I. INTRODUCTIONSecurity in GSM NetworksAbstract – Global System for Mobile Communication(GSM) is a digital cellular communication system which isnow well established globally and users rely heavily on theconvenient communication it provides. This reportpresents a comprehensive study of the GSM systemsecurity with focus on the effectiveness of itsauthentication and the strength of its encryption. Itincludes the analysis of the most significant attacks onGSM security mechanisms which exposes thevulnerabilities in the present security architecture. Theproposed changes to be made to the architecture andalgorithms are also discussed. This report further extendsas to how an end-to-end secure GSM network can beestablished, incorporating the proposed changes.Index Terms - Algorithms, Anonymity, Authentication, Cipherkey, Encryption, End-to-end security, Integrity, Key generation,Key sharing. I. INTRODUCTIONThe Global System for Mobile Communications (GSM) isone of the first Digital Cellular Communications Systemwhich offers a highly secured international mobility to theuser than any other existing cellular systems in the world.In spite of GSM being a widely deployed digital standardaround the world it has some hidden weaknesses whenconcerned with the security issues. Previously it wasbelieved that security can be achieved through obscurity,so the algorithms were not revealed to the public. Butwith ages, as the topic of security has become widelyopen with the security algorithms being exposed to thepublic, it has been proved that if given enough time andresources, the so called secured algorithms used in GSMnetworks are no longer secure. The major issuesconcerned with security in GSM networks areauthentication, key generation and end-to-end dataencryption over air. Multiple algorithms like A5, A3 andA8 are used to address all the security issues. Though theinitial versions of these algorithms have been broken,these algorithms were revised frequently and the requiredchanges were made to make them more secure againstpossible attacks. In addition to the brute force attackwhich is the most common attack to retrieve the keys,there are many kinds of attacks to which the GSM_____________________________________________________*This report is part of course project for ECE 746 course under guidance ofDr. Kris Gaj. We gratefully acknowledge support received from Dr. Gaj.networks are highly vulnerable. Main focus of our projectis on analyzing possible attacks and the counter measurestaken to overcome these attacks with primary importancegiven to end-to-end encryption. We will also discussbriefly about the functioning of these algorithms and onwhich part of the network they are actually implemented. This report presents the security servicesprovided by the GSM Networks followed by theterminology used and describes the GSM securityoperation with focus on the effectiveness of GSMauthentication and the strength of the GSM encryption. Ittherefore includes the most significant physical andcryptanalytic attacks against GSM security mechanisms,like Brute force attack, Birthday Biased attack, cloning ofSIM cards, false base station attacks, etc. It furtherproceeds to discuss the GSM features that will beretained and improved from the previous networks andalso the possible enhancements that can be incorporatedin the network in order to achieve a secure mobile phonesystem.1.1 Security services provided by GSMAnonymity - This means that it should not be easy toidentify the user of the system, which is done by usingtemporary identifiers. When a user first switches on themobile, the real identity is used, and a temporaryidentifier is then issued. From then on the temporaryidentifier is used. The temporary identity being used canbe determined only by tracking the user. Authentication – It is used to identify the user to thenetwork operator and is necessary for proper billing. TheInternational Mobile Subscriber Identity (IMSI) uniquelyidentifies the subscriber. This information, along with theindividual subscriber authentication key (Ki), constitutessensitive identification, which is never transmitted overthe radio channel. Hash algorithm A3 is used where achallenge-response mechanism is performed in order toauthenticate the user.User Data and signaling protection - This is to insureconfidentiality of calls over air interface. For this, HashA8 algorithm is used to generate session key Kc and A5algorithm to encrypt the conversations using thetemporary, randomly generated Kc. 1.2 Abbreviations A3 - Authentication algorithm.A5 - Encryption algorithm.A8 - Key generation algorithm. AKA - Authentication and key agreement.Security in GSM NetworksShilpa Prabhakar Reddy, Sudha Kode and Sunil Alluri11Security in GSM NetworksAUC - Authentication Center.AUTN- Authentication Token.AV - Authentication Vector.BSC - Base Station Controller.BSS - Base Station Subsystem.BTS - Base Transceiver Station.CK - Cipher Key.GPRS - General Packet Radio Service.GSM - Global System for Mobile Communications.HLR - Home Location Register.IK - Integrity Key.IMSI - International Mobile Subscriber Identity.Kc - Session key. Ki - Individual Subscriber Authentication Key.LSFR - Linear Shift Feedback Register.MAC - The message authentication code included inAUTNME Mobile Equipment.MS - Mobile Station.MSC - Mobile Services Switching Center.NSS - Network and Switching Subsystem.PIN - Personal Identification number.RAI - Routing Area Identifier.RAND - Random challenge.RNC – Radio Network Controller.SGSN - Serving GPRS Support Node.SIM - Subscriber Identity Module.SN - Serving Network.SQN - Sequence number.SQNMS - The highest sequence number the USIM hasaccepted.SRES - Signed RESponse.TMSI – Temporary Mobile Subscriber Identity.IA - Integrity Algorithm.SIM - User Services Identity Module.TRAN -Terrestrial Radio Access NetworkVLR - Visitor Location Register.XRES - Expected Response.2. GSM SECURITY ARCHITECTUREGSM Security ModelThe GSM Security Model is based on a
View Full Document