gsm & umts security
TRANSCRIPT
Sohaib Bin Altaf
MSEE-20Department of Electrical Engineering
Military College of Signals
National University of Sciences and Technology,
(NUST)
Pakistan
GSM & UMTS Security
1/19/20151
OVERVIEW
Introduction
GSM Architecture
Security features
Working flowchart
Defects in GSM security
UMTS Architecture
Security features
Working flowchart
1/19/20152
INTRODUCTION
GSM
Global System for Mobile Communication
Also referred as 2G
800/900 and 1800/1900 (MHz)
UMTS
Universal Mobile Telecommunication System
Also referred as 3G
2100 MHz
1/19/20153
Entities Involved Mobile station
SIM
IMSI
TMSI
HLR
VLR
AuC
Ki/ Kc
A3 -A5- A8
SRES
RAND
1/19/20154
GSM Security
1/19/20155
GSM Architecture
The GSM network can be divided in 4 sections :
-Mobile Station
-Base Station Subsystem
-Network Management
-Subscriber and terminal equipment database
1/19/20156
GSM Architecture
1/19/20157
Security Features
Security in GSM consists of the following aspects:
• Authentication
• Signal and Data confidentiality
• Identity confidentiality
1/19/20158
GSM Security Architecture Each mobile subscriber is issued with a unique 128-
bit secret key (Ki)
This is stored on a Subscriber Identity Module (SIM)which must be inserted into the mobile phone
Each subscriber’s Ki is also stored in an Authentication Centre (AuC) associated with the HLR in the home network
The SIM is a tamper resistant smart card designed to make it infeasible to extract the customer’s Ki
GSM security relies on the secrecy of Ki
if the Ki could be extracted then the subscription could be cloned and the subscriber’s calls could be eavesdropped
even the customer should not be able to obtain Ki1/19/20159
GSM Authentication
1/19/201510
Algorithms (Au)
Composed of two algorithms which are often
combined
A3 for user authentication
A8 for encryption key (Kc) generation
Located in the customer’s SIM and in the home
network’s AuC
Standardisation of A3/A8 not required and each
operator can choose their own
1/19/201511
GSM Encryption
Data on the radio path is encrypted between the Mobile Equipment (ME) and the Base Transceiver Station (BTS) protects user traffic and sensitive signalling data
against eavesdropping
extends the influence of authentication to the entire duration of the call
Uses the encryption key (Kc) derived during authentication
1/19/201512
Algorithms (Encryption)
A5 Algorithm
Mobile Station (unlike A3/A8)
Uses encryption key Kc
A5/1,A5/2,A5/3
The 1st two are commonly used.
1/19/201513
Combined Flowchart
1/19/201514
Problems
1/19/201515
Insecure Radio channel
1/19/201516
Unencrypted Packets
1/19/201517
False Base Station Attack
IMSI catching
Intercepting mobile-originated calls by disabling
encryption
Intercepting mobile-originated calls by forcing use of a
known cipher key
1/19/201518
UMTS Security
1/19/201519
UMTS Architecture
The UMTS Network can be divided into
User Equipment (UE)
Radio Access Network (RAN)
Core network (CN)
1/19/201520
UMTS Architecture
1/19/201521
Security Features
1/19/201522
Network access security
Network Domain Security
User Domain Security
Application Domain Security
Visibility and configurability of security
Authentication & Key Agreement
(AKA)
1/19/201523
AuC and USIM share
…permanent secret key K
…message authentication functions f1, f1*, f2
… key generating functions f3, f4, f5
3G Authentication Vectors
1/19/201524
Processing in the USIM
1/19/201525
Security Architecture
1/19/201526
Flowchart
1/19/201527
Algorithms Used
1/19/201528
References
1/19/201529
GSM and UMTS Security
Peter Howard
Vodafone Group R&D
GSM and UMTS Security Under Guidance ofProf. Bernard Menezes
Vishal Prajapati ,
Vishal Sevani Om Pal Sudhir Rana
Institute of Technology, Bombay
2G and 3G RF PlanningBhavyai GuptaDelhi Technological University
UMTS Security
Helsinki University of TechnologyS-38.153 Security of Communication [email protected]
GSM & UMTS Security
Levente Buttyán