SlideShare une entreprise Scribd logo

Gsm security and encryption

RK Nayak
RK Nayak

A Brief Detail About GSM Security And Encryption

Technologie
1  sur  20
Télécharger pour lire hors ligne
 The motivations for security in cellular telecommunications systems are :  To secure conversations  Signaling data from interception  To prevent cellular telephone fraud.  The security and authentication mechanisms incorporated in GSM make it the most secure mobile communication standard currently available, particularly in comparison to the analog systems.  To intercept and reconstruct this signal would require more highly specialized and expensive equipment to perform the reception, synchronization, and decoding of the signal.
 GSM (group special mobile or general system for mobile communications) is the Pan-European standard for digital cellular communications.  The Group Special Mobile was established in 1982 within the European Conference of Post and Telecommunication Administrations (CEPT).  In 1991 the first GSM based networks commenced operations.  GSM provides enhanced features over older analog-based systems, which are summarized below:
 Total Mobility: The subscriber has the advantage of a Pan-European system allowing him to communicate from everywhere and to be called in any area served by a GSM cellular network using the same assigned telephone number, even outside his home location. The calling party does not need to be informed about the called person's location because the GSM networks are responsible for the location tasks. This mobility feature is preferred by many business people who constantly need to be in touch with their headquarters.
 High Capacity and Optimal Spectrum Allocation: The former analog-based cellular networks had to combat capacity problems, particularly in metropolitan areas. Through a more efficient utilization of the assigned frequency bandwidth and smaller cell sizes, the GSM System is capable of serving a greater number of subscribers. The optimal use of the available spectrum is achieved through the application Frequency Division Multiple Access (FDMA),Time Division Multiple Access (TDMA), efficient half-rate and full-rate speech coding, and the Gaussian Minimum Shift Keying (GMSK) modulation scheme.
 Security: The security methods standardized for the GSM System make it the most secure cellular telecommunications standard currently available. Although the confidentiality of a call and anonymity of the GSM subscriber is only guaranteed on the radio channel, this is a major step in achieving end-to- end security. The subscriber’s anonymity is ensured through the use of temporary identification numbers. The confidentiality of the communication itself on the radio link is performed by the application of encryption algorithms and frequency hopping which could only be realized using digital systems and signaling.
 Services: The list of services available to GSM subscribers typically includes the following: • Voice communication • Voice mail • Short message transmission • Data transmission • Supplemental services such as call forwarding.
GSM Network consists of:  The Mobile Station(MS)  The Base Station Subsystem (BSS)  The Network Switching Subsystem (NSS)  The Operation and Maintenance Centre(OMC)
Mobile Stations Base Station Network Subscriber and terminal Subsystem Management equipment databases OMC BTS Exchange System VLR BTS BSC MSC HLR AUC BTS EIR 9
 The security mechanisms of GSM are implemented in three different system elements:  The Subscriber Identity Module (SIM)  The GSM handset  The GSM network.
 SIM: The SIM contains the IMSI, the individual subscriber authentication key (Ki), the ciphering key generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number(PIN).  GSM handset: The GSM handset contains the ciphering algorithm (A5).  The GSM network: The encryption algorithms (A3,A5, A8) are present in the GSM network
Mobile Station Radio Link GSM Operator Challenge RAND SIM Ki Ki A3 A3 Signed response (SRES) SRES SRES A8 Authentication: are SRES A8 values equal? Fn Kc Kc Fn mi Encrypted Data mi A5 A5 12
 GSM networks utilize encryption for three purposes:  Authentication  Encryption  Key generation
 The GSM network authenticates the identity of the subscriber through the use of a challenge-response mechanism. A 128-bit random number (RAND) is sent to the MS. The MS computes the 32-bit signed response (SRES) based on the encryption of the random number (RAND) with the authentication algorithm (A3) using the individual subscriber authentication key (Ki). Upon receiving the signed response (SRES) from the subscriber, the GSM network repeats the calculation to verify the identity of the subscriber. Note that the individual subscriber authentication key (Ki) is never transmitted over the radio channel. It is present in the subscriber's SIM, as well as the AUC, HLR, and VLR databases as previously described. If the received SRES agrees with the calculated value, the MS has been successfully authenticated and may continue. If the values do not match, the connection is terminated and an authentication failure indicated to the MS.
• A5 is a stream cipher consisting of three clock- controlled LFSRs of degree 19, 22, and 23. • The clock control is a threshold function of the middle bits of each of the three shift registers. • The sum of the degrees of the three shift registers is 64. The 64-bit session key is used to initialize the contents of the shift registers. • The 22-bit TDMA frame number is fed into the shift registers. • Two 114-bit keystreams are produced for each TDMA frame, which are XOR-ed with the uplink and downlink traffic channels. • It is rumored that the A5 algorithm has an "effective" key length of 40 bits.
 This section focuses on key length as a figure of merit of an encryption algorithm. Assuming a brute-force search of every possible key is the most efficient method of cracking an encrypted message (a big assumption), Table 1 shown below summarizes how long it would take to decrypt a message with a given key length, assuming a cracking machine capable of one million encryptions per second.
Brute-force key search times for various key sizes Key length 32 40 56 64 128 in bits Time 1.19 12.7 2,291 584,542 10.8 x required to hours days years years 10^24 test all years possible keys
 A machine capable of testing one million keys per second is possible by today’s standards. In considering the strength of an encryption algorithm, the value of the information being protected should be taken into account. It is generally accepted that DES with its 56-bit key will have reached the end of its useful lifetime by the turn of the century for protecting data such as banking transactions. Assuming that the A5 algorithm has an effective key length of 40 bits (instead of 64), it currently provides adequate protection for information with a short lifetime. A common observation is that the "tactical lifetime" of cellular telephone conversations is on the order of weeks.
Number of machines required to search a key space in a given time Key length in bits 1 day 1 week 1 year 40 13 2 - 56 836,788 119,132 2,291 64 2.14x10^8 3.04x10^6 584,542 128 3.9x10^27 5.6x10^26 10.8x10^24
 The security mechanisms specified in the GSM standard make it the most secure cellular telecommunications system available. The use of authentication, encryption, and temporary identification numbers ensures the privacy and anonymity of the system's users, as well as safeguarding the system against fraudulent use. Even GSM systems with the A5/2 encryption algorithm, or even with no encryption are inherently more secure than analog systems due to their use of speech coding, digital modulation, and TDMA channel access.

Recommandé

Handoff in Mobile Communication
Handoff in Mobile CommunicationHandoff in Mobile Communication
Handoff in Mobile CommunicationNoushad Hasan
 
Mac protocols
Mac protocolsMac protocols
Mac protocolsjuno susi
 
GSM Technology
GSM TechnologyGSM Technology
GSM TechnologyAvanitrambadiya
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALASaikiran Panjala
 
IS-95 Cdma
IS-95 CdmaIS-95 Cdma
IS-95 Cdmayogesh singh
 
Underwater Wireless Communication
Underwater Wireless CommunicationUnderwater Wireless Communication
Underwater Wireless CommunicationShubham Srivastava
 
GSM channels
GSM channelsGSM channels
GSM channelsMohd Nazir Shakeel
 
Small scale fading
Small scale fadingSmall scale fading
Small scale fadingAJAL A J
 

Recommandé

Handoff in Mobile Communication
Handoff in Mobile CommunicationHandoff in Mobile Communication
Handoff in Mobile CommunicationNoushad Hasan
 
Mac protocols
Mac protocolsMac protocols
Mac protocolsjuno susi
 
GSM Technology
GSM TechnologyGSM Technology
GSM TechnologyAvanitrambadiya
 
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALASaikiran Panjala
 
IS-95 Cdma
IS-95 CdmaIS-95 Cdma
IS-95 Cdmayogesh singh
 
Underwater Wireless Communication
Underwater Wireless CommunicationUnderwater Wireless Communication
Underwater Wireless CommunicationShubham Srivastava
 
GSM channels
GSM channelsGSM channels
GSM channelsMohd Nazir Shakeel
 
Small scale fading
Small scale fadingSmall scale fading
Small scale fadingAJAL A J
 
Wireless Local Loop
Wireless Local LoopWireless Local Loop
Wireless Local LoopSri Manakula Vinayagar Engineering College
 
Gsm call routing
Gsm call routingGsm call routing
Gsm call routingRamakrishna Pulikonda
 
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...ArunChokkalingam
 
TDMA Time Division Multiple Access
TDMA Time Division Multiple AccessTDMA Time Division Multiple Access
TDMA Time Division Multiple AccessMd. Saddam Hossain Noyon
 
3 handoff management
3 handoff management3 handoff management
3 handoff managementవం శీ
 
Power Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksPower Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksMshari Alabdulkarim
 
Propagation mechanisms
Propagation mechanismsPropagation mechanisms
Propagation mechanismsMETHODIST COLLEGE OF ENGG & TECH
 
Spread spectrum
Spread spectrumSpread spectrum
Spread spectrumManish Srivastava
 
Mobile computing security
Mobile computing securityMobile computing security
Mobile computing securityZachariah Pabi
 
Evolution of mobile radio communication
Evolution of mobile radio communicationEvolution of mobile radio communication
Evolution of mobile radio communicationjadhavmanoj01
 
Fading & Doppler Effect
Fading & Doppler EffectFading & Doppler Effect
Fading & Doppler EffectSwapnil Bangera
 
Bluetooth
BluetoothBluetooth
BluetoothKashyap Shah
 
Hiperlan
HiperlanHiperlan
HiperlanThen Murugeshwari
 
Gsm.....ppt
Gsm.....pptGsm.....ppt
Gsm.....pptbalu008
 
Sensor Networks Introduction and Architecture
Sensor Networks Introduction and ArchitectureSensor Networks Introduction and Architecture
Sensor Networks Introduction and ArchitecturePeriyanayagiS
 
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKSMULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKSvtunotesbysree
 
OFDM
OFDMOFDM
OFDMSuman Yadav
 
Contention based MAC protocols
Contention based MAC protocolsContention based MAC protocols
Contention based MAC protocolsDarwin Nesakumar
 
Cdma ppt for ECE
Cdma ppt for ECECdma ppt for ECE
Cdma ppt for ECEajitece
 
Security in GSM
Security in GSMSecurity in GSM
Security in GSMDr. Ramchandra Mangrulkar
 
5 g business potential ieee 5g summit_110717_a
5 g business potential ieee 5g summit_110717_a5 g business potential ieee 5g summit_110717_a
5 g business potential ieee 5g summit_110717_aMaria Boura
 
IoT and 5G: Opportunities and Challenges, SenZations 2015
IoT and 5G: Opportunities and Challenges, SenZations 2015IoT and 5G: Opportunities and Challenges, SenZations 2015
IoT and 5G: Opportunities and Challenges, SenZations 2015SenZations Summer School
 

Contenu connexe

Tendances

WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...ArunChokkalingam
 
3 handoff management
3 handoff management3 handoff management
3 handoff managementవం శీ
 
Power Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksPower Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksMshari Alabdulkarim
 
Mobile computing security
Mobile computing securityMobile computing security
Mobile computing securityZachariah Pabi
 
Evolution of mobile radio communication
Evolution of mobile radio communicationEvolution of mobile radio communication
Evolution of mobile radio communicationjadhavmanoj01
 
Gsm.....ppt
Gsm.....pptGsm.....ppt
Gsm.....pptbalu008
 
Sensor Networks Introduction and Architecture
Sensor Networks Introduction and ArchitectureSensor Networks Introduction and Architecture
Sensor Networks Introduction and ArchitecturePeriyanayagiS
 
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKSMULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKSvtunotesbysree
 
Contention based MAC protocols
Contention based MAC protocolsContention based MAC protocols
Contention based MAC protocolsDarwin Nesakumar
 
Cdma ppt for ECE
Cdma ppt for ECECdma ppt for ECE
Cdma ppt for ECEajitece
 

Tendances (20)

Wireless Local Loop
Wireless Local LoopWireless Local Loop
Wireless Local Loop
 
Gsm call routing
Gsm call routingGsm call routing
Gsm call routing
 
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
WSN NETWORK -MAC PROTOCOLS - Low Duty Cycle Protocols And Wakeup Concepts – ...
 
TDMA Time Division Multiple Access
TDMA Time Division Multiple AccessTDMA Time Division Multiple Access
TDMA Time Division Multiple Access
 
3 handoff management
3 handoff management3 handoff management
3 handoff management
 
Power Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor NetworksPower Saving in Wireless Sensor Networks
Power Saving in Wireless Sensor Networks
 
Propagation mechanisms
Propagation mechanismsPropagation mechanisms
Propagation mechanisms
 
Spread spectrum
Spread spectrumSpread spectrum
Spread spectrum
 
Mobile computing security
Mobile computing securityMobile computing security
Mobile computing security
 
Evolution of mobile radio communication
Evolution of mobile radio communicationEvolution of mobile radio communication
Evolution of mobile radio communication
 
Fading & Doppler Effect
Fading & Doppler EffectFading & Doppler Effect
Fading & Doppler Effect
 
Bluetooth
BluetoothBluetooth
Bluetooth
 
Hiperlan
HiperlanHiperlan
Hiperlan
 
Gsm.....ppt
Gsm.....pptGsm.....ppt
Gsm.....ppt
 
Sensor Networks Introduction and Architecture
Sensor Networks Introduction and ArchitectureSensor Networks Introduction and Architecture
Sensor Networks Introduction and Architecture
 
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKSMULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
MULTIPLE CHOICE QUESTIONS WITH ANSWERS ON WIRELESS SENSOR NETWORKS
 
OFDM
OFDMOFDM
OFDM
 
Contention based MAC protocols
Contention based MAC protocolsContention based MAC protocols
Contention based MAC protocols
 
Cdma ppt for ECE
Cdma ppt for ECECdma ppt for ECE
Cdma ppt for ECE
 
Security in GSM
Security in GSMSecurity in GSM
Security in GSM
 

En vedette

5 g business potential ieee 5g summit_110717_a
5 g business potential ieee 5g summit_110717_a5 g business potential ieee 5g summit_110717_a
5 g business potential ieee 5g summit_110717_aMaria Boura
 
IoT and 5G: Opportunities and Challenges, SenZations 2015
IoT and 5G: Opportunities and Challenges, SenZations 2015IoT and 5G: Opportunities and Challenges, SenZations 2015
IoT and 5G: Opportunities and Challenges, SenZations 2015SenZations Summer School
 
LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network SecuritySatish Chavan
 
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...Bristol Is Open
 
Small Cells & 5G IoT champions work item
Small Cells & 5G IoT champions work itemSmall Cells & 5G IoT champions work item
Small Cells & 5G IoT champions work itemSmall Cell Forum
 
Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...
Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...
Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...IDATE DigiWorld
 
Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 201244CON
 
4g security presentation
4g security presentation4g security presentation
4g security presentationKyle Ly
 
Security and Transport Performance in 5G
Security and Transport Performance in 5GSecurity and Transport Performance in 5G
Security and Transport Performance in 5GDirk Kutscher
 
Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksNaveen Kumar
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Mohamed Tharwat Waheed
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryptionjyothsnapaidi
 
Internet of Things: The story so far
Internet of Things: The story so farInternet of Things: The story so far
Internet of Things: The story so farPayamBarnaghi
 
5G-webinar from 5G-course, Anritsu, adcomm
5G-webinar from 5G-course, Anritsu, adcomm 5G-webinar from 5G-course, Anritsu, adcomm
5G-webinar from 5G-course, Anritsu, adcomm Saurabh Verma
 
The leadership in the new digital age carved by the fourth industrial revolu...
The leadership in the new digital age carved by the fourth industrial revolu...The leadership in the new digital age carved by the fourth industrial revolu...
The leadership in the new digital age carved by the fourth industrial revolu...Osaka University
 
4G LTE Security - What hackers know?
4G LTE Security - What hackers know?4G LTE Security - What hackers know?
4G LTE Security - What hackers know?Stephen Kho
 
5G Presentation
5G Presentation5G Presentation
5G PresentationEricsson
 
4G LTE Presentation Group 9
4G LTE Presentation Group 94G LTE Presentation Group 9
4G LTE Presentation Group 9eel4514team9
 

En vedette (20)

5 g business potential ieee 5g summit_110717_a
5 g business potential ieee 5g summit_110717_a5 g business potential ieee 5g summit_110717_a
5 g business potential ieee 5g summit_110717_a
 
IoT and 5G: Opportunities and Challenges, SenZations 2015
IoT and 5G: Opportunities and Challenges, SenZations 2015IoT and 5G: Opportunities and Challenges, SenZations 2015
IoT and 5G: Opportunities and Challenges, SenZations 2015
 
LTE :Mobile Network Security
LTE :Mobile Network SecurityLTE :Mobile Network Security
LTE :Mobile Network Security
 
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...
 
Small Cells & 5G IoT champions work item
Small Cells & 5G IoT champions work itemSmall Cells & 5G IoT champions work item
Small Cells & 5G IoT champions work item
 
Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...
Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...
Rethinking the Telcos business models in the age of 5G - Carlos LOPEZ, Telefó...
 
Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012Security Testing 4G (LTE) Networks - 44CON 2012
Security Testing 4G (LTE) Networks - 44CON 2012
 
4g security presentation
4g security presentation4g security presentation
4g security presentation
 
Security and Transport Performance in 5G
Security and Transport Performance in 5GSecurity and Transport Performance in 5G
Security and Transport Performance in 5G
 
Security In LTE Access Network
Security In LTE Access NetworkSecurity In LTE Access Network
Security In LTE Access Network
 
Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
 
Lte security solution white paper(20130207)
Lte security solution white paper(20130207)Lte security solution white paper(20130207)
Lte security solution white paper(20130207)
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
 
Internet of Things: The story so far
Internet of Things: The story so farInternet of Things: The story so far
Internet of Things: The story so far
 
5G-webinar from 5G-course, Anritsu, adcomm
5G-webinar from 5G-course, Anritsu, adcomm 5G-webinar from 5G-course, Anritsu, adcomm
5G-webinar from 5G-course, Anritsu, adcomm
 
Long Term Evolution (LTE) -
Long Term Evolution (LTE) -Long Term Evolution (LTE) -
Long Term Evolution (LTE) -
 
The leadership in the new digital age carved by the fourth industrial revolu...
The leadership in the new digital age carved by the fourth industrial revolu...The leadership in the new digital age carved by the fourth industrial revolu...
The leadership in the new digital age carved by the fourth industrial revolu...
 
4G LTE Security - What hackers know?
4G LTE Security - What hackers know?4G LTE Security - What hackers know?
4G LTE Security - What hackers know?
 
5G Presentation
5G Presentation5G Presentation
5G Presentation
 
4G LTE Presentation Group 9
4G LTE Presentation Group 94G LTE Presentation Group 9
4G LTE Presentation Group 9
 

Similaire à Gsm security and encryption

GSM Technology and security impact
GSM Technology and security impactGSM Technology and security impact
GSM Technology and security impactAhmad Sharifi
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentIJERD Editor
 
Gsm security
Gsm securityGsm security
Gsm securityAli Kamil
 
Securing Wireless Cellular Systems
Securing Wireless Cellular SystemsSecuring Wireless Cellular Systems
Securing Wireless Cellular SystemsACMBangalore
 
Rk 3 gsm network
Rk 3 gsm networkRk 3 gsm network
Rk 3 gsm networkAzri Randy
 
GSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE TechnologiesGSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE TechnologiesEngr.MEESHU SHARKER
 
105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.pptAkbarpashaShaik3
 
Digital cellular networks GSM
Digital cellular networks GSMDigital cellular networks GSM
Digital cellular networks GSMRAVIKIRAN ANANDE
 

Similaire à Gsm security and encryption (20)

Presentation one-gsm
Presentation one-gsmPresentation one-gsm
Presentation one-gsm
 
GSM Technology and security impact
GSM Technology and security impactGSM Technology and security impact
GSM Technology and security impact
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
Gsm security
Gsm securityGsm security
Gsm security
 
Securing Wireless Cellular Systems
Securing Wireless Cellular SystemsSecuring Wireless Cellular Systems
Securing Wireless Cellular Systems
 
Security Issues Implement GSM.pptx
Security Issues Implement GSM.pptxSecurity Issues Implement GSM.pptx
Security Issues Implement GSM.pptx
 
Final gsm1
Final gsm1Final gsm1
Final gsm1
 
Gsm security final
Gsm security finalGsm security final
Gsm security final
 
GSM Architecture.ppt
GSM Architecture.ppt GSM Architecture.ppt
GSM Architecture.ppt
 
Total GSM Concept
Total GSM ConceptTotal GSM Concept
Total GSM Concept
 
Rk 3 gsm network
Rk 3 gsm networkRk 3 gsm network
Rk 3 gsm network
 
Rk 3 gsm network @guddu
Rk 3 gsm network @gudduRk 3 gsm network @guddu
Rk 3 gsm network @guddu
 
GSM Fundamentals
GSM FundamentalsGSM Fundamentals
GSM Fundamentals
 
Gsm Network
Gsm NetworkGsm Network
Gsm Network
 
GSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE TechnologiesGSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE Technologies
 
presentation on samsung
presentation on samsungpresentation on samsung
presentation on samsung
 
105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt
 
Gsm
Gsm Gsm
Gsm
 
gsm
gsmgsm
gsm
 
Digital cellular networks GSM
Digital cellular networks GSMDigital cellular networks GSM
Digital cellular networks GSM
 

Dernier

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructureitnewsafrica
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxAna-Maria Mihalceanu
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...itnewsafrica
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesKari Kakkonen
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesThousandEyes
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationKnoldus Inc.
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Jeffrey Haguewood
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesBernd Ruecker
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkPixlogix Infotech
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfIngrid Airi González
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsYoss Cohen
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Mark Simos
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsRavi Sanghani
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 

Dernier (20)

Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical InfrastructureVarsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
Varsha Sewlal- Cyber Attacks on Critical Critical Infrastructure
 
A Glance At The Java Performance Toolbox
A Glance At The Java Performance ToolboxA Glance At The Java Performance Toolbox
A Glance At The Java Performance Toolbox
 
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
Abdul Kader Baba- Managing Cybersecurity Risks and Compliance Requirements i...
 
Testing tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examplesTesting tools and AI - ideas what to try with some tool examples
Testing tools and AI - ideas what to try with some tool examples
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyesHow to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
How to Effectively Monitor SD-WAN and SASE Environments with ThousandEyes
 
Data governance with Unity Catalog Presentation
Data governance with Unity Catalog PresentationData governance with Unity Catalog Presentation
Data governance with Unity Catalog Presentation
 
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
Email Marketing Automation for Bonterra Impact Management (fka Social Solutio...
 
QCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architecturesQCon London: Mastering long-running processes in modern architectures
QCon London: Mastering long-running processes in modern architectures
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
React Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App FrameworkReact Native vs Ionic - The Best Mobile App Framework
React Native vs Ionic - The Best Mobile App Framework
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Generative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdfGenerative Artificial Intelligence: How generative AI works.pdf
Generative Artificial Intelligence: How generative AI works.pdf
 
Infrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platformsInfrared simulation and processing on Nvidia platforms
Infrared simulation and processing on Nvidia platforms
 
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
Tampa BSides - The No BS SOC (slides from April 6, 2024 talk)
 
Potential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and InsightsPotential of AI (Generative AI) in Business: Learnings and Insights
Potential of AI (Generative AI) in Business: Learnings and Insights
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 

Gsm security and encryption

  • 1.
  • 2. The motivations for security in cellular telecommunications systems are :  To secure conversations  Signaling data from interception  To prevent cellular telephone fraud.  The security and authentication mechanisms incorporated in GSM make it the most secure mobile communication standard currently available, particularly in comparison to the analog systems.  To intercept and reconstruct this signal would require more highly specialized and expensive equipment to perform the reception, synchronization, and decoding of the signal.
  • 3. GSM (group special mobile or general system for mobile communications) is the Pan-European standard for digital cellular communications.  The Group Special Mobile was established in 1982 within the European Conference of Post and Telecommunication Administrations (CEPT).  In 1991 the first GSM based networks commenced operations.  GSM provides enhanced features over older analog-based systems, which are summarized below:
  • 4. Total Mobility: The subscriber has the advantage of a Pan-European system allowing him to communicate from everywhere and to be called in any area served by a GSM cellular network using the same assigned telephone number, even outside his home location. The calling party does not need to be informed about the called person's location because the GSM networks are responsible for the location tasks. This mobility feature is preferred by many business people who constantly need to be in touch with their headquarters.
  • 5. High Capacity and Optimal Spectrum Allocation: The former analog-based cellular networks had to combat capacity problems, particularly in metropolitan areas. Through a more efficient utilization of the assigned frequency bandwidth and smaller cell sizes, the GSM System is capable of serving a greater number of subscribers. The optimal use of the available spectrum is achieved through the application Frequency Division Multiple Access (FDMA),Time Division Multiple Access (TDMA), efficient half-rate and full-rate speech coding, and the Gaussian Minimum Shift Keying (GMSK) modulation scheme.
  • 6. Security: The security methods standardized for the GSM System make it the most secure cellular telecommunications standard currently available. Although the confidentiality of a call and anonymity of the GSM subscriber is only guaranteed on the radio channel, this is a major step in achieving end-to- end security. The subscriber’s anonymity is ensured through the use of temporary identification numbers. The confidentiality of the communication itself on the radio link is performed by the application of encryption algorithms and frequency hopping which could only be realized using digital systems and signaling.
  • 7. Services: The list of services available to GSM subscribers typically includes the following: • Voice communication • Voice mail • Short message transmission • Data transmission • Supplemental services such as call forwarding.
  • 8. GSM Network consists of:  The Mobile Station(MS)  The Base Station Subsystem (BSS)  The Network Switching Subsystem (NSS)  The Operation and Maintenance Centre(OMC)
  • 9. Mobile Stations Base Station Network Subscriber and terminal Subsystem Management equipment databases OMC BTS Exchange System VLR BTS BSC MSC HLR AUC BTS EIR 9
  • 10. The security mechanisms of GSM are implemented in three different system elements:  The Subscriber Identity Module (SIM)  The GSM handset  The GSM network.
  • 11. SIM: The SIM contains the IMSI, the individual subscriber authentication key (Ki), the ciphering key generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number(PIN).  GSM handset: The GSM handset contains the ciphering algorithm (A5).  The GSM network: The encryption algorithms (A3,A5, A8) are present in the GSM network
  • 12. Mobile Station Radio Link GSM Operator Challenge RAND SIM Ki Ki A3 A3 Signed response (SRES) SRES SRES A8 Authentication: are SRES A8 values equal? Fn Kc Kc Fn mi Encrypted Data mi A5 A5 12
  • 13. GSM networks utilize encryption for three purposes:  Authentication  Encryption  Key generation
  • 14. The GSM network authenticates the identity of the subscriber through the use of a challenge-response mechanism. A 128-bit random number (RAND) is sent to the MS. The MS computes the 32-bit signed response (SRES) based on the encryption of the random number (RAND) with the authentication algorithm (A3) using the individual subscriber authentication key (Ki). Upon receiving the signed response (SRES) from the subscriber, the GSM network repeats the calculation to verify the identity of the subscriber. Note that the individual subscriber authentication key (Ki) is never transmitted over the radio channel. It is present in the subscriber's SIM, as well as the AUC, HLR, and VLR databases as previously described. If the received SRES agrees with the calculated value, the MS has been successfully authenticated and may continue. If the values do not match, the connection is terminated and an authentication failure indicated to the MS.
  • 15. A5 is a stream cipher consisting of three clock- controlled LFSRs of degree 19, 22, and 23. • The clock control is a threshold function of the middle bits of each of the three shift registers. • The sum of the degrees of the three shift registers is 64. The 64-bit session key is used to initialize the contents of the shift registers. • The 22-bit TDMA frame number is fed into the shift registers. • Two 114-bit keystreams are produced for each TDMA frame, which are XOR-ed with the uplink and downlink traffic channels. • It is rumored that the A5 algorithm has an "effective" key length of 40 bits.
  • 16. This section focuses on key length as a figure of merit of an encryption algorithm. Assuming a brute-force search of every possible key is the most efficient method of cracking an encrypted message (a big assumption), Table 1 shown below summarizes how long it would take to decrypt a message with a given key length, assuming a cracking machine capable of one million encryptions per second.
  • 17. Brute-force key search times for various key sizes Key length 32 40 56 64 128 in bits Time 1.19 12.7 2,291 584,542 10.8 x required to hours days years years 10^24 test all years possible keys
  • 18. A machine capable of testing one million keys per second is possible by today’s standards. In considering the strength of an encryption algorithm, the value of the information being protected should be taken into account. It is generally accepted that DES with its 56-bit key will have reached the end of its useful lifetime by the turn of the century for protecting data such as banking transactions. Assuming that the A5 algorithm has an effective key length of 40 bits (instead of 64), it currently provides adequate protection for information with a short lifetime. A common observation is that the "tactical lifetime" of cellular telephone conversations is on the order of weeks.
  • 19. Number of machines required to search a key space in a given time Key length in bits 1 day 1 week 1 year 40 13 2 - 56 836,788 119,132 2,291 64 2.14x10^8 3.04x10^6 584,542 128 3.9x10^27 5.6x10^26 10.8x10^24
  • 20. The security mechanisms specified in the GSM standard make it the most secure cellular telecommunications system available. The use of authentication, encryption, and temporary identification numbers ensures the privacy and anonymity of the system's users, as well as safeguarding the system against fraudulent use. Even GSM systems with the A5/2 encryption algorithm, or even with no encryption are inherently more secure than analog systems due to their use of speech coding, digital modulation, and TDMA channel access.