This presentation presents and discusses various security features in 2G and 3G Mobile Communication Networks.

1. Naveen Kumar

2.  GSM is the most widely used cellular standard
 Over 600 million users, mostly in Europe and Asia
 Provides authentication and encryption capabilities
 Today’s networks are 2G & 3G
 Future (4G LTE)

3. Home
network
Switching
and
routing
Other Networks
(GSM, fixed,
Internet, etc.)
Visited network
HLR/AuC
VLR
SIM

4.  Authentication
◦ network operator can verify the identity of the subscriber making
it infeasible to clone someone else’s mobile phone
 Confidentiality
◦ protects voice, data and sensitive signalling information
(e.g. dialled digits) against eavesdropping on the radio
path
 Anonymity
◦ protects against someone tracking the location of the user or
identifying calls made to or from the user by eavesdropping on
the radio path

5.  Three algorithms have been specified to provide
security services in GSM.
 A3 is used for authentication,
 A5 for encryption, and
 A8 for the generation of a cipher key

6.  For authentication, the VLR sends the random value
RAND to the SIM.
 The MS sends back the SRES generated by the SIM;
the VLR can now compare both values. If they are the
same, the VLR accepts the subscriber, otherwise the
subscriber is rejected.

8.  To ensure privacy .
All user-related data is encrypted. After authentication,
BTS (base transceiver station) and MS apply encryption
to voice, data, and signaling by applying the cipher key
Kc .
 Kc is generated using the individual key Ki and a random
value by applying the algorithm A8.
 This confidentiality exists only between MS and BTS, but
it does not exist end-to-end or within the whole GSM
network.

9.  Note that the SIM in the MS and the network both calculate the
same Kc based on the random value RAND. The key Kc itself is
not transmitted over the air interface.
 MS and BTS can now encrypt and decrypt data using the
algorithm A5 and the cipher key Kc.
 Kc should be a 64 bit key – which is not very strong, but is at least a
good protection against simple eavesdropping.
 However, the publication of A3 and A8 on the internet showed that in
certain implementations 10 bits out of 64 bits are always set to 0, so
that the real length of the key is thus only 54 consequently, the
encryption is much weaker.

11.  To provide user anonymity, all data is encrypted
before transmission, and user identifiers (which
would reveal an identity) are not used over the air.
 Instead, GSM transmits a temporary identifier
(TMSI), which is newly assigned by the VLR after
each location update.
 Additionally, the VLR can change the TMSI at any
time.

12.  User identity confidentiality on the radio access link
◦ temporary identities (TMSIs) are allocated and used instead of
permanent identities (IMSIs)
 Helps protect against:
◦ tracking a user’s location
◦ obtaining information about a user’s calling pattern
IMSI: International Mobile Subscriber Identity
TMSI: Temporary Mobile Subscriber Identity

13.  The GSM cipher A5/2
◦ A5/2 is now so weak that the cipher key can be
discovered in near real time using a very small amount
of known plaintext

14.  No requirement of
decrypting skills
 Need a instrument that
captures microwave
 Gains control of
communication between
MS and intended receiver

16. • Design only provides access security - communications and
signalling in the fixed network portion aren’t protected
• Design does not address active attacks, whereby network elements
may be impersonated
• Design goal was only ever to be as secure as the fixed networks to
which GSM systems connect
• Short key size of Kc (64 bits) makes it more vulnerable to various
attacks

17.  Mutual Authentication
• provides enhanced protection against false base station
attacks by allowing the mobile to authenticate the
network
 Data Integrity
• provides enhanced protection against false base station
attacks by allowing the mobile to check the authenticity
of certain signalling messages
 Network to Network Security
• Secure communication between serving networks.
MAPSEC (Mobile Application Part Securit) or IPsec can
be used

18.  Wider Security Scope
• Security is based within the RNC rather than the base
station
 Flexibility
• Security features can be extended and enhanced as
required by new threats and services
 Longer Key Length
• Key length is 128 as against 64 bits in GSM

19. HLRHLR AuCAuC
Access Network
(UTRAN)
Visited
Network
User
Equipment
D
RNCBTSUSIMUSIM MEME
SGSNSGSN
H
MSCMSC
Home
Network
(2) Authentication
(1) Distribution of
authentication vectors
(4) Protection of the
access link (ME-RNC)
(3) CK,IK (3) CK, IK
MSC – circuit switched
services
SGSN – packet switched
services

20.  Mutual Authentication between user and the
network
 Establishes a cipher key and integrity key
 Assures user that cipher/integrity keys were not
used before, thereby providing protection against
replay attacks

21.  Protection of some radio interface signalling
• protects against unauthorised modification, insertion and replay
of messages
• applies to security mode establishment and other critical
signalling procedures
 Helps extend the influence of authentication when
encryption is not applied
 Uses the 128-bit integrity key (IK) derived during
authentication
 Integrity applied at the Radio Resource Control (RRC)
layer of the UMTS radio protocol stack
• signalling traffic only

22.  Data on the radio path is encrypted between the Mobile
Equipment (ME) and the Radio Network Controller (RNC)
• protects user traffic and sensitive signalling data against
eavesdropping
• extends the influence of authentication to the entire duration of the
call
 Uses the 128-bit encryption key (CK) derived during
authentication

23.  No security for
communication
between network
elements in GSM
 Easy to gain access
to sensitive
information such as
Kc
 Network Domain
Security in UMTS
foils these attacks

24. UMTS builds upon security mechanisms of GSM, and in
addition provides following enhancements:
 Encryption terminates at the radio network controller
 Mutual authentication and integrity protection of critical
signalling procedures to give greater protection against false
base station attacks
 Longer key lengths (128-bit)
 Network Domain Security using MAPSEC or IPSec

25.  GSM-Security: a Survey and Evaluation of the Current Situation, Paul
Yousef, Master’s thesis, Linkoping Institute of Technology, March 2004
 UMTS security, Boman, K. Horn, G. Howard, P. Niemi, V. Electronics &
Communication Engineering Journal, Oct 2002, Volume: 14, Issue:5, pp.
191- 204
 "Evaluation of UMTS security architecture and services“, A. Bais, W.
Penzhorn, P. Palensky, Proceedings of the 4th IEEE International
Conference on Industrial Informatics, p. 6, Singapore, 2006
 UMTS Security, Valtteri Niemi, Kaisa Nyberg, published by John Wiley and
Sons, 2003
 GSM: Security, Services, and the SIM Klaus Vedder, LNCS 1528, pp. 224-
240, Springer-Verlag 1998

26. chd.naveen@gmail.com
/chd.naveen
@saini_naveen87
/NaveenKumar11
www.elixir-india.com