24-09-2014, 12:38 PM
GSM SECURITY AND
ENCRYPTION
GSM SECURITY.pdf (Size: 732.2 KB / Downloads: 19)
INTRODUCTION
The motivations for security in cellular telecommunications systems are to secure
conversations and signaling data from interception as well as to prevent cellular telephone fraud.
With the older analog-based cellular telephone systems such as the Advanced Mobile Phone
System (AMPS) and the Total Access Communication System (TACS), it is a relatively simple
matter for the radio hobbyist to intercept cellular telephone conversations with a police scanner. A
well-publicized case involved a potentially embarrassing cellular telephone conversation with a
member of the British royal family being recorded and released to the media. Another security
consideration with cellular telecommunications systems involves identification credentials such as
the Electronic Serial Number (ESN), which are transmitted "in the clear" in analog systems. With
more complicated equipment, it is possible to receive the ESN and use it to commit cellular
telephone fraud by "cloning" another cellular phone and placing calls with it. Estimates for cellular
fraud in the U.S. in 1993 are as high as $500 million. The procedure wherein the Mobile Station
(MS) registers its location with the system is also vulnerable to interception and permits the
subscriber’s location to be monitored even when a call is not in progress, as evidenced by the
recent highly-publicized police pursuit of a famous U.S. athlete.
The security and authentication mechanisms incorporated in GSM make it the most secure
mobile communication standard currently available, particularly in comparison to the analog
systems described above. Part of the enhanced security of GSM is due to the fact that it is a digital
system utilizing a speech coding algorithm, Gaussian Minimum Shift Keying (GMSK) digital
modulation, slow frequency hopping, and Time Division Multiple Access (TDMA) time slot
architecture. To intercept and reconstruct this signal would require more highly specialized and
expensive equipment than a police scanner to perform the reception, synchronization, and
decoding of the signal. In addition, the authentication and encryption capabilities discussed in this
paper ensure the security of GSM cellular telephone conversations and subscriber identification
credentials against even the determined eavesdropper.
GSM RADIO CHANNEL
The GSM standard specifies the frequency bands of 890 to 915 MHz for the uplink band,
and 935 to 960 MHz for the downlink band, with each band divided up into 200 kHz channels.
Other features of the radio channel interface include adaptive time alignment, GMSK modulation,
discontinuous transmission and reception, and slow frequency hopping. Adaptive time alignment
enables the MS to correct its transmit timeslot for propagation delay. GMSK modulation provides
the spectral efficiency and low out-of-band interference required in the GSM system.
Discontinuous transmission and reception refers to the MS powering down during idle periods and
serves the dual purpose of reducing co-channel interference and extending the portable unit's
battery life. Slow frequency hopping is an additional feature of the GSM radio channel interface
which helps to counter the effects of Rayleigh fading and co-channel interference.
CONCLUSION
The security mechanisms specified in the GSM standard make it the most
secure cellular telecommunications system available. The use of authentication,
encryption, and temporary identification numbers ensures the privacy and anonymity
of the system's users, as well as safeguarding the system against fraudulent use.
Even GSM systems with the A5/2 encryption algorithm, or even with no encryption
are inherently more secure than analog systems due to their use of speech coding,
digital modulation, and TDMA channel access.