ENHANCING SECURITY IN GSM

Synopsis
For M.Tech programme
Submitted By:
MEGHNA SHARMA

Under the guidance of

Mr. Ajay Kumar

2013
JECRC UNIVERSITY, JAIPUR

be specific about the topic and change the title

INTRODUCTION
Global System for Mobile Communications (GSM) is the most popular mobile phone
system in the world. According to a press release by the GSM Association recently,
there are more than 747.5 million subscribers in over 184 countries today by the time
of September 2002, accounting for 71.2% of the World's digital market and 69% of
the World's wireless market. The number of subscribers worldwide is expected to
surpass one billion by the end of 2003[1] (GSM Association. www.gsmworld.com
The typical architecture of gsm :-

The motivations for security in cellular telecommunications systems are to secure

conversations and signaling data from interception as well as to prevent cellular
telephone fraud. With the older analog-based cellular telephone system.

1.GSM Security Model

1.1The Purpose of GSM Security:
The use of radio communications for transmission to the mobile subscribers makes
GSM Public Land Mobile Networks (PLMN) particularly sensitive to misuse of their
resources byunauthorized persons using manipulated Mobile Stations, who try to
impersonate authorised subscribers and eavesdropping of the various information,
which are exchanged on the radio path.
So the security features in GSM PLMN is implemented to protect:
The access to the mobile services.
Any relevant item from being disclosed at the radio path, mainly in order to ensure
the
privacy of user-related information

1.2 Security Features of GSM:

Several security functions were built into GSM to safeguard subscriber privacy.
These include:
Authentication of the registered subscribers only
Secure data transfer through the use of encryption
Subscriber identity protection
Mobile phones are inoperable without a SIM
Duplicate SIM are not allowed on the network
Securely stored Ki.[2]

REVIEW OF LITERATURE
Security is the first and the foremost priority with in any communication, the advent in
technology is based upon the technology that promises the most secure and rapid
means of communication. GSM is one of the world's largest growing
communications. This review main focus is to bring forward the basic procedure
involved in call authentication starting from the switching on of cell. The report also
focuses on the basic algorithms involved in the authentication. Furthermore it is
intended to bring to the light the procedure involved in the encryption of call that
makes it secure over the air and keeps the privacy of the user intact. The algorithms
involved in the encryptions are therefore also discussed in the review.
The review provides an equipped background to cover the following field key areas
with all basicity:-

Preference of GSM on AMPS

Authentication procedures
Encryption (over the air)
Strength of key based algorithms.

HISTORY & INTRODUCTION TO THE NEED OF SECURITY:For the first day of known mankind history the means of communication has always
been a keystone in human development. From the days of peace to the days of war
the message conveying is vulnerable to the needs of our day to day dealings
especially in wars where not only communication is needed but also a secure
communication is needed . as the land was discovered more and more need of
developing a communication system was felt which could transmit the base bands to
a larger coverage band around the globe
AMPS TECHONOLOGY:The evolution of mobile communication has been almost wholly in 3 different
geographic regions. The standards that were born in these regions were quite
independent. The 3 regions are North America, Europe and Japan. The earlier
mobile or wireless technologies were wholly analog and are collectively known as 1st
Generation (1G) technologies.[3]
GSM ARCHITECTURE:GSM is basically composed of two sets of communication chunks. One that is mobile
station (MS) and other is the network. MS further is divided into two components,
SIM (SUBSCRIBER IDENTITY MODULE), and mobile equipment (ME).mobile
equipment has all the necessary information how to transmit the data and voice calls
it has low power transmitter, and receiver. The ME further has a encryption
algorithms also which will be discussed later in encryption.[4]

INTRODUCTION TO BASIC GSM NETWORK:Gsm network has basically two divisions:1. BSS (BASE STATION SUBSYSTEM)
2. NSS (NETWORK AND SWITCHING SUBSYSTEM)
BSS consists of the BTS and BSC .BTS is a base transceiver station that can
transmit and receive the data and is connected to BSC at back end . BSC is base
station controller forms a interface with the MSC.
NETWORK SUBSYSTEM
Network subsystem is composed of the followings components:Mobile services Switching Center (MSC)
Home Location Register (HLR)
Visitor Location Register (VLR)
Equipment Identity Register (EIR)
Authentication Center (AuC)
Home location register is a permanent data base that stores all necessary
information regarding user particulars. For example msisdn, imsi etc. VLR stores any
location based update whenever a user transits between tow locations the data is
sent to new VLR from old VLR via HLR.AUC is a core of network security and
performs all tasks pertaining to call authentication encryption billing etc. EIR stores
the unique equipment identity number that is used by VLR and AUC if tracking is
necessary even it maintains the blacklist mobiles that are reported by federal
agencies as stolen.
GSM SECURITY FEATURES:Gsm involves two basic security parameters authentication and encryption.

AUTHENTICATION:Authentication in GSM system is initialized by the MS when it sends a request to

register itself IMSI is sent if the cell is switched on for the very first time this IMSI is
sent to network to the AUC. The network finds the record corresponding to this
particular IMSI and also issues a TMSI (TEMPORARY MOBILE SUBSCRIBER
IDENTITY) so that the imsi is not send over the air and is safe for future usage
because IMSI and TMSI are sent as plain text and becomes easy for hacker to
intercept such records over the air. Ki is a key stored in our SIM and is also known to
the HLR and AUC. After finding the record from VLR it is sent to the AUC there AUC
generates a 128 bit random challenge known as RAND. this RAND is sent to the MS
and Ki Both are used as an input to the A3 algorithm which processes these inputs
and gives out a 32 bit SRES signed response.AUC and MS both calculate the SRES
abnd this SRES is compared if matched the authentication is granted note that
SRES
is
32
bit[4]

INTRODUCTION TO A3 ALGORTHIM :AUC generates a 128 bit random challenge known as RAND. this RAND is sent to
the MS and Ki Both are used as an input to the A3 algorithm which proceses these
inputs and gives out a 32 bit SRES signed response.AUC and MS both calculate the
SRES abnd this SRES is compared if matched the authentication is granted note
that SRES is 32 bit. The GSM network authenticates the identity of the subscriber
through the use of a challenge-response mechanism. A 128-bit random number
(RAND) is sent to the MS. The MS computes the 32-bit signed response (SRES)
based on the encryption of the random number (RAND) with the authentication
algorithm (A3) using the individual subscriber authentication key (Ki). Upon receiving
the signed response (SRES) from the subscriber, the GSM network repeats the
calculation to verify the identity of the subscriber. Note that the individual subscriber
authentication key (Ki) is never transmitted over the radio channel. It is present in the
subscriber's SIM, as well as the AUC, HLR, and VLR databases as previously
described. If the received SRES agrees with the calculated value, the MS has been
successfully authenticated and may continue. If the values do not match, the
connection is terminated and an authentication failure indicated to the MS.[5]
INTRODUCTION TO ENCRYPTION IN GSM:-

This section provides a brief overview of cryptography, with an emphasis

the features that appear in the GSM system
Symmetric Algorithms
Symmetric algorithms are algorithms in which the encryption and decryption use the
same key. For example, if the plaintext is denoted by the variable P, the ciphertext by
C, the encryption with key x by the function Ex( ), and the decryption with key x by
Dx( ), then the symmetric algorithms are functionally described as follows:
C=Ex(P)
P=Dx(C)
P=Dx(Ex(P))
For a good encryption algorithm, the security of the data rests with the security of the
key, which introduces the problem of key management for symmetric algorithms. The
most widely-known example of a symmetric algorithm is the Data Encryption
Standard (DES). Symmetric encryption algorithms may be further divided into block
ciphers and stream ciphers.
Public Key Algorithms:Public key algorithms are characterized by two keys, a public and private key, which
perform complementary functions. Public and private keys exist in pairs and ideally
have the property that the private key may not be deduced from the public key, which

allows the public key to be openly distributed. Data encrypted with a given public key
may only be decrypted with the corresponding private key, and vice versa. This is
functionally expressed as follows:
C=Epub(P), P=Dpriv(C)
C=Epriv(P), P=Dpub(C)
Public key cryptography simplifies the problem of key management in that two
parties may exchange encrypted data without having exchanged any sensitive key
information. Digital Signatures also make use of public key cryptography, and
commonly consist of the output of a one-way hash function for a message with a
private key. This enables security features such as authentication and nonrepudiation. The most common example of a public key algorithm is RSA, named
after its inventors Rivest, Shamir, and Adleman. The security features of GSM,
however, do not make use of any type of public key cryptography. [6]
Key Strength :
This section focuses on key length as a figure of merit of an encryption algorithm.
Assuming a brute-force search of every possible key is the most efficient method of
cracking an encrypted message (a big assumption), Table 1 shown below
summarizes how long it would take to decrypt a message with a given key length,
assuming a cracking machine capable of one million encryptions per second.
The time required for a 128-bit key is extremely large; as a basis for comparison the
age of the Universe is believed to be 1.6x10^10 years. An example of an algorithm
with a 128-bit key is the International Data Encryption Algorithm (IDEA). The key
length may alternately be examined by determining the number of hypothetical
cracking machines required to decrypt a message in a given period of time.
A machine capable of testing one million keys per second is possible by today's
standards. In considering the strength of an encryption algorithm, the value of the
information being protected should be taken into account. It is generally accepted
that DES with its 56-bit key will have reached the end of its useful lifetime by the turn
of the century for protecting data such as banking transactions. Assuming that the A5
algorithm has an effective key length of 40 bits (instead of 64), it currently provides
adequate protection for information with a short lifetime. A common observation is
that the "tactical lifetime" of cellular telephone conversations is on the order of
weeks.
Revise the review of literature and concern about 10-15 research papers and
mention paper wise outcome in standard format.
CONCLUSION
The security mechanisms specified in the GSM standard make it the most secure
cellular telecommunications system available. The use of authentication, encryption,
and temporary identification numbers ensures the privacy and anonymity of the
system's users, as well as safeguarding the system against fraudulent use. Even
GSM systems with the A5/2 encryption algorithm or even with no encryption are

inherently more secure than analog systems due to their use of speech coding,
digital modulation, and TDMA channel access

STATEMENT OF THE RESEARCH PROBLEM

Statement - Encryption Flaw Makes Phones Possible Accomplices in Theft.
Revise the statement of the problem.
A German mobile security expert says he has found a flaw in the encryption
technology used in some SIM cards, the chips in handsets , that could enable cyber
criminals to take control of a persons phone.
Karsten Nohl , founder of Security Research Labs in Berlin, said the encryption hole
allowed outsiders to obtain a SIM cards digital key, a 56-digit sequence that opens
the chip up to modification. With that key in hand, Mr. Nohl said, he was able to send
a virus to the SIM card through a text message, which let him eavesdrop on a caller,
make purchases through mobile payment systems and even impersonate the
phones owner.
He said he had managed the whole operation in about two minutes, using a simple
personal computer. He estimates as many as 750 million phones may be vulnerable
to attacks.
We can remotely install software on a handset that operates completely
independently from your phone, Mr. Nohl said. We can spy on you. We know your
encryption keys for calls. We can read your S.M.S.s. More than just spying, we can
steal data from the SIM card, your mobile identity, and charge to your account. [8]

SCOPE OF THE STUDY

Analog cellular phones and networks were designed with minimal security which
soon turned out to be insufficient. The GSM system provides solutions to a few
important aspects of security: subscriber authentication, subscriber identity
confidentiality and confidentiality of voice and data over the radio path. This paper
gives an overview of the security features provided in a GSM PLMN and GPRS
network.
GSM introduced powerful algorithms and encryption techniques on security controls.
They are categorized into three functions according to ETSI standard specications
They are subscriber identity condentiality, subscriber identity authentication, user
data con-dentiality on physical connections, connectionless user data
condentiality, and signalling information element.
GSM introduced powerful algorithms and encryption techniques on security controls.
They are categorized into three functions according to ETSI standard specications
[8]. They are subscriber identity condentiality, subscriber identity authentication,
user data condentiality on physical connections, connectionless user data
condentiality, and signalling information element.

Mention scope of study related your problem.

LIMITATIONS
Problems with GSM security
Security by obscurity - which means that all of the algorithms used are not available
to the public. Most security analysts believe any system that is not subject to the
scrutiny of the worlds best minds cant be as secure.
Only provides access security. All communication between the Mobile Station and
the Base Transceiver Station are encrypted. But all communications and signalling is
generally transmitted in plain text in the fixed network.
Difficult to upgrade the cryptographic mechanisms
Lack of user visibility (e.g. doesnt know if encrypted or not)
The flaw of the algorithms.

Revise the methodology. Mention

implementation.

the

tool and

METHADOLOGY
The Security Mechanism
MUST NOT :
1.
2.
3.
4.

Add Significant overhead on call set up.

Increase bandwidth of channel.
Increase error rate.
Add Expensive complexity to the system.

MUST :
1. Cost Effective Schemes.

DEFINE SECURITY PROCEDURES:

1. Generation & Distribution Of Keys

2. Exchange Information between operators.
3. Confidentiality Of algorithms.

some

idea

towards

Include detailed plan

MONTH WISE PLAN OF WORK

August : Selection Of Topic

September : Problem Definition & Paper Readings
October : Synopsis & Paper Readings

REFERENCES
[1] GSM Association. www.gsmworld.com
[2] European Telecommunications Standards Institute, Recommendation GSM
02.09, "SecurityAspects".
[3] Van der Arend, P. J. C., "Security Aspects and the Implementation in the GSM
System," Proceedings of the Digital Cellular Radio Conference, Hagen, Westphalia,
Germany, October, 1988.
[4]Zheng Yuliang , Enhancing Security in GSM , October 2008
[5] Hodges, M.R.L., "The GSM Radio Interface," British Telecom Technology Journal,
Vol. 8, No. 1, January 1990, pp. 31-43.
[6] Cooke, J.C.; Brewster, R.L., "Cyptographic Security Techniques for Digital Mobile
Telephones," Proceedings of the IEEE International Conference on Selected Topics
in Wireless Communications, Vancouver, B.C., Canada, 1992.

[7] Recent and archived news articles by Kevin J. O'Brien of The International
Herald Tribune and The New York Times.
[8] Security Aspects , European Telecommunication Standards Institute , August
2000.