GSM Security for Mobile Commerce -call to action.

By Tyrus Muya Kamau Blog: tyrus-ops.blogspot.com Twitter: @tyrus_

OUTLINE

Introduction GSM encryption intro mCommerce GSM Kno n fla ! Mo"in# for ard

MY HATS

Group Head In ormation !ecurity

" #is$% &ellulant Group

Independent !ecurity #esearc'%

&onsultancy% Trainer.
Budding ('otograp'er.

GSM Encryption$ % fe
Kno n cip'er! (%)*+ , %)*-.

&act!

T'e abo"e 'a"e academically and practically

been bro/en
Time-Memory trade off i! t'e mo!t efficient

met'od.
Loo/ up data already computed in t'e form of

0ainbo Table! u!in# L&S0 Code 2oo/ Colli!ion.

'ic' e1ploit!

GSM Encryption Intro..cont3d

Mcommerce$4o
platform!.

it all tie! up

Mo!tly run! on GSM3! USS5 and SMS(older T'ird party "endor! are contracted to de"elop bac/

end!.
Security more often t'an not6 left to MNO! to fi#ure

out.

:..Cont3d
)o practical attac$ 'as 'appened on t'e G!M *!!+ air inter ace yet but...... USS5 ride! on t'e !ame GSM encryption Call! 'a"e been intercepted and played bac/ 5eri"in# t'e Kc (!e!!ion /ey. from t'e Ki(!ecret SIM /ey. USS5 i! a M%7 tran!action6 encap!ulated in TC%78SCC78MT79 or any of t'e SIGT0%N "ariant!.

Mean!6 it! no different from interceptin# becau!e it i! tran!ported on t'e !i#nalin# c'annel li/e SMS or Call Control

GSM &la ! from t'e air interface...

-U!in# affordable ;GSM debu##in# de"ice!< you can intercept your o n call and "erify if your net or/ i! u!in# encryption.

-U!in# Soft are 5efined 0adio (T'e US07. and GNU radio6 you can !et up your o n fully functional GSM Net or/ u!in# Open2SC and Open2TS.

GSM ;5ebu##in#.....<=!ic>

Call to action...
Model re!earc' area! around t'i! area$E#6Strat'more iLab 0e!earc'$ Mobile commerce !ecurity ri!/ area!. Encoura#e Net or/! to perform !ecurity c'ec/! out!ide of t'eir net or/! and to apply /no n patc'e! for /no n GSM fla !.