25-07-2012, 11:35 AM
GSM SECURITY AND ENCRYPTION
[attachment=28827]
What is GSM?
GSM stands for Global System for Mobile communication
The GSM emerged in the early 1970’s
The GSM is a circuit switched system that divides each 200KHZ channel into eight 25KHZ timeslots
The GSM owns a market share of more than 70 % of the digital cellulor subscribers.
Why GSM?
International roaming
Low-cost mobile sets and base stations
High quality speech
Compatability with integrated services digital network(ISDN) and other telephone company services
Support for new services.
GSM Brief history
1982 CEPT establishes a GSM group inorder to develop the standerds for a pan european cellulor mobile system
1987 Time Division Multiple Access (TDMA) is choosen as the access method
1988 GSM system is validated
GSM-User services
Telephony services
Data services
Supplementary services
GSM security model
The purpose of GSM security:
The access to the mobile services.
Any relavent item from being disclosed at the radio path,mainly inorder to ensure that.
Privacy of user- related information.
Security features of GSM
Authentication of registered subscribers only.
Secure data transfer through the use of encryption.
Subscriber identity protection.
Mobile phones are inoperable without a SIM.
Duplicate SIM or not allowed in the network.
The Authentication Procedure
The mobile station send IMSI to the network.
The network received IMSI and found corresponding KI of that IMSI.
The network generated a 128 bit random number(RAND) and sent it to the mobile station over the air interface.
The MS calculates a SRES with A3 algorithm using the given challenge(RAND) and KI residing in the SIM.At the same time networks calculates the SERS using the same algorithm and same inputs
The MS sends SERS to the network
The network test the SERS for the validity
Encryption of the data
Encrypted communication is initiated by a ciphering mode request command for the GSM network
A5 algorithm used for encrypt the data
The MS authentication is an optional procedure in the beginning of the call,but it is usually not performed
Other security features
Subscribers identity protection
Smart card
Overview of cryptography
Symmetric algorithms
Block ciphers
Stream ciphers
A3 – MS Authentication Algorithm
Goal
Generation of SRES response to MSC’s random challenge RAND
Applications
1. Mobile telephony
2. GSM-R
3. Telemetry system
-fleet management
-automatic meter reading
-toll collection
4.Value added services
FUTURE SCOPE
The range of applications offered, with home banking and electronic trading emerging. The development of interworking between different wireless networks with different cellular technologies, cordless and GSM, and satellite and GSM The development of advanced new broadband wireless technology offering at least 144Kbit/s transmission rates by 2000. The development of new types of terminals with data only facilities over GSM on offer without the need for a cellular phone.
Conclusion
The security mechanisms specified in the GSM standard make it the most secure cellular telecommunications system available. The use of authentication, encryption, and temporary identification numbers ensures the privacy and anonymity of the system's users, as well as safeguarding the system against fraudulent use. Even GSM systems with the A5/2 encryption algorithm, or even with no encryption are inherently more secure than analog systems due to their use of speech coding, digital modulation, and TDMA channel access
[attachment=28827]
What is GSM?
GSM stands for Global System for Mobile communication
The GSM emerged in the early 1970’s
The GSM is a circuit switched system that divides each 200KHZ channel into eight 25KHZ timeslots
The GSM owns a market share of more than 70 % of the digital cellulor subscribers.
Why GSM?
International roaming
Low-cost mobile sets and base stations
High quality speech
Compatability with integrated services digital network(ISDN) and other telephone company services
Support for new services.
GSM Brief history
1982 CEPT establishes a GSM group inorder to develop the standerds for a pan european cellulor mobile system
1987 Time Division Multiple Access (TDMA) is choosen as the access method
1988 GSM system is validated
GSM-User services
Telephony services
Data services
Supplementary services
GSM security model
The purpose of GSM security:
The access to the mobile services.
Any relavent item from being disclosed at the radio path,mainly inorder to ensure that.
Privacy of user- related information.
Security features of GSM
Authentication of registered subscribers only.
Secure data transfer through the use of encryption.
Subscriber identity protection.
Mobile phones are inoperable without a SIM.
Duplicate SIM or not allowed in the network.
The Authentication Procedure
The mobile station send IMSI to the network.
The network received IMSI and found corresponding KI of that IMSI.
The network generated a 128 bit random number(RAND) and sent it to the mobile station over the air interface.
The MS calculates a SRES with A3 algorithm using the given challenge(RAND) and KI residing in the SIM.At the same time networks calculates the SERS using the same algorithm and same inputs
The MS sends SERS to the network
The network test the SERS for the validity
Encryption of the data
Encrypted communication is initiated by a ciphering mode request command for the GSM network
A5 algorithm used for encrypt the data
The MS authentication is an optional procedure in the beginning of the call,but it is usually not performed
Other security features
Subscribers identity protection
Smart card
Overview of cryptography
Symmetric algorithms
Block ciphers
Stream ciphers
A3 – MS Authentication Algorithm
Goal
Generation of SRES response to MSC’s random challenge RAND
Applications
1. Mobile telephony
2. GSM-R
3. Telemetry system
-fleet management
-automatic meter reading
-toll collection
4.Value added services
FUTURE SCOPE
The range of applications offered, with home banking and electronic trading emerging. The development of interworking between different wireless networks with different cellular technologies, cordless and GSM, and satellite and GSM The development of advanced new broadband wireless technology offering at least 144Kbit/s transmission rates by 2000. The development of new types of terminals with data only facilities over GSM on offer without the need for a cellular phone.
Conclusion
The security mechanisms specified in the GSM standard make it the most secure cellular telecommunications system available. The use of authentication, encryption, and temporary identification numbers ensures the privacy and anonymity of the system's users, as well as safeguarding the system against fraudulent use. Even GSM systems with the A5/2 encryption algorithm, or even with no encryption are inherently more secure than analog systems due to their use of speech coding, digital modulation, and TDMA channel access