Security of GSM System

Written by Priyanka Agarwal

By Priyanka Agarwal

Introduction Every day millions of people use cellular phones over radio links. Withrepparttar increasing features,repparttar 107946 mobile phone is gradually becoming a handheld computer. Inrepparttar 107947 early 1980’s, when most ofrepparttar 107948 mobile telephone system was analog,repparttar 107949 inefficiency in managingrepparttar 107950 growing demands in a cost-effective manner led torepparttar 107951 opening ofrepparttar 107952 door for digital technology (Huynh & Nguyen, 2003). According to Margrave (n.d), “Withrepparttar 107953 older analog-based cellular telephone systems such asrepparttar 107954 Advanced Mobile Phone System (AMPS) andrepparttar 107955 Total Access Communication System (TACS)”, cellular fraud is extensive. It’s very simple for a radio hobbyist to tune in and hear cellular telephone conversations since without encryption,repparttar 107956 voice and user data ofrepparttar 107957 subscriber is sent torepparttar 107958 network (Peng, 2000). Margrave (n.d) states that apart from this, cellular fraud can be committed by using complex equipment to receiverepparttar 107959 Electronic Serial Number so as to clone another mobile phone and place calls with that. To counteractrepparttar 107960 aforementioned cellular fraud and to make mobile phone traffic secure to a certain extent, GSM (Global System for Mobile communication or Group Special Mobile) is one ofrepparttar 107961 many solutions now out there. According to GSM-tutorials, formed in 1982, GSM is a worldwide accepted standard for digital cellular communication. GSM operates inrepparttar 107962 900MHz, 1800MHz, or 1900Mhz frequency bands by “digitizing and compressing data and then sending it down a channel with two other streams of user data, each in its own time slot.” GSM provides a secure and confidential method of communication Security provided by GSM The limitation of security in cellular communication is a result ofrepparttar 107963 fact that all cellular communication is sent overrepparttar 107964 air, which then gives rise to threats from eavesdroppers with suitable receivers. Keeping this in account, security controls were integrated into GSM to makerepparttar 107965 system as secure as public switched telephone networks. The security functions are:

1. Anonymity: It implies that it is not simple and easy to trackrepparttar 107966 user ofrepparttar 107967 system. According to Srinivas (2001), when a new GSM subscriber switches on his/her phone forrepparttar 107968 first time, its International Mobile Subscriber Identity (IMSI), i.e. real identity is used and a Temporary Mobile Subscriber Identity (TMSI) is issued torepparttar 107969 subscriber, which from that time forward is always used. Use of this TMSI, preventsrepparttar 107970 recognition of a GSM user byrepparttar 107971 potential eavesdropper.

2. Authentication: It checksrepparttar 107972 identity ofrepparttar 107973 holder ofrepparttar 107974 smart card and then decides whetherrepparttar 107975 mobile station is allowed on a particular network. The authentication byrepparttar 107976 network is done by a response and challenge method. A random 128-bit number (RAND) is generated byrepparttar 107977 network and sent torepparttar 107978 mobile. The mobile uses this RAND as an input and through A3 algorithm using a secret key Ki (128 bits) assigned to that mobile, encryptsrepparttar 107979 RAND and sendsrepparttar 107980 signed response (SRES-32 bits) back. Network performsrepparttar 107981 same SRES process and compares its value withrepparttar 107982 response it has received fromrepparttar 107983 mobile so as to check whetherrepparttar 107984 mobile really hasrepparttar 107985 secret key (Margrave, n.d). Authentication becomes successful whenrepparttar 107986 two values of SRES matches which enablesrepparttar 107987 subscriber to joinrepparttar 107988 network. Since every time a new random number is generated, eavesdroppers don’t get any relevant information by listening torepparttar 107989 channel. (Srinivas, 2001)

3. User Data and Signalling Protection: Srinivas (2001) states that to protect both user data and signalling, GSM uses a cipher key. Afterrepparttar 107990 authentication ofrepparttar 107991 user,repparttar 107992 A8 ciphering key generating algorithm (stored inrepparttar 107993 SIM card) is used. Takingrepparttar 107994 RAND and Ki as inputs, it results inrepparttar 107995 ciphering key Kc which is sent through. To encipher or decipherrepparttar 107996 data, this Kc (54 bits) is used withrepparttar 107997 A5 ciphering algorithm. This algorithm is contained withinrepparttar 107998 hardware ofrepparttar 107999 mobile phone so as to encrypt and decryptrepparttar 108000 data while roaming. Algorithms used to make mobile traffic secure

Authentication Algorithm A3: One way function, A3 is an operator-dependent stream cipher. To computerepparttar 108001 output SRES by using A3 is easy but it is very difficult to discoverrepparttar 108002 input (RAND and Ki) fromrepparttar 108003 output. To coverrepparttar 108004 issue of international roaming, it was mandatory that each operator may choose to use A3 independently. The basis of GSM’s security is to keep Ki secret (Srinivas, 2001)

Ciphering Algorithm A5: In recent times, many series of A5 exists butrepparttar 108005 most common ones are A5/0(unencrypted), A5/1 and A5/2. Because ofrepparttar 108006 export regulations of encryption technologies there isrepparttar 108007 existence of a series of A5 algorithms (Brookson, 1994).

A8 (Ciphering Key Generating Algorithm): Like A3, it is also operator-dependent. Most providers combine A3 and A8 algorithms into a single hash function known as COMP128. The COMP128 creates KC and SRES, in a single instance (Huynh & Nguyen, 2003).

GSM security flaws

·Security by obscurity. According to (Li, Chen & Ma) some people asserts that sincerepparttar 108008 GSM algorithms are not publicized so it is not a secure system. “Most security analysts believe any system that is not subject torepparttar 108009 scrutiny ofrepparttar 108010 world’s best minds can’t be as secure.” For instance, A5 was never made public, only its description is divulged as part ofrepparttar 108011 GSM specification.

·Another limitation of GSM is that although all communication betweenrepparttar 108012 Mobile station andrepparttar 108013 Base transceiver station are encrypted, inrepparttar 108014 fixed network allrepparttar 108015 communication and signalling is not protected as it is transmitted in plain text most ofrepparttar 108016 time (Li, Chen & Ma).

·One more problem is that it is hard to upgraderepparttar 108017 cryptographic mechanisms timely.

·Flaws are present withinrepparttar 108018 GSM algorithms. According to Quirke (2004) “ A5/2 is a deliberately weakened version of A5/1, since A5/2 can be cracked onrepparttar 108019 order of about 216”.

Is VoIP Good For The Home?

Written by Aaron Siegel

There is no doubt that you have heard about VoIP by now. It’s made headlines and is plastered everywhere both in online and TV advertisements. Just in case you haven’t caught on torepparttar hype yet, VoIP isrepparttar 107945 abbreviated term for Voice over Internet Protocol. Voice over Internet Protocol is basicallyrepparttar 107946 ability to communicate on a phone over your Internet connection.

With VoIP,repparttar 107947 promise isrepparttar 107948 ability to make local and global long distance calls at a significantly lower rate than over a plain old telephone line through your local carrier. The VoIP trend has caught on and large enterprises all overrepparttar 107949 globe are adopting this new technology to reduce their cost of business communications which may include fax, conference calling, along with streaming video applications. VoIP has been around for some time, but it has only been until recently that it has finally matured torepparttar 107950 stage worthy of replacing everyday phone use.

Atrepparttar 107951 household level, it is certain by now that you are compelled to embrace this technology somewhat, but are not sure how to go about it or even if this technology has any real benefit for your family. You are probably wondering, “How much? How difficult? Is it necessary?” This article hopefully will clear up a few unanswered questions you may have regarding this technology and maybe even excite you enough to go on out and get VoIP hooked up in your own home.

First off, you must have an Internet connection. No, not your 56k dial up connection, but an actual high speed Internet connection. This can be cable, satellite, or DSL Internet, but you will need high speed Internet for VoIP to function properly and become your new calling station. Dialup just doesn’t haverepparttar 107952 capacity or speed to transfer voice digitally without significant quality loss. A company named SpeakEasy has recently come out with a new DSL product that requires no current phone line for high speed Internet if DSL is your current favorite of broadband services and if you are planning on replacing your current phone service with VoIP.

Cont'd on page 2 ==> © 2005
Terms of Use