GSM security: feit en fictie NLUUG Najaarsconferentie 2010 Fabian van den Broek Institute for Computing and Information Sciences (iCIS)

Slides:



Advertisements
Similar presentations
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
Advertisements

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.
GSM Security and Encryption
GSM: SRSLY?. What’s coming up Overview of GSM arch & crypto –Hacking as we go... OpenBootTS-1.0 –GSM Base Station LiveCD Demo BTS is live – feel free.
CELLULAR TELEPHONE NETWORK SECURITY Ari Vesanen, Department of Information Processing Sciences, University of Oulu.
GSM cracking ● Introduction. GSM cracking Scope of this lecture ● A (very) brief tour of GSM ● The Cryptography ● How it's possible to crack it ● What's.
Computer Science CSC 474By Dr. Peng Ning1 CSC 474 Information Systems Security Topic 2.1 Introduction to Cryptography.
Wireless Security David Wagner University of California, Berkeley.
SMUCSE 5349/7349 GSM Security. SMUCSE 5349/7349 GSM Security Provisions Anonymity Authentication Signaling protection User data protection.
CS 555Topic 11 Cryptography CS 555 Topic 1: Overview of the Course & Introduction to Encryption.
CMSC 414 Computer and Network Security Lecture 3 Jonathan Katz.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the reasons for having system.
Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
Dr Alejandra Flores-Mosri Security Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to: –Describe the.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
Chapter 13: Electronic Commerce and Information Security Invitation to Computer Science, C++ Version, Fourth Edition SP09: Contains security section (13.4)
Introduction to Cryptography
Cryptography Instructor : Dr. Yanqing Zhang Presented by : Rajapaksage Jayampthi S.
Chi-Cheng Lin, Winona State University CS 313 Introduction to Computer Networking & Telecommunication Network Security (A Very Brief Introduction)
GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009.
One-Time Pad Or Vernam Cipher Sayed Mahdi Mohammad Hasanzadeh Spring 2004.
CHAPTER 6 Cryptography. An Overview It is origin from the Greek word kruptos which means hidden. The objective is to hide information so that only the.
Network Security Section 1: Introduction to security.
Chapter 20 Symmetric Encryption and Message Confidentiality.
Cryptography Wei Wu. Internet Threat Model Client Network Not trusted!!
Strength of Cryptographic Systems Dr. C F Chong, Dr. K P Chow Department of Computer Science and Information Systems The University of Hong Kong.
WEP Protocol Weaknesses and Vulnerabilities
Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.
Attacks Overview Nguyen Cao Dat 1. BK TP.HCM Outline  Cryptographic Attacks ▫ Frequency analysis ▫ Brute force attack ▫ Meet-in-the-middle attack ▫ Birthday.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.
Intercepting Mobiles Communications: The Insecurity of ► Paper by Borisov, Goldberg, Wagner – Berkley – MobiCom 2001 ► Lecture by Danny Bickson.
Lecture 2: Introduction to Cryptography
Cryptography 1 Crypto Cryptography 2 Crypto  Cryptology  The art and science of making and breaking “secret codes”  Cryptography  making “secret.
National Institute of Science & Technology WIRELESS LAN SECURITY Swagat Sourav [1] Wireless LAN Security Presented By SWAGAT SOURAV Roll # EE
Lecture 3 Page 1 CS 236 Online Introduction to Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Lecture 5 Page 1 CS 236 Online More on Cryptography CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
Department of Computer Science Chapter 5 Introduction to Cryptography Semester 1.
CS201 Tech-Talk Two: Cryptography Michael Hsu CSULA.
CMSC 414 Computer (and Network) Security Lecture 3 Jonathan Katz.
Chris Paget Defcon 18 Practical Cellphone Spying.
1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.
Secret Key Cryptography
GSM, UTMS, Wi-Fi and some Bluetooth
CIT 380: Securing Computer Systems
IT443 – Network Security Administration Instructor: Bo Sheng
What is network security?
Unlicensed Mobile Access (UMA )
Outline Desirable characteristics of ciphers Uses of cryptography
Outline Desirable characteristics of ciphers Uses of cryptography
Presented by: Dr. Munam Ali Shah
By Theodora Kontogianni
Lecture 2.2: Private Key Cryptography II
GSM location updating procedure
Chapter 3:Cryptography (16M)
Security through Encryption
CS/ECE 478 Network Security Dr. Attila Altay Yavuz
GSM location updating procedure
Outline Using cryptography in networks IPSec SSL and TLS.
GSM Global System for Mobile Communications, 1992
Computer Security Chapter Two
Security Attacks, Mechanisms, and Services
Basics Of Symmetric Encryption
LM 7. Cellular Network Security
Review of Cryptography: Symmetric and Asymmetric Crypto Advanced Network Security Peter Reiher August, 2014.
Security in Wide Area Networks
Presentation transcript:

GSM security: feit en fictie NLUUG Najaarsconferentie 2010 Fabian van den Broek Institute for Computing and Information Sciences (iCIS)

Outline Introduction GSM overview Attacks Conclusion

GSM's history Developed during the 80's Deployed from the early 90's Main cipher reverse engineered from 1994 Attacks are found from 1996 onwards (Golic, Biryukov, Biham,...) But practical attacks remain difficult Then the tables move from theory to practice

In the media

GSM overview

GSM overview: Phone and SIM IMSI & TMSI secret key (Ki) Authentication(A3 & A8) Session key(Kc) IMEI Encryption

GSM overview: Network GSM HLR/AuC IMSI ↔ phone number IMSI ↔ customer information IMSI ↔ location IMSI ↔ Ki IMSI ↔ A3 & A8

GSM overview: Authentication Au C IMSI (chall,resp, session key) (ch,rsp,Kc) ch (r,A3(Ki,r), A8(Ki,r)) rsp Kc (Ki,A3,A8)

GSM overview: Algorithms Authentication –A3 –A8 Encryption –A5/0 –A5/1 –A5/2 –A5/3

Attacks

Attack 1: Eavesdropping 1. Capture bursts 2. Decrypt captured bursts 3. Interpret decrypted bursts

Attack 1: Eavesdropping USRP + GNU Radio + AirProbe Step 1: Capture bursts

Attack 1: Eavesdropping Step 2: Decrypt captured bursts Release the Kraken!The A5/1 cracking project

Attack 1: Eavesdropping Stream ciphers A5/1 Kc xx keystream plaintext ciphertext

Attack 1: Eavesdropping Kraken Berlin set Keystream sample Kc GSM burst Known plaintext

Attack 1: Eavesdropping ● GSMDecode (AirProbe) ● WireShark ● OpenBTS ● OpenBSC Step 3: Interpret decrypted bursts

Attack 1: Eavesdropping

Problems ● Reception quality ● Frequency hopping

Attack 2: Man-In-The-Middle Authentication cipher(A5/1) Ciph. started A5/1 Encrypted communication

Attack 2: Man-In-The-Middle Authentication cipher(A5/1) Ciph. started A5/1 Encryption A5/2 Encryption cipher(A5/2) Break Kc Ciph. started

Attack 2: Man-In-The-Middle The cell tower: ● OpenBTS + USRP ● OpenBSC + Siemens BS11 ● OpenBSC + ip.access nanoBTS The Phone: ● OsmocomBB + USRP Ingredients

Attack 2: Man-In-The-Middle ● Again frequency hopping ● Time window ● Detectable Problems

Attack 3: “Simple” MITM Internet Ingredients: ● USRP ● OpenBTS ● Asterisk

Attack 3: “Simple” MITM Problems: ● No incoming calls ● Calling number obscured ● Detectable Upside: ● This already works!

Some other attacks ● IMSI catchers ● Attacks against other parts of the network ● Nokia 1100 ● Locations revealed ● DoS attacks

There is hope still GSM was 2G 3G uses mutual authentication 4G might use AES

What can we do in the mean time? Providers: ● Use A5/3 ● Avoid unnecessary known plaintext ● Provide UMTS But what can WE do? ● Use solely UMTS ● Use crypto solutions

Conclusion

● GSM is insecure ● It will only get less secure ● Many attacks are feasible ● But eavesdropping remains hard

...Besides The weakest link is probably your phone!

Questions?

References USRP GNU Radio OpenBTS OpenBSC AirProbe A5/1, Kraken OsmocomBB

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.