Security in Wide Area Networks

Slides:



Advertisements
Similar presentations
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
Advertisements

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.
GSM Security and Encryption
Multiple Access Techniques for wireless communication
April 25, 2005ECE 457 Cellular Communication ECE 457 Spring 2005.
Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
GSM standard (continued)
CSIS 6251 CSIS 625 Week 14 Wireless Technologies Cell Phones, LMDS, MMDS, etc. Copyright Dan Oelke For use by students of CSIS 625 for purposes.
Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
1 CMPT 371 Data Communications and Networking Spread Spectrum.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
MOBILE PHONE ARCHITECTURE & TECHNOLOGY. HISTORY  The idea of the first cellular network was brainstormed in 1947  Disadvantages  All the analogue system.
Mobile Phone Networks Dr. Hassan Nojumi1 MOBLIE PHONE NETWORKS Dr. Hassan Nojumi.
GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009.
 Global System for Mobile Communications (GSM) is a second generation (2G) cellular standard developed to cater voice services and data delivery using.
Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.
Cellular Mobile Communication Systems Lecture 8
Mobile Telephone System And GSM Security. The Mobile Telephone System First-Generation Mobile Phones First-Generation Mobile Phones Analog Voice Analog.
4.1 Security in GSM Security services – access control/authentication user  SIM (Subscriber Identity Module): secret PIN (personal identification number)
A SEMINAR REPORT ON CELLULAR SYSTEM Introduction to cellular system The cellular concept was developed and introduce by the bell laboratories in the.
Overview of cellular system
1 William Stallings Data and Computer Communications 7 th Edition Chapter 9 Spread Spectrum.
Stallings, Wireless Communications & Networks, Second Edition, © 2005 Pearson Education, Inc. All rights reserved Multiple Access Techniques.
Wired Equivalent Privacy (WEP) Chris Overcash. Contents What is WEP? What is WEP? How is it implemented? How is it implemented? Why is it insecure? Why.
Stallings, Wireless Communications & Networks, Second Edition, © 2005 Pearson Education, Inc. All rights reserved Spread Spectrum Chapter.
Cellular Networks 1. Overview 1G Analog Cellular 2G TDMA - GSM 2G CDMA - IS G 3G 4G and Beyond Cellular Engineering Issues 2.
DATA AND COMPUTER COMMUNICATIONS Eighth Edition by William Stallings Lecture slides by Lawrie Brown Chapter 9 – Spread Spectrum.
The Cellular Concept and Its Implementations. The Cellular Concept The cellular concept was developed and introduced by the Bell Laboratories in the early.
Mobile Telephone System And GSM Security. The Mobile Telephone System First-Generation Mobile Phones First-Generation Mobile Phones Analog Voice Analog.
iit is the worlds’ 7 th largest telecommunication company llargest public sector units in India iit provides telecom services with ICT application.
Presented by Sandeep Kumar IT Final Year 08ESOIT048.
Message Authentication Code
Introduction Wireless devices offering IP connectivity
Wireless Network PMIT- By-
Cellular Networks Wireless Transmission Cellular Concept
The University of Adelaide, School of Computer Science
Global System for Mobile Communications
GSM SECURITY AND ENCRYPTION
GSM,GPRS & CDMA Technology
Bandwidth Utilization
Cryptographic Hash Function
Wireless & Mobile Networking: Multiple Division Techniques
CBS- CDMA.
3G Security Principles Build on GSM security
Presented by: Dr. Munam Ali Shah
By Theodora Kontogianni
Spread Spectrum L.Tahani Aljehani.
GSM location updating procedure
Name:Shivalila A H,Shima
WAP.
Subject Name: GSM Subject Code: 10EC843
GPRS GPRS stands for General Packet Radio System. GPRS provides packet radio access for mobile Global System for Mobile Communications (GSM) and time-division.
Channel Allocation Problem/Multiple Access Protocols Group 3
Channel Allocation Problem/Multiple Access Protocols Group 3
GSM location updating procedure
Mobile Phone Technology
Cellular Telephone Networks
Security in SDR & cognitive radio
Dept. of Business Administration
Security Attacks, Mechanisms, and Services
Special Topic: Wireless Security
Key Exchange, Man-in-the-Middle Attack
LM 7. Cellular Network Security
Security in Wireless Metropolitan Area Networks (802.16)
Security in Wireless Metropolitan Area Networks (802.16)
Lecture 36.
Physical Layer (2).
Lecture 36.
Presentation transcript:

Security in Wide Area Networks

Basic Idea Currently, the only technology that provides this type of coverage is satellite and cell phones. Although satellite technology provides truly global coverage, the current cost makes it impractical for common use. Cell phone technology, on the other hand, is practically ubiquitous and much more affordable 10/20/2019

High redundancy allows voice quality to be maintained. Low-power cells share frequencies and use spread-spectrum technology allowing multiple users per channel per cell. High redundancy allows voice quality to be maintained. Handoffs from one cell to another occur as the mobile unit passes out of one cell’s coverage area and into another’s. (Actually, multiple base stations are received at once, and the strongest is used.) While many locations have poor or no coverage, cellular wireless networks provide the closest approximation to ubiquitous connectivity this side of satellite phones. 10/20/2019

Initially, cellular networks just carried voice. The next step was to use these networks to carry data to provide Internet connectivity through the cell phone. 10/20/2019

digital data over a cellular network. 10/20/2019

efficient way to send digital data over a cellular network. 10/20/2019

CDMA CMDA is a spread-spectrum technique. The transmitter uses a code, shared by both endpoints, to send each bit of data across a large frequency range. The receiver uses the code to reconstruct the original data from the spread-spectrum signal. This frequency-spreading technique makes it very difficult to intercept the signal unless the code is known. While CDMA had been developed originally for military applications, its commercial goal was its larger capacity over TDMA-based systems rather than security. CDMA’s relatively strong security property comes from the low probability of interception (LPI) of the data because of the encoding used for spread spectrum as compared with GSM’s weak(er) encryption of its data [CDMA]. 10/20/2019

GSM Global systems for mobile communication (GSM) is one type of cellular phone network, and it has security mechanisms that provide authentication and encryption. GSM is based on TDMA; thus, intercepting the signals is much easier than in CDMA. Therefore, GSM has separate security mechanisms to encrypt the data it transmits. 10/20/2019

GSM provides mechanisms for authentication and encryption. GSM security mechanisms are based on a shared secret between the home location register (HLR) and the subscriber identity module (SIM)—in other words, the security modules in the phone and the central station. A subscriber identity module is a removable hardware device that provides security, is managed by network operators, and is independent of the terminal device in which it resides. GSM provides mechanisms for authentication and encryption. 10/20/2019

GSM authentication 10/20/2019

The shared secret Ki is a 128-bit key The shared secret Ki is a 128-bit key. Authentication is performed when the HLR or base station sends a 128-bit random number called a challenge to the mobile station (MS), i.e., the phone. The MS calculates the response, a 32-bit signed response (SRES), by using the A3 algorithm feeding the challenge and the shared secret as input. The base station then compares the SRES received from the MS with the expected value. 10/20/2019

GSM encryption 10/20/2019

The MS and base station use a 64-bit session key Kc for data encryption of the over-the-air channel. They calculate Kc by using Ki and a 128-bit random number, which are the same numbers used to calculate the SRES. Instead of using the A8 algorithm as was originally specified, however, most manufacturers use the A3 algorithm to calculate Kc as well. This is done to reduce the number of cryptographic algorithms to encode in the telephone firmware. 10/20/2019

The session key is not used to encrypt the data directly. Instead, it is used to generate the key stream that encrypts the data. Basic stream encryption algorithm works by XORing the Data stream with a key stream generated by a pseudorandom-number generator (PRNG) provided with an initial seed. In this case, the seed is Kc, and the PRNG is the A5 algorithm. Actually, the seed is Kc and the frame number. 10/20/2019

Problems with GSM Security Session life The first problem is the long life of authenticated sessions. While the mobile station may be requested to reauthenticate at the beginning of each call, typically this is not done. This means that the same session key Kc is used for days. The longer a session key is used, the weaker it becomes. 10/20/2019

Weak encryption algorithm Traffic is encrypted via the A5 algorithm only over the air between the mobile and base stations. The data are decrypted when they arrive at the base station and are sent from the base station to the operator’s backbone network in plaintext. Almost all GSM implementations use the COMP-128 algorithm for both A3 and A8 algorithms 10/20/2019

Encryption between mobile host and base station only. Limits to the secret key Other problems There are several other GSM problems. No data integrity algorithm is used; therefore, data could be modified and the receiver could not detect it. Authentication is performed in only one direction, from the user to the network. No mechanism exists to identify the network to the user. Also, there is no indication to the user that encryption is being used. 10/20/2019

3G 3G security is based on GSM but is designed to fix its shortcomings. The security mechanisms of 3G provide authentication, confidentiality, and encryption. 10/20/2019

Authentication GSM authentication provides protection from unauthorized service access and is based on the A3 algorithm, which is known to have limitations. Encryption is used to protect both the user data and the signaling data. The A8 and A5 algorithms are used but are not strong enough. 10/20/2019

Confidentiality Confidentiality is provided by identifying users with a permanent identity, called the international mobile subscriber identity (IMSI) and a temporary mobile subscriber identity (TMSI). Transmission of the IMSI is not protected; it is sent as plaintext. Therefore, a more secure mechanism is needed. The user and network agree on the cipher key and algorithm during the AKA phase. 10/20/2019

Attacker Capabilities In order to perform an attack, an attacker must have one or more of the following capabilities: eavesdropping, impersonation of a user, impersonation of a network, “man in the middle,” or compromising authentication vectors in the network. 10/20/2019

Eavesdropping. This capability allows the intruder to receive signaling, data, and control information associated with other users. This requires a modified mobile station. Impersonation of a user. This capability allows the intruder to send signaling, control, and data information such that it appears to originate from a different user. This requires a modified mobile station. 10/20/2019

“Man in the middle.” This capability allows the intruder to place himself between the target user and the network. Being a “man in the middle” allows the intruder to eavesdrop, modify, delete, reorder, replay, and fake signaling, control, and data messages between the user and the network. This requires a modified base station in conjunction with a modified mobile station. 10/20/2019

Impersonation of a network Impersonation of a network. This capability allows the intruder to send signaling, control, and data information such that it appears to originate from a different network or system component. This requires a modified base station. 10/20/2019