gsm & umts security

of 29 /29
Sohaib Bin Altaf MSEE-20 Department of Electrical Engineering Military College of Signals National University of Sciences and Technology, (NUST) Pakistan GSM & UMTS Security 1/19/2015 1

Author: sohaib-altaf

Post on 16-Jul-2015




6 download

Embed Size (px)


GSM & UMTS Security

Sohaib Bin AltafMSEE-20Department of Electrical EngineeringMilitary College of SignalsNational University of Sciences and Technology, (NUST)PakistanGSM & UMTS Security1/19/20151OVERVIEWIntroductionGSM ArchitectureSecurity featuresWorking flowchartDefects in GSM securityUMTS ArchitectureSecurity featuresWorking flowchart1/19/20152INTRODUCTIONGSMGlobal System for Mobile CommunicationAlso referred as 2G800/900 and 1800/1900 (MHz) UMTSUniversal Mobile Telecommunication SystemAlso referred as 3G2100 MHz 1/19/20153Entities InvolvedMobile stationSIMIMSITMSIHLRVLRAuCKi/ KcA3 -A5- A8SRESRAND1/19/20154GSM Security1/19/20155GSM ArchitectureThe GSM network can be divided in 4 sections :

-Mobile Station-Base Station Subsystem-Network Management-Subscriber and terminal equipment database

1/19/20156GSM Architecture

1/19/20157Security FeaturesSecurity in GSM consists of the following aspects:

Authentication Signal and Data confidentiality Identity confidentiality

1/19/20158GSM Security ArchitectureEach mobile subscriber is issued with a unique 128-bit secret key (Ki) This is stored on a Subscriber Identity Module (SIM) which must be inserted into the mobile phoneEach subscribers Ki is also stored in an Authentication Centre (AuC) associated with the HLR in the home networkThe SIM is a tamper resistant smart card designed to make it infeasible to extract the customers KiGSM security relies on the secrecy of Kiif the Ki could be extracted then the subscription could be cloned and the subscribers calls could be eavesdroppedeven the customer should not be able to obtain Ki

1/19/20159GSM Authentication

1/19/201510Algorithms (Au)Composed of two algorithms which are often combinedA3 for user authentication A8 for encryption key (Kc) generationLocated in the customers SIM and in the home networks AuCStandardisation of A3/A8 not required and each operator can choose their own

1/19/201511GSM EncryptionData on the radio path is encrypted between the Mobile Equipment (ME) and the Base Transceiver Station (BTS)protects user traffic and sensitive signalling data against eavesdroppingextends the influence of authentication to the entire duration of the call

Uses the encryption key (Kc) derived during authentication

1/19/201512Algorithms (Encryption)A5 Algorithm

Mobile Station (unlike A3/A8)Uses encryption key KcA5/1,A5/2,A5/3The 1st two are commonly used.

1/19/201513Combined Flowchart

1/19/201514Problems1/19/201515Insecure Radio channel

1/19/201516Unencrypted Packets

1/19/201517False Base Station AttackIMSI catching

Intercepting mobile-originated calls by disabling encryption

Intercepting mobile-originated calls by forcing use of a known cipher key

1/19/201518UMTS Security1/19/201519UMTS Architecture The UMTS Network can be divided into

User Equipment (UE)

Radio Access Network (RAN)

Core network (CN)

1/19/201520UMTS Architecture1/19/201521

Security Features1/19/201522Network access securityNetwork Domain SecurityUser Domain SecurityApplication Domain SecurityVisibility and configurability of security

Authentication & Key Agreement (AKA)1/19/201523AuC and USIM sharepermanent secret key K message authentication functions f1, f1*, f2 key generating functions f3, f4, f5

3G Authentication Vectors1/19/201524

Processing in the USIM1/19/201525

Security Architecture1/19/201526

Flowchart 1/19/201527

Algorithms Used1/19/201528

References1/19/201529GSM and UMTS SecurityPeter [email protected] Group R&DGSM and UMTS Security Under Guidance ofProf. Bernard Menezes Vishal Prajapati , Vishal Sevani Om Pal Sudhir RanaInstitute of Technology, Bombay2G and 3G RF PlanningBhavyai GuptaDelhi Technological UniversityUMTS SecurityHelsinki University of TechnologyS-38.153 Security of Communication [email protected]

GSM & UMTS SecurityLevente Buttyn