Krypto för mobila system
|
|
- Rosalind Flynn
- 7 years ago
- Views:
Transcription
1 Inst för Elektro- och Informationsteknik Lunds Universitet Box 118, Lund Internetdagarna 2009
2 Introduction Communication standards for mobile systems: GSM, UMTS (3G), 4G, Bluetooth, WiMax, WLAN,... Symmetric cryptography; stream ciphers, block ciphers, MACs Higher levels: IPsec, SSL (TLS),... Symmetric and asymmetric cryptography; digital signatures, key exchange, identifcation,...
3 Introduction Communication standards for mobile systems: GSM, UMTS (3G), 4G, Bluetooth, WiMax, WLAN,... Symmetric cryptography; stream ciphers, block ciphers, MACs Higher levels: IPsec, SSL (TLS),... Symmetric and asymmetric cryptography; digital signatures, key exchange, identifcation,... We look at GSM!
4 GSM Security GSM is an old communication protocol and has security problems. Problem 1: Cloning of SIM cards. Problem 2: Interception of voice and data.
5 GSM Security GSM is an old communication protocol and has security problems. Problem 1: Cloning of SIM cards. Problem 2: Interception of voice and data. The problems come from weak cryptographic algorithms.
6 GSM and an introduction to its security Services: Voice communication, SMS, packet-switched data with GPRS,...
7 GSM and an introduction to its security Services: Voice communication, SMS, packet-switched data with GPRS,... GSM was designed with a moderate level of security.
8 GSM and an introduction to its security Services: Voice communication, SMS, packet-switched data with GPRS,... GSM was designed with a moderate level of security. The system was designed to authenticate the subscriber using a pre-shared key and challenge-response.
9 The GSM infrastructure
10 Databases The HLR database: administrative information about each registered user of a GSM network along with the current location of the MS. The VLR tracks mobiles that are out of their home network, so that the network will know where to find them. The EIR contains a list of each MS IMEI allowed on the network. White listed: Allowed to connect to the network Grey listed: Under observation for possible problems Black listed: Not allowed to connect to the network
11 Databases The HLR database: administrative information about each registered user of a GSM network along with the current location of the MS. The VLR tracks mobiles that are out of their home network, so that the network will know where to find them. The EIR contains a list of each MS IMEI allowed on the network. White listed: Allowed to connect to the network Grey listed: Under observation for possible problems Black listed: Not allowed to connect to the network AUC database contains IMSI: International Mobile Subscriber Identity TMSI: Temporary Mobile Subscriber Identity LAI: Location Area Identity K i : Authentication Key
12 Security Measures in GSM PIN code (authentication of SIM = local security measure, network not involved).
13 Security Measures in GSM PIN code (authentication of SIM = local security measure, network not involved). User authentication (performed by network).
14 Security Measures in GSM PIN code (authentication of SIM = local security measure, network not involved). User authentication (performed by network). Encryption of information sent over air interface.
15 Security Measures in GSM PIN code (authentication of SIM = local security measure, network not involved). User authentication (performed by network). Encryption of information sent over air interface. Usage of TMSI (instead of IMSI) over air interface.
16 User Authentication
17 Encryption in GSM For each call a new encryption key (K c ) is generated during authentication!
18 Security through Obscurity Authentication and encryption algorithms were never made public Whole security model developed in secret Suspicion that cryptographic algorithms are weak Although never published, encryption algorithm has been reverse engineered!
19 Other major security concerns Only air interface transmission is encrypted
20 Other major security concerns Only air interface transmission is encrypted Encryption key (K C ) used for encryption is only bits long
21 Other major security concerns Only air interface transmission is encrypted Encryption key (K C ) used for encryption is only bits long MS is authenticated to the BS, but the BS is not authenticated to the MS. Allows false base stations (man-in-the-middle attack)
22 A3 and A8 encryption algorithms Operator selected algorithms
23 A3 and A8 encryption algorithms Operator selected algorithms Many operators used COMP128-1
24 A3 and A8 encryption algorithms Operator selected algorithms Many operators used COMP128-1 Reverse engineered by Briceno, Goldberg, Wagner 1998
25 A3 and A8 encryption algorithms Operator selected algorithms Many operators used COMP128-1 Reverse engineered by Briceno, Goldberg, Wagner 1998 They also performed cryptanalysis, allowing to find the preshared secret K i. This makes SIM card cloning possible. The attack requires 2 17 chosen values of RAND (a few hours over-the-air using a fake base station). Side-channel attacks will be much stronger.
26 A3 and A8 encryption algorithms Operator selected algorithms Many operators used COMP128-1 Reverse engineered by Briceno, Goldberg, Wagner 1998 They also performed cryptanalysis, allowing to find the preshared secret K i. This makes SIM card cloning possible. The attack requires 2 17 chosen values of RAND (a few hours over-the-air using a fake base station). Side-channel attacks will be much stronger. New algorithms COMP128-2 and COMP128-3 have been developed.
27 A5 encryption algorithms keystream generator z 1, z 2,... m 1, m 2,... c 1, c 2,... Figure: A binary additive stream cipher A5/0, A5/1, A5/2, A5/3, A5/4
28 A5 history The original design was A5/1 (1987), but due to export restrictions the weaker A5/2 was developed (1989). Both were kept secret.
29 A5 history The original design was A5/1 (1987), but due to export restrictions the weaker A5/2 was developed (1989). Both were kept secret. The general design was leaked in 1994
30 A5 history The original design was A5/1 (1987), but due to export restrictions the weaker A5/2 was developed (1989). Both were kept secret. The general design was leaked in 1994 Reverse engineered in 1999 by Marc Briceno (from a GSM telephone)
31 A5 history The original design was A5/1 (1987), but due to export restrictions the weaker A5/2 was developed (1989). Both were kept secret. The general design was leaked in 1994 Reverse engineered in 1999 by Marc Briceno (from a GSM telephone) In 2002 a new algorithm A5/3 was adopted, based on the Kasumi block cipher.
32 A5 history The original design was A5/1 (1987), but due to export restrictions the weaker A5/2 was developed (1989). Both were kept secret. The general design was leaked in 1994 Reverse engineered in 1999 by Marc Briceno (from a GSM telephone) In 2002 a new algorithm A5/3 was adopted, based on the Kasumi block cipher. A5/4
33 Description of A5/1 A register is clocked if its clocking bit (orange) agrees with the majority of the clocking bits of all three registers.
34 Attacking A5/1 in practice Guess-and-Determine - needs some additional FPGA hardware
35 Attacking A5/1 in practice Guess-and-Determine - needs some additional FPGA hardware Time-Memory Tradoff - needs huge precomputations and a large disk
36 Attacking A5/1 in practice Guess-and-Determine - needs some additional FPGA hardware Time-Memory Tradoff - needs huge precomputations and a large disk Correlation Attacks - need a lot of known plaintext
37 Tapping the channel How difficult is it to tap the channel?
38 Tapping the channel How difficult is it to tap the channel? GNU Radio is a free software development toolkit. Provides the signal processing runtime and processing blocks to implement software radios using readily-available, low-cost external RF hardware and commodity processors.
39 Tapping the channel How difficult is it to tap the channel? GNU Radio is a free software development toolkit. Provides the signal processing runtime and processing blocks to implement software radios using readily-available, low-cost external RF hardware and commodity processors. The Universal Software Radio Peripheral (USRP) is a high-speed USB-based board for making software radios. It consists of four high-speed analog-to-digital converters, four high-speed digital-to-analog converters, an FPGA and some glue logic. The USRP is intended to be a relatively cheap hardware device facilitating the building of a software radio. The USRP has an open design, with freely available schematics and drivers, and free software to integrate with GNU Radio.
40 Tapping the channel How difficult is it to tap the channel? GNU Radio is a free software development toolkit. Provides the signal processing runtime and processing blocks to implement software radios using readily-available, low-cost external RF hardware and commodity processors. The Universal Software Radio Peripheral (USRP) is a high-speed USB-based board for making software radios. It consists of four high-speed analog-to-digital converters, four high-speed digital-to-analog converters, an FPGA and some glue logic. The USRP is intended to be a relatively cheap hardware device facilitating the building of a software radio. The USRP has an open design, with freely available schematics and drivers, and free software to integrate with GNU Radio. Ettus Research LLC sells USRPs for US$700.
41 Reflections A wireless channel is extremely vulnerable to passive attacks.
42 Reflections A wireless channel is extremely vulnerable to passive attacks. Also organizations with very small budget can do something.
43 Case study - a Master s project Intercepting GSM traffic
44 Case study - a Master s project Intercepting GSM traffic Undergaduate Sebastian Nilsson, no prior knowledge
45 Case study - a Master s project Intercepting GSM traffic Undergaduate Sebastian Nilsson, no prior knowledge gave him a USRP, and asked him to see what he could do...
46 Case study - results legal issues - unclear situation
47 Case study - results legal issues - unclear situation quickly locate the different base stations and download traffic
48 Case study - results legal issues - unclear situation quickly locate the different base stations and download traffic Traffic statistics, IMSI, TMSI,...
49 Case study - what remains for full interception? technical problems when frequency hopping is used
50 Case study - what remains for full interception? technical problems when frequency hopping is used use some approach to break A5/1 and then recover the conversation
51 Case study - what remains for full interception? technical problems when frequency hopping is used use some approach to break A5/1 and then recover the conversation Hacker organization THC have been working on this...
52 Conclusions Downloading GSM traffic is easy!
53 Conclusions Downloading GSM traffic is easy! If someone develops (free) software for this task, interception of voice and data is possible with almost no additional cost.
54 Conclusions Downloading GSM traffic is easy! If someone develops (free) software for this task, interception of voice and data is possible with almost no additional cost. Passive interception is very difficult to protect against.
55 Conclusions Downloading GSM traffic is easy! If someone develops (free) software for this task, interception of voice and data is possible with almost no additional cost. Passive interception is very difficult to protect against. Do not use GSM if interception is a threat!
UMTS security. Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003
UMTS security Helsinki University of Technology S-38.153 Security of Communication Protocols k-p.perttula@hut.fi 15.4.2003 Contents UMTS Security objectives Problems with GSM security UMTS security mechanisms
More informationGSM and UMTS security
2007 Levente Buttyán Why is security more of a concern in wireless? no inherent physical protection physical connections between devices are replaced by logical associations sending and receiving messages
More informationMobile Security. Practical attacks using cheap equipment. Business France. Presented the 07/06/2016. For. By Sébastien Dudek
Mobile Security Practical attacks using cheap equipment Presented the 07/06/2016 Business France By Sébastien Dudek For Content Security measures Recent publications in the hacking community Practical
More informationGSM Research. Chair in Communication Systems Department of Applied Sciences University of Freiburg 2010
Chair in Communication Systems Department of Applied Sciences University of Freiburg 2010 Dennis Wehrle, Konrad Meier, Dirk von Suchodoletz, Klaus Rechert, Gerhard Schneider Overview 1. GSM Infrastructure
More informationMobile network security report: Poland
Mobile network security report: Poland GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin February 2015 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationTheory and Practice. IT-Security: GSM Location System Syslog XP 3.7. Mobile Communication. December 18, 2001. GSM Location System Syslog XP 3.
Participant: Hack contacting... IT-Security: Theory and Practice Mobile Communication December 18, 2001 Uwe Jendricke uwe@iig.uni-freiburg.de Lecture Homepage: http://www.informatik.uni-freiburg.de/~softech/teaching/ws01/itsec/
More informationMobile network security report: Greece
Mobile network security report: Greece GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin October 2012 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationGSM Risks and Countermeasures
GSM Risks and Countermeasures STI Group Discussion and Written Project Authors: Advisor: Johannes Ullrich Accepted: February 1, 2010 Abstract Recent research has shown that GSM encryption can be cracked
More informationMobile network security report: Norway
Mobile network security report: Norway GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin August 2014 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationPM ASSIGNMENT. Security in Mobile Telephony and Voice over IP
PM ASSIGNMENT Security in Mobile Telephony and Voice over IP Christian Wallin Christian.wallin.7513@student.uu.se Danlu Fu danlu.fu.6095@student.uu.se David Alfonso david.alfonso.5823@student.uu.se 1.
More informationMobile Office Security Requirements for the Mobile Office
Mobile Office Security Requirements for the Mobile Office S.Rupp@alcatel.de Alcatel SEL AG 20./21.06.2001 Overview Security Concepts in Mobile Networks Applications in Mobile Networks Mobile Terminal used
More informationMobile network security report: Poland
Mobile network security report: Poland GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin October 2014 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationGSM security country report: USA
GSM security country report: USA GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin August 2013 Abstract. GSM networks differ widely in their protection capabilities against common attacks.
More informationMobile network security report: Belgium
Mobile network security report: Belgium GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin December 2014 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationMobile network security report: Germany
Mobile network security report: Germany GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin December 2014 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationGSM security country report: Germany
GSM security country report: Germany GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin December 2013 Abstract. GSM networks differ widely in their protection capabilities against common attacks.
More informationAn Example of Mobile Forensics
An Example of Mobile Forensics Kelvin Hilton K319 kchilton@staffsacuk k.c.hilton@staffs.ac.uk www.soc.staffs.ac.uk/kch1 Objectives The sources of evidence The subscriber The mobile station The network
More informationSecurity in the GSM Network
Security in the GSM Network Ammar Yasir Korkusuz 2012 Bogazici University, Electrical-Electronics Engineering Department, MSc. Student EE 588 NETWORK SECURITY TERM PROJECT Abstract: GSM is the biggest
More informationMobile Phone Security. Hoang Vo Billy Ngo
Mobile Phone Security Hoang Vo Billy Ngo Table of Content 1. Introduction Page 2 1.1 Analog Network Page 2 1.2 Digital Network Page 2 2. Security Protocols Page 4 2.1 Analog Page 4 2.2 Digital Page 5 3.
More informationMobile network security report: Netherlands
Mobile network security report: Netherlands GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin July 2014 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationDefending mobile phones. Karsten Nohl, nohl@srlabs.de Luca Melette, luca@srlabs.de
Defending mobile phones Karsten Nohl, nohl@srlabs.de Luca Melette, luca@srlabs.de GSM networks provide the base for various attacks SS7 Phone Base station GSM backend network User database (HLR) Vulnerability
More informationIMSI Catcher. Daehyun Strobel. 13.Juli 2007. Seminararbeit Ruhr-Universität Bochum. Chair for Communication Security Prof. Dr.-Ing.
IMSI Catcher Daehyun Strobel 13.Juli 2007 Seminararbeit Ruhr-Universität Bochum Chair for Communication Security Prof. Dr.-Ing. Christof Paar Contents 1 Introduction 1 2 GSM (Global System for Mobile
More informationAuthentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography
ISSN (Online): 1694-0784 ISSN (Print): 1694-0814 10 Authentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography Wilayat Khan 1 and Habib Ullah 2 1 Department of Electrical
More informationInternational Journal of Computing and Business Research (IJCBR)
AN INVESTIGATION OF GSM ARCHITECTURE AND OVERLAYING WITH EFFICIENT SECURITY PROTOCOL Karun Madan, Surya World Institute of Engg. & Technology, Rajpura, Punjab ABSTRACT The Global System for Mobile Communications
More informationSecurity+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 6 Wireless Network Security Objectives Overview of IEEE 802.11 wireless security Define vulnerabilities of Open System Authentication,
More informationPart I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai 2001. Siemens AG 2001, ICN M NT
Part I Contents Part I Introduction to Information Security Definition of Crypto Cryptographic Objectives Security Threats and Attacks The process Security Security Services Cryptography Cryptography (code
More informationWHITE PAPER. August, 2002. Contacts: Christopher Wingert Mullaguru Naidu
C D M A 1 X R T T S E C U R I T Y WHITE PAPER O V E R V I E W August, 2002 Contacts: Christopher Wingert Mullaguru Naidu T A B L E O F C O N T E N T S 1. Executive Summary 2 2. Security CDMA Networks 3
More informationUsing an approximated One-Time Pad to Secure Short Messaging Service (SMS)
Using an approximated One-Time Pad to Secure Short Messaging Service (SMS) N.J Croft and M.S Olivier Information and Computer Security Architectures (ICSA) Research Group Department of Computer Science
More informationThe GSM and GPRS network T-110.300/301
The GSM and GPRS network T-110.300/301 History The successful analog 1:st generation mobile telephone systems proved that there is a market for mobile telephones ARP (AutoRadioPuhelin) in Finland NMT (Nordic
More information2G/3G Mobile Communication Systems
2G/3G Mobile Communication Systems Winter 2012/13 Integrated Communication Systems Group Ilmenau University of Technology Outline 2G Review: GSM Services Architecture Protocols Call setup Mobility management
More informationMobile Communications
October 21, 2009 Agenda Topic 2: Case Study: The GSM Network 1 GSM System General Architecture 2 GSM Access network. 3 Traffic Models for the Air interface 4 Models for the BSS design. 5 UMTS and the path
More informationPrivacy through Pseudonymity in Mobile Telephony Systems
Privacy through Pseudonymity in Mobile Telephony Systems Eike Ritter University of Birmingham Joint work with Myrto Arapinis, Loretta Mancini and Mark Ryan Eike Ritter Privacy in Mobile Telephony Systems
More information802.11 Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi Giulio.Rossetti@gmail.com
802.11 Security (WEP, WPA\WPA2) 19/05/2009 Giulio Rossetti Unipi Giulio.Rossetti@gmail.com 802.11 Security Standard: WEP Wired Equivalent Privacy The packets are encrypted, before sent, with a Secret Key
More information12/3/08. Security in Wireless LANs and Mobile Networks. Wireless Magnifies Exposure Vulnerability. Mobility Makes it Difficult to Establish Trust
Security in Wireless LANs and Mobile Networks Wireless Magnifies Exposure Vulnerability Information going across the wireless link is exposed to anyone within radio range RF may extend beyond a room or
More informationLTE Security How Good Is It?
LTE Security How Good Is It? Michael Bartock IT Specialist (Security) National Institute of Standards & Technology Jeffrey Cichonski IT Specialist (Security) National Institute of Standards & Technology
More informationEncrypted SMS, an analysis of the theoretical necessities and implementation possibilities
Radboud University Nijmegen Bachelor Thesis Encrypted SMS, an analysis of the theoretical necessities and implementation possibilities Author: Lars Lockefeer Supervisors: Engelbert Hubbers Roel Verdult
More informationSecurity Evaluation of CDMA2000
Security Evaluation of CDMA2000 L. Ertaul 1, S. Natte 2, and G. Saldamli 3 1 Mathematics and Computer Science, CSU East Bay, Hayward, CA, USA 2 Mathematics and Computer Science, CSU East Bay, Hayward,
More informationLecture Objectives. Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks. Agenda. References
Lecture Objectives Wireless Networks and Mobile Systems Lecture 8 Mobile Networks: Security in Wireless LANs and Mobile Networks Introduce security vulnerabilities and defenses Describe security functions
More informationGSM. Global System for Mobile Communications, 1992. Security in mobile phones. System used all over the world. Sikkerhed04, Aften Trusler
GSM Global System for Mobile Communications, 1992 Security in mobile phones System used all over the world 1 GSM: Threat Model What Cloning Eavesdropping Tracking Who Criminals Secret Services Why Break
More informationGSM Databases. Virginia Location Area HLR Vienna Cell Virginia BSC. Virginia MSC VLR
Update ( Update Procedure) Network Mobiles Maryland Maryland Other Rockville Bethesda Maryland Mobile Mobile Cell Cell HLR Vienna Cell 12-Jun-14 22:48 (Page 1) This sequence diagram was generated with
More informationOn the Security of 3GPP Networks
On the Security of 3GPP Networks Michael Walker Vodafone AirTouch & Royal Holloway, University of London Chairman 3GPP SA3 - Security Eurocrypt 2000 Security of 3GPP networks 1 Acknowledgements This presentation
More informationWireless Networks. Welcome to Wireless
Wireless Networks 11/1/2010 Wireless Networks 1 Welcome to Wireless Radio waves No need to be physically plugged into the network Remote access Coverage Personal Area Network (PAN) Local Area Network (LAN)
More informationThe GSM Standard (An overview of its security)
Interested in learning more about security? SANS Institute InfoSec Reading Room This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. The
More informationSolution for Non-Repudiation in GSM WAP Applications
Solution for Non-Repudiation in GSM WAP Applications CRISTIAN TOMA, MARIUS POPA, CATALIN BOJA Economic Informatics Department Academy of Economic Studies Romana Square No. 6, Bucharest ROMANIA cristian.toma@ie.ase.ro
More informationRADIUS. Brief brochure. Product Purpose
Product Purpose The Product is designed for searching, intercepting, registering and analyzing of communication sessions as well as service information circulating in cellular GSM networks without encryption
More informationSPYTEC 3000 The system for GSM communication monitoring
SPYTEC 3000 The system for GSM communication monitoring The SPYTEC 3000 system is intended for passive (if system encryption is absent of if A5.2 encryption is used) or semi-active (if A5.1 encryption
More informationM E M O R A N D U M. Wireless Roaming Services for Emergency Medical Facilities
M E M O R A N D U M TO: FROM: RE: Mr. Jim Bugel, AT&T David Robinson, Syniverse Technologies Wireless Roaming Services for Emergency Medical Facilities DATE: December 13, 2007 Automatic wireless roaming
More information2 System introduction
2 System introduction Objectives After this chapter the student will: be able to describe the different nodes in a GSM network. be able to describe geographical subdivision of a GSM network. be able to
More informationHow To Understand The Gsm And Mts Mobile Network Evolution
Mobile Network Evolution Part 1 GSM and UMTS GSM Cell layout Architecture Call setup Mobility management Security GPRS Architecture Protocols QoS EDGE UMTS Architecture Integrated Communication Systems
More informationCommunication Infrastructure: GSM Communication
Communication Infrastructure: GSM Communication Andreas Schöffl and Michael Irger Abstract. In this Paper we describe the GSM Standard of Mobile Phones. The Global System for Mobile communications is the
More information!!! "# $ % & & # ' (! ) * +, -!!. / " 0! 1 (!!! ' &! & & & ' ( 2 3 0-4 ' 3 ' Giuseppe Bianchi
!!! "# $ % & & # ' (! ) * +, -!!. / " 0! 1 (!!! ' &! & & & ' ( 2 3 0-4 ' 3 ' "#$!!% "&'! #&'!%! () *+,, 3 & 5 &,! #-!*! ' & '.! #%!* //!! & (0)/!&/, 6 5 /, "! First system: NMT-450 (Nordic Mobile Telephone)
More informationAuthentication and Security in Mobile Phones
Authentication and Security in Mobile Phones Greg Rose QUALCOMM Australia ggr@qualcomm.com ABSTRACT Mobile telephone systems have a checkered reputation regarding security and authentication features after
More informationSecurity. Contents. S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks 1
Contents Security requirements Public key cryptography Key agreement/transport schemes Man-in-the-middle attack vulnerability Encryption. digital signature, hash, certification Complete security solutions
More informationKarsten Nohl, karsten@srlabs.de. Breaking GSM phone privacy
arsten Nohl, karsten@srlabs.de Breaking GSM phone privacy GSM is global, omnipresent and wants to be hacked 80% of mobile phone market 200+ countries 5 billion users! GSM encryption introduced in 1987
More informationNetwork Security. Security of Wireless Local Area Networks. Chapter 15. Network Security (WS 2002): 15 Wireless LAN Security 1 Dr.-Ing G.
Network Security Chapter 15 Security of Wireless Local Area Networks Network Security WS 2002: 15 Wireless LAN Security 1 IEEE 802.11 IEEE 802.11 standardizes medium access control MAC and physical characteristics
More informationThe Misuse of RC4 in Microsoft Word and Excel
The Misuse of RC4 in Microsoft Word and Excel Hongjun Wu Institute for Infocomm Research, Singapore hongjun@i2r.a-star.edu.sg Abstract. In this report, we point out a serious security flaw in Microsoft
More informationNAVAL POSTGRADUATE SCHOOL THESIS
NAVAL POSTGRADUATE SCHOOL MONTEREY, CALIFORNIA THESIS SHORT MESSAGE SERVICE (SMS) SECURITY SOLUTION FOR MOBILE DEVICES by Yu Loon Ng December 2006 Thesis Advisor: Co-Advisor: Gurminder Singh John Gibson
More informationWireless LANs vs. Wireless WANs
White Paper Wireless LANs vs. Wireless WANs White Paper 2130273 Revision 1.0 Date 2002 November 18 Subject Supported Products Comparing Wireless LANs and Wireless WANs Wireless data cards and modules,
More informationKarsten Nohl, Chris Paget 26C3, Berlin GSM SRSLY?
Karsten Nohl, Chris Paget 26C3, Berlin GSM SRSLY? Summary: GSM Encryption needs to be shown insecure GSM is constantly under attack: A5/1 cipher shown insecure repeatedly Lack of network authentication
More informationMessage Authentication Codes
2 MAC Message Authentication Codes : and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l08, Steve/Courses/2013/s2/css322/lectures/mac.tex,
More informationA study of user authentication using mobile phone
A study of user authentication using mobile phone Steffen Gullikstad Hallsteinsen Master of Science in Communication Technology Submission date: June 2007 Supervisor: Van Thanh Do, ITEM Co-supervisor:
More informationCIS 6930 Emerging Topics in Network Security. Topic 2. Network Security Primitives
CIS 6930 Emerging Topics in Network Security Topic 2. Network Security Primitives 1 Outline Absolute basics Encryption/Decryption; Digital signatures; D-H key exchange; Hash functions; Application of hash
More informationTETRA Security for Poland
TETRA ASSOCIATION TETRA Security for Poland Brian Murgatroyd TETRA ASSOCIATION former Chairman Security and Fraud Prevention Group Warren Systems (SFPG) Independent Security Consultant brian@warrensystems.co.uk
More informationTETRA Security. TETRA MoU Association Association House South Park Road Macclesfield Sk11 6SH England
TETRA Security TETRA MoU Association Association House South Park Road Macclesfield Sk11 6SH England www.tetramou.com February 2006 TETRA Security Page 2 of 2 1 The TETRA security functions TETRA contains
More informationSecurity in the GSM network
Security in the GSM network Marcin Olawski olawskim@gmail.com Abstract The GSM network is the biggest IT network on the Earth. Most of their users are connected to this network 24h a day but not many knows
More informationGlobal System for Mobile Communication Technology
Global System for Mobile Communication Technology Mobile Device Investigations Program Technical Operations Division DHS - FLETC GSM Technology Global System for Mobile Communication or Groupe Special
More informationCellular Networks: Background and Classical Vulnerabilities
Cellular Networks: Background and Classical Vulnerabilities Patrick Traynor CSE 545 1 Cellular Networks Provide communications infrastructure for an estimated 2.6 billion users daily. The Internet connects
More informationComputer security Lecture 10. Web security, Mobile security
Computer security Lecture 10 Web security, Mobile security Web: Threat model Attacks from communication and network security Also: direct web attacks, phishing, session hijacking, cross-site scripting,...
More informationChap. 1: Introduction
Chap. 1: Introduction Introduction Services, Mechanisms, and Attacks The OSI Security Architecture Cryptography 1 1 Introduction Computer Security the generic name for the collection of tools designed
More informationChapter 6 CDMA/802.11i
Chapter 6 CDMA/802.11i IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 Some material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationAuthentication in WLAN
Authentication in WLAN Flaws in WEP (Wired Equivalent Privacy) Wi-Fi Protected Access (WPA) Based on draft 3 of the IEEE 802.11i. Provides stronger data encryption and user authentication (largely missing
More informationAll vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices
Wireless Security All vulnerabilities that exist in conventional wired networks apply and likely easier Theft, tampering of devices Portability Tamper-proof devices? Intrusion and interception of poorly
More informationMobile Wireless Overview
Mobile Wireless Overview A fast-paced technological transition is occurring today in the world of internetworking. This transition is marked by the convergence of the telecommunications infrastructure
More informationGlobal System for Mobile Communications (GSM)
Global System for Mobile Communications (GSM) Nguyen Thi Mai Trang LIP6/PHARE Thi-Mai-Trang.Nguyen@lip6.fr UPMC/PUF - M2 Networks - PTEL 1 Outline Principles of cellular networks GSM architecture Security
More informationChapter 8. Network Security
Chapter 8 Network Security Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security Some people who
More informationWireless Local Area. Network Security
Wireless Local Area Network Security HONORS PROJECT CIS 345/ Section 131 Spring 2005 Mentor: Prof. C.S. Rani The first part of this research paper will answer questions such as: what is wireless, how wireless
More informationMobile Phone Network Security
Mobile Phone Network Security Internet Security [1] VU Adrian Dabrowski, Markus Kammerstetter, Georg Merzdovnik, Stefan Riegler and Aljosha Judmayer inetsec@seclab.tuwien.ac.at Mobile phone networks 1G
More informationCh 2.3.3 GSM PENN. Magda El Zarki - Tcom 510 - Spring 98
Ch 2.3.3 GSM In the early 80 s the European community decided to work together to define a cellular system that would permit full roaming in all countries and give the network providers freedom to provide
More informationSECURITY ISSUES AND CHALLENGES IN MOBILE COMPUTING AND M-COMMERCE
SECURITY ISSUES AND CHALLENGES IN MOBILE COMPUTING AND M-COMMERCE ABSTRACT Krishna Prakash and Balachandra Department of Information and Communication Technology, MIT Manipal Mobile computing and Mobile
More informationGPRS Network Security
AT&T Wireless Services, Inc. GPRS Network Security Document Number 12199 Revision 0.4.5 Peter Rysavy, Primary Contributing Writer Product Development AT&T Wireless Services, Inc. PO Box 97061 Redmond,
More informationGSM Architecture Training Document
Training Document TC Finland Nokia Networks Oy 1 (20) The information in this document is subject to change without notice and describes only the product defined in the introduction of this documentation.
More informationKey Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards
White Paper Key Hopping A Security Enhancement Scheme for IEEE 802.11 WEP Standards By Dr. Wen-Ping Ying, Director of Software Development, February 2002 Introduction Wireless LAN networking allows the
More informationWireless Mobile Internet Security. 2nd Edition
Brochure More information from http://www.researchandmarkets.com/reports/2330593/ Wireless Mobile Internet Security. 2nd Edition Description: The mobile industry for wireless cellular services has grown
More informationSecurity in cellular-radio access networks
Security in cellular-radio access networks Ravishankar Borgaonkar, Oxford University 5G Security Workshop Stockholm, Sweden 11 May 2016 Outline Radio Access Network Layered Security Emerging low cost attacks
More informationCS 8803 - Cellular and Mobile Network Security: GSM - In Detail
CS 8803 - Cellular and Mobile Network Security: GSM - In Detail Professor Patrick Traynor 9/27/12 Cellular Telecommunications Architecture Background Air Interfaces Network Protocols Application: Messaging
More informationMobile Banking in Developing Countries: Secure Framework for Delivery of SMS-banking Services MASTER THESIS
Mobile Banking in Developing Countries: Secure Framework for Delivery of SMS-banking Services MASTER THESIS Author: Abunyang Emmanuel Student Number: s0535249 Radboud University Nijmegen. The Netherlands
More informationSecurity Measures and Weaknesses of the GPRS Security Architecture
Security Measures and Weaknesses of the GPRS Security Architecture Christos Xenakis Security Group, Communication Networks Laboratory, Department of Informatics & Telecommunications, University of Athens,
More informationSecurity in Wireless Local Area Network
Fourth LACCEI International Latin American and Caribbean Conference for Engineering and Technology (LACCET 2006) Breaking Frontiers and Barriers in Engineering: Education, Research and Practice 21-23 June
More informationReport to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer. February 3, 1999
Report to WIPO SCIT Plenary Trilateral Secure Virtual Private Network Primer February 3, 1999 Frame Relay Frame Relay is an international standard for high-speed access to public wide area data networks
More informationSecurity of phone communications
Security of phone communications Authentication, identification and mobile security Matej Kovačič (CC) 2015 This work is published under Creative Commons licence: AttributionNonCommercial-ShareAlike 2.5
More informationIT Networks & Security CERT Luncheon Series: Cryptography
IT Networks & Security CERT Luncheon Series: Cryptography Presented by Addam Schroll, IT Security & Privacy Analyst 1 Outline History Terms & Definitions Symmetric and Asymmetric Algorithms Hashing PKI
More informationECE 297:11 - Lecture 1. Security Services. Basic Concepts of Cryptology. Security Threats and Security Services. Need for information security
ECE 297:11 - Lecture 1 Security Services Basic Concepts of Cryptology Need for information security widespread use of data processing equipment: computer security widespread use of computer networks and
More informationGSM GPRS. Course requirements: Understanding Telecommunications book by Ericsson (Part D PLMN) + supporting material (= these slides)
GSM Example of a PLMN (Public Land Mobile Network) At present most successful cellular mobile system (over 200 million subscribers worldwide) Digital (2 nd Generation) cellular mobile system operating
More informationVoIP Security. Seminar: Cryptography and Security. 07.06.2006 Michael Muncan
VoIP Security Seminar: Cryptography and Security Michael Muncan Overview Introduction Secure SIP/RTP Zfone Skype Conclusion 1 Introduction (1) Internet changed to a mass media in the middle of the 1990s
More informationMobile Services (ST 2010)
Mobile Services (ST 2010) Chapter 3: Mobility Management Axel Küpper Service-centric Networking Deutsche Telekom Laboratories, TU Berlin 1 Mobile Services Summer Term 2010 3 Mobility Management 3.1 Handover
More informationWIRELESS NETWORKING SECURITY
WIRELESS NETWORKING SECURITY Dec 2010 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationMobile Terminal Security
Mobile Terminal Security Olivier Benoit 1, Nora Dabbous 2, Laurent Gauteron 1, Pierre Girard 1 Helena Handschuh 2, David Naccache 2, Stéphane Socié 1, Claire Whelan 3 1. Gemplus Innovation 2. Gemplus Innovation
More informationProblems of Security in Ad Hoc Sensor Network
Problems of Security in Ad Hoc Sensor Network Petr Hanáček * hanacek@fit.vutbr.cz Abstract: The paper deals with a problem of secure communication between autonomous agents that form an ad hoc sensor wireless
More informationLecture overview. History of cellular systems (1G) GSM introduction. Basic architecture of GSM system. Basic radio transmission parameters of GSM
Lecture overview History of cellular systems (1G) GSM introduction Basic architecture of GSM system Basic radio transmission parameters of GSM Analogue cellular systems 70 s In the early 70 s radio frequencies
More information