Presentation on theme: "BY, ARITRA GAUTAM (05-275) & G.PAVANI (05-272).. OVERVIEW OF GSM GSM (group special mobile or general system for mobile communications) is the Pan-European."— Presentation transcript:
BY, ARITRA GAUTAM (05-275) & G.PAVANI (05-272).
OVERVIEW OF GSM GSM (group special mobile or general system for mobile communications) is the Pan-European standard for digital cellular communications. GSM provides enhanced features over older analog-based systems: Total Mobility High Capacity and Optimal Spectrum Allocation
The purpose of GSM Security: Since all cases of GSM fraud against a specific wireless carrier will result in a substantial loss to the operator. This substantial loss may include the following: increase in use of the system with no revenue. Direct financial loss Potential embarrassment Failure to meet legal and regulatory requirements
The security services provided by GSM are: 1. Anonymity : Anonymity is provided by using temporary identifiers.
3. Signaling and Data Confidentiality
4. Subscriber Identity Confidentiality
There are now three different for GSM, unencrypted, and use possibilities of the A5/1 algorithm or the A5/2 algorithm to secure the data. The uses of the algorithms in the network operator's infrastructure are controlled by the GSM Memorandum of Understanding Group (MoU). World-wide use of the algorithms
GSM Encryption Algorithms A3: The GSM authentication algorithm "placeholders" used in the GSM system. A5: The A5 algorithm used for encrypting the over-the-air transmission channel is vulnerable against known-plain-text and divide-and-conquer attacks and the intentionally reduced key space is small enough to make a brute-force attack feasible as well.
ALGORITHMS CONTT. COMP 128: one-way function that is currently used in most GSM networks for A3 and A8. COMP 128-2: COMP128-2 algorithm out (revised A3/A8 reference algorithm)
Loss areas: Technical fraud: IT is where a weakness of the system is exploited to make free calls. Procedural fraud: IT results from the exploitation of business processes, where a flaw or weakness can be used to gain money.
OTHER GSM SECURITY MECHANISMS: SIM Card: There is always a possibility that the SIM card can be compromised. IMEI: to prevent mobile theft the GSM has specified an International Mobile Equipment Identifier(IMEI). Roaming problems are mininised by the use of EDI.
Recent Trends: A Session Border Controller
Summary: GSM provides basic range of security features to ensure adequate protection for both the operator and the customer. The security mechanisms specified in the GSM standard make it the most secure cellular telecommunications system available.
References: European Telecommunications Standards Institute, Recommendation GSM 03.20, "Security Related Network Functions". Biala, J., "Mobilfunk und Intelligente Netze," Friedr., Vieweg & Sohn Verlagsgesellschaft, European Telecommunications Standards Institute, Recommendation GSM 02.09, "Security Aspects".