Presentation is loading. Please wait.

Presentation is loading. Please wait.

GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009.

Published byTrevor Carter Modified over 9 years ago

Similar presentations

Presentation on theme: "GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009."— Presentation transcript:

1 GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009

2 LOGO Friday, February 20, 2009 Contents 1 GSM Overview GSM Architecture GSM Security Architecture Anonymity Authentication Confidentiality GSM Authentication Protocol GSM Security Flaws Crypto Flaws Invalid Assumptions SIM Attacks Fake base station GSM Conclusions 2

3 LOGO Friday, February 20, 2009 GSM Overview GSM introduction & History 1 - GSM: Global System for Mobile communication - GSM frequency is used the 2G and 3G network - 1982 Beginning of GSM (Groupe Spéciale Mobile) - 1986 GSM radio standard - 1987 Groupe Spéciale Mobile (in French) changed to Global System for Mobile communication - 1989 The European Telecommunications Standards Institute accepted GSM as the digital cellular telephony standard. - 1990 Phase 1 GSM 900 specification - 1991 First GSM 900 demonstrated - 1994 First GSM networks in Africa - 1995 GSM phase 2 standardization is completed - 1999 First GPRS network - 2001 more than 500 million people are GSM users Source: http://www.cellular.co.za/gsmhistory.htm 3

4 LOGO Friday, February 20, 2009 GSM Architecture 1 - The mobile is a cell phone - The air interface (a wireless network that transmission from the cell phone to a base station. - The visited network includes multiple base stations and a base station controller. 4

5 LOGO Friday, February 20, 2009 GSM Architecture 1 -The PSTN is also referred to as “land lines” to distinguish it from the wireless network. -The home network includes a home location registry or HLR -The authentication center or AuC maintains the crucial billing information for all mobiles for which this particular home network is home Continued… 5

6 LOGO Friday, February 20, 2009 GSM Architecture Continued… 1 6

7 LOGO Friday, February 20, 2009 GSM Architecture 1 -GSM mobile phone contains Subscriber Identity Module or SIM. -SIM includes a International Mobile Subscriber ID or IMSI. -The SIM also contains a 128-bit key. this key is universally knows as Ki Continued… 7

8 LOGO Friday, February 20, 2009 GSM security architecture 1 The primary security goals set forth by the designers of GSM were: -Make GSM as secure as ordinary telephones -Prevent cell phone cloning GSM was not designed to resist an active attack. At the time, active attacks were considered infeasible. The designers of GSM considered the biggest threats to be insecure billing, corruption, and similar low-tech attacks 8

9 LOGO Friday, February 20, 2009 GSM security architecture 1 GSM consists of 3 security issues: - Anonymity: The anonymity goal for GSM is to prevent intercepted traffic from being used to identify the caller. - Authentication: Correct authentication is necessary for proper billing. Cloning problems is one of the failures - Confidentiality: Calls over the air interface is important to customers and company. 9

10 LOGO Friday, February 20, 2009 Anonymity 1 -GSM provides a very limited form of anonymity -IMSI is used to initially identify the caller then a Temporary Mobile Subscriber ID (TMSI), is assigned to the caller -TMSI is subsequently used to identify the caller -Net effect is that if an attacker captures the initial part of the call, where the IMSI is passed -But practically filtering of IMSI not easy. 10

11 LOGO Friday, February 20, 2009 Authentication 1 In GSM, the caller is authenticated to the base station, but the authentication is not mutual. GSM authentication employs a challenge-response mechanism Mobile -> BS -> LHR Ki is known to LHR which corresponds to caller IMSI HLR generate RAND and computes the “expected response,” XRES = A3(RAND, Ki) BS sends RAND to Mobile Mobile responses as SRES LHR computes XRES=SRES Ki never lease the LHR 11

12 LOGO Friday, February 20, 2009 Confidentiality GSM uses a stream cipher to encrypt the data. High error rate, which is typically about 1 in 1,000 bits, in the cell phone environment. Block cipher, each transmission error causes one or two entire plaintext blocks to be garbled (depending on the mode), while a stream cipher garbles only those plaintext bits corresponding to the specific ciphertext bits that are in error. Encryption symbol is Kc 12

13 LOGO Friday, February 20, 2009 Authentication & Encryption 1 1 & 2.IMSI 3. Kc = A8(RAND, Ki) (Encryption Algorithm) XRES = A3(RAND,Ki) (Authentication … ) 5. Mobile Computes Kc and Ki to generate SRES 6. A5(Kc) is shared symmetric key 13

14 LOGO Friday, February 20, 2009 GSM Security Flaws  There are cryptographic flaws  There are protocol flaws as well.  Attacks on GSM are due to invalid security assumptions made by the original designers of GSM 14

15 LOGO Friday, February 20, 2009 GSM Security Flaws  HashesA3 andA8 both rely on a hash function known as COMP128 can be broken by 150,000 chosen plaintexts  A seller can determine Ki before selling and clone later Crypto Flaws 15

16 LOGO Friday, February 20, 2009 GSM Security Flaws  A GSM phone call is encrypted between the mobile and the base station but not from the base station to the base station controller  Nowadays link between BS and BSC is over a microwave link  Since microwave is a wireless media, it is possible for an attacker to eavesdrop on unprotected calls over this link Invalid Assumptions 16

17 LOGO Friday, February 20, 2009 GSM Security Flaws  Ki is the concern here  One known as optical fault induction, an attacker could force a SIM card to divulge its Ki by using an ordinary flashbulb [209].  Partitioning attacks SIM Attacks 17

18 LOGO Friday, February 20, 2009 GSM Security Flaws 1 st : There is no mutual authentication 2 nd : BS decides whether to encrypt voice or not. Fake Base station 18

19 LOGO Friday, February 20, 2009 GSM Conclusions  GSM is a security failure— though it is certainly a commercial success  But GSM achieved its security design goals on PSTN  First goal eliminate the cloning and secure as PSTN  2 nd goal is that GSM air interface has the fake base station problem but PSTN has wire-taping  The real problem with GSM security is that the initial design goals were too limited  The major insecurities in GSM include weak crypto, SIM issues, the fake base station attack, and a total lack of replay protection. 19

20 Comments. 20 Friday, February 20, 2009

Download ppt "GSM Network Security ‘s Research Project By: Jamshid Rahimi Sisouvanh Vanthanavong 1 Friday, February 20, 2009."

Similar presentations

GSM Network Components

GSM Network Components
Siyang Tian. TOPIC 1.SIM CARD card embedded with subscriber identity module 2. 3G network 3rd generation mobile telecommunications.

Siyang Tian. TOPIC 1.SIM CARD card embedded with subscriber identity module 2. 3G network 3rd generation mobile telecommunications.
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.
GSM Security and Encryption

GSM Security and Encryption
Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.

Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.
Topics In Information Security Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication Presented by Idan Sheetrit

Topics In Information Security Instant Ciphertext-Only Cryptanalysis of GSM Encrypted Communication Presented by Idan Sheetrit
CELLULAR TELEPHONE NETWORK SECURITY Ari Vesanen, Department of Information Processing Sciences, University of Oulu.

CELLULAR TELEPHONE NETWORK SECURITY Ari Vesanen, Department of Information Processing Sciences, University of Oulu.
GSM cracking ● Introduction. GSM cracking Scope of this lecture ● A (very) brief tour of GSM ● The Cryptography ● How it's possible to crack it ● What's.

GSM cracking ● Introduction. GSM cracking Scope of this lecture ● A (very) brief tour of GSM ● The Cryptography ● How it's possible to crack it ● What's.
Mario Čagalj University of Split 2013/2014. Security of Cellular Networks: Man-in-the Middle Attacks ‘Security in the GSM system’ by Jeremy Quirke, 2004.

Mario Čagalj University of Split 2013/2014. Security of Cellular Networks: Man-in-the Middle Attacks ‘Security in the GSM system’ by Jeremy Quirke, 2004.
BY, ARITRA GAUTAM (05-275) & G.PAVANI (05-272).. OVERVIEW OF GSM GSM (group special mobile or general system for mobile communications) is the Pan-European.

BY, ARITRA GAUTAM (05-275) & G.PAVANI (05-272).. OVERVIEW OF GSM GSM (group special mobile or general system for mobile communications) is the Pan-European.
GSM Network. GSM-Introduction Architecture Technical Specifications Frame Structure Channels Security Characteristics and features Applications Contents.

GSM Network. GSM-Introduction Architecture Technical Specifications Frame Structure Channels Security Characteristics and features Applications Contents.
GSM Global System for Mobile Communications

GSM Global System for Mobile Communications
Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
GSM standard (continued)

GSM standard (continued)
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
SMUCSE 5349/7349 GSM Security. SMUCSE 5349/7349 GSM Security Provisions Anonymity Authentication Signaling protection User data protection.

SMUCSE 5349/7349 GSM Security. SMUCSE 5349/7349 GSM Security Provisions Anonymity Authentication Signaling protection User data protection.
G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth.

G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth.
Information Security of Embedded Systems 20.1.2010: Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
GSM Security Overview (Part 1)

GSM Security Overview (Part 1)

Similar presentations

Ads by Google