Wednesday 4 January 2012

GSM Security Feature, Threats and Solution

Global System for Mobile communication (GSM) standardized by ETSI is a widely used digital mobile telephone system mainly in Europe but also in other parts of the world. GSM technology uses the Time Division Multiple Access (TDMA) technique to digitize data and compress it, and send data using 2 channels. GSM operates in the 900MHz, 1800MHz, or 1900Mhz frequency bands, but in Singapore our telcos only uses the 900MHz and 1800Mhz band.



                             The GSM logo is used to identify compatible handsets and equipment


 Security threats
Eavesdropping
The capability of an intruder to intercept traffic and
signaling information associated to other users. The
required equipment is a modified mobile phone.

Impersonation of a user
This is the capability of sending rogue data and/or
signaling messages to the network with the intent of
making them appear from another user. This again only
requires a modified mobile phone.

Impersonation of the network
This is the capability of sending rogue data and/or
signaling messages to another user with the intent of
making them appear from a genuine network. This
requires a modified BTS.

MITM – Man-In-The-MiddleThis is the capability of an attacker to put itself between
the network and the legitimate user in order to eavesdrop,
modify, delete, re-order, re-play and spoof signaling data
between the two parties. This requires a modified BTS in
conjunction with a modified mobile phone.

Network Authentication Compromise
The intruder possesses a compromised authentication
vector (challenge-response pairs, cipher keys, integrity
keys, etc.)


 Security features

The GSM standard provides  a number of security features that solves some of the security flaws

Authenticationnetwork operator can verify the identity of the subscriber
making it infeasible to clone someone else’s mobile phone

Confidentialityprotects voice, data and sensitive signalling information (e.g.
dialled digits) against eavesdropping on the radio path

Anonymity
protects against someone tracking the location of the user or
identifying calls made to or from the user by eavesdropping on
the radio path


1 comment:

  1. Hi Sam. You have given quite an elaborate explanation with a simple structure and it looks to be a very good post. However, if a common person is reading this, he may not understand some of the terms. I think you should probably cut down on too many complex terms or simplify it by explaining it to them. Otherwise it is quite well written.

    ReplyDelete