GSM Security and Encryption : GSM Security and Encryption P.Suneetha
10040 What is GSM? : What is GSM? GSM stands for Global System for Mobile Communication
. The GSM emerged in the early 1970s.
The GSM is a circuit-switched system that divides each 200 kHz channel into eight 25 kHz time-slots.
The GSM owns a market share of more than 70 percent of the world's digital cellular subscribers. Why GSM? : Why GSM? International roaming.
Low-cost mobile sets and base stations (BSs)
Compatibility with Integrated Services Digital Network (ISDN) and other telephone company services.
Support for new services. GSM Brief History: : GSM Brief History: 1982 CEPT establishes a GSM group in order to develop the standards for a pan-European cellular mobile system.
1987 Time Division Multiple Access (TDMA) is chosen as the access method
1988 GSM system is validated. Tele-communicationsGSM - Architecture : Tele-communicationsGSM - Architecture GSM network areas: : GSM network areas: Cell
MSC Service Area
PLMN GSM - User Services : GSM - User Services Telephony Services
Supplementary Services GSM Security Model : GSM Security Model The Purpose of GSM Security: : The Purpose of GSM Security: The access to the mobile services.
Any relevant item from being disclosed at the radio path, mainly in order to ensure the
privacy of user-related information. Security Features of GSM : Security Features of GSM Authentication of the registered subscribers only
Secure data transfer through the use of encryption
Subscriber identity protection
Mobile phones are inoperable without a SIM
Duplicate SIM are not allowed on the network The authentication procedure : The authentication procedure · The mobile station sends IMSI to the network
· The network received the IMSI and found the correspondent KI of that IMSI.
· The network generated a 128 bit random number (RAND) and sent it to the mobile station Over the air interface.
· The MS calculates a SRES with the A3 algorithm using the given Challenge (RAND) and the KI residing in the SIM. At the same time, the network calculates the SRES using the same algorithm and the same Inputs.
· The MS sends the SRES to the network,
· The network test the SRES for validity. Encryption of the data : Encryption of the data Encrypted communication is initiated by a ciphering mode request command from the GSM network.
The A5 algorithm used to encrypt the data
The MS authentication is an optional procedure in the beginning of a call, but it is usually not performed. Other security features : Other security features Subscriber identity protection
Smart card Overview of Cryptography : Overview of Cryptography Symmetric Algorithms
Stream Ciphers Problems with GSM Security : Problems with GSM Security Security by obscurity.
Only provides access security.
Difficult to upgrade the cryptographic mechanisms
Lack of user visibility Conclusion : Conclusion Even if security algorithms were not broken, the GSM architecture would still be vulnerable to attacks from inside which means the attack targeting the operator’s backbone network
However, the security can be improved in some areas with relatively simple measures.