Scribd Logo
Upload

Welcome to Scribd!

  • GSM Security: SMU CSE 5349/7349

    Uploaded by

    devggct
    14 views10 pages
    This document discusses security provisions in GSM networks, including anonymity using temporary IDs, authentication of users, and protection of signaling and user data. It describes the authentication process that uses encryption keys and algorithms. Potential attacks on GSM security are also outlined, such as through the air interface if the encryption algorithms are broken, and attacks on the SIM card to extract encryption keys.

    Original Description:

    Original Title

    ytiyiy

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses security provisions in GSM networks, including anonymity using temporary IDs, authentication of users, and protection of signaling and user data. It describes the authentication process that uses encryption keys and algorithms. Potential attacks on GSM security are also outlined, such as through the air interface if the encryption algorithms are broken, and attacks on the SIM card to extract encryption keys.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    14 views10 pages

    GSM Security: SMU CSE 5349/7349

    Uploaded by

    devggct
    This document discusses security provisions in GSM networks, including anonymity using temporary IDs, authentication of users, and protection of signaling and user data. It describes the authentication process that uses encryption keys and algorithms. Potential attacks on GSM security are also outlined, such as through the air interface if the encryption algorithms are broken, and attacks on the SIM card to extract encryption keys.

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 10

    GSM Security

    SMU CSE 5349/7349


    GSM Security Provisions
    • Anonymity
    • Authentication
    • Signaling protection
    • User data protection

    SMU CSE 5349/7349


    Anonymity
    • Use of temporary Ids
    • Use IMSI for initial authentication
    • VLR generates a TMSI for the user
    • Use the Kc to encrypt TMSI

    SMU CSE 5349/7349


    Authentication
    MOBILE RADIO INTERFACE FIXED NETWORK

    Challenge R Key
    Ki Ki
    A3 A3
    Response SRES
    ?

    A8 A8
    SIM
    Kc
    Kc

    ENCRYPTED DATA
    A5 A5

    SMU CSE 5349/7349


    GSM Triplets
    • Authentication while roaming
    – Without passing the Ki
    • AuC generates (Rand, XRES, Kc)
    triplets
    • Passes to VLR

    SMU CSE 5349/7349


    Triplets (cont’d)

    SMU CSE 5349/7349


    Attacks on GSM Security
    • Microwave links
    • SIM/ME interface
    • Attacks on A3/8, A5/1
    – Through air interface
    – With possession of ME
    • Attacks on SIM card
    – Optical fault induction
    – Partitioning attacks (IBM)
    • Ki can be extracted with <1000 tries

    SMU CSE 5349/7349


    Attacks (cont’d)
    • False base station
    – GSM does unilateral authentication
    • DoS
    – Jamming the signal
    – Preventing the MS from communicating

    SMU CSE 5349/7349


    3GPP
    • Built on GSM
    • Two way authentication
    • Better algorithms
    – KASUMI
    • Protection of network signaling

    SMU CSE 5349/7349


    GRPS Security

    SMU CSE 5349/7349

    You might also like