CRACKING GSM AND UMTS
|
|
- Isabel Maxwell
- 6 years ago
- Views:
Transcription
1 CRACKING GSM AND UMTS SIGNAL INTERCEPTION AND JAMMING By: James Konderla Written for CYBS 6350: Data Security (Fall 2014) 10/18/2014 i
2 Table of Contents Abstract... iii Overview of GSM and UMTS Technologies... 1 What is GSM?... 1 Where does UMTS come in?... 1 Security, Vulnerabilities and Attacks... 3 First Attack: Man-In-The-Middle... 3 Attack 2: Signal Jamming (Denial of Service)... 6 Thoughts on Encryption... 8 Conclusions References Table of Figures Figure Figure Figure Figure Figure ii
3 Abstract As mobile devices and the always on lifestyle become central to society there remains an area that few choose to think about: mobile security. Mobile devices, in particular smartphones and tablets, have changed society in indisputable ways by allowing the sharing of movies, photos, music, and even allowing the ability to telecommute and stay up to date on the latest news while on the go. At the end of the day, though security of data often drifts to the back of most consumers minds. Recent security events such as the Apple icloud breach (Samson, 2014) have shown that no security technology is unbreakable and all security technologies need constant revision to stay one step ahead of the enemy. In this paper I have chosen to focus on two inter-twined technologies that are central to many lives globally: GSM and UMTS. First we will take a look at both technologies before delving into two of the most pressing attacks: signal interception and signal jamming. Finally we will take a look at the encryption of these technologies as well as some conclusions I have developed based on the review of reference materials, this course, and current events. iii
4 What is GSM? Overview of GSM and UMTS Technologies The Global System for Mobile Communications (GSM) is a second generation standard for mobile networks (Technopedias, 2014). Founded in the 1980 s by the European Telecommunications Standards Institute the mission of GSM was to make one standard communications method for cellular and mobile devices throughout Europe. GSM uses signals on three different frequencies: 900 MHz, which has since been depreciated, 1800 MHz, and the 1900 MHz band. GSM has very broad usage in Europe as the de-facto mobile protocol and is used widely in the U.S. by T-Mobile and AT&T which amounts to approximately 44% of the total U.S. Cellular Market as of the first quarter of 2014 (Statista, 2014). Although the competing technology, Code Division Multiple Access (CDMA), holds 56% of the current U.S. Market GSM still shows to be the top contender on the international side. The major weaknesses of GSM, though are that the GSM technology has a fixed cell site range of 35 kilometers, has a very low maximum data rate and that GSM and all 2G technologies are circuit-switched: if there are no circuits available or the circuit is unreliable your call or data transmission will not be able to be completed. When it comes down to it, GSM was just not built to be a data-transfer network or to have data securely transferred. Where does UMTS come in? UMTS, or the Universal Mobile Telecommunications Systems, is a third-generation (3G) mobile telecommunications technology. UMTS uses 3 different yet similar air interfaces and was built on top of the existing GSM standard, providing the ability to co-operate with current standards. Though infrastructure upgrades were required, UMTS added the ability for packetswitching and a virtual connection that provides an always on experience using the frequency 1
5 bands between 1885 and UMTS expanded GSM into two very important areas: the ability to consistently transfer data at a moment s notice and the ability for a user to freely roam between cell towers without losing connectivity. UMTS, while an improvement on GSM, came with its own set of problems: usage of the COMP128 encryption algorithm (which has been proven to allow user impersonation) a key length of only 32 bits, no method of network authentication allowing the ability of signal interception through false base stations, encryption that terminates at the base station but leaves the message decrypted in transit and an insecure key transmission where cipher keys are transmitted in the clear both inside and outside of the networks (Suominen, 2003). Even with these security flaws, UMTS delivers abilities for data integrity and security based within the Radio Network Controller rather than at the base station itself, methods of lawful interception and an increase to a 128 bit cipher key providing compatibility with GSM network specifications. The way in which these two technologies interact can be found in Image 1 (HACHA malla, 2010). Of particular note is that these two systems interact together and are not separate, providing the capability to transmit both call and data on the same network. Figure 1 2
6 Security, Vulnerabilities and Attacks UMTS was built on GSM, making many improvements but also inheriting some of the basic weaknesses of the GSM system. One major flaw in the original GSM standard was the authentication of the device and network. Originally, devices on the GSM network had no way of ensuring that they were authenticating to a valid network and vice versa. In fact, during a 2012 DEFCON presentation (Goodin, 2014), a team of hackers known as Ninja Networks created their very own GSM network and were able to successfully demonstrate the failings of the GSM authentication protocols. UMTS was able to improve upon this by implementing the mutual authentication of users (i.e. devices) and the network. This standard, though, made an important improvement beyond mutual authentication: for 3G and 4G networks a mandatory cipher mode using a block cipher called KASUMI, which utilizes a 128 bit cipher key in order to provide data integrity and security (Suominen, 2003). The user, though, is able to disable this security creating a very large hole in the security of this system. In addition to the improvements of authentication, UMTS also provides user identity confidentiality via the use of International Mobile Subscriber Identity (IMSI) numbers that allow GSM and UMTS networks to interconnect and even enable users to use their cellular devices in a roaming fashion on other networks. Both of these improvements, while substantial, still rely on the use of Subscriber Identity Module (SIM) cards. First Attack: Signal Interception (Man-In-The-Middle) With the above mentioned facts in mind for both GSM and UMTS there are two classes of attacks that clearly come to mind and that I have chosen to address: Signal Interception and Denial of Service. Both of these attacks focus on the manipulation of the specific signal bands 3
7 that GSM and UMTS are built upon as well as the continued use of SIM card technologies, and have been shown to be both easy and cheap to execute. The first of our attacks focuses on Signal Interception via a Man-In-The-Middle attack. As can be seen in Figure 1, Signal interception is already in use by law enforcement agencies via a loophole in the standard that, according to Suomien (2003), states 3GMS shall provide access to the intercepted content of communications (CC) and the Intercept Related Information (IRI) of the mobile target on behalf of Law Enforcement Agencies (LEAs). Figure 2 In simple terms, the UMTS standard allows for wire-tapping. In fact, there is a technology that has caught on like wildfire in almost every area of the mobile device arena that 4
8 shares a similar vulnerability: Network-Assisted Discovery for Device-to-Device Communications. According to Thanos, Shalmashi and Miao (2014), this technology allows the network to not only estimate the proximity of devices to each other, but sends unique identifiers in clear text between the devices and the network using a priory communication scheme allowing devices to discover one another before communication takes place. Of course a variation of this technology is also in widespread use by applications that allow detailed news, shopping, weather, and other information based on activation of subscriber tracing on a particular network (Willassen, 2003). This is particularly useful in smart phones, allowing users to see nearby Bluetooth or wireless access points and their current signal strength. The same weakness of clear-text identification is built into the IMSI transmissions themselves: when a device registers for the first time in a servicing network the IMSI is sent in clear text and, in some cases, trusted third parties can be used to assist in authentication (Suomien, 2003). In these cases, if a user has disabled certain portions of the security interface on their cellular devices, the signal can be intercepted via man-in-the-middle attacks. According to Goodin (2014), during the presentation at Defcon, Ninja Networks explained that one of the underlying algorithms of the GSM network known as A5/1, which is still in use today during basic authentication with cell towers (also known as Base Stations), uses a basic shift cypher that shifts the cypher text 3 times and is then transformed, or clocked, 100 times to mix up the bits of the cypher. Ninja Networks also demonstrated how a passive attack using a Time-Memory-Tradeoff and Rainbow table, can determine the original identifier and successfully decode the cypher text. In fact, Ninja Networks is not the only group to have discovered the possibility of these attacks. According to a recent story on the Business Insider online news site (Cook, 2014), fake cell towers have appeared all over the U.S., most of which 5
9 whose owners have remained unidentified. Even worse, due to the widespread use of cellular base stations it has taken even longer to identify fake base towers due to the population no longer noticing the construction of new towers and providers largely not checking the towers unless a technical issue has occurred. The equipment cost for these attacks has shown to be between $70 and $500 thousand for equipment proceeding in active attacks and $1 Million for Passive equipment, such as these cell towers. These towers could provide a huge payoff in populated areas where users check bank accounts, social networks, and even business s and computers while on the go. Attack 2: Signal Jamming (Denial of Service) This brings me to the second attack focus of this paper: signal jamming. Signal jamming can be done on either a deliberate basis, such as blocking the use of devices in a lecture hall or board room (Naresh, Babu & Satyaswathi, 2013), or accidentally such as in the case of satellite TV blocking certain Wi-Fi or wireless signal bands. In either case, the usual method of conducting signal jamming operations is by over-riding the signal s carrier waves with noise through use of either a mobile signal jammer or a stationary jammer. In fact, signal jamming does not even need to be done on the base station itself and can focus entirely on the uplink of communications instead of the downlink. There are several techniques to jamming GSM signals but the most obvious is the denial of service. By overloading the signal of the downlink on a wireless base station an attacker would be able to keep a cellular device from confirming that a secure and viable connection had been established. In the following table Ståhlberg (2003) has outlined the GSM Frequency bands used in current networks. 6
10 Figure 3 As shown in the above table, different frequencies are used for the downlink and uplink of communications between a device and the base station itself. When the device enters range of a network it connects to the network through the base station. The problem with this approach is that the device itself measures the Signal to Noise ratio but the base station itself uses a constant power and signal level to enable connection by multiple users and devices in the simplest and fastest way possible. Due to the constant rate of signals, it becomes a simple matter to overpower the base station on the downlink frequencies. In Figure 3 Ståhlberg (2003) has also outlined the GSM system s transmitting powers. Figure 4 The signal power is adjusted in 2 dbm steps but the handset itself has a maximum signal power of 37dBm. Through a simple search of Amazon.com I was able to find several examples of cheap, effective, devices for both short and long range signal jamming. In fact Figure 4 is a device specifically marketed for blocking GSM signals at a short range. 7
11 Figure 5 In fact, several sites, such as TheSignalJammer.com exist to supply more advanced devices to businesses and schools, both public and private, in efforts to block cellular devices in certain areas of buildings. While these efforts may be justified, such as in grade school classrooms, nothing would stop a would-be attacker from purchasing one of these devices and going to a crowded area to hold an active denial of service attack. Thoughts on Encryption While reviewing the possibility of Man-In-The-Middle and Denial of Service attacks on the GSM and UMTS networks I came across many references to the encryption used on these networks. There are three main encryption Algorithms used to secure data on the GSM network: A5/0, A5/1, and A5/2. As GSM is the underlying technology of UMTS there is no need here to cover UMTS security Algorithms: UMTS is only effective after GSM connection and authentication has been established. The most known of these is the A5/1 algorithm. All of the 8
12 A5 algorithms operate as a shift cipher and stream cipher but were changed between the iterations. A5/1, for example, consisted of 3 shift registers and a 100-cycle bit scramble. Originally a tightly kept secret, A5/1 was leaked in This algorithm was not meant for use outside of Europe and was actually intentionally changed and made weaker for users in the U.S. and other markets, creating the A5/2. In 1998, only 4 years since the leak, A5/1 was reverse engineered and broken. With this also came the breaking of A5/2 and A5/0 in the same year due to their commonalities. The algorithms still remained resource intensive to break until 2008 when a team of hackers at the DEFCON conference, known as Ninja Networks, demonstrated the use of 16 PICA E-16 FPGA machines to create a 3 terabyte Rainbow table which contains all the possible combinations of the A5/1 algorithm. 9
13 Conclusions In reviewing both the man-in-the-middle and denial of service attacks on the GSM/UMTS system one thing is obvious: these systems were not designed for security and were instead designed for commercial and public use. One would think that the security algorithms used in cellular communication on these networks are secure to offset for the possible use of Man-In-The-Middle interactions but that would be an incorrect statement. The A5/0, A5/1, and A5/2 algorithms were all broken in 1998 and several new algorithms used by certain carriers have been kept proprietary with no mention of whether their security has or has not been broken. There are almost no ways for a user to even tell if their signal is being intercepted, legally or otherwise. In fact, the equipment to perform these attacks is so cheap that people and groups can easily afford to obtain it. Even with cost being in the equation, a more troubling aspect of the underlying GSM standard exists: carriers can ask the mobile devices to switch off authentication. Although great strides have been made to secure UMTS the underlying standard of communication still depends on GSM to establish and authenticate the connection. As devices with GSM capabilities are cycled out of the market, whether by force or natural attrition and device upgrades, GSM stands to be depreciated and the capabilities in UMTS can then be discarded. Until then, the greatest security hole in the UMTS cellular standard will continue to exist as, with the allowing of legacy GSM devices to connect to this new technology carriers have also adopted GSM s security flaws. 10
14 References Cook, J. (2014, September 22). Everything We Know About The Mysterious Fake Cell Towers Across The US That Could Be Tapping Your Phone. Business Insider. Retrieved October 23, 2014, from Goodin, D. (n.d.). At Defcon, hackers get their own private cell network: Ninja Tel. Ars Technica. Retrieved October 25, 2014, from Kassner, M. (n.d.). GSM encryption: No need to crack it, just turn it off.techrepublic. Retrieved September 16, 2014, from HACHA malla. (2010, December 11). HACHA malla. Retrieved October 26, 2014, from Meyer, U., & Wetzel, S. (2004). On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks.personal, Indoor and Mobile Radio Communications, PIMRC th IEEE International Symposium on, 4, Naresh, P., Babu, P. R., & Satyaswathi, K. (2013). Mobile Phone Signal Jammer for GSM, CDMA with Prescheduled Time Duration using ARM7. International Journal of Science, Engineering and Technology Research (IJSETR), Volume 2(Issue 9), Principles of Telecommunication Services Supported by a GSM PLMN. (n.d.). ETSI - European Telecommunications Standards Institute. Retrieved September 16, 2014, from Samson, T. (n.d.). Apple icloud breach proves Wozniak's point about cloud risks.infoworld. Retrieved September 23, 2014, from Southern, E., Ouda, A., & Shami, A. (2011). Solutions to security issues with legacy integration of GSM into UMTS.Internet Technology and Secured Transactions (ICITST), 2011 International Conference for, Ståhlberg, M. (Director) (2000, August 1). Radio Jamming Attacks Against Two Popular Mobile Networks. Proceedings of the Helsinki University of Technology Seminar on Network Security fall Lecture conducted from Helsinki University of Technology, Otaniemi, Espoo. Suominen, M. (Director) (2003, April 15). UMTS security. Security issues in mobile networks. Lecture conducted from Helsinki University of Technology, Espoo, Finland. What is the Global System for Mobile Communications (GSM)? - Definition from Techopedia. (n.d.). Techopedias. Retrieved September 23, 2014, from 11
15 Thanos, A., Shalmashi, S., & Miao, G. (n.d.). Network-Assisted Discovery for Device-to-Device Communications.Academia.edu. Retrieved September 16, 2014, from Device_Communications Willassen, S. Y. (2003). Forensics and the GSM mobile telephone system.international Journal of Digital Evidence,Volume 2(Issue 1). Retrieved September 10, 2014, from Wireless carrier market share subscriptions United States Statistic. (n.d.). Statista. Retrieved September 23, 2014, from 12
Wireless Security Security problems in Wireless Networks
Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security
More informationON THE IMPACT OF GSM ENCRYPTION AND MAN-IN-THE-MIDDLE ATTACKS ON THE SECURITY OF INTEROPERATING GSM/UMTS NETWORKS
ON THE IMPACT OF GSM ENCRYPTION AND MAN-IN-THE-MIDDLE ATTACKS ON THE SECURITY OF INTEROPERATING GSM/UMTS NETWORKS Ulrike Meyer, Susanne Wetzel Darmstadt University of Technology, Department of Computer
More informationINSTITUTO DE MATEMÁTICA E ESTATÍSTICA UNIVERSIDADE DE SÃO PAULO. GSM Security. MAC Computação Móvel
INSTITUTO DE MATEMÁTICA E ESTATÍSTICA UNIVERSIDADE DE SÃO PAULO GSM Security MAC 5743 - Computação Móvel Damian Matuszewski NR USP 7956955 dimatusz@gmail.com 12/07/2012 Abstract: GSM is the most common
More informationGSM Open-source intelligence
GSM Open-source intelligence Kenneth van Rijsbergen 1 1 MSc System and Network Engineering Faculty of Science University of Amsterdam 30 June 2016 Kenneth van Rijsbergen University of Amsterdam GSM OSINT
More informationPurpose of this book. Chapter 1: Where to Begin
1 Where to Begin This book was created by a team of individuals who each, in their own field, are actively participating in the ever-expanding Internet by pushing its reach farther than ever before. The
More informationLTE : The Future of Mobile Broadband Technology
LTE : The Future of Mobile Broadband Technology Erick Setiawan tukangbajaksawah@gmail.com 1 Become a necessity today, where the wireless broadband technology needed to meet increasing expectations in terms
More informationWireless technology Principles of Security
Wireless technology Principles of Security 1 Wireless technologies 2 Overview This module provides an introduction to the rapidly evolving technology of wireless LANs (WLANs). WLANs redefine the way the
More informationGSM Interception IMSI Catcher and Voice Interception
GSM Interception IMSI Catcher and Voice Interception Part of the product line Product overview go2intercept passive: GSM interception Passive, massive, of the air. (page 3-4) go2intercept active basic:
More informationChapter 6. Stream Cipher Design
Chapter 6. Stream Cipher Design 1 Model for Secure Communications and Attacks 2 Shannon's Theory on Perfect Secrecy and Product Cryptosystems (self reading, Stinson s book, or Chapters 1 and 2 in Stalling's
More informationArea Covered is small Area covered is large. Data transfer rate is high Data transfer rate is low
Chapter 15 Networking Concepts 1. Define networking. It is the interconnection of independent computing devices for sharing of information over shared medium. 2. What is the need for networking? / What
More informationAchieving End-to-End Security in the Internet of Things (IoT)
Achieving End-to-End Security in the Internet of Things (IoT) Optimize Your IoT Services with Carrier-Grade Cellular IoT June 2016 Achieving End-to-End Security in the Internet of Things (IoT) Table of
More informationChapter 5 Local Area Networks. Computer Concepts 2013
Chapter 5 Local Area Networks Computer Concepts 2013 5 Chapter Contents Section A: Network Building Blocks Section B: Wired and Wireless Technologies Section C: Network Setup Section D: Sharing Files Section
More informationSemi-Active GSM Monitoring System SCL-5020SE
Semi-Active GSM Monitoring System SCL-5020SE Technology Introduction: GSM networks are most popular and widespread wireless communication media across the world, having a wide customer base in Europe and
More informationGLOSSARY OF CELLUAR TERMS
GLOSSARY OF CELLUAR TERMS Air Interface: It is the operating system of a wireless network.. Airtime: The amount of time a person spends talking on their cellular device. AMPS: Advanced mobile phone service
More informationThe WiMAX Technology
Page 2 Oeconomics of Knowledge, Volume 2, Issue 2, 2Q 2010 The WiMAX Technology Felician ALECU, PhD, University Lecturer Department of Economic Informatics Academy of Economic Studies, Bucharest, Romania
More informationHow Insecure is Wireless LAN?
Page 1 of 7 How Insecure is Wireless LAN? Abstract Wireless LAN has gained popularity in the last few years due to its enormous benefits such as scalability, mobile access of the network, and reduced cost
More informationCOMP327 Mobile Computing Session: Lecture Set 6 - Personal Area Networks and Wireless Connections - Part 2
COMP327 Mobile Computing Session: 2017-2018 Lecture Set 6 - Personal Area Networks and Wireless Connections - Part 2 35 Recap from Part 1 Wireless Connection Technologies Wireless Personal Area Networks
More informationINTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY
INTERNATIONAL JOURNAL OF PURE AND APPLIED RESEARCH IN ENGINEERING AND TECHNOLOGY A PATH FOR HORIZING YOUR INNOVATIVE WORK MOBILE COMMUNICATION AMOL RATAN VAIDKAR 1, PROF. G. D. GULHANE 2, DR. H. R. DESHMUKH
More informationCase study of Wireless Technologies in Industrial Applications
International Journal of Scientific and Research Publications, Volume 7, Issue 1, January 2017 257 Case study of Wireless Technologies in Industrial Applications Rahul Hanumanth Rao Computer Information
More informationWireless (Select Models Only) User Guide
Wireless (Select Models Only) User Guide Copyright 2008 Hewlett-Packard Development Company, L.P. Windows is a U.S. registered trademark of Microsoft Corporation. Bluetooth is a trademark owned by its
More informationGLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017
GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017 1 SYLLABUS GSM General architecture and interfaces of cellular system and the PSTN and Internet networks: BTS, MSC, Internetworking,
More informationUnit title: Mobile Technology: Device Connectivity (SCQF level 5) Outcome 1
1 Outcome 1 A description of mobile device internet connectivity using two current Wi-Fi methods. A description of mobile device internet connectivity using two current GSM mobile telephony methods. A
More informationCell Catcher CC1900 3G Target Identifier + IMSI Catcher + Phone Tracking
The Cell Catcher model CC1900 tracks criminal cell phones on location, through UMTS networks, collecting and analyzing surveillance data of IMSI and IMEI numbers. 3G UMTS Gateway Technologies The Cell
More informationWireless LAN Security (RM12/2002)
Information Technology in Education Project Reference Materials Wireless LAN Security (RM12/2002) Infrastructure Division Education Department The Government of HKSAR www.ited.ed.gov.hk December 2002 For
More informationFuture-Generation Wireless Networks: Beyond 3G and 4G.
Future-Generation Wireless Networks: Beyond 3G and 4G. Kumar Adumulla 29 March 2006 Networks 1 Outline Introduction Wireless Networking Generations Issues in 3G What is 4G Beyond 3G & 4G Conclusion References
More informationWIRELESS SYSTEM AND NETWORKING
LECTURE 6 WIRELESS SYSTEM AND NETWORKING References: Rappaport (Chapter 9 and 10) Bernhard (Chapter 3, 4 and 5) Garg (Chapter 8 and 9) Kaarenen (Chapter 1-5 and 9) WIRELESS EVOLUTION Japan Europe Americas
More informationAT&T Encrypted Mobile Voice
AT&T Encrypted Mobile Voice Solution Overview AT&T Encrypted Mobile Voice Problem Need for increased security for confidential and sensitive mobile voice calls Solution AT&T Encrypted Mobile Voice is a
More informationWireless Communication
Wireless Communication Hwajung Lee Key Reference: Prof. Jong-Moon Chung s Lecture Notes at Yonsei University Wireless Communications Bluetooth Wi-Fi Mobile Communications LTE LTE-Advanced Mobile Communications
More informationExperimental Analysis of the Femtocell Location Verification Techniques
Experimental Analysis of the Femtocell Location Verification Techniques Ravishankar Borgaonkar, Kevin Redon and Jean-Pierre Seifert Security in Telecommunication Technical University Berlin and Deutsche
More informationChapter 7. Telecommunications, the Internet, and Wireless Technology
Chapter 7 Telecommunications, the Internet, and Wireless Technology LEARNING OBJECTIVES What are the principal components of telecommunications networks and key networking technologies? What are the different
More informationSecuring Wireless Mobile Devices. Lamaris Davis. East Carolina University 11/15/2013
Securing Wireless Mobile Devices Lamaris Davis East Carolina University 11/15/2013 Attract As more employees prefer to use mobile devices in the workplace, organizations are starting to adopt the Bring
More informationECE Lecture 2. Basic Concepts of Cryptology. Basic Vocabulary CRYPTOLOGY. Symmetric Key Public Key Protocols
ECE 646 - Lecture 2 Basic Concepts of Cryptology 1 CRYPTOLOGY CRYPTOGRAPHY CRYPTANALYSIS Symmetric Key Public Key Protocols Block Cipher Stream Cipher from Greek cryptos - hidden, secret logos - word graphos
More information6.9 Summary. 11/20/2013 Wireless and Mobile Networks (SSL) 6-1. Characteristics of selected wireless link standards a, g point-to-point
Chapter 6 outline 6.1 Introduction Wireless 6.2 Wireless links, characteristics CDMA 6.3 IEEE 802.11 wireless LANs ( wi-fi ) 6.4 Cellular Internet Access architecture standards (e.g., GSM) Mobility 6.5
More informationGSM Hacking. Wireless Mobile Phone Communication 30 th January 2014 UNRESTRICTED EXTERNAL
GSM Hacking Wireless Mobile Phone Communication 30 th January 2014 Labs.mwrinfosecurity.com MWR Labs 1 Labs.mwrinfosecurity.com MWR Labs Introduction to GSM June 2008 2.9 BILLION subscribers use GSM. Replaced
More informationDemonstration of Remote Wireless Access to a Database for Communicating Water Quality Data
Demonstration of Remote Wireless Access to a Database for Communicating Water Quality Data Theodore G. Cleveland, Ph.D.,P.E. Matthew T. Smith Civil and Environmental Engineering University of Houston September
More informationOutline : Wireless Networks Lecture 10: Management. Management and Control Services : Infrastructure Reminder.
Outline 18-759: Wireless Networks Lecture 10: 802.11 Management Peter Steenkiste Departments of Computer Science and Electrical and Computer Engineering Spring Semester 2016 http://www.cs.cmu.edu/~prs/wirelesss16/
More informationFemtocells : Inexpensive devices to test UMTS security
.... Femtocells : Inexpensive devices to test UMTS security Kévin Redon, Ravishankar Borgaonkar Technische Universität Berlin, SecT kredon/ravii@sec.t-labs.tu-berlin.de Hackito Ergo Sum 2011, 8 April 2011
More informationBasics of GSM in depth
This document will be helpful for the telecom engineers who deal with GSM as well as for the fresher /interested readers. This document has some advantages over other GSM texts in that it quickly gets
More informationWireless Communication
Wireless Communication Hwajung Lee Key Reference: Prof. Jong-Moon Chung s Lecture Notes at Yonsei University Wireless Communications Bluetooth Wi-Fi Mobile Communications LTE LTE-Advanced Mobile Communications
More informationThe Cellular Interceptor CC2800 Series
The Cellular Interceptor CC2800 Series Operational Parameters The Target Mode enables the user to direct cellular interception by variables such as the IMSI, TMSI, or cellular phone number of the suspect.
More informationDOC / WHAT IS GSM CELL PHONE SERVICE
19 December, 2017 DOC / WHAT IS GSM CELL PHONE SERVICE Document Filetype: PDF 178.86 KB 0 DOC / WHAT IS GSM CELL PHONE SERVICE CDMA (Code Division Multiple Access) is a cell phone service technology that
More informationGlossary 1. ARPU or Average Revenue per User A method of measuring revenue associated with the delivery of mobile commerce services by MNOs.
Glossary 321 Glossary 1 2G or 2nd Generation The currently available digital communication networks for voice and data communication (e.g., GSM, CDMA, PDC). 2.5G or 2.5th Generation Represents an upgrade
More informationContents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications
Royal Holloway, University of London, IC3 Network Security, 13 November 2006 Contents GSM and UMTS Security Introduction to mobile telecommunications Second generation systems - GSM security Third generation
More informationGSM security country report: Estonia
GSM security country report: Estonia GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin September 2014 Abstract. GSM networks differ widely in their protection capabilities against common
More informationHOLISTIC COMMUNICATIONS SECURITY
HOLISTIC COMMUNICATIONS SECURITY BLACK TIGER COUNTERING CYBER TERRORISM HOLISTIC COMMUNICATIONS SOLUTION LACSMI is leading vendor in telecommunications since 1992 promoting set of security solutions worldwide
More informationWireless# Guide to Wireless Communications. Objectives
Wireless# Guide to Wireless Communications Chapter 8 High-Speed WLANs and WLAN Security Objectives Describe how IEEE 802.11a networks function and how they differ from 802.11 networks Outline how 802.11g
More informationTETRA Security Istanbul February 2011
TETRA Security Istanbul Brian Murgatroyd Chairman ETSI TC TETRA former chairman Security and Fraud Prevention Group (SFPG) TETRA ASSOCIATION Warren Systems Independent Security Consultant brian@warrensystems.co.uk
More informationWireless Technologies
Wireless Technologies Networking for Home and Small Businesses Chapter 7 Manju. V. Sankar 1 Objectives Describe wireless technologies. Describe the various components and structure of a WLAN Describe wireless
More informationAnalysis of the cdma2000. and UTRA Wireless. 3G Proposals. Final Report. Gabriel Sacripanti EE /7/99
Analysis of the cdma2000 and UTRA Wireless 3G Proposals Final Report Gabriel Sacripanti EE6390 12/7/99 Abstract Over 10 proposals were submitted to the International Telecommunications Union (ITU) for
More informationMobile network security report: Ukraine
Mobile network security report: Ukraine GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin June 2017 Abstract. Mobile networks differ widely in their protection capabilities against common
More informationWireless (Select Models Only) User Guide
Wireless (Select Models Only) User Guide Copyright 2007 Hewlett-Packard Development Company, L.P. Windows is a U.S. registered trademark of Microsoft Corporation. Bluetooth is a trademark owned by its
More informationQuestioning the Feasibility of UMTS GSM Interworking Attacks
Questioning the Feasibility of UMTS GSM Interworking Attacks Christoforos Ntantogian 1, Christos Xenakis 2 1 Department of Informatics and Telecommunications, University of Athens, Greece 2 Department
More information32nd Annual Precise Time and Time Interval (PTTI) Meeting. Ed Butterline Symmetricom San Jose, CA, USA. Abstract
32nd Annual Precise Time and Time Interval (PTTI) Meeting NEW ISSUES IN TELECOMMUNICATIONS Ed Butterline Symmetricom San Jose, CA, USA Abstract There are - two new issues that are currently causing concern
More informationWireless Attacks and Countermeasures
Wireless Attacks and Countermeasures Wireless Network Technology Wireless network refers to any type of computer network which is wireless, and is commonly associated with a network whose interconnections
More information3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some
3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption
More informationDesigning Authentication for Wireless Communication Security Protocol
Designing Authentication for Wireless Communication Security Protocol Ms. Roshni Chandrawanshi, Prof. Ravi Mohan, Mr. Shiv Prakash Chandrawanshi Abstract Security is considered an important issue for mobile
More informationHouse Bill 1323: Consumer Protection - Cellular Telephones - Disclosure
House Bill 1323: Consumer Protection - Cellular Telephones - Disclosure February 28, 2018 Economic Matters Committee Sponsored by: Delegate Neil Parrott Background Information In 2015, President Obama
More informationThe telephone supports 2 SIM cards. All functions are available for both SIM cards and have independent settings.
Samsung C6112 telephone for protection of conversations against control via a GSM service provider as well as via active and semi-active GSM interception complexes, catchers. The telephone supports 2 SIM
More informationQuestions & Answers From Thursday, September 16 Webinar Alternatives Case Examples Frequency and Spectrum Planning Security WiMAX Capabilities
Questions & Answers From Thursday, September 16 Webinar Alternatives Case Examples Frequency and Spectrum Planning Security WiMAX Capabilities Alternatives Q: How about PLC? Is it a viable alternative
More informationAnnouncements: ECE/CS 372 introduction to computer networks. Assign 4 is due this Thursday Lab 4 is due next Tuesday Assignment 5 posted soon
ECE/CS 372 introduction to computer networks Lecture 14 Announcements: Assign 4 is due this Thursday Lab 4 is due next Tuesday Assignment 5 posted soon Credit for lecture slides to Professor Bechir Hamdaoui
More informationExam Advanced Network Security
Exam Advanced Network Security Jaap-Henk Hoepman, Joeri de Ruiter July 2, 2018 NOTE: READ THIS CAREFULLY: This exam consists of two alternatives. The first alternative is the regular exam for students
More informationTrusted Platform for Mobile Devices: Challenges and Solutions
Trusted Platform for Mobile Devices: Challenges and Solutions Lily Chen Motorola Inc. May 13, 2005 Outline Introduction Challenges for a trusted platform Current solutions Standard activities Summary New
More informationCellular Communication
Cellular Communication Cellular Communication Cellular communication is designed to provide communications between two moving units, or between one mobile unit and one stationary phone or land unit (PSTN).
More informationAgilent E7478A GPRS Drive Test System
Agilent E7478A GPRS Drive Test System Product Overview Quickly deploy your GPRS networks and manage multiformat environments Our drive test solution doesn t just uncover problems on your GPRS network it
More informationRequirements for the Operations & Management of 4G Networks
Requirements for the Operations & Management of 4G Networks Prof. James Won-Ki Hong Dept. of Computer Science and Engineering, Korea & Prof. Alberto Leon-Garcia Dept. of Electrical and Computer Engineering
More informationAuthentication Methods
CERT-EU Security Whitepaper 16-003 Authentication Methods D.Antoniou, K.Socha ver. 1.0 20/12/2016 TLP: WHITE 1 Authentication Lately, protecting data has become increasingly difficult task. Cyber-attacks
More informationWireless (Select Models Only) User Guide
Wireless (Select Models Only) User Guide Copyright 2008 Hewlett-Packard Development Company, L.P. Windows is a U.S. registered trademark of Microsoft Corporation. Bluetooth is a trademark owned by its
More informationWireless Networking WiFi Standards 802.11a 5GHz 54MB 802.11b 2.4 GHz 11MB 802.11g 2.4GHz 52MB 802.11n 2.4/5GHz 108MB 802.11b The 802.11b standard has a maximum raw data rate of 11 Mbit/s, and uses
More informationSecurity of Cellular Networks: Man-in-the Middle Attacks
Security of Cellular Networks: Man-in-the Middle Attacks Mario Čagalj University of Split 2013/2014. Security in the GSM system by Jeremy Quirke, 2004 Introduction Nowadays, mobile phones are used by 80-90%
More informationThis regulation outlines the policy and procedures for the implementation of wireless networking for the University Campus.
UAR NUMBER: 400.01 TITLE: Wireless Network Policy and Procedure INITIAL ADOPTION: 11/6/2003 REVISION DATES: PURPOSE: Set forth the policy for using wireless data technologies and assigns responsibilities
More informationRunning Heading: Wireless two aspects. Yu Jiao. George Mason University
Running Heading: Wireless two aspects Yu Jiao George Mason University "By placing this statement on my webpage, I certify that I have read and understand the GMU Honor Code on http://academicintegrity.gmu.edu/honorcode/.
More informationCDMA450 - a low frequency radio based broadband solution in Värmland
CDMA450 - a low frequency radio based broadband solution 1. Purpose of this document: The purpose of this document is to describe a best-practice case from all municipalities regarding wireless broadband
More informationCS263: Wireless Communications and Sensor Networks
CS263: Wireless Communications and Sensor Networks Matt Welsh Lecture 5: The 802.11 Standard October 7, 2004 2004 Matt Welsh Harvard University 1 All about 802.11 Today's Lecture CSMA/CD MAC and DCF WEP
More informationOutline Key Management CS 239 Computer Security February 9, 2004
Outline Key Management CS 239 Computer Security February 9, 2004 Properties of keys Key management Key servers Certificates Page 1 Page 2 Introduction Properties of Keys It doesn t matter how strong your
More informationDigital Entertainment. Networking Made Easy
Digital Entertainment 2003 by TiVo Inc. Reproduction in whole or in part without written permission is prohibited. All rights reserved. Printed in the USA. TiVo, TiVo Central, and TiVolution are registered
More informationTelephone. Basic Telephone. A telephone is an electronic device used for two- way talking with other people. EE1D01 Electrical Science for Everyone
Telephone A telephone is an electronic device used for two- way talking with other people. 1 Basic Telephone Telephone Subscriber Line CO (Local Exchange) T dial switch cradle switch tip (+) ear R mouth
More information11:1 Anonymous Internet Access Method for Wireless Systems
11:1 Anonymous Internet Access Method for Wireless Systems Petri Jokela Juha-Petri Kärnä NomadicLab, Ericsson Research FIN-02420 Jorvas Finland {petri.jokela, juha-petri.karna}@ericsson.com 1 Introduction
More informationISSN: International Journal of Innovative Research in Technology & Science (IJIRTS) Abstract. Cellular Networks.
Abstract STUDY OF SOFT HANDOVER IN THIRD GENERATION CELLULAR NETWORK Rajarshi Hasdah, Delhi College of Engineering; Ashish Kumar, Laxmi Narain College of Technology Bhopal UMTS (Universal Mobile Telecommunications
More informationGSM security country report: Thailand
GSM security country report: Thailand GSM Map Project gsmmap@srlabs.de Security Research Labs, Berlin February 2013 Abstract. GSM networks differ widely in their protection capabilities against common
More informationNetwork Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013
Network Security: Cellular Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2013 Outline Cellular networks GSM security architecture and protocols Counters UMTS AKA and session
More informationCOMPUTER NETWORKING. Terminology of Network:
COMPUTER NETWORKING Network: A computer network is a collection of interconnected computers. Two computers are said to be interconnected if they are capable of sharing hardware, software and exchanging
More informationAlgorithm To Ensure And Enforce Brute-Force Attack-Resilient Password In Routers
Algorithm To Ensure And Enforce Brute-Force Attack-Resilient Password In Routers Mohammed Farik, ABM Shawkat Ali Abstract: Issues of weak login passwords arising from default passwords in wired and wireless
More informationIndustrial Control System Security white paper
Industrial Control System Security white paper The top 10 threats to automation and process control systems and their countermeasures with INSYS routers Introduction With the advent of M2M (machine to
More informationWireless Network Policy and Procedures Version 1.5 Dated November 27, 2002
Wireless Network Policy and Procedures Version 1.5 Dated November 27, 2002 Pace University reserves the right to amend or otherwise revise this document as may be necessary to reflect future changes made
More informationVerizon Documentation V3. USER GUIDE FOR ios
Verizon Documentation V3 USER GUIDE FOR ios Document Version 3.0.12 21 July 2015 Table of Contents 1 INTRODUCTION TO VOICE CYPHER ULTRA...................... 6 1.1 About Voice Cypher Ultra for ios...........................................
More informationWireless systems overview
Wireless systems overview Evolution of systems from 1G to 4G 1G, 4G major features Specifications comparison 5G communication systems Summary Wireless Systems 2016 Evolution of cellular networks WiMAX
More informationIMSI/IMEI Catching & Localization System. (IMSI/IMEI Catcher + Direction Finder)
IMSI/IMEI Catching & Localization System (IMSI/IMEI Catcher + Direction Finder) About Us Our intelligent, integrated and highly mobile IMSI/IMEI Catching & Localization system is used for identifying the
More informationDefeating IMSI Catchers. Fabian van den Broek et al. CCS 2015
Defeating IMSI Catchers Fabian van den Broek et al. CCS 2015 Ren-Jay Wang CS598 - COMPUTER SECURITY IN THE PHYSICAL ckground 3GPP 3GPP 3 rd Generation Partnership Project Encompasses: GSM and related 2G
More informationPersonal Internet Security Basics. Dan Ficker Twin Cities DrupalCamp 2018
Personal Internet Security Basics Dan Ficker Twin Cities DrupalCamp 2018 Overview Security is an aspiration, not a state. Encryption is your friend. Passwords are very important. Make a back-up plan. About
More informationIt is the process of sharing data, programs, and information between two or more computers.
1 Communications It is the process of sharing data, programs, and information between two or more computers. Numerous applications depend on communication systems: E-mail Instant messaging (IM) Internet
More informationGISFI 5G Workshop. Sri Chandra Standards Senior Manager, IEEE-SA
GISFI 5G Workshop Sri Chandra Standards Senior Manager, IEEE-SA Evolution of xg systems Standards Next Generation Mobile Telephony released every 10 years 1G: Nordic Mobile Telephone introduced in 1981
More informationUBIQUITIOUS, RESILIENT, SECURE CONNECTIVITY IN THE NEAR-PEER THREAT ENVIRONMENT
2018 Viasat White Paper August 27, 2018 UBIQUITIOUS, RESILIENT, SECURE CONNECTIVITY IN THE NEAR-PEER THREAT ENVIRONMENT With Hybrid Adaptive Networking By Craig Miller Vice President, Chief Technical Officer
More informationAssignment Project Whitepaper ITEC495-V1WW. Instructor: Wayne Smith. Jim Patterson
Project Whitepaper ITEC495-V1WW Instructor: Wayne Smith Jim Patterson Table of Contents 1. Abstract Page 3 2. Introduction Page 3 3. Analysis Page 4 4. Solution Discussion Page 7 5. Evaluation Criteria
More informationWireless Security Protocol Analysis and Design. Artoré & Bizollon : Wireless Security Protocol Analysis and Design
Protocol Analysis and Design 1 Networks 1. WIRELESS NETWORKS 2 Networks 1. WIRELESS NETWORKS 1.1 WiFi 802.11 3 Networks OSI Structure 4 Networks Infrastructure Networks BSS : Basic Set Service ESS : Extended
More informationWELCOME Mobile Applications Testing. Copyright
WELCOME Mobile Applications Testing 1 Mobile Applications Testing List of MUST HAVE to survive this class Required Google Drive account Google email Flash Drive Mobile Phone (iphone/android) Desired Have
More informationThe Case for Secure Communications
Whitepaper The Case for Secure Communications The tapping of voice communications has occurred virtually as long as electronic communication has been in existence. In the early days of electronic communications,
More informationA+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, 5e. Chapter 10 Networking Essentials
A+ Guide to Hardware: Managing, Maintaining, and Troubleshooting, 5e Chapter 10 Networking Essentials Objectives Learn about hardware devices used for networking Learn about the different types of networks
More informationEntertainment Services: The future is mobile White Paper December 2016
Entertainment Services: The future is mobile White Paper December 2016 Entertainment Services: The future is mobile White Paper Published December 2016 Version 1.0 Report Number: 042016-07 igr 12400 W.
More informationThread in Commercial Backgrounder
Thread in Commercial Backgrounder September 2018 An introduction to Thread, its Network Topology and Application Support 1 What is Thread Thread is an open standard for wireless communication providing
More informationWireless local loop. A Seminar report On
A Seminar report On Wireless local loop Submitted in partial fulfillment of the requirement for the award of degree Of Electronics SUBMITTED TO: SUBMITTED BY: www.studymafia.org www.studymafia.org Preface
More information