You are on page 1of 10

CHAPTER 1

1.0 Introduction 1.1 Background The security objective of GSM is to provide a secured network like the one in the Public Switch Telephone Network (PSTN). However, an open air transmission media via a radio signal means that the system is constantly exposed to a potential threat in the eavesdropping of the radio transmission media. While the transmission of radio signal between a Mobile Station (MS) and the corresponding Base Station Subsystem (BSS) is well secured, the radio links in the network itself remains the weakest part of the entire system. It could be easily intercepted by an attacker. [1, 3] The existing security services in GSM include the provision of users anonymity, authentication, signal and data protection, confidentiality and integrity. However, GSM is prone to a number of weaknesses that compromises these services, thereby leaving the users at the mercy of any potential attackers. These weaknesses gradually defeat the set objective of the systems security. The most common attacks as a result of the weaknesses are in the physical and cryptographic encryption since transmission is through an open air. Attacks such as SIM/MS interface tapping, A3/8 algorithm attack, A5/1 and A5/2 algorithms attack, false base station and SIM card attack are much ramped. [2] While the effects of the physical attack are minima, the cryptographic attack effects, which are the focus of this research, are enormous. GSM being the most secured cellular communication system utilizes the Gaussian Minimum Shift Keying (GMSK) modulation technique, a slow frequency hopping spread spectrum (SFHSS) and the Time Division Multiple Access (TDMA). [3] In addition to these, the system also uses a security based on users authentication and data encryption through the use of different algorithms. The algorithms used are the A3 used for authentication, A5 used for data encryption and the A8 which is used to generate a cipher key. [4] While A5 is well

know by the public, A3 and A8 remained unknown until recently when they were published on the internet. Using a reverse engineering approach, Researchers have shown that these algorithms are weak and have many security flaws. [5] During an initial stage of communication between a MS and BTS, authentication of a user takes place. With these weak algorithms, two important parameters are transmitted. These are the RAND and SRES. Because the transmission is via an open air, an over the air attack could be carried on these parameters to get the authentication key of a user. To solve this kind of attack and provide a remedy to other security flaws being presently experienced, this research considers a newly proposed security system based on a public key cryptography. [3] In a public key cryptography, each party participating in the communication has a pair of keys, the public key and the private key. While the later is only known and kept to the user, the former is shared and exchanged between users, thus used for cryptography. [6] In this type of cryptography, sharing of secret key is absolutely not necessary. Elliptical Curve Cryptography (ECC) is a type of public key cryptography based on an elliptical curve mathematical equation in which a public key is formed as a point on the curve and the private key is generated as a random number. Also the public key is dependent on the private key generated. This is derived by multiplying private key by a generator. [7] The overall ECC algorithm is then attached to a digital signature of the user. [6, 7] The ECC is advantageous in the sense that it requires less bandwidth, allows for high speed and it is efficient in implementation of the network security protocol, thus requires lesser power consumption when compared to other similar protocols like RSA and DH. [3, 8, 9] Finally, this research intends to evaluate the performances of both the described ECC algorithm based security and the present A5 algorithm based security in GSM to form a platform for future security design in GSM and other wireless networks. 1. 2 Ai ms The aim of this research is to investigate performance of public key cryptography in gsm security.

1.3 Object ives A general objective of this work is to provide a more secured algorithm to support the security aims of GSM standard. The specific goals of this dissertation are y to analyse the present security concepts in GSM and the proposed future security concept.

y to critically review the literature on the existing performance evaluation techniques of GSM security algorithms and their flaws.

y to compare the present security algorithms in GSM

1.4 Limitation The GSM network as a whole is known to have under intense attacks over the years. These attacks are due to the large number of users, over 3 billion people depend on the GSM for their daily activities across the world, hence the need for a mor e secured network. Generally, this research groups these attacks into two major divisions; attacks on the cipher algorithm and attacks on the system equipment. However, our research focuses on the cipher algorithm attacks only. In this research, we will limit our analysis to; y The A5 algorithm used in the GSM over-the-air voice encryption with an emphasise on the A5/1 algorithm, the strongest of the thr ee A5 algorithm family which is used in Europe. y The structure of the newly proposed Public Key Cryptography (PKC), the Elliptic Curve Cryptography (ECC) is limited to the specifications and requir ements as stated by the Standards for Efficient Cryptography in SEC1: ECC 2009 [10]. 1.5 Research Structure

The research is an analytical and development research which uses an existing prototype implementation. It is broadly divided into eight chapters. Chapter One introduces the research background, aim and objectives, limitation, structure and related work. Chapter two focuses on the architecture and security of GSM network of GSM network as constituted by the Global System for Mobile Communication (GSM) group and the European Standard for Telecommunication Institute (ESTI). This will enable readers to understand the basis of the work. Chapter three produces the OSI layer and the protocol stack as defined by the principle for operation in GSM network. Chapter four looks at the various attacks on the GSM network in a broader sense. Chapter five introduces the A5 algorithm family; this includes a detailed structure of the A5/1, keystream, various attacks and their evidences. Chapter 6 presents the structure of a newly proposed Public Key Cryptography; the Elliptic Curve Cryptography (ECC) as a replacement for the proven weak A5 algorithm. In Chapter seven, the research analysis the findings of both A5/1 and ECC, critically evaluating both algorithms based on known laboratory research statistic of the security test such as computational speed, key size, compact signature, energy requir ement and processing time. Chapter eight discusses evidence put forward with the under lining assumptions. We further make suggestions for future works and finally, we conclude.

C hapt er T wo

2 .0 GSM Ar chit ectur e a nd S ecur it y 2 .1 An O ver view of GSM net wor k G lob a l S ys t em f or M ob ile C ommu nica t ions (G SM ) was es tab lis hed in 1 98 2 b y t he E ur op ea n C onf er enc e f or P ost a nd t elec o mmu nicat ion Ad minis t r at ions (CE PT ). It s pr ima r y a im wa s t o pr ovid e a digit a l wir eles s s er vice f or t he tr a ns mis s ion of voic e a nd da ta. T oda y, t he GS M is wid el y u s ed b y ov er 8 0 p er cent of t he wor ld p op u lat ion wit h ov er 3 b illion u s er s in mor e t ha n 1 68 cou ntr ies a ccor ding t o a pr es s r elea s e b y t he G SM as s ocia t ion in Ma y, 2 01 1. S ome of t he f ea tur es of GSM ar e t ota l mob ilit y whic h inclu d es glob a l r oa ming t hat a llows us er t o commu nica t e fr om a nywh er e in t he wor ld, high ca pa cit y wit h a n opt ima l sp ectr u m a llocat ion, su p er ior sp eech qu a lit y, digit a l comp at ib ilit y a nd high lev el s ecu r it y u nt il lat ely. As id e t he tr a dit iona l voic e s er vices , t he GSM a ls o of f er s s ome u niqu e s er vices s uch as fa cs imi l e, voice ma il, video ca lling, s hor t mes s a ging, a nd lat ely, it is u s ed f or tr a cking a nd p os it ion f indin g as s een in mob ile Ra dio Fr equ ency I dent if i er ( RFI D ) a nd G loba l P os it ion S yst em ( GPS ) r es p ect ivel y. Su pp lement ar y s er vices of f er inclu d e ca ll f or war ding, us er ident if ica t ion et c.

2 .2 GSM Ar chit ectur e

T he GSM ar chit ect ur e has a comp l ex s yst em which co mp r is es of ma ny s ubs ys t ems a nd int er fa ces. Bas ica lly t he GS M s yst em is ma d e u p of t hr ee su bs ys t ems . T hes e ar e 1 . T he Ra dio Su bs yst em ( RSS ) which is fur t her divid ed int o t he M ob ile Sta t ion ( MS ) a nd t he Bas e S tat ion S ub s yst em ( BSS ). 2 . T he N et wor k a nd S wit ching Su bs yst em ( N SS) 3 . T he Op er at ion a nd Su pp or t Su bs yst em ( OSS) F igur e 1 b elo w s hows t he ar chit ectur e of GSM s yst em

F ig.1 Bas ic Ar chit ectur e of t he GSM S yst em [4 ]

1 . R adio S ubs y st em ( R SS ) As stat ed ear lier , t he Ra dio Su bs ys t em cont ains b ot h t he M ob ile Stat ion ( MS ) a nd t he Bas e S tat ion S ub s yst em ( BSS ).

Mo bile S t at io n ( MS ) : T he MS comp r is es of t he M ob ile E qu ip ment (M E ) a nd a s mar t car d know n as t he S ub scr ib er s I dent it y M odu le ( S IM ). Whil e t he M E has a u niqu e ident it y kno wn as I nt er na t iona l M ob ile E qu ip ment I dent it y ( IM E I ) f or ident if ica t ion of each equ ip ment , t he S IM car d has what is kno w n as t he I nt er nat iona l M ob ile Su bs cr ib er I dent it y ( IMS I ) which is u niqu e f or ev er y s ub scr ib er . T he S IM car d a ls o conta ins a s ecr et key, p ur p os e. u s ed f or a ut hent ica t ion

B as e S t at io n S ubs y s t em (BSS ) : T he BSS comp r is es of t wo ma jor par ts ; t he Bas e T r a ns ceiv er Stat ion ( BT S ) a nd t he Bas e S tation cont r oller ( BS C). Bot h t he BT S a nd

BSC commu n ica t e via t he A- int er fa ce t o a llow int er op er ab ilit y of equ ip ment ma de b y dif f er ent ma nu fa ct ur er s.

B as e T rans ceiv er S t at io n (BTS ) : C onta ins t he micr owa v e tr a ns ceiver s us ed f or r a dio- lin k commu n ica t ion wit h t he MS.

B as e S t at io n co nt ro ller (B SC ) : T he BSC has t wo or mor e BT S connect ed t o it. It f u nct ions inclu de ma na gement of t hes e BT S, cha nnel s et up, ca ll ha ndov er a nd f r equ ency hop p in g.

2 . N et w o rk and S w it ch S ubs y s t em ( NSS ) T he NSS ca n b e des cr ib ed as t he hea r t of t he GSM s ys t em. T his is b ecau s e it links u p b ot h t he wir el es s net wor k a nd t he Pu b lic S wit ch T elep ho ne N et w or k (PST N ). T he co mp on ent s of t he NSS inclu de M ob ilit y S wit ching C ent er (MSC ), H ome L ocat ion R egis t er ( H LR ), Vis it or L ocat ion R egis t er (VL R ), Gat ewa y MSC (G MSC ) a nd t he I nt er wor king f r a me ( I WF ).

Mo bile S w it ching C ent er ( MS C) : T he MSC f or ms t he cor e of t he NSS pr ovidi ng mob il e u s er s wit h r egis tr at ion, u p dat ing of loca t ion, au t hent icat ion, ha ndov er , ca ll r oa min g a nd r out ing. T he MSC ca n a ls o int er connect a mob il e u s er t o a PST N.

H o me Lo cat io n R eg is t er (HL R ): t he HL R is t he mos t vita l databa s e in GS M net w or k a nd it conta ins b ot h stat ic a nd dyna mic a dmi nis t r at ive inf or ma t ion of ever y s ub s cr ib er r egis t er ed in a par t icu lar GSM net wor k. S ome of t he inf or ma t ion st or ed on t his r egis t er inclu des M ob ile S ub scr ib er Int egr at ed S er vice D igita l N et wor k ( MS IS D N), I nt er na t iona l M ob ile S ub scr ib er I dent it y ( IMS I ) a nd ot her su bs cr ib er

s er vice inf or ma t ion s u ch as ca ll r oa min g a nd GPR S, M ob ile Su bs cr ib er R oa ming N u mb er (MSR N ) a nd cur r ent locat ion ar ea (L A) . HL R ca n ha ndl e s ever a l milli on of s ub s cr ib er s data.

V is it o r L o cat io n Reg is ter ( VL R ): VL R is us ua lly at tached t o ea ch MSC a nd it cont a ins dyna mic a dmi nis t r at ive inf or ma t ion of ea ch s ub scr ib er cur r ent ly in t he loca t ion ar ea as s ocia t ed wit h t he MSC. T he VL R is up dat ed b y t he HL R a nd it ca n onl y ha ndle a mil lio n s ub s cr ib er databa s e.

G at ew ay Mo bile S w it ching C ent er (G MS C) : T he G MSC connect s b ot h t he PST N a nd t he G MS net wor k t oget h er fu nct ionin g as t he ex cha nge f or mob il e s ub s cr ib er s nu mb er s. It a ls o links up t he H LR f or r out ing p ur p os es.

I nt erw o rki ng funct io n ( I W F) : T his is a f u nct ion ass ociat ed wit h t he GMS C. O ne of t he f u nct ions is t he conver s ion of a GS M data tr a ns mis s ion t o PST N i. e GSM digit a l tr a ns mis s ion t o a PST N mod em t r a ns mis s ion (S igna ls ).

3 . O perat io n and S uppo rt S ubs ys t em ( OSS ) T his is t he su bs yst em of GSM S yst em whic h dea ls wit h t he op er a t ion a nd ma int ena nce. It comp r is es of t he E qu ip ment I dent it y R egis t er (E IR ), Aut hent ica t ion C ent er ( AUC ) a nd Op er at ion a nd Ma int ena nce ( O MC ).

A ut he nt icat io n C ent er ( A UC ) : T he AUC takes car e of u s er a ut hent ica t ion t o t he net w or k. It keep s cop y of t he s ecr et key, t hat is a ls o a va ila b le on t he s ub scr ib er s

S IM. T his key is u s ed f or us er a ut hent ica t ion a nd data encr yp t ion over t he a ir .

T he AUC a ls o conta ins var ious a lgor it hms us ed f or dif f er ent pur p os es s u ch as t he A3 a lgor it hm us ed f or au t hent ica t ion, t he A5 a lgor it hm u s ed f or da ta encr ypt ion a nd t he A8 a lgor it hm u s ed f or gen er at ing a cip her key.

E quip me nt I dent it y R eg is t er (EI R ) : T his reg is t er keep s t he ident it ies of a ll M ob ile E qu ip ment ( ME ) t hat ar e in t he net wor k. T hes e id ent it ies ar e b y t heir r es p ect ive I M E I. T he E IR keep s a whit e, gr ey a nd b la ck lis t. While t he M ob ile E qu ip ment s on t he whit e lis t ar e a llowed on t he net w or k, t he equ ip ment on t he gr ey lis t ar e fa u lt y a nd cou ld caus e pr ob lem on t he n et wor k. T he equ ip ment lis t ed on t he b la ck list ar e b lock ed a nd not a llow ed on t he net wor k.

O perat io n and Mai nt e na nce C ent er ( OMC) : T he ent ir e GS M net wor k is monit or ed a nd contr olled b y t he OM C. I t fu nct ions inclu de s tat ions r ep or t of ot her ent it ies in t he net w or k, tr a f f ic mon it or ing, s ecur it y ma na gement a nd b illin g.

R ef er enc es

[1] C. Brookson, "GSM (and PCN) Security and Encryption", GSM Security (1994).

[2] S. M. Siddique, M. Amir, "GSM Security Issues and Challenges", in the Proceedings of the Seventh IEEE International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD'06), pp.413-418, June 2006.

[3] B. Kas m, L. Ertaul, "Evaluation of GSM Security", in Proc. of the 5th Symp. on Com. Networks (BAS 2000), Jun. 2000.

[4] J. Schiller, "Mobile Communications", 2nd edition, Addison Wesley, 2003. [5] A. Biryukov A. Shamir, D. Wagner, "Real Time Cryptanalysis of A5/1 on a PC", Fast Software Encryption Workshop 2000, April, 2000, New York City.

[6] Anoop MS, Elliptic Curve Cryptography - An Implementation Guide, January 2007.

[7] A. Burnett, K.Winters, and T. Dowling, A Java implementation of an elliptic curve Cryptosystem, Principles and Practice of Programming in Java 2002.

[8] K. Lauter, The Advantages of Elliptic Curve Cryptography for Wireless Security, IEEE Wireless Communications, vol. 11, no. 1, pp. 62-67, February 2004.

[9] M. Aydos, T. Tan k, . K. Ko, High-Speed Implementation of an ECC-based Wireless Authentication Protocol on an ARM Microprocessor, IEE Pro.: Comms, Oct., 2001, pp 273-279.

[10] Certicom Research. Standards for efficient cryptography SEC 1: Elliptic curve cryptography. http://www.secg.org/download/aid-385/sec1_final.pdf, September 2000.