Security Algorithms for Mobile Networks

Speech / Message: Eavesdropping 3. financial transations . Calling Patterns: Frequency of calling.Privacy Requirements 1. Call Setup Information: Calling number. Data: 4. User Identification: 6. User Location: 5.type of Service 2.

Clone Resistant Design: prevent compromise of the unique information. 2. Unique user Id: More than two users can use a MS 3.Theft Resistance Requirements 1. Unique MS Id: Uniquely identifies a stolen MS .

Operates at 900 MHz and 1800 MHz. Integrated Security mechanisms . 2. SIM etc) .Encryption of transmitted data . 3.2G: GSM Systems GSM – Global System for Mobile Communications 1. reachability. Uses TDMA technology to divide bandwidth. 4.Temporary Identification (pseudonyms) . High mobility.Authentication (PIN.

•The key is used for authentication and generation of the session key used for encryption of data over the air channel.GSM: Security Model •Based on a shared secret key between HLR and SIM card of subscriber called Ki. •Stored in the SIM card of the subscriber and at the Authentication Center of MSC. . (128 bit).

2.GSM: Authentication Algo. A3 A3 implemented in SIM and Authentication center: 1. MSC sends a 128-bit random number (RAND) to MS. . MS sends back SRES which is compared with SRES generated at MSC. 3. 128 bits RAND and 128 bits Ki given as input to A3 which gives a 32 bit Signed Response (SRES).

GSM: Session Key Generation Algo. •Both SIM and AuC run A8 algorithm and generate Kc. A8 •Session key Kc is generated from RAND and Ki. • Kc is 64 bits key used to encrypt over the air channel. •Same session key used until MS is authenticated again .

A5 •It is a symmetric stream cipher algorithm which is run for every frame sent.GSM: Encryption Algo. 22 bit frame number. . •Output – 114 bit key block. • Inputs: 64 bit Kc. •This key block is XORed with the 114 bit voice stream and the result is sent over the air. •It is initialized with the session key Kc and the frame number being encrypted/decrypted.

MSC Home -MSC SIM AUC RAND BS -Controller Random Generator SRES A3 Ki Ki A8 Kc A8 A5 HLR Kc A5 Encrypted radio transmission Non-encrypted directed radio transmission Non -encrypted transmission by wire .GSM: Algorithm Implementation Moblie Station Base Station (BS) Guest .

. Active attacks using a "false base station" are possible. Ecryption does not extend far enough towards the core network resulting in the cleartext transmission of user and signalling data across microwave links (in GSM. from the BTS to the BSC). 4. Lack of confidence in cryptographic algorithms. Cipher keys and authentication data are transmitted in clear between and within networks. 1. 3. 2.GSM: Flaws in the Security Model The problems in GSM security model stem by and large from the design limitations on what is protected rather than defects in security mechanisms themselves.

Sign up to vote on this title
UsefulNot useful