Mobile Phone Security. Hoang Vo Billy Ngo



Similar documents
UMTS security. Helsinki University of Technology S Security of Communication Protocols

GSM and UMTS security

ETSI TS V4.0.0 ( )

Theory and Practice. IT-Security: GSM Location System Syslog XP 3.7. Mobile Communication. December 18, GSM Location System Syslog XP 3.

Part I. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Mobile Office Security Requirements for the Mobile Office

IY2760/CS3760: Part 6. IY2760: Part 6

How To Understand The Gsm And Mts Mobile Network Evolution

Authentication and Secure Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography

Global System for Mobile Communication Technology

TETRA Security for Poland

GSM Databases. Virginia Location Area HLR Vienna Cell Virginia BSC. Virginia MSC VLR

Notes on Network Security - Introduction

Lecture overview. History of cellular systems (1G) GSM introduction. Basic architecture of GSM system. Basic radio transmission parameters of GSM

Security Requirements for Wireless Networks and their Satisfaction in IEEE b and Bluetooth

Security in the GSM Network

Chap. 1: Introduction

GSM Risks and Countermeasures

Mobile network security report: Poland

The GSM and GPRS network T /301

Module 5. Broadcast Communication Networks. Version 2 CSE IIT, Kharagpur

Global System for Mobile Communications (GSM)

An Example of Mobile Forensics

SPYTEC 3000 The system for GSM communication monitoring

GSM security country report: Germany

Hello viewers, welcome to today s lecture on cellular telephone systems.

Mobile network security report: Belgium

Advanced Topics in Distributed Systems. Dr. Ayman Abdel-Hamid Computer Science Department Virginia Tech

Chapters 1-21 Introduction to Wireless Communication Systems

Cellular Networks: Background and Classical Vulnerabilities

Introduction to Security

Development of Wireless Networks

Review of Cell Phone Technology

GSM security country report: USA

Content Teaching Academy at James Madison University

Ch GSM PENN. Magda El Zarki - Tcom Spring 98

Global System for Mobile Communication (GSM)

Mobile network security report: Germany

How To Write A Transport Layer Protocol For Wireless Networks

SecureCom Mobile s mission is to help people keep their private communication private.

Authentication and Security in Mobile Phones

IMSI Catcher. Daehyun Strobel. 13.Juli Seminararbeit Ruhr-Universität Bochum. Chair for Communication Security Prof. Dr.-Ing.

ETSI ETR 278 TECHNICAL March 1996 REPORT

Wireless Cellular Networks: 1G and 2G

Cellular Network Organization. Cellular Wireless Networks. Approaches to Cope with Increasing Capacity. Frequency Reuse

Mobile network security report: Greece

Mobile network security report: Netherlands

Defense in Cyber Space Beating Cyber Threats that Target Mesh Networks

Mobile network security report: Poland

Sectra Communications ensuring security with flexibility

Wireless Sensor Networks Chapter 14: Security in WSNs

1. Computer Security: An Introduction. Definitions Security threats and analysis Types of security controls Security services

Mobile Communications Chapter 4: Wireless Telecommunication Systems slides by Jochen Schiller with modifications by Emmanuel Agu

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 6. Wireless Network Security

Keeping SCADA Networks Open and Secure DNP3 Security

2G/3G Mobile Communication Systems

WIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006

Security (WEP, WPA\WPA2) 19/05/2009. Giulio Rossetti Unipi

GSM Research. Chair in Communication Systems Department of Applied Sciences University of Freiburg 2010

Mobile Security Wireless Mesh Network Security. Sascha Alexander Jopen

HANDBOOK 8 NETWORK SECURITY Version 1.0

Indian Journal of Advances in Computer & Information Engineering Volume.1 Number.1 January-June 2013, Academic Research Journals.

WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise

TETRA Security. TETRA MoU Association Association House South Park Road Macclesfield Sk11 6SH England

SECURITY ASPECTS IN MOBILE AD HOC NETWORK (MANETS)

Wireless Phone GSM tracking. Denis Foo Kune, John Koelndorfer, Nick Hopper, Yongdae Kim

Security features include Authentication and encryption to protect data and prevent eavesdropping.

Wireless Network Standard and Guidelines

Wireless Network Security

Wireless Mobile Telephony

CS263: Wireless Communications and Sensor Networks

Ebonyi State University Abakaliki 2 Department of Computer Science. Our Saviour Institute of Science and Technology 3 Department of Computer Science

Mobile network security report: Norway

Wireless Sensor Network Security. Seth A. Hellbusch CMPE 257

Security Evaluation of CDMA2000

!!! "# $ % & & # ' (! ) * +, -!!. / " 0! 1 (!!! ' &! & & & ' ( ' 3 ' Giuseppe Bianchi

Security Requirements for Wireless Networking

Security in Ad Hoc Network

Chapter 1: Introduction

9.1 Introduction. 9.2 Roaming

Mobile Security. Practical attacks using cheap equipment. Business France. Presented the 07/06/2016. For. By Sébastien Dudek

Karsten Nohl University of Virginia. Henryk Plötz HU Berlin

International Journal of Computing and Business Research (IJCBR)

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Security Architecture in UMTS Third Generation Cellular Networks Tomás Balderas-Contreras René A. Cumplido-Parra

GSM BASICS GSM HISTORY:

Cryptography and Network Security

Bootstrapping Secure Channels of Communication Over Public Networks

SHORT MESSAGE SERVICE SECURITY

Cellular Analysis for Legal Professionals Larry E. Daniel Digital Forensic Examiner and Cellular Analyst EnCE, DFCP, BCE, ACE, CTNS, AME

Counter Expertise Review on the TNO Security Analysis of the Dutch OV-Chipkaart. OV-Chipkaart Security Issues Tutorial for Non-Expert Readers

SCADA System Security. ECE 478 Network Security Oregon State University March 7, 2005

How To Use A Femtocell (Hbn) On A Cell Phone (Hbt) On An Ipad Or Ipad (Hnt) On Your Cell Phone On A Sim Card (For Kids) On The Ipad/Iph

Transcription:

Mobile Phone Security Hoang Vo Billy Ngo

Table of Content 1. Introduction Page 2 1.1 Analog Network Page 2 1.2 Digital Network Page 2 2. Security Protocols Page 4 2.1 Analog Page 4 2.2 Digital Page 5 3. Vulnerability and Attack Page 7 3.1 Analog Page 7 3.1.1 Cellular Phone Cloning Page 7 3.1.2 Eavesdropping Page 8 3.1.3 Cellular Phone Tracking Page 8 3.2 Digital Page 8 4. Countermeasures Page 11 5. Conclusion Page 12 Bibliography Page 13

1. Introduction Mobile Phone usage has been increasing over the last few years. Today, many people are oriented toward the usage of wireless equipments. Cellular phones, personal pagers, personal digital assistants (PDAs) can be used to receive e-mail, weather updates, stock updates, and other wireless services. Since communication uses air as the transmitted medium, there is a potential that transmitted data can be intercept by other the adversaries. This raises some security issues on the integrity of the transmitted data, the authentication of the source. For communication using mobile phone, there is a potential that some one is eavesdropping, and impersonating. Hence, how reliable is communication on mobile phone. The security of mobile phone communication is relying on the implementation of the system, the protocols which the system is using. In order to understand about security of mobile phone communication, the basic knowledge of mobile phone systems is required. There are two types of network, analog and digital, which conduct wireless communication. 1.1 Analog network The Advance Mobile Service (AMPS) was developed in the Bell Laboratories in the mid 70 s. In the 1983, AT & T deployed a wireless system, which called the Advance Mobile Phone Service (AMPS). The AMPS operates in the 800 MHz frequency band using 30 khz wide channels. The AMPS used the cellular concept with hexagonal cells to divide the coverage area of the system. The AMPS uses a network of cell-sites and switch offices to interface with the landline network of the existing telephone system. The total number of cells covering the area is divided into cluster where each cell within the cluster will assign a distinct frequency and not interfere with the frequencies of the adjacent cells. In 1985, The Total Access Communication System (TACS) was also used in United Kingdom widely. The TACS was also similar to The AMPS network. Both of these network was consider the first generation of mobile phone network. 1.2 Digital Network During the early 1980, analog cellular telephone systems rapidly grow in Europe. Each country developed its own system, which was incompatible with other in equipment and operation. As the result a study group called Groupe Special Mobile (GSM) was

formed to study and develop a public mobile system. Hence, GSM was developed using TDMA technology, which operates at 900 MHz and 1800 MHz, to divide up the bandwidth among as many users as possible. The method chosen by GSM is a combination of Time and Frequency-Division Multiple Access (TDMA/FDMA). The GSM network divided into three broad sections: Mobile Station, Base Station Subsystem, and Network Subsystem. The mobile station consists of the mobile equipment and a smart card called the Subscriber Identity Module (SIM). The SIM card contains the International Mobile Subscriber Identity (IMSI) used to identify the subscriber to the system, a secret key for authentication, and other information. The Base Station Subsystem controls the radio link with Mobile Station. The Network Subsystem performs the switching of calls between the mobile and other fixed or mobile network users, as well as updating the locations, handover and authenticates the call. 2. Security Protocol The Security of the network is depends on the authentication process and the encryption algorithm the networks use. Analog and Digital Mobile systems use different security algorithms to authenticate the user of the network, and to encrypted the transmission. Some authentication processes and encryption algorithms are discussed below. 2.1 Analog The Security scheme of the analog system is quite simple. It uses the MIN/ESN scheme. phone. MIN: Mobile Identify Number. This is a 10-digit telephone number of the mobile ESN: Electronic Serial Number. This is a 32-bit binary stored in ROM at the time of manufacture. 32-bit = 8-bit manufacturer code + 6-bit reserved (unused) + 18-bit manufacturer assigned serial number.

When the mobile phone is requesting for an outgoing call, it sends a pair of unique number MIN/ESN to the base station unencrypted. Upon receiving the MIN/ESN pair, the base station matches its database for the identity of the mobile. In case of roaming, the base station will go against the bad MIN/ESN list; if the MIN/ESN is no in the bad list, the base station will authenticate the MIN/ESN with the mobile home station. All communication is send in clear. 2.3 Digital The Security protocol of digital system is not as simple as the Analog system. When the mobile phone is requesting for an out going call, it sends the IMSI in clear to the Visited Location Register (VLR), which in turn sends the request to the corresponding Home Location Register (HRL). The HRL then get an array of 3- component tuple, (RAND, SRES, Kc)s, from the Authentication Center (Auc) and send back to the VLR, where RAND is a random number, SRES is the output of A3 algorithm using input of RAND and Ki, Kc is the output of A8 algorithm using RAND and Ki as input. To verify the mobile, The VLR sends RAND to challenge the mobile. Upon receiving the correct SRES pack from the mobile, The VLR sends a temporary identity (TSMI) encrypted with Kc using A5 to the mobile. After received the TSMI, the mobile and the VLR communicate to make sure that both parties have the same Kc. For subsequent call, the subscriber use TSMI for requesting out going call, and to obtain new TSMI. All communication is encrypted using A5 algorithm (figure 1 and 2)[7]. figure 1. Authenticate using IMSI

figure 2. Authenticate using TMSI In the last few years, GSM took a lot of flak for their approach to crypto algorithm design, which relied on keeping the algorithms secret. 3GPP has chosen a superior approach to their crypto requirements. They are making open to the public all of their drafts, standards and recommendations, and rely on their algorithms withstanding the scrutiny of any interested researchers [2] The principles for 3GPP security is build on the GSM scheme. The Principles for 3GPP adopted the security features from GSM that have proved to be needed and robust. Also, 3GPP tries to ensure compatibility with GSM in order to ease inter-working and handover. 3GPP remains compatible with the GSM network architecture. It has user authentication and radio interface encryption. 3GPP uses SIM as a security module. This results in removable hardware, terminal independence, and management of all customer parameters. 3GPP operates without user assistance, and requires minimal trust in serving networks [2] Within the security architecture of the 3GPP system there are two standardized algorithms: A confidentiality algorithm f8, and an integrity algorithm f9. These algorithms are fully specified here. Each of these algorithms is based on the KASUMI algorithm that is specified. KASUMI is a block cipher that produces a 64-bit output from a 64-bit input under the control of a 128-bit key [1]. The confidentiality algorithm f8 is a stream cipher that is used to encrypt/decrypt blocks of data under a confidentiality key CK. The block of data may be between 1 and 5114 bits long. The algorithm uses KASUMI in a form of output-feedback mode as a key-stream generator [1].

The integrity algorithm f9 computes a 32-bit MAC (Message Authentication Code) of a given input message using an integrity key IK. The approach adopted uses KASUMI in a form of CBC-MAC mode [1]. 3. Vulnerabilities and Attack With the design and implementation of security protocols of both Analog and Digital System, There are some know vulnerabilities that has been found. 3.1 Analog Since Analog system is send data over the air medium unencrypted, it is prone to eavesdropping, and cloning. 3.1.1 Cellular Phone Cloning The cloning of a cellular telephone occurs when the account number of a victim telephone user is stolen and reprogrammed into another cellular telephone. Each cellular phone has a unique pair of identifying numbers: the electronic serial number ( ESN ) and the mobile identification number ( MIN ). The ESN/MIN pair can be cloned in a number of ways without the knowledge of the carrier or subscriber through the use of electronic scanning devices. After the ESN/MIN pair is captured, the cloner reprograms or alters the microchip of any wireless phone to create a clone of the wireless phone from which the ESN/MIN pair was stolen. The entire programming process takes ten-15 minutes per phone. After this process is completed, both phones (the legitimate and the clone) are billed to the original, legitimate account [9]. As recall early, when the mobile authenticates with the base station. It sends the unencrypted MIN/ESN pair over the communication channel. The MIN/ESN pair can be easy capture with the right equipments. Base on the captured MIN/ESN, the adversary can program his/her phone with the same MIN/ESN. Hence the phone is clone. 3.1.2 Eavesdropping Eavesdropping means to overhear, record, amplify or transmit any part of the private discourse of others without the permission of all persons engaged in the discourse.

Use of cellular phone ESN readers or police scanners can be used for eavesdropping on cell phone conversations [9]. 3.1.3 Cellular Phone Tracking Every cellular telephone is a physical locating device! This is generally true even when the user is not in a call. The phone need merely be switched on. Location tracking is inherent in the way cellular telephones work. The network needs to know (approximately) where you are in order to do its job. There is no known way to avoid revealing your location when you use a cell phone [4]. 3.2 Digital Digital communication is a little more secure than Analog. Since all the transmission is encrypted using the A5 algorithm, the security of the communication channel depend upon the security of A5 algorithm. A5 is vulnerable to brute-force attack, the divide and conquer attack, the biased birthday attach and the random subgraph attack. These attacks are non real-time attack. Brute-force attack has a time complexity of 2^64, there for it is not feasible to be eavesdropping on GSM calls in real time. The Divide and Conquer attack reduces the complexity from 2^54 to 2^45. The Divide and Conquer attack is based on a known plain text attack, where the attacker tries to determine the initial states of the LSFSs from a known keystream sequence [5, 8] The GSM security has a number of problems. The problems with GSM security stem by and large from design limitations on what is protected rather than on defects in the security mechanisms themselves. First, GSM only provides access security. This means communications and signaling in the fixed network portion aren t protected. Second, GSM does not address active attacks, whereby network elements may be impersonated. Next, GSM is designed to be only as secure as the fixed networks to which they connect. Then, lawful interception only considered as an after thought [3] There are a number of problems and limitations in terms of the GSM security. GSM fails to acknowledge limitations. For example, GSM needs encryption to guard against radio channel hijack. Also, the terminal is an unsecured environment, therefore

trust in the terminal identity is misplaced. Then, GSM has inadequate flexibility to upgrade and improve security functions over time. Next, GSM has a lack of visibility that the security is being applied. For example, there is no indication to the user that encryption is on. Also, there is no explicit confirmation to the home network that authentication is properly used when customers roam [3] Then, there is a lack of confidence in cryptographic algorithms. For example, A5/1 algorithm lacks the openness in design and publication. Also, there is misplaced belief by regulators in the effectiveness of controls on the export or (in some counties) the use of cryptography. Another example is that the key length is too short, but some implementation faults make increase of encryption key length difficult. Then, GSM needs to replace A5/1, but poor design of support for simultaneous use of more than one encryption algorithm, is making replacement difficult. Also, the use of COMP 128 is ill advised [3]. There are even more specific problems with GSM security. First, the encryption for GSM is terminated too soon. Therefore, user traffic and signaling is in the clear on microwave links. Second, there are clear transmission of cipher keys and authentication values within and between networks. This means that signaling systems are vulnerable to interception and impersonation. Third, the use of false base stations makes GSM security very vulnerable to cloning [3] The purpose of this clause is to list possible security threats to the 3G system, detailing what the threats achieve, how they are carried out and where in the system they could occur. It is possible to classify security threats in many different ways. In this clause threats in the following categories have been considered [2]. Unauthorized access to sensitive data (violation of confidentiality) - Eavesdropping: An intruder intercepts messages without detection. - Masquerading: An intruder hoaxes an authorised user into believing that they are the legitimate system to obtain confidential information from the user; or an intruder hoaxes a legitimate system into believing that they are an authorised user to obtain system service or confidential information.

- Traffic analysis: An intruder observes the time, rate, length, source, and destination of messages to determine a user s location or to learn whether an important business transaction is taking place. - Browsing: An intruder searches data storage for sensitive information. - Leakage: An intruder obtains sensitive information by exploiting processes with legitimate access to the data. - Inference: An intruder observes a reaction from a system by sending a query or signal to the system. For example, an intruder may actively initiate communications sessions and then obtain access to information through observation of the time, rate, length, sources or destinations of associated messages on the radio interface. Unauthorized manipulation of sensitive data (Violation of integrity) - Manipulation of messages: Messages may be deliberately modified, inserted, replayed, or deleted by an intruder Disturbing or misusing network services (leading to denial of service or reduced availability) - Intervention: An intruder may prevent an authorised user from using a service by jamming the user s traffic, signalling, or control data. - Resource exhaustion: An intruder may prevent an authorised user from using a service by overloading the service. - Misuse of privileges: A user or a serving network may exploit their privileges to obtain unauthorised services or information. - Abuse of services: An intruder may abuse some special service or facility to gain an advantage or to cause disruption to the network. Repudiation: A user or a network denies actions that have taken place. Unauthorized access to services - Intruders can access services by masquerading as users or network entities.

- Users or network entities can get unauthorised access to services by misusing their access rights A number of security threats in these categories are subsequently treated in the remainder of this clause according to the following points of attack: - Radio interface; - Other part of the system; - Terminals and UICC/USIM. 4. Countermeasure As cloning became a major problem for analog mobile phone, several countermeasures were implement and successfully prevent cloning. Here are various methods to detect cloned phones on the network. Duplicate detection. Duplicated detection occurred when same phone number communicate at the same time at different places. When the network detects duplicate number on the network, it will drop all of the calls conducted by that number [9]. Velocity trap. The network uses the time and places of the phone to detect cloning. For example, if the different between the time of the first call and the second calls is small, but the geographic distance is impossible for a person to move from one place to another place; the cloned number is detected [9]. Radio Frequency fingerprinting. The network keeps track of the fingerprint all the mobile phone in its database. Then the network will compare the fingerprint of a mobile phone when the mobile request a call. If invalid fingerprint was detected, cloned number is also detected [9]. Usage profiling. The mobile phone usages are kept and when discrepancies are noticed, the customer is contacted. For example, if a customer normally makes only local calls but is suddenly placing calls to foreign countries for long hours, there is a possible clone detects [9].

5. Conclusion This paper provides the basic understanding of analog and Digital network, and their security level. It shows that analog network does not provide any defends against attack such as eavesdropping and cloning. Even thought Digital network does provide some security features, it still vulnerable to some attacks. For example, A5 algorithm is proven to be crack able. In addition, the encrypted communication is only between the base stations to the mobile. Therefore, It might be unsecured when the communication is transmitted between the bases. Digital security is depends on the algorithm the network implemented. The obstacle this research faced is the lack of published technical details. There are quite a lot of advertising on the mobile communication but limited on the technical details.

Bibliography [1] Gina Ebenezersson, F8 and F9 Algorithm Specifications, 09.05.2000 [referred 05.03.2001] <http://www.etsi.org/dvbandca/3gpp/3gppspecs.htm> [2] Janos A. Csirik, A guide to 3GPP security documents, 01.01.2001 [referred 05.02.2001] <http://www.research.att.com/~janos/3gpp.html> [3] Michael Walker, On the Security of 3GPP Networks, 01.01.2000 [referred 05.02.2001] <http://www.esat.huleuven.ac.be/cosic/eurocrypt2000/mike_walker.pdf> [4] Phil Karn, Cell Phone Tracking, [referred 05.02.2001] <http://www.webdeals.net/celltrack.htm> [5] David Wagner, GSM Cloning, [referred 05.02.2001] <http://www.isaac.cs.berkeley.edu/isaac/gsm.html> [6] Lauri Tarkkala, Attacks against A5, [referred 05.02.2001] <http://www.hut.fi/~ltarkkal/netsec.pdf> [7] Hung-Yu Lin, Lein Harn, Vijay Kumar, Authentication Protocols in Wireless Communications, University of Missouri, Kansas City. [8] Lauri Pesonen, GSM Interception, 11.21.1999 [referred 05.02.2001] <http://www.dia.unisa.it/ads.dir/co w/corso-9900/a5/netsec/netsec.html> [9] Jukka Hynninen, Experiences in Mobile Phone fraud, 03.02.1998 [referred 05.03.2001] <http://www.niksula.cs.hut.fi/~jthynnin/mobfra.html>

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information