Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mobile Phone Technology

Published byAugustus Joseph Modified over 6 years ago

Similar presentations

Presentation on theme: "Mobile Phone Technology"— Presentation transcript:

1 Mobile Phone Technology
Lecture 8: CSE 490c 10/12/2018 University of Washington, Autumn 2018

2 University of Washington, Autumn 2018
Announcements Sign up to demo programming assignment one 10/12/2018 University of Washington, Autumn 2018

3 Mobile Money Technology
Financial accounts associated with mobile phone Over the counter (OTC) agents are available for Cash In, Cash Out 10/12/2018 University of Washington, Autumn 2018

4 University of Washington, Autumn 2018
Documentation for MTN Uganda 10/12/2018 University of Washington, Autumn 2018

5 University of Washington, Autumn 2018
Currency: Uganda Shilling (Ush) 10/12/2018 University of Washington, Autumn 2018

6 University of Washington, Autumn 2018
10/12/2018 University of Washington, Autumn 2018

7 Implementation using SMS
Does SMS work for mobile money? Send as a text message: TO: AMT: PIN: 1234 Multiple issues, some are partially addressable Usability Spoofing Message interception Multiple rounds may be needed for confirmation 10/12/2018 University of Washington, Autumn 2018

8 University of Washington, Autumn 2018
USSD Protocol Networking: Post cards vs. phone calls Session opened between mobile operator and handset Can be opened in either directions Fixed size messages with header and text payload Phone number (short code) can trigger USSD app Timeouts on operations Session time out 10/12/2018 University of Washington, Autumn 2018

9 University of Washington, Autumn 2018
USSD Protocol 10/12/2018 University of Washington, Autumn 2018

10 Security of Mobile Money
Connection between handset and tower Encrypted transport to MNO Servers Secure banking operations As secure as the GSM System 10/12/2018 University of Washington, Autumn 2018

11 University of Washington, Autumn 2018
Subscriber Identity Module Sim Card Smart Card Integrated Circuit on card form File system, programs, operating system, parameters Sim Card Smart Card for handset to communicate with base station Power and communication provided by handset Issued by mobile operator Each Sim Card is unique 10/12/2018 University of Washington, Autumn 2018

12 University of Washington, Autumn 2018
Sim Card Data ICCID, Integrated Circuit Card Identifier Identifier of the SIM card itself IMSI, International Mobile Subscriber Identity Identify Subscriber and Network Authentication Key (Ki) Unique, 128 bit key for authentication Secret, not readable Location area identity SMS Messages and Contacts 10/12/2018 University of Washington, Autumn 2018

13 Tower validating a phone
10/12/2018 University of Washington, Autumn 2018

14 Establishing a connection
Handset (Sim Card) and tower must share a secret to prove identity and allow a connection to be established A session key is then created for secret communication Sim Card has the Authentication Key, and Tower can look it up from the subscriber data base However the handset can’t send the key, since someone could be listening 10/12/2018 University of Washington, Autumn 2018

15 Challenge Response Algorithm
Simcard sends IMSI (subscriber identity) Tower looks up secret key, Kt Tower generates random 128 bit number X Tower sends X to handset Tower computes Ft = A(Kt, X) Handset computes Fh = A(Kh, X) Handset sends Fh to Tower If Tower confirms that Fh = Ft communication is established 10/12/2018 University of Washington, Autumn 2018

16 University of Washington, Autumn 2018
Cryptography Function A is a non-invertable hash function If you know x, you can compute A(x) If you know A(x), you can’t figure out x To the eavesdropper, both X and F look random 128 bits is big enough that brute force probably won’t work Different ciphers A have been used in the GSM standard Many studies have been done on extracting secrets from Sim cards and attempting to clone Sim cards 10/12/2018 University of Washington, Autumn 2018

17 Mobile Money in a SimCard
Since the SimCard can have programs, Mobile Money can implemented on the Sim Card Similar Menu Based operations to USSD But more flexibility in interface, or response Can implement cryptography for encoding Can use encrypted SMS or USSD as a communications mechanism Will generally rely on SMS receipts to acknowledge transaction 10/12/2018 University of Washington, Autumn 2018

18 Thin Sims

19 Thin Sims: What Field installable
Contains all the functionality of a sim card Allows third party apps Free from carrier restrictions Can read and modify all communication between the phone and the sim card

20 Communication between Person and SIM

21 Communication between Person and Thin SIM

22 Checking mobile money balance
Misleading (pass vs receive, read, forward)

23 Thin Sims: WHY Cell phone unlocking Distribution of apps
Equity Bank, Mobile Money, Kenya Community Health Worker application, Medic Mobile Malicious Installation

Download ppt "Mobile Phone Technology"

Similar presentations

Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.

Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Security of Mobile Banking

Security of Mobile Banking
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
Information Security for Managers (Master MIS)

Information Security for Managers (Master MIS)
LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.
GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009.

GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
Chapter 4 Application Level Security in Cellular Networks.

Chapter 4 Application Level Security in Cellular Networks.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
EVALUATING SECURITY OF SMART PHONE MESSAGING APPLICATIONS PRESENTED BY SUDHEER AKURATHI.

EVALUATING SECURITY OF SMART PHONE MESSAGING APPLICATIONS PRESENTED BY SUDHEER AKURATHI.
4.1 Security in GSM Security services – access control/authentication user  SIM (Subscriber Identity Module): secret PIN (personal identification number)

4.1 Security in GSM Security services – access control/authentication user  SIM (Subscriber Identity Module): secret PIN (personal identification number)
CIS 325: Data Communications1 Chapter Seventeen Network Security.

CIS 325: Data Communications1 Chapter Seventeen Network Security.
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

Similar presentations

Ads by Google