1. GSM Security Threats and Countermeasures Saravanan Bala Tanvir Ahmed Samuel Solomon Travis Atkison

2. Outline  Introduction  A5/1 algorithm  Security & attacks  Proposed Solution  Hardware Enhancement  Software Application  Conclusion

3. Mobile Communication-GSM  Most widely used cellular technology  Cryptographic Algorithms- A5/1, A5/2, A5/3  A5/1 Algorithm provides over the air privacy

4. A5/1 GSM phone conversations: sequences of frames. One 228 bit = frame is sent in 4.6 milliseconds: 114 bits for the communication in each direction. A5/1 produces 228 bits to XOR with the plaintext in each frame

5. A5/1 LFSRs Consists of 3 LFSRs of different lengths 19 bits x 18 + x 17 + x 16 + x 13 + 1 clock bit 8 tapped bits: 13, 16, 17, 18 22 bits x 21 + x 20 + 1 clock bit 10 tapped bits 20, 21 23 bits x 22 + x 21 + x 20 + x 7 + 1 clock bit 10 tapped bits 7, 20, 21, 22

6. A5/1 - Clocking

7. A5/1 clocking  Majority rule  m=maj(c1, c2, c3)  m=maj(1, 1, 0)  maj = 1  Registers R1 & R2

8. Design Vulnerability  Design of Clock Controlling Unit  Linear Combination Function

9. Possible Attacks  Chosen plain Text attacks  Time memory trade off attacks  Correlation attacks

10. Proposed Counter Measures  Hardware Enhancement  Software Application- Additional Encryption

11. Hardware Enhancement

12. Contd..  Enhanced Majority Rule  Computes two majority values  m1=maj(b1, b2, b3)  m2=maj(c1, c2, c3)  Let S1 = { } and S2 = { } (Imaginary sets)  S1∩S2

13. Contd..  Linear combining functions are cryptographically weak functions  Non Linear Combining Function  Combining function not fixed - changed dynamically by using a 2:1 multiplexer.

14. Software Application  End to end encryption  Encrypt speech signal at user end  Solution includes using transmission of encrypted voice GSM Data Call CSW  Example : SecureGSM  Another solution includes usage of connection based packet switching.  Example : Babylon nG  Both techniques use Diffie-Hellman key agreement protocol for ciphering key exchange and AES cipher for encryption of voice.  Experimentally proved that the implementation of AES cipher provides more robust and efficient system.

15. CONCLUSION  Proposed scheme generates cryptographically better key sequence than the current version of A5/1  Future mobile communications can be handled using UMTS

16. REFERENCES [1] “Secure Mobile Communication Using Low Bit-Rate Coding Method”. IEEE paper published by Wasif, M.; Sanghavi, C.R.; Elahi, M.; [2] “Another attack on A5/1”. IEEE paper published by Patrik Ekdahl and Thomas Johansson. [3] “Enhanced A5/1 Cipher with Improved Linear Complexity”. IEEE paper published by Musheer Ahmad and Izharuddin. [4] “Introduction to the design & analysis of algorithms” by Anany Levitin. [5] Based on the presentation given by Karsten Nohl on the “26th Chaos Communication Congress (26C3)” conference. [6] “Security Enhancements in GSM Cellular Standard”. IEEE paper published by Musheer Ahmad and Izharuddin. [7] “Communication Security in GSM Networks” published on 2008 international conference on security technology by Petr Bouška, Martin Drahanský. [8] “Implementation and Analysis of AES, DES and Triple DES on GSM network” an IEEE paper published by Sachin and Dinesh kumar [9] “Construction of nonlinear Boolean functions with important Cryptographic properties - Advances in Cryptology” by Sarkar and Maitra. [10] Diagram in slide number 6 taken from wikipedia.

17. Questions ????

18. Thank you all