Presentation is loading. Please wait.

Presentation is loading. Please wait.

IWD2243 Wireless & Mobile Security Chapter 2 : Security in Traditional Wireless Network Prepared by : Zuraidy Adnan, FITM UNISEL1.

Published byMaximilian Boone Modified over 9 years ago

Similar presentations

Presentation on theme: "IWD2243 Wireless & Mobile Security Chapter 2 : Security in Traditional Wireless Network Prepared by : Zuraidy Adnan, FITM UNISEL1."— Presentation transcript:

1 IWD2243 Wireless & Mobile Security Chapter 2 : Security in Traditional Wireless Network Prepared by : Zuraidy Adnan, FITM UNISEL1

2 2.1 Security in First Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL2  1G TWN – AMPS (Advanced Mobile Phone System)  Designed with very little security – no encryption  Can be intercept using police scanner  For authentication – MS send Electronic Serial Number (ESN) to the network  Net verifies valid ESN (clear text) – allows subscribers access network services.  Radio hobbyist – can eavesdrop & capture valid ESN and use it to commit fraud.  Security part been enhanced in 2G TWN

3 2.2 Security in 2nd Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL3  Move from analog to digital – design led to significant improvement in the security  Speech coding algorithm, Gaussian Minimum Shift Keying (GMSK), digital modulation, slow freq hopping, TDMA.  See figure 17.1 : GSM Architecture  Network beyond BTS (RBS) is controlled environment – since it was controlled by service provider  Access network (MS to BTS (RBS)) considered as hostile operating environment

4 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL4  Anonymity in GSM  ME switch on – identify itself to the network & requesting services from the network.  Location management using IMSI  Eavesdropper can capture IMSI over the air, since IMSI and subscriber identity need to be submitted in location mgmt.  Considered as security threat.  Anonymity feature – protect the subscriber against someone who knows the subscriber’s IMSI & try to trace subscribers location + identify call made to or from whom.  Using TMSI – still maintained in VLR/MSC – SIM authenticated with the network, network allocate TMSI to the subscriber.  For all communication with the SIM – used TMSI

5 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL5  Key establishment in GSM  Key establishment – used to establish some sort of a secret or key between two communicating parties.  GSM security model – uses a128-bit preshared secret key (Ki) for securing ME-to-BTS interface.  Each SIM is embedded with a unique Ki – information which been shared by SIM and the network.  Part of network which hold the unique Ki – AuC

6 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL6  Authentication in GSM  ME switch on – search for a wireless net to connect to by listening to a certain set of freq.  Found – ME-SIM sends a sign on message to the BTS (RBS) requesting for a network.  BTS contact MSC to decide whether or not to allow the ME- SIM access to the network.  MSC ask HLR to provide it with 5 sets of security triplets.  Sec triplets – 3 numbers – RAND (128bit random number), SRES (32bit signed response to the RAND generated using preshared Ki), and session key Kc (encryption key generated using Ki)

7 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL7  Authentication in GSM (cont.)  MSC pick one, and use it for current session.  RAND sent to the ME via BSC & BTS as a challenge.  ME expected to generate SRES to this RAND using A3 algorithm, Ki stored in its SIM.  SRES sent back to MSC via BTS & BSC.  MSC compares SRES received from ME with SRES from HLR.  Match – MSC safely deduce the ME-SIM has valid Ki. MSC allow ME to access the network.  If SRES do not match – would not allow ME to connect to the network.  See figure 17.2, 17.3 ; page 373.

8 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL8  Authentication in GSM (cont.)  GSM does not specify how BTS and BSC need to be connected & not specify how to secure it.  GSM authenticate the SIM, not the subscriber.  What happen if ME is stolen?  GSM core net maintain a database for all valid equipment (EIR).

9 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL9  Confidentiality in GSM  Session key Kc been used for providing confidentiality over the wireless ME-BTS interface – A5 algorithm.  A5 – Stream chiper – generates a unique key stream for every packet by using 64bit session key (Kc) and the sequence number of the frame as the input.  What’s wrong with GSM security?  No provision for any integrity protection.  Limited encryption scope.  The GSM chiper algorithm are not published along with GSM standard.

10 2.2 Security in 2nd Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL10  What’s wrong with GSM security? (cont.)  Algorithm used for encryption in ME-BTS is no longer secure.  One way authentication.  SIM cloning.

11 2.3 Security in 2.5 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL11  Explosive growth of the Internet – Upgrade net to 2.5G to provide data services.  Connecting ME to the Internet  GPRS (General Packet Radio Services) – provide ME with data connectivity to various web servers  GSM – voice call – 1 timeslot  GSM – data – multiple timeslots, because the need of more bandwidth.  Interesting implications on the security architecture.

12 2.3 Security in 2.5 Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL12  WAP  GPRS provide layer 2 connectivity  Constraint for ME for using HTTP and HTML – bandwidth, memory, CPU, screen size.  Wireless Application Protocol (WAP) come in handy.  WAP – open spec that offers standard method to access internet based content and services from ME  Designed for minimizing bandwidth requirements  Information content formatted suitably for ME’s small screen, low bandwidth, high latency environment – WAE.

13 2.3 Security in 2.5 Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL13  WAP (cont.)  See figure 17.8 : WAP programming model  Client - embedded browser in ME. Server – normal web server  New entity – WAP gateway  Embedded browser request using URL – forwarded by WAP gateway and get info using HTTP & HTML format.  WAP gateway role – reformat the content from web server suitable for WAE transmission and ME display  Language used – WML  End-to-end security required. Using WTLS in WAP stack.  WTLS modeled along the lines of Secure Socket Layer (SSL)/Transport Layer Security (TLS).

14 2.3 Security in 2.5 Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL14  WAP (cont.)  TLS – designed for reliable transport layer (ie. TCP), while WTLS – operate for unreliable datagram transport.  WTLS protocol modified to cope with long roundtrip times and limited bandwidth availability.  WTLS optimized to operate with limited processing power and limited memory of ME.

15 2.3 Security in 2.5 Generation TWNs (cont.) Prepared by : Zuraidy Adnan, FITM UNISEL15  Code Security  Applets can be downloaded and can be executed inside ME.  Extremely important to ensure that the applets is not a malicious piece of code that can harm ME.  Its important to have applets been signed by CA.  If the subscriber trust the CA, can execute the applets.  In otherwise they can block the execution of the applets.

16 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL16  Universal Mobile Telecommunications System (UMTS)  Designed using GSM security as a starting point – to ensure interoperability between both technologies.  Anonymity in UMTS  Builds on the concept of TMSI introduced by GSM.  UMTS architecture provides provisions for encrypting any signaling or subscriber data that might reveal subscriber’s identity.  TMSI located at VLR/MSC, IMSI-TMSI mapping maintain in VLR/MSC

17 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL17  Key establishment in UMTS  No key establishment protocol, uses 128bit preshared secret key (Ki) between USIM and AuC.  Form the basis for all security in UMTS  Authentication in UMTS  Authentication follows GSM authentication model  Net authenticate USIM and USIM authenticates the network  See figure 17.10a : UMTS authentication, page 389  See figure 17.10b : UMTS authentication vector generation, page 390  See figure 17.11 : UMTS response generation at USIM  Most provider used COMP128 algorithm for authentication protocol

18 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL18  Confidentiality in UMTS  Use KASUMI encryption algorithm, 128bit session key CK.  More secure than A5 – GSM, longer key of encryption  See figure 17.12 : UMTS encryption, page 392.  Parameters for f8 (algorithm) :  128bit CK  32bit Count-c – chipering sequence number  5bit Bearer – unique identifier for bearer chanel  1bit Direction – indicates the direction of transmission  16bit Length – indicates the length of key-stream block

19 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL19  Confidentiality in UMTS (cont.)  The key stream XORed with plaintext = chipertext  At the receiving end, chipertext XORed with key stream = plaintext  UMTS security extends the encrypted interface from BTS back to the RNC

20 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL20  Integrity protection in UMTS  Using integrity key – IK, derived using authentication process.  See figure 17.13 : UMTS message integrity  Parameters in f9 (algorithm) :  128bit IK  32bit integrity sequence number  Message  Direction  32bit Fresh – perconnection nonce  Output, chipertext MAC-I  At the receiving end, the process repeated, XMAC-I  The receiver compares XMAC-I with MAC-I, so the receiver can deduce that the message was not tampered with.

21 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL21  Putting the pieces together  See figure 17.14 : UMTS Security – Overview, page 396.  Network Domain Security  Mobile Application Part (MAP), MAPSEC protocol – works at the app layer to protect MAP message cryptographically.  See figure 17.15 : MAPSEC, page 399.  Key Administration Center (KAC) – establish security association (SA) with KAC network B.  Use Internet Key Exchange (IKE) protocol.  3 mode protection :- no protection, integrity protection only, integrity with confidentiality.

22 2.3 Security in 3 Generation TWNs Prepared by : Zuraidy Adnan, FITM UNISEL22  Network Domain Security (cont.)  Strongly influenced by IPSec protocol.  Instead having MAP in SS7 (MAPSEC), MAP over IP-based networks.  UMTS network designers model MAPSEC along IPSec lines.  See figure 17.16 : MAP over IP-based networks, page 400.  KAC replaced by Security Gateway (SEG)  Establish SA with Network B, but not distribute SA’s to its Network Elements (NE)  It maintain database of established SAs and database that specify how and when SAs is going to be used.

Download ppt "IWD2243 Wireless & Mobile Security Chapter 2 : Security in Traditional Wireless Network Prepared by : Zuraidy Adnan, FITM UNISEL1."

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Mobile Communication MMS.

Mobile Communication MMS.
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
GSM Security and Encryption

GSM Security and Encryption
Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.

Islamic University-Gaza Faculty of Engineering Electrical & Computer Engineering Department Global System for Mobile Communication GSM Group Alaa Al-ZatmaHosam.
Peter Howard Vodafone Group R&D

Peter Howard Vodafone Group R&D
Network Security Security in Traditional Wireless Networks 1 Network Security Chapter 6. Security in Traditional Wireless Networks.

Network Security Security in Traditional Wireless Networks 1 Network Security Chapter 6. Security in Traditional Wireless Networks.
GSM Network. GSM-Introduction Architecture Technical Specifications Frame Structure Channels Security Characteristics and features Applications Contents.

GSM Network. GSM-Introduction Architecture Technical Specifications Frame Structure Channels Security Characteristics and features Applications Contents.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Security of Mobile Banking

Security of Mobile Banking
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
GSM Global System for Mobile Communications

GSM Global System for Mobile Communications
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
GSM standard (continued)

GSM standard (continued)
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.

Wireless Application Protocol and i-Mode By Sridevi Madduri Swetha Kucherlapati Sharrmila Jeyachandran.
Information Security of Embedded Systems 20.1.2010: Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Similar presentations

Ads by Google