Presentation is loading. Please wait.

Presentation is loading. Please wait.

G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth."— Presentation transcript:

1 G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth

2 G53SEC 2 Today’s Lecture: Security in the mobile world GSM 3GPP / UTMS Mobile IPv6 Wi-Fi Bluetooth

3 G53SEC 3 Introduction: Mobile computing one of the fastest growing segments of the PC market What is a mobile network? Changing physical / geographical location Changing network topology Attached somewhere to a fixed network Wireless communication

4 G53SEC 4 Introduction: What is different about mobile networks? Low bandwidth – minimise message size and volume Increased risk of eavesdropping Security issues - Authentication - Privacy - Charging

5 G53SEC 5 Introduction: Mobile services pose new challenges Some derive from technology Some from applications Physical access – no longer a barrier to network - Wi-Fi access to corporate networks

6 G53SEC 6 Introduction: Current most active mobile technologies GSM 3GPP/UTMS Mobile IP IEEE 802.11 Bluetooth

7 G53SEC 7 Introduction: Other areas of mobile networks with security implications WAP – Wireless Application Protocol -Malicious scripting, Infrastructure issues SMS – Short Messaging Service -Spam, spoofing, viruses MANETs – Mobile Ad-hoc Networks - Rogue nodes, Security only at academic stage

8 G53SEC 8 GSM – 220 000 Cell Towers:

9 G53SEC 9 GSM: 1 st Generation Cell Phones Charge fraud – simple authentication Alibi creation – call forwarding GSM – Improvement from 1 st generation Good voice quality Cheap end-systems Low running costs etc..

10 G53SEC 10 GSM: Creation affected by political influences Differing national regulations and attitudes towards cryptography Law enforcement requested ability to wiretap GSM security goals Protection against charge fraud Protection of voice and signal traffic Phone theft tracking

11 G53SEC 11 GSM: Components GSM user – subscriber in home network Where service requested – serving network Mobile station comprises - Mobile equipment - Subscriber Identity Module (SIM) SIM card – smart card chip Performs cryptographic operations Stores keys Stores personal data

12 G53SEC 12 GSM: IMSI – International Mobile Subscriber Identity Unique subscriber identification TMSI – Temporary Mobile Subscriber Identity Used to avoid location tracking Served when device joins a new subnet IMSI catchers Device authenticates to network but not vice versa Catcher masquerades as a base station Collects IMSI numbers

13 G53SEC 13 GSM: Cryptography - Uses symmetric cryptography - 3 algorithms - A3 – authentication (Provider specific) - A5 – encryption (Standardised) - A8 – key generation (Provider specific) No official publication of algorithms exists Cryptanalytic attacks do exist

14 G53SEC 14 GSM: Location Based Services GSM network records location information of mobile equipment Used for various services (e.g. traffic info) Used for emergencies (Medical, Police, etc…) Obligatory in some countries (e.g. the US) Privacy implications

15 G53SEC 15 GSM Summary: GSM does not transmit secrets in the clear Voice traffic encrypted over radio but not after base station Some privacy protection through TMSI but IMSI catchers exist to avoid TMSI Law enforcement has access to recorded location data

16 G53SEC 16 GSM Summary: Criticism: Cryptographic algorithms not made public Unilateral authentication - Only mobile equipment authenticates to the network Fraud: Revenue flow attacked Roaming fraud Premium rate fraud

17 G53SEC 17 3GPP/UTMS: Universal Mobile Telecommunications System Next generation of GSM Besides technical advancements, contains some security enhancements Security architecture similar to GSM Avoids IMSI Catchers - Due to mutual authentication of mobile equipment to the network and vice versa

18 G53SEC 18 3GPP/UTMS: Authentication - Support for mutual authentication Privacy - Increased key sizes - Support for securing core network signalling data - Enhanced user identity confidentiality Other - Integrity of signalling - Cryptographic algorithms made public

19 G53SEC 19 Mobile IPv6: GSM & UTMS have problems with access control due to lack of pre-established relationship In IP if nodes move around: - When IP address kept, data will not reach node at new location - When IP address changes, communication has to be terminated and restarted Mobile IP deals with these issues

20 G53SEC 20 Mobile IPv6: Mobile node has two addresses permanent Home Address Care of Address – associated with network the node is visiting Addresses consist of location as well as interface identification

21 G53SEC 21 Mobile IPv6: Home agent – nodes with permanent address within agent's network Foreign agent – nodes visiting network When a node wants to communicate with another node, it uses its home address Packets sent are intercepted by Home agent Home agent uses care-of address advertised by Foreign Agent to communicate with destination node

22 G53SEC 22 Wi-Fi: Wireless technology generally based on a set of standards called IEEE 802.11 A number of standards (a,b,g,n) exist depending on speed and technological improvements A number of security protocols proposed WEP WPA WPA2

23 G53SEC 23 WiFi:

24 G53SEC 24 Wi-Fi: Wi-Fi Increasingly used at home and as part of businesses New uses emerge frequently City wide Wi-Fi BT FON

25 G53SEC 25 Wi-Fi: Many Issues: - Incorrectly setup Access Points - Encryption - Access control - Wi-Fi not included in security policies in many institutions - Weak encryption standards used - Rogue Access Points - War-driving

26 G53SEC 26 Wi-Fi: WEP Key size a major security limitation Algorithm is susceptible to a cryptanalysis attack It uses the RC4 stream cipher algorithm WEP allows certain packet parts to be reused This allows attacker to obtain some known text The rest is only a matter of statistical analysis

27 G53SEC 27 Wi-Fi: WEP Original attack required hours of collected data to successfully find encryption key 2007 – WEP cracked under 60 seconds by researchers from Germany WPA A quick preliminary solution to WEP issues However vulnerable to a password guessing attack

28 G53SEC 28 Wi-Fi: WPA2 A complete redesign of WLAN security mechanisms Stream cipher RC4 replaced by AES but WPA2 requires new hardware To Remember: For Wi-Fi access points only use WPA2 or in worst case WPA WEP is totally broken!

29 G53SEC 29 Bluetooth: Technology for wireless ad-hoc networks For short range communications e.g. for keyboards, headsets, etc.. Contains cryptographic mechanism for traffic protection between devices Application level attacks exist Bluesnarf exploits flawed implementations of access control – retrieves personal information Viruses are beginning to appear http://www.f-secure.com/weblog/archives/archive-072007.html

30 G53SEC 30 Summary: Security in the Mobile environment Current mobile technologies

Download ppt "G53SEC 1 Mobile Security GSM, UTMS, Wi-Fi and some Bluetooth."

Similar presentations

Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Doc.: IEEE 802.11-04/0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.

WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID 001790660.

1 Enhancing Wireless Security with WPA CS-265 Project Section: 2 (11:30 – 12:20) Shefali Jariwala Student ID
Intercepting Mobiles Communications: The Insecurity of 802.11 Danny Bickson ACNS Course, IDC Spring 2007.

Intercepting Mobiles Communications: The Insecurity of Danny Bickson ACNS Course, IDC Spring 2007.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Security in Wireless LAN 802.11 Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.

Security in Wireless LAN Layla Pezeshkmehr CS 265 Fall 2003-SJSU Dr.Mark Stamp.
Wireless Encryption By: Kara Dolansky Network Management Spring 2009.

Wireless Encryption By: Kara Dolansky Network Management Spring 2009.
Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.

Vulnerability In Wi-Fi By Angus U CS 265 Section 2 Instructor: Mark Stamp.
11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.

11 WIRELESS SECURITY by Prof. Russell Jones. WIRELESS COMMUNICATION ISSUES  Wireless connections are becoming popular.  Network data is transmitted.
Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.

Wireless Security Ysabel Bravo Fall 2004 Montclair State University - NJ.
E-mail: kemal@cs.siu.edu Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE 802.11.

Department of Computer Science Southern Illinois University Carbondale Wireless and Network Security Lecture 9: IEEE
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
Information Security of Embedded Systems 20.1.2010: Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Communication, wireless remote access Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.
802.11 Networks Olga Agnew Bryant Likes Daewon Seo.

Networks Olga Agnew Bryant Likes Daewon Seo.
WLAN security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.

WLAN security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents WEP (Wired Equivalent Privacy) No key management Authentication.
Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

Similar presentations

Ads by Google