Presentation is loading. Please wait.

Presentation is loading. Please wait.

NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for.

Published by Modified over 8 years ago

Similar presentations

Presentation on theme: "NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for."— Presentation transcript:

1 NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for Emerging Areas in Communications Networks, 2005 Author : Sandro Grech, Pasi Eronen Presented by : Ying Long Chen

2 page2Outline  Overview of UMA  Introduction  Background: GSM and GPRS security  UMA overview  Security Analysis  Protecting against the attack  Conclusion

3 page3Introduction  Why UMA  Indoor coverage issue for GSM  Bandwidth issue  The standardization work is continued by 3GPP

4 page4 GSM and GPRS Security  Authentication : avoid fraudulent access by a cloned MS  Encryption : avoid unauthorized listening  Parameters:  Ki : used to achieve authentication(128 bit)  Ki is stored in AUC and SIM  Ki is not known to the subscriber  Rand : 128-bit random number by the home system  SRES : 32-bit generated by Algorithm A3  Kc : generated by Algorithm A8 for the encryption  Frame number : a TDMA frame number encoded in the data bits

5 page5 GSM and GPRS Security  Authentication algorithm :  A3  Authentication function  Stored in AUC and SIM  Encryption algorithm :  A8  To generated the encryption key  Stored in AUC and SIM  A5  An algorithm stored in the MS (handset hardware) and the visit system  Used for data ciphering and deciphering

6 page6 GSM and GPRS Security

7 page7 UMA overview UMA security mechanisms

8 page8 UMA overview 1. Unlicensed Interface Security :  Outside the scope of UMA 2. Up Interface Security  Traffic between the phone and the UNC is protected by IPSec ESP tunnel, which is established and maintained using IKEv2 3. CN authentication, GPRS ciphering  The authentication between the phone and UNC does not replace the normal GSM authentication between the phone and MSC 4. Data application security  Outside the scope of UMA

9 page9 UMA Security Mechanisms  Authentication Mechanisms  UMA stage 2 states that mutual authentication between Mobile Station and UNC shall be accomplished using Internet Key Exchange (IKEv2) protocol and the Extensible Authentication Protocol (EAP)  Confidentiality Mechanisms  IPsec protect all signal and user traffic sent between MS and UNC-SGW over the Up interface.

10 page10 UMA Security Mechanisms  Integrity Mechanisms  As part of IPsec, messages could be integrity protected. IPsec use a hash with a secret key to provide integrity protection. This scheme is called an HMAC(Hashed Message Authentication Code)  User Credentials  All long-term security credentials used for subscriber and network authentication are stored on the SIM

11 page11 UMA overview

12 page12 UMA overview

13 page13 UMA Security Analysis  IKEv2  IMSI not protected enough  During the initial stage of the EAP-SIM and EAP-AKA procedures, when the Mobile Station sends IKE SA INIT, it will transfer its Network Access Identifier (NAI), containing the IMSI. This message is encrypted.  But an attacker intercepting traffic to the UNC-SGW could act as a false UNC-SGW and receive the NAI of the Mobile Station before it has to authenticate itself as a valid UNC. This information could be used to locate a mobile subscriber, hence violating the subscriber identity. This identity probing is a known issue caused by the IKEv2 protocol  Dos attack :  Before the responder authenticate the initiator , the responder will compute DH agreed key ( 指數運算 ) , so the attacker can make a lot of request to build IKE SA.

14 page14 UMA Security Analysis  Open Platform  Unauthorized access and identity spoofing  By virus or Trojan horse  Exploitation of implementation weakness  Such as buffer overflow  Denial of service  Attack from WLAN 、 internet  Eavesdropping  Location spoofing

15 page15 Protecting against the attack  Protecting non-malicious users’ terminals  Technical prevention of unapproved terminals  Legal prevention of unapproved terminals  Detecting and disabling misbehaving terminals  Increasing core network resistance to attacks

16 page16 Conclusion & Future Work  Since the UMA specifications have been published only recently, it is possible that they contain problems with potential security implications.  Future work is also required to determine the security impact of UMA in roaming situations, to identify better countermeasures against denial-of-service attacks, and to investigate mechanisms for detecting misbehavior and fraud

Download ppt "NCHU AI LAB Implications of Unlicensed Mobile Access for GSM security From : Proceeding of the First International Conference on Security and Privacy for."

Similar presentations

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG

U M T S F o r u m © UMTS 2002 UMTS Security aspects UMTS Forum ICTG Chair Bosco Fernandes Siemens AG
Secure Mobile IP Communication

Secure Mobile IP Communication
Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.
An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,

An Improvement on Privacy and Authentication in GSM Young Jae Choi, Soon Ja Kim Computer Networks Lab. School of Electrical Engineering and Computer Science,
GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.

GSM network and its privacy Thomas Stockinger. Overview Why privacy and security? GSM network‘s fundamentals Basic communication Authentication Key generation.
GSM Security and Encryption

GSM Security and Encryption
Syed Safi Uddin Qadri BETL/F07/0112 GSM Stream Cipher Algorithm Presented To Sir Adnan Ahmed Siddiqui.

Syed Safi Uddin Qadri BETL/F07/0112 GSM Stream Cipher Algorithm Presented To Sir Adnan Ahmed Siddiqui.
Security of Mobile Banking

Security of Mobile Banking
Network Security. Reasons to attack Steal information Modify information Deny service (DoS)

Network Security. Reasons to attack Steal information Modify information Deny service (DoS)
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Lecture 1: Overview modified from slides of Lawrie Brown.

Lecture 1: Overview modified from slides of Lawrie Brown.
Myagmar, Gupta UIUC 2001 1 3G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.

Myagmar, Gupta UIUC G Security Principles Build on GSM security Correct problems with GSM security Add new security features Source: 3GPP.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.

Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
One-Pass GPRS and IMS Authentication Procedure for UMTS

One-Pass GPRS and IMS Authentication Procedure for UMTS
GSM standard (continued)

GSM standard (continued)
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
Doc.: IEEE 802.11-04/0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Similar presentations

Ads by Google