kind of equipment.
____________________________
1
International Mobile Subscriber Identification
2
Temporary Mobile Subscriber Identification

4
! Impersonation

• Of the User
This is the capability whereby the intruder sends signaling and/or user data
to the network, in an attempt to make the network believe they originate
from the target user.

• Of the Network
This is the capability whereby the intruder sends signaling and/or user data
to the target user, in an attempt to make the target user believe they
originate from a genuine network.

Impersonation leads to mainly one kind of attack called the SIM card cloning
attack. This attack enjoys the weaknesses in COMP128 algorithm as listed
below:

The algorithm reveals information about the Ki when the appropriate RANDs
are given as arguments to the A8 algorithm.

The algorithm requires lookup of large tables, which can only be achieved in
a complicated way on simple devices such as SIM cards, which leaks out a lot
of sensitive information on the side channels.

! SIM card cloning attack

• SIM card under physical access

The SIM is accessed through a smart card reader connected to a PC. The PC
makes about 150,000 challenges to the SIM and the SIM generates SRES
and the session key, Kc, based upon the challenge and the secret key. The
secret key can be deduced from the SRES responses through differential
cryptanalysis. The smart card reader used in implementing the attack can
make 6.25 queries per second to the SIM card. So the attack requires about
eight hours to complete. The results have to be analyzed as well, but this is
apparently very quick, compared to the actual attack. Thus, the attacker
needs to have physical access to the target SIM for at least eight hours.

! Over-the-air attack
The over-the-air attack is based upon the fact that the MS is required to
respond to every challenge made by the GSM network. If the signal of the
legitimate BTS is over powered by a rogue BTS of the attacker, the attacker
can bomb the target MS with challenges and re-construct the secret key from
these responses. Again the MS has to be available to the attacker over the
air for the whole time it takes to conduct the attack. It is not known how long
the attack would take when conducted over the air. Estimates vary from
eight to thirteen hours.

5
But the concept of building a BTS is highly impractical as cost required
building a BTS estimates around $10,000.

! Partitioning attack
Extracting secret key information from SIM cards by monitoring side-
channels, such as power consumption and electromagnetic (EM) emanations
help in performing these kinds of attacks.
Scientists have known for some time that by looking at the side channels
such as power consumption and the EM emanations from a computing
device, one can derive some information about its internal workings. The
attack can be easily accomplished by making the card perform the algorithm
just seven times with the unknown key. A hacker, who has possession of a
SIM card for a minute, can easily extract the full 128-bit key.

! Man-in-the-middle attack
This is the capability whereby the intruder puts itself in between the target
user and a genuine network and has the ability to eavesdrop, modify, delete,
re-order, replay, and spoof signaling and user data messages exchanged
between the two parties. Man-in-the-middle attacks mainly deal with
attacking the A5 algorithm. A5 has three versions:
" A5/1 (Stronger version)
Used by USA and European countries
" A5/2 (Weaker version)
Export version. Allowed to be used by developing countries
" A5/0 (No Encryption version)
Allowed to be used by underdeveloped countries

Note that even though India can use A5/2 version but majority subscribers
use no encryption.

Before getting into the vulnerabilities in A5/1 and A5/2, let’s get a hint about
their structure.
! A5/1 Structure
Three LFSR’s (Linear Feedback Shift Registers)
o R1 (19-bit)
o R2 (22-bit)
o R3 (23-bit)
Combination function is XOR. Only non-linear component is the Clock
control mechanism

! A5/2 Structure
Four LFSR’s
o R1 (19-bit)
o R2 (22-bit)
o R3 (23-bit)
o R4 (17-bit)
Combination function is XOR. Only non-linear component is the Clock control
mechanism

6
! Attacks on A5/1 and A5/2
There are mainly two types of attacks on A5/1 and A5/2:
• Hardware based attacks
• Requires FPGA
• Software based attacks
• Known cipher text attacks
• Known plaintext attacks

The best-published attacks against A5/1 require between 240 and 245 steps
and that against A5/2 require 217 steps.

* This level of security makes it vulnerable to hardware-based attacks by

large organizations, but not to software-based attacks on multiple targets by
hackers.

! Hardware based attack on A5/1 stream cipher

The test is implemented in VHDL and compiled with the Xilinx Foundation
software for a Xilinx XC4062 FPGA. A distributed implementation of thousand
ASICs3 can get the session key in less than a minute.

! Software based attacks on A5/1 stream cipher

• Known ciphertext attack:

In known ciphertext attack hacker has knowledge of ciphertext only.
Attacker derives the session key or keystream for other frame numbers
from ciphertext.

• Brute-force attack: It takes around 20000 days for single PC to crack

plain text or the session key Kc given the cipher text. A network of 100 PC
may be able to crack it in a few weeks.
A real-time brute-force attack against the GSM security system is not
feasible, as stated above. The time complexity of the attack is 254 (264 if
the ten bits were not zeroed out). This requires too much time in order to
be feasible in eavesdropping on GSM calls in real time. It might be
possible to record the frames between the MS and the BTS and launch the
attack afterwards though.
If we have a Pentium III class chip with approximately 20 million
transistors and the implementation of one set of LFSRs (A5/1) would
require about 2000 transistors, we would have a set of 10,000 parallel
A5/1 implementations on one chip. If the chip was clocked to 600 MHz
and each A5 implementation would generate one output bit for each clock
cycle and we would need to generate 100+114+114 output bits, we could
try approximately 2 Million keys per second per A5/1 implementation.
A key space of 254 keys would thus require about 900,000 seconds, 250
hours, with one chip. Giving up on a specific key after the first invalid
keystream bit can optimize the attack. This would cut the required time

7
 down by one third. The attack can also be distributed between multiple
chips, thus drastically decreasing the time required.

• Known plaintext attack:

In this type of attack attacker has complete knowledge of ciphertext and
plaintext. Also he knows the corresponding frame numbers. Using above
information he derives the session key or the keystream for other frame
numbers.
All known plaintext are based on subtle flaws in the tap structure of the
registers, their noninvertible clocking mechanism, and their frequent
resets.

2.3 SS7 Protocol

Introduction

Defines how the communication should be handled in the wired network.

How the "message content" sent over the layers. Each functional program
modules (corresponding to a protocol in the OSI model) is termed as "User
Part".

Protocol Stack (low to high)

The protocol stack used in the SS7 protocols are

1. Message Transfer Part (Level1)

2. Message Transfer Part (Level2)
3. Message Transfer Part (Level3)
4. Signaling Connection Control Part (SCCP)
5. Transaction Control Application Part (TCAP)
6. Operations Maintenance Administration Part (OMAP)
7. ISDN User Part

SS7 over IP

Increasing need of convergence, data is becoming more significant as a

proportion of traffic compared to voice.
- Explosive growth of IP's driving and enabling convergence:
* Integration of circuit networks and IP networks.
* IP architecture for supporting SS7 technology.
- Signaling Transport (SIGTRAN), a set of standards proposed to put
signaling architectures over IP, i.e. the addressal of transport issues in a
packet based PSTN signaling in IP networks, provides umpteen benefits.
* Ease of deployment, use of Access Service Group (ASG) as the signaling
gateway doesn’t require the existing SS7 network to be disrupted.

8
 * Higher throughputs and bandwidths possible now, with technologies like
IP over SDH, allowing high-ended machines like SMSC, HLR to be able to
support heavy traffic.
* Enhanced Services, which are quite obvious while implementing IP
* Diversity of solutions possible, which obviates dealing with the complexity
of the SS7 network, by providing interface only at the application level, E.g.:
Using protocols like MTP3 User Application (M3UA), SCCP User Application
(SUA), the application vendor like SMSC has to deal with the application layer
only.
- SIGTRAN defined a new protocol for the transport of signaling protocols.
The reason for not using TCP were attributed to its limitations like stringent
and reliability mechanisms which resulted in unnecessary delays, and made
running of real-time applications inapposite. The limited capability of TCP
sockets, along with weak security features (specially to DoS attacks)
rendered TCP to be replaced by a new architecture.

This architecture consists of 3 components:

1. The Standard IP layer

2. Stream Control Transport Protocol (SCTP) serves as the common
signaling transport protocol.
3. An Adaption sub-layer containing supporting specific primitives, such as
management indications, required by a particular signaling application
protocol, like M3UA, M2PA, SUA, IUA etc.

Security in SS7 networks:

SS7 protocol designed for closed telecommunication networks possesses
limited authentication facilities. Any user capable of generating SS7 packets
can gain entry in to the SS7 network.

Vulnerabilities in SS7 networks

Attackers can gain access to the network in quite a few no. of ways:

• At ISDN connection with SSP: Spoofing a source telephone, which uses a

ISDN line, an attacker can send malicious packets onto the network.
• Increasing dependence of PSTN & Internet creates loopholes; an attacker
might be able to gain entry into the SS7 network via the Internet.
• Competitive Local Exchanges (CLECs) also offer chances, owing to their
poor network security. The attacker could easily compromise a single
computer.
• Tracing of attackers is an arduous task, as they could easily resort to
using the flaws associated with Local Number Portability (LNP), which
allows the users to switch their local providers without having to change
their local phone number.

9
Attacks on nodes of SS7 networks

1. SSP
From the periphery of a SS7 network, it is most prone to hacks, because of
weak authentication. It is also prime target for packet sniffing, because a
specific user's data always passes through the same SSP.
A Distributed Denial of Service (DDoS) overloads the STP-SSP connection, by
sending a lot of IAMs to a single SSP. An attacker intercepting at that
compromised SP could modify IAMs to request connection with some
targeted user.

2. STP
It can be done through exploiting weakness in the routing protocols.
Eavesdrop on certain conversations, by having a bogus STP, which collects
and filters the packets received to the hacked STP. SCCP packets may be
forwarded to any location by modifying the destination address.
Sensitive information like Point Codes of the network could be obtained by
accessing the corresponding SCPs. The GTT database could also be modified.
Multiple (compromised) STPs might be modified to re-route all the traffic via
specific STP, causing overloading, and rendering the connected SSP useless.
MTP layer 3 packets, if fabricated would be unable to provide link
management features like notifying surrounding nodes of the failure of
signaling point, which might cause congestion, data loss, and subsequent
crippling of the network.

3. SCP
It contains database information, so it is highly vulnerable. Attacks
associated with Toll-free numbers that involve modification of the number to
direct charges to some other totally unrelated party, or changing of the
billing information, or disrupting some business by forwarding all calls
addressed to it, to some illicit telephone number or more serious problems
like modifying the forwarding address to some emergency service. It also
leads to voice mail hacking, full access to someone's voice mailbox, by
obtaining passwords using TCAP messages.

3. Overview of CDMA technologies

3.1 THE CDMA CONCEPT

CDMA is a modulation and multiple access scheme based on spread spectrum
communication, a well-established technology that has been applied only
recently to digital cellular radio communications and advanced wireless
technologies.

With CDMA, each signal consists of a different pseudorandom binary

sequence that modulates the carrier, spreading the spectrum of the

10
waveform. A large number of CDMA signals share the same frequency
spectrum. If CDMA is viewed in either the frequency or time domain, the
multiple access signals appear to be on top of each other. The signals are
separated in the receiver by using a correlator which accepts only signal
energy from the selected binary sequence and despreads its spectrum. The
other users’ signals, whose codes do not match, do not despread in
bandwidth and as a result, contribute only to the noise and represent a self-
interference generated by the system. The signal-to-interference ratio is
determined by the ratio of desired signal power to the sum of the power of all
the other signals, and is enhanced by the system processing gain or the ratio
of spread bandwidth to baseband data rate. The major parameters that
determine the CDMA digital cellular system capacity are processing gain,
required Eb/N0, voice duty cycle, frequency reuse efficiency, and the number
of sectors in 1 cell. The CDMA cellular telephone system achieves a spectral
efficiency of up to 10 times the analog FM system efficiency when serving the
same area with the same antenna system. This is a capacity of up to one call
per 10 kHz of spectrum.
In the cellular radio frequency reuse concept, interference is accepted but
controlled with the goal of increasing system capacity. CDMA does this
effectively because it is inherently an excellent anti-interference waveform.
Since all calls use the same frequencies, CDMA frequency reuse efficiency is
determined by a small reduction in the signal-to-noise ratio caused by
system users in neighboring cells. CDMA frequency reuse efficiency is
approximately 2/3 compared to 1/7 for narrowband FDMA systems. The
CDMA system can also be a hybrid of FDMA and CDMA techniques where the
total system bandwidth is divided into a set of wideband channels, each of
which contains a large number of CDMA signals.

Figure 1: Frequency and Time Domain Representations of FDMA,

TDMA, and CDMA.

11
Unlike FDMA or TDMA, CDMA has multiple users simultaneously sharing the
same wide band channel. Individual users are selected by correlation
processing of the pseudonoise waveform.

3.2 Advantages of CDMA technology

The advantages of the CDMA technology are
• Fewer cells needed, lower cost per subscriber
• Exploitation of multipath diversity
• Low transmission power, moderate processing power required
• High voice quality (variable rate vocoder)
• Enhanced privacy
• Easy introduction of new features

3.3 Authentication and security in CDMA

The authentication for CDMA access has been defined in IS-41 standard. In
IS-41, intermediate keys called “Shared Secret Data (SSD)” are generated.
There is an SSD-A which is used in authentication signatures, and an SSD-B
which is used for cryptographic key generation. These are each 64 bits.

There are also three session keys generated from SSD-B:

• The CMEA key (64 bits)
• The Voice Privacy Mask (520 bits)
• The DataKey (32 bits)

3.4 Authentication Signatures

Before allowing a mobile phone to access the network, the phone must
present a response to a challenge, based on the SSD-A (IS-41) or the master
key (GSM). In IS-41 the phone itself contains the secret key, and the
algorithm (CAVE), which is used to calculate the signature. CAVE is detailed
in an export-controlled appendix to the standard, and hence is standardized
in all the phones.

Note that, for originating a call, the phone number is also input to the
algorithm. This is because the random challenge is broadcast and changes
regularly, instead of being unique to the origination. This saves message
overhead both over the air and within the network. The output from CAVE is
truncated to 18 bits, meaning that there is about 1 chance in ¼ million of
faking a call by sending a random signature. At these odds, we can invest in
the lottery. The shared secret data can be sent to the visited system while
roaming, allowing local authentication. If encryption is supported, the various
privacy keys are generated soon afterwards. CAVE is a hashing algorithm
which works by using a shift register driven walk over the input data and a
somewhat random table, and shuffling the inputs. It takes 23 octets of input
and produces 16 octets of output. Future IS-41 systems will replace most of

12
the functionality of CAVE with SHA-1, the US FIPS-180-1 Secure Hash
Standard.

3.5 Signaling data privacy

Data such as numbers dialed, short messages (paging), and DTMF tones are
put into data packets and are encrypted using CMEA (Cellular Message
Encryption Algorithm). This is a variable length block cipher, which works by
a table walk using a key-derived somewhat random table, a self-inverse
“folding” and the inverse of the first step. This makes the algorithm itself
self-inverse, which isn’t such a hot idea in retrospect. The cipher is used in
ECB (Electronic Code Book) mode, ditto. The packet formats differ for the
three standards, but the algorithm is the same. CMEA has been broken.

Data Privacy
ORYX, a LSFR-based stream cipher intended for wireless data services is
used for encrypting data over CDMA wireless networks.

Vendors can implement any algorith (like DES or 3-DES) for data protection
if they wish to.

3.6 CDMA Design Security and interception of signals

DCMA uses spread spectrum technologies for communication. The data signal
is spread over the whole available bandwidth. All the users transmit their
data simultaneously. The data is modulated by fast moving PRN whish
spreads it all over the spectrum. The PN numbers of the stations are
orthogonal. The assumption is that when the multiple stations transmit
simultaneously the resultant signals add linearly. Hence there exists a
mathematical algorithm to separate each signal at the receiving end provided
PN numbers of transmitting stations are known.

This means that it is possible to intercept the data of individual base stations
only if the attacker knows the PN. There have been some advances in the
interception of CDMA data, which make it possible to monitor and identify
data meant for a particular base station.

The research done by Gary E. Ford and Michael Golanbari shows that it is
possible using multi-user detectors on board airborne and terrestrial mobile
interceptors; simultaneous detection, in a single receiver, of all
communication signals transmitted by the base station of interest.

13
3.7 Security Concerns in CDMA
CDMA uses the CAVE algorithm for authentication along with encryption
algorithms like CMEA and ORYX for privacy and integrity of data. These
algorithms were considered to be secure till recent times. But it is now
known that there are possible cryptanalytic attacks possible on these
algorithms (ref 1, 3). The attacks are similar to those conducted on GSM
system namely known plaintext and known cipher text attacks. Hence we can
conclude that that the encryption provided by CDMA standards is inadequate.

3.8 Comparison of Security in GSM and CDMA

technologies
We can see that the encryption algorithms used in both CDMA and GSM are
susceptible to attacks. Then what differentiates these both systems in terms
of security? The fact is that due to the inherent design of CDMA AIR
INTERFACE it has not been possible for any attacker to successfully capture
the CDMA digital packets. This gives an additional level of security to CDMA
technology. GSM data for a particular base station can be captured over the
air and subjected to cryptanalytic attacks, which yet is not possible in CDMA.
But this does not mean that it would never be possible to capture CDMA
packet intended for a particular base station over the air. The security of
CDMA lies in solving the complex filtering function to separate out the data
and as technology progresses this also would be possible. Till then CDMA can
be considered more secure than other existing technologies.

4. Conclusion
Clearly the CDMA is the next generation technology in terms of Voice and
Data transmissions over the AIR. Even though the cryptographic algorithms
for CDMA have been broken, CDMA interception has a long way to go. This
means that the CDMA transmissions will remain secure at least for few years
from now.

The CDMA technologies have already been applied to CONVERGENT

networks. Hence the problems faced currently by CDMA are more of the
nature of computer attacks and exploits in the network management protocol
(SNMP). Thus the future problem of CDMA may lie in the domain of computer
networks rater than telecommunication domain.

14
References
1. Cryptanalysis of the Cellular Message Encryption Algorithm
By David Wagner Bruce Schneier John Kelsey

i. http://www.cs.berkeley.edu/~daw/papers/cmea-crypto97-
www/paper10.html

2. Qualcomm papers

i. http://www.qualcomm.com/main/whitepapers/1xEV_AirlinkOverview_11
0701.pdf

ii. http://www.qualcomm.com/press/PDF/about_cdma.pdf

iii. http://www.qualcomm.com/press/PDF/GSM1x_Overview.pdf

3. Cryptanalysis of ORYX by David Wagner Bruce Schneier and others.

http://www.cs.berkeley.edu/~daw/papers/

4. TIA standards 92-95

5. Wireless Communications Principles and Practice

By Rapport, Pearson publications

6. Book on “Global System for Mobile Communication”

By Asha Mehrotra

7. Paper on “Real-time Cryptanalysis of the Alleged A5/1 on a PC”

By Alex Birukov & Adi Shamir (2000)

8. Paper on “Real time cryptanalysis of A5/1 on a PC”

Alex Birukov & Adi Shamir (1999)

9. Paper on “Cryptanalysis of alleged A5 stream cipher”

By Golic (1997)

10. Paper on “Cryptanalysis of A5/2 algorithm”

By Solobodan Petrovic and Amparo Fuster-Sabater (1999)

11. Paper on “A cryptanalytic time-memory trade-off”

By Hellman

12. Book on “Applied Cryptography” – Second edition (2001)

By Bruce Schneier

13. Cryptanalysis of the A5/1 GSM Stream Cipher

Eli Biham Orr Dunkelman

14. WebPages – http://kiwibyrd.chat.ru/gsm/a3a8.htm, /a512.htm, /a51.html

15
About the Authors

Dr. S. A. Vetha Manickam, Head of Technology

S. A. Vetha Manickam holds a PhD degree in Scientific Computing and

Numerical Analysis from Indian Institute of Technology, Bombay. He has a
Masters in Applied Mathematics from Anna University, Chennai, where his
dissertation was in "Object Oriented Methodologies". He was a Fellow of
National Board for Higher Mathematics (NBHM), Department of Atomic
Energy (DAE), India during the doctoral and post doctoral degree. Dr.
Manickam has extensive experience in implementing e Security for
organizations and defining the Information Risk Management Policies. He has
been doing secure code auditing for many banking applications. He has also
been involved in development of cryptographic algorithms and PKI products
for authentication, confidentiality, integrity and Digital Signature. He is also
involved in cryptanalysis for mobile and Wireless LAN encryption algorithms.
He has spearheaded development teams in iKey integration, desktop security
development, vulnerability scanner development and incorporation of Digital
Signature for the Enterprise solutions.

Sangram S. Gayal, Information Security Consultant

Sangram S. Gayal is Bachelor of Engineering in Electronics and

Telecommunications from Government College of Engineering, Aurangabad.
He currently is an Information Security Consultant with Network Security
Solutions India Ltd. and Associate researcher at Center for Information and
Network Security, University of Pune. He currently is researching on wireless
LAN vulnerabilities and countermeasures.

16