New Privacy Issues in Mobile Telephony: Fix and Verification
|
|
- Myrtle McBride
- 6 years ago
- Views:
Transcription
1 New Privacy Issues in Mobile Telephony: Fix and Verification Myrto Arapinis, Loretta Mancini, Eike Ritter, Mark Ryan, Kevin Redon, Nico Golde, Ravi Borgaonkar CCS 2012, Raleigh, NC October 2012
2 In my bag 20 years ago M. Arapinis, L. Mancini, E. Ritter, M. Ryan, K. Redon, N. Golde, R. Borgaonkar New Privacy Issues in Mobile Telephony
3 In my bag today
4 Privacy Threats Wireless communications Always on and emitting their identity Answer without the agreement of their bearers
5 Privacy Threats Big brother Governments, national authorities (e.g., police) Middle brother Corporations and service providers, such as Google, Verizon, your ISP, your bank Little brother your neighbour, family, manager, colleague
6 Imagine an iphone app that locate any user!!! not just your Facebook or foursquare friends that have consented, but any user that you choose useful for stalkers, private investigators, ex-lovers, grudge-bearers, loan sharks.
7 Privacy and the UMTS standard
8 Privacy in the UMTS standard UMTS provides user untraceability from third parties UMTS specification [3GPP TS V9.3.0 ( )] An intruder cannot deduce whether different services are delivered to the same user. the user is identified by a temporary identity (TMSI) which should be periodically updated.
9 TMSI reallocation IMSI is the long-term identity stored on the SIM card TMSI is a short-term identity, that is reallocated periodically, particularly on change of location New TMSI should not be linkable with old one
10 Outline 1 Attacks 2 Mounting the attack in practice (Implementation) 3 Fixes 4 Formal Verification
11 Privacy Attacks Attacked property: Unlinkability Attacked protocol: Authentication and Key Agreement (AKA)
12 Privacy Attacks Attacked protocol: Authentication and Key Agreement (AKA) Initiated by the Network to mutually authenticate with a mobile station Based on a shared long term key K IMSI stored on the SIM card Allows Network and mobile station to establish shared session keys for encryption and integrity protection
13 Authentication and Key Agreement (AKA) Protocol K IMSI,IMSI,SQN MS AUTH_REQ, RAND, AUTN K IMSI,IMSI,SQN N new RAND AK f5 KIMSI (RAND) MAC f1 KIMSI (SQN N RAND) AUTN (SQN N AK ) MAC AK f5 KIMSI (RAND) XMSG XMAC AUTN XSQN XMSG AK MAC f1 KIMSI (XSQN RAND) if MAC XMAC then RES MAC_FAIL elseif XSQN < SQN MS then RES SYNCH_FAIL else RES f2 KIMSI (RAND) AUTH_RES, RES CK f3 K (RAND) IK f4 K (RAND) if RES = f2 KIMSI (RAND) then CK f3 KIMSI (RAND) IK f4 KIMSI (RAND) else Recover
14 AKA Protocol Attack K IMSI,SQN MS K IMSI,SQN N AUTH_REQ, RAND, AUTN
15 AKA Protocol Attack K IMSI,SQN MS RAND, AUTN K IMSI,SQN N AUTH_REQ, RAND, AUTN
16 AKA Protocol Attack K IMSI,SQN MS RAND, AUTN K IMSI,SQN N AUTH_REQ, RAND, AUTN AUTH_RES, RES
17 AKA Protocol Attack K IMSI,SQN MS RAND, AUTN K IMSI,SQN N AUTH_REQ, RAND, AUTN AUTH_RES, RES AUTH_REQ, RAND, AUTN
18 AKA Protocol Attack K IMSI,SQN MS RAND, AUTN K IMSI,SQN N AUTH_REQ, RAND, AUTN AUTH_RES, RES AUTH_REQ, RAND, AUTN AUTH_FAIL, SYNCH FAIL if RES=SYNCH_FAIL RES = f2 KIMSI (RAND) then I know this MS!
19 AKA Protocol Attack K IMSI,SQN MS RAND, AUTN K IMSI,SQN N AUTH_REQ, RAND, AUTN AUTH_RES, RES AUTH_REQ, RAND, AUTN AUTH_FAIL, SYNCH FAIL AUTH_REQ, RAND, AUTN if RES=SYNCH_FAIL RES = f2 KIMSI (RAND) then I know this MS!
20 AKA Protocol Attack K IMSI,SQN MS RAND, AUTN K IMSI,SQN N AUTH_REQ, RAND, AUTN AUTH_RES, RES AUTH_REQ, RAND, AUTN AUTH_FAIL, SYNCH FAIL AUTH_REQ, RAND, AUTN if RES=SYNCH_FAIL RES = f2 KIMSI (RAND) then I know this MS! AUTH_FAIL, MAC_FAIL if RES=MAC_FAIL then this is another MS
21 Mounting the attacks in Practice
22 Implementation: Femtocell Architecture Use a commercial femtocell MS attaches to the femtocell as to a normal BS The femtocell accesses the UMTS Control Network through the GANC gateway
23 Implementation: Compromising the femtocell Results: Hence: New firmware loaded GANC address set to point to a MitM GAN Proxy Traffic is redirected to a proxy acting as a MitM between the femtocell and the Network Messages to/from femtocell can be manipulated, injected, created Can perform all the attacks
24 Fixes
25 Solution 1 You have zero privacy anyway. Get over it. Scott McNealy, CEO Sun Microsystems, 1999
26 Solution 2 If you have something that you don t want anyone to know, maybe you shouldn t be doing it in the first place. Eric Schmidt, CEO Google, 2009
27 Solution 3 Encrypt privacy sensitive messages using randomized asymmetric encryption. Myrto Arapinis, Loretta Mancini, Eike Ritter, Mark Ryan, Kevin Redon, Nico Golde, Ravi Borgaonkar
28 Solution 3: Privacy Friendly Fixes Building blocks Light-weight PKI Network Operators have public/private key pairs Home network public key can be stored in the SIM No PKI needed on the MS side Encryption of privacy sensitive information Undistinguishable error messages
29 Authentication Procedure Fix K IMSI,IMSI,SQN MS K IMSI,IMSI,SQN N AUTH_REQ, RAND, AUTN newrand AK f5 KIMSI (RAND) MAC f1 KIMSI (SQN N RAND) AUTN (SQN N AK ) MAC AK f5 KIMSI (RAND) XMSG XMAC AUTN XSQN XMSG AK MAC f1 KIMSI (XSQN RAND) if MAC XMAC or XSQN < SQN MS then new rand UK f KIMSI (rand) RES AUTH_FAIL,{FAIL, IMSI, rand, {synch, SQN MS } r UK }r pbn else RES f2 KIMSI (RAND) AUTH_RES, RES CK f3 K (RAND) IK f4 K (RAND) if RES = f2 KIMSI (RAND) then CK f3 KIMSI (RAND) IK f4 KIMSI (RAND) else if RES = AUTH_FAIL, x then Recover
30 Authentication Procedure Fix K IMSI,IMSI,SQN MS K IMSI,IMSI,SQN N AUTH_REQ, RAND, AUTN newrand AK f5 KIMSI (RAND) MAC f1 KIMSI (SQN N RAND) AUTN (SQN N AK ) MAC AK f5 KIMSI (RAND) XMSG XMAC AUTN XSQN XMSG AK MAC f1 KIMSI (XSQN RAND) if MAC XMAC or XSQN < SQN MS then new rand UK f KIMSI (rand) RES AUTH_FAIL,{FAIL, IMSI, rand, {synch, SQN MS } r UK }r pbn else RES f2 KIMSI (RAND) AUTH_RES, RES CK f3 K (RAND) IK f4 K (RAND) if RES = f2 KIMSI (RAND) then CK f3 KIMSI (RAND) IK f4 KIMSI (RAND) else if RES = AUTH_FAIL, x then Recover
31 Authentication Procedure Fix K IMSI,IMSI,SQN MS K IMSI,IMSI,SQN N AUTH_REQ, RAND, AUTN newrand AK f5 KIMSI (RAND) MAC f1 KIMSI (SQN N RAND) AUTN (SQN N AK ) MAC AK f5 KIMSI (RAND) XMSG XMAC AUTN XSQN XMSG AK MAC f1 KIMSI (XSQN RAND) if MAC XMAC or XSQN < SQN MS then new rand UK f KIMSI (rand) RES AUTH_FAIL,{FAIL, IMSI, rand, {synch, SQN MS } r UK }r pbn else RES f2 KIMSI (RAND) AUTH_RES, RES CK f3 K (RAND) IK f4 K (RAND) if RES = f2 KIMSI (RAND) then CK f3 KIMSI (RAND) IK f4 KIMSI (RAND) else if RES = AUTH_FAIL, x then Recover
32 Formal Verification
33 Unlinkability From 3GPP TS : The property that an intruder cannot deduce whether different services are delivered to the same user by eavesdropping on the radio access link Formally: Unlinkability [Arapinis, Chothia, Ritter, Ryan]
34 Unlinkability From 3GPP TS : The property that an intruder cannot deduce whether different services are delivered to the same user by eavesdropping on the radio access link Formally: Unlinkability [Arapinis, Chothia, Ritter, Ryan]!(νimsi.νk.!(νsqn.MS main ) SN)!(νimsi.νk.νsqn.MS main SN)
35 Anonymity From 3GPP TS : The property that the permanent user identity of a user to whom a service is delivered cannot be eavesdropped on the radio access link. Formally: Anonymity [Arapinis, Chothia, Ritter, Ryan]
36 Anonymity From 3GPP TS : The property that the permanent user identity of a user to whom a service is delivered cannot be eavesdropped on the radio access link. Formally: Anonymity [Arapinis, Chothia, Ritter, Ryan] (νk.νsqn.ms main { w / imsi } SN)!(νimsi.νk.!(νsqn.MS main ) SN)!(νimsi.νk.!(νsqn.MS main ) SN)
37 Automatic Verification Tool: Proverif Cons: - Abstractions - False Attacks - Requires symmetric process structure Pros: + Automatic verification of observational equivalence (Strong version) + Soundness (No false proofs) + Counter examples (attack traces) are provided
38 Automatic Verification Results UMTS Procedures Properties Identification Paging AKA Unlinkability Anonymity Fixed Procedures Properties Identification Paging AKA Unlinkability Anonymity Secrecy IMSI K NA CK, IK NA NA confidential NA NA information Authentication NA NA Integrity NA NA
39 Conclusions In summary: Mobile systems do not provide sufficient users privacy guaranties: AKA attack/imsi Paging Procedure Attack Active attacks should be considered Implementation Privacy friendly procedure can be designed Light-weight PKI Fixes: AKA Protocol, IMSI Paging Procedure, Identification Procedure High confidence can be given through automatic verification Unlinkability and Anonymity Verification using ProVerif
40 Thank You!
Privacy through Pseudonymity in Mobile Telephony Systems
Privacy through Pseudonymity in Mobile Telephony Systems Myrto Arapinis 1 Loretta Mancini 2 Eike Ritter 2 Mark Ryan 2 1 School of Informatics, University of Edinburgh 2 School of Computer Science, University
More informationDefeating IMSI Catchers. Fabian van den Broek et al. CCS 2015
Defeating IMSI Catchers Fabian van den Broek et al. CCS 2015 Ren-Jay Wang CS598 - COMPUTER SECURITY IN THE PHYSICAL ckground 3GPP 3GPP 3 rd Generation Partnership Project Encompasses: GSM and related 2G
More informationQuestioning the Feasibility of UMTS GSM Interworking Attacks
Questioning the Feasibility of UMTS GSM Interworking Attacks Christoforos Ntantogian 1, Christos Xenakis 2 1 Department of Informatics and Telecommunications, University of Athens, Greece 2 Department
More information(More) cryptographic protocols
(More) cryptographic protocols Myrto Arapinis School of Informatics University of Edinburgh October 19, 2017 1/24 Authentication and key agreement protocols 2/24 Authentication and key agreement Long-term
More informationSecurity functions in mobile communication systems
Security functions in mobile communication systems Dr. Hannes Federrath University of Technology Dresden Security demands Security functions of GSM Known attacks on GSM Security functions of UMTS Concepts
More informationFemtocells : Inexpensive devices to test UMTS security
.... Femtocells : Inexpensive devices to test UMTS security Kévin Redon, Ravishankar Borgaonkar Technische Universität Berlin, SecT kredon/ravii@sec.t-labs.tu-berlin.de Hackito Ergo Sum 2011, 8 April 2011
More informationAnalysis of privacy in mobile telephony systems
Int. J. Inf. Secur. (2017) 16:491 523 DOI 10.1007/s10207-016-0338-9 REGULAR CONTRIBUTION Analysis of privacy in mobile telephony systems Myrto Arapinis 1 Loretta Ilaria Mancini 2 Eike Ritter 2 Mark Dermot
More informationETSI TS V3.5.0 ( )
TS 133 102 V3.5.0 (2000-07) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Security Architecture (3G TS 33.102 version 3.5.0 Release 1999) 1 TS 133 102 V3.5.0 (2000-07)
More informationMobile Security Fall 2013
Mobile Security 14-829 Fall 2013 Patrick Tague Class #3 Telecom Security from 1G to 4G Basics of Telecom Security Different players in the mobile ecosystem have different security concerns Security concerns
More informationCity Research Online. Permanent City Research Online URL:
Komninos, N. & Dimitriou, T. (2006). Adaptive authentication and key agreement mechanism for future cellular systems. Paper presented at the 15th IST Mobile & Wireless Communications Summit, 04-08 June
More informationNetwork Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013
Network Security: Cellular Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2013 Outline Cellular networks GSM security architecture and protocols Counters UMTS AKA and session
More informationETSI TS V3.4.0 ( )
TS 133 103 V3.4.0 (2000-10) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Integration Guidelines (3GPP TS 33.103 version 3.4.0 Release 1999) 1 TS 133 103 V3.4.0
More informationCommunication and Distributed Systems Seminar on : LTE Security. By Anukriti Shrimal May 09, 2016
Communication and Distributed Systems Seminar on : LTE Security By Anukriti Shrimal May 09, 2016 LTE network with interfaces LTE Security 2 Contents LTE Security : Why, What, How EPS Architecture Design
More informationPrivate Identification, Authentication and Key Agreement Protocol with Security Mode Setup
Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup Farshid Farhat, Somayeh Salimi, Ahmad Salahi ICT Security Faculty Iran Telecommunication Research Centre Tehran,
More informationFemtocell: Femtostep to the Holy Grail
.... Femtocell: Femtostep to the Holy Grail Ravishankar Borgaonkar, Kévin Redon Technische Universität Berlin, SecT ravii/kredon@sec.t-labs.tu-berlin.de TROOPERS 2011, 30 March 2011 3G/UMTS femtocells
More informationKey Management Protocol for Roaming in Wireless Interworking System
IJCSNS International Journal of Computer Science and Network Security, VOL.7 No.8, August 2007 59 Key Management Protocol for Roaming in Wireless Interworking System Taenam Cho, Jin-Hee Han and Sung-Ik
More informationEfficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection
Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection Author: Jing-Lin Wu, Wen-Shenq Juang and Sian-Teng Chen Department of Information Management, Shih Hsin University,
More informationContents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications
Royal Holloway, University of London, IC3 Network Security, 13 November 2006 Contents GSM and UMTS Security Introduction to mobile telecommunications Second generation systems - GSM security Third generation
More informationLTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE
LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE Syed Rafiul Hussain*, Omar Chowdhury, Shagufta Mehnaz*, Elisa Bertino* Purdue University*, University of Iowa Critical Infrastructure
More informationUnderstanding IMSI Privacy!
Understanding IMSI Privacy Ravishankar Borgaonkar TU Berlin Swapnil Udar Aalto University Email: darshak@sec.t-labs.tu-berlin.de Blackhat USA 2014, Las Vegas, 7 th August 2014 Overview Unresolved Privacy
More informationNS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks
NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks Neetesh Saxena, Narendra S. Chaudhari Abstract- In this paper, we propose an improved and efficient AKA protocol named NS-AKA to prevent
More informationETSI TS V3.1.0 ( )
ETSI TS 133 103 V3.1.0 (2000-01) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Integration Guidelines (3G TS 33.103 version 3.1.0 Release 1999) (3G TS 33.103 version
More informationSecure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography.
Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography T K Mohanta 1, R K Samantaray 2, S Panda 3 1. Dept.of Electronics & Communication.Engg, Sudhananda Engg & Research
More informationGPRS Security for Smart Meters
GPRS Security for Smart Meters Martin Gilje Jaatun 1, Inger Anne Tøndel 1, and Geir M. Køien 2 1 Department of Software Engineering, Safety and Security SINTEF ICT NO-7465 Trondheim, Norway {martin.g.jaatun,inger.a.tondel}@sintef.no
More informationImproved One-Pass IP Multimedia Subsystem Authentication for UMTS
Improved One-Pass IP Multimedia Subsystem Authentication for UMTS Lili Gu RMIT University Melbourne, Australia l.gu@student.rmit.edu.au Abstract As defined in the 3GPP specifications, a UMTS user device
More informationWireless Communications and Mobile Computing
WNMC-MPR-Sec 1 Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto SECURITY - BASIC CONCEPTS WNMC-MPR-Sec 2 WNMC-MPR-Sec 3 Symmetric
More informationLTE Security How Good Is It?
SESSION ID: TECH-RO3 LTE Security How Good Is It? Jeffrey Cichonski IT Specialist (Security) National Institute of Standards & Technology @jchonski Joshua Franklin IT Specialist (Security) National Institute
More informationFemtocells: a Poisonous Needle in the Operator's Hay Stack
.. Femtocells: a Poisonous Needle in the Operator's Hay Stack Ravishankar Borgaonkar, Nico Golde, Kévin Redon Technische Universität Berlin, Security in Telecommunications femtocell@sec.t-labs.tu-berlin.de
More informationThe security of existing wireless networks
Security and Cooperation in Wireless Networks Cellular networks o o GSM UMTS WiFi LANs Bluetooth Security in Wireless Networks Wireless networks are more vulnerable to security issues: Broadcast communications
More informationChapter 13 Location Privacy
Chapter 13 Location Privacy Security aspects of mobile communication Implicit addressing Pseudonyms Communication mixes [NetSec], WS 2007/2008 13.1 Security Aspects of Mobile Communication Mobile communication
More informationFemtocells: a Poisonous Needle in the Operator's Hay Stack
.. Femtocells: a Poisonous Needle in the Operator's Hay Stack Ravishankar Borgaonkar, Nico Golde, Kévin Redon Technische Universität Berlin, Security in Telecommunications femtocell@sec.t-labs.tu-berlin.de
More informationBerkeley. Berkeley. Breaking Cell Phone Authentication: Vulnerabilities in AKA, IMS, and Android. University of California
Breaking Cell Phone Authentication: Vulnerabilities in AKA, IMS, and Android Jethro G. Beekman Christopher Thompson {jbeekman@eecs,cthompson@cs}.berkeley.edu New phone, now what? Hack it. 2 Outline Introduction
More informationGPRS security. Helsinki University of Technology S Security of Communication Protocols
GPRS security Helsinki University of Technology S-38.153 Security of Communication Protocols vrantala@cc.hut.fi 15.4.2003 Structure of the GPRS Network BSS GTP PLMN BSS-Base Station sub-system VLR - Visiting
More informationRequest for Comments: Cisco Systems January 2006
Network Working Group Request for Comments: 4186 Category: Informational H. Haverinen, Ed. Nokia J. Salowey, Ed. Cisco Systems January 2006 Status of This Memo Extensible Authentication Protocol Method
More informationEFFICIENT MECHANISM FOR THE SETUP OF UE-INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING. 1. Introduction
Trends in Mathematics Information Center for Mathematical Sciences Volume 8, Number 1, June, 2005, Pages 77 85 EFFICIENT MECHANISM FOR THE SETUP OF -INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING SANG UK
More informationProcedures for unified authentication in Wireless LAN/PAN using 3G credentials
Procedures for unified authentication in Wireless LAN/PAN using 3G credentials WLAN UE: detailed registration and authentication procedure A SIP registration procedure starts each time the WLAN UE has
More information3GPP security. Valtteri Niemi 3GPP SA3 (Security) chairman Nokia
3GPP security Valtteri Niemi 3GPP SA3 (Security) chairman Nokia 1 Some history and background 2 Some history 1/2 SA3 took over the responsibility of specifications created by ETSI SMG10, e.g. TS 43.020
More informationSecurity Management System of Cellular Communication: Case Study
Security Management System of Cellular Communication: Case Study Othman O. Khalifa, Abdulrazzag Aburas, A. Al Bagul, Meftah Hrairi, Muhammad Shahril bin Shahbuddin, and Harman bin Mat Kasa Abstract Cellular
More informationMobile Security Fall 2014
Mobile Security Fall 2014 Patrick Tague Class #3 Telecom Security Issues 1 Class #3 Brief history of telecom security Attacks on telecom networks A few project pitches 2 A3 RES A8 Kc RAND K more than And
More informationFirewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003
Firewalls Network Security: Firewalls and Virtual Private Networks CS 239 Computer Software March 3, 2003 A system or combination of systems that enforces a boundary between two or more networks - NCSA
More informationMobile Security Fall 2015
Mobile Security Fall 2015 Patrick Tague #4: Telecom System Security Issues 2015 Patrick Tague 1 Class #4 Finish up our telecom security history lesson Interesting effects of telecom evolution Analysis
More informationVerification of security protocols introduction
Verification of security protocols introduction Stéphanie Delaune CNRS & IRISA, Rennes, France Tuesday, November 14th, 2017 Cryptographic protocols everywhere! they aim at securing communications over
More informationL13. Reviews. Rocky K. C. Chang, April 10, 2015
L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing
More informationIP address. When you connect to another computer you send it your IP address.
Anonymity IP address When you connect to another computer you send it your IP address. It is very hard to communicate without revealing an address on which you can receive traffic. Recent court cases have
More informationA Design of Authentication Protocol for a Limited Mobile Network Environment
Vol.29 (SecTech 2013), pp.41-45 http://dx.doi.org/10.14257/astl.2013.29.08 A Design of Authentication Protocol for a Limited Mobile Network Environment Minha Park 1,1, Yeog Kim 2, Okyeon Yi 3 1, 3 Dept.
More informationUsing existing security infrastructures
Using existing security infrastructures Chris Mitchell Royal Holloway, University of London http://www.isg.rhul.ac.uk/~cjm 1 Acknowledgements This is joint work with Chunhua Chen and Shaohua Tang (South
More informationAnonymity. Assumption: If we know IP address, we know identity
03--4 Anonymity Some degree of anonymity from using pseudonyms However, anonymity is always limited by address TCP will reveal your address address together with ISP cooperation Anonymity is broken We
More informatione-commerce Study Guide Test 2. Security Chapter 10
e-commerce Study Guide Test 2. Security Chapter 10 True/False Indicate whether the sentence or statement is true or false. 1. Necessity refers to preventing data delays or denials (removal) within the
More informationPast & Future Issues in Smartcard Industry
Past & Future Issues in Smartcard Industry Ecrypt 2 Summer School Guillaume Dabosville Oberthur Technologies Oberthur Technologies the group its divisions payment, mobile, transport and digital TV markets
More informationNew mobile phone algorithms a real world story
New mobile phone algorithms a real world story Steve Babbage 17 February 2011 1 LTE algorithms, for SKEW 2011 C1 - Unrestricted Standards groups 2 LTE algorithms, for SKEW 2011 C1 - Unrestricted First
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationAnalysis and Modeling of False Synchronizations in 3G- WLAN Integrated Networks
Analysis and Modeling of False Synchronizations in 3G- WLAN Integrated Networks Christoforos Ntantogian 1, Christos Xenakis 1, Ioannis Stavrakakis 2 1 Department of Digital Systems, University of Piraeus,
More informationEP B1 (19) (11) EP B1 (12) EUROPEAN PATENT SPECIFICATION
(19) (11) EP 1 432 271 B1 (12) EUROPEAN PATENT SPECIFICATION (4) Date of publication and mention of the grant of the patent:.06. Bulletin /26 (1) Int Cl.: H04W 12/06 (09.01) H04L 9/32 (06.01) H04W 12/02
More informationSECURITY ON PUBLIC WI-FI New Zealand. A guide to help you stay safe online while using public Wi-Fi
SECURITY ON PUBLIC WI-FI New Zealand A guide to help you stay safe online while using public Wi-Fi WHAT S YOUR WI-FI PASSWORD? Enter password for the COFFEE_TIME Wi-Fi network An all too common question
More informationSecuring Internet Communication: TLS
Securing Internet Communication: TLS CS 161: Computer Security Prof. David Wagner March 11, 2016 Today s Lecture Applying crypto technology in practice Two simple abstractions cover 80% of the use cases
More informationNetwork Security. Dr. Ihsan Ullah. Department of Computer Science & IT University of Balochistan, Quetta Pakistan. June 18, 2015
Network Security Dr. Ihsan Ullah Department of Computer Science & IT University of Balochistan, Quetta Pakistan June 18, 2015 1 / 19 ARP (Address resolution protocol) poisoning ARP is used to resolve 32-bit
More informationUSIM based Authentication Test-bed For UMTS-WLAN Handover 25 April, 2006
USIM based Authentication Test-bed For UMTS-WLAN Handover 25 April, 2006 Hyeyeon Kwon, Kyung-yul Cheon, Kwang-hyun Roh, Aesoon Park Electronics and Telecommunications Research Institute 161, Gajeong-dong,
More informationWireless Security Security problems in Wireless Networks
Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security
More informationExperimental Analysis of the Femtocell Location Verification Techniques
Experimental Analysis of the Femtocell Location Verification Techniques Ravishankar Borgaonkar, Kevin Redon and Jean-Pierre Seifert Security in Telecommunication Technical University Berlin and Deutsche
More informationBuilding on existing security
Building on existing security infrastructures Chris Mitchell Royal Holloway, University of London http://www.isg.rhul.ac.uk/~cjm 1 Acknowledgements This is joint work with Chunhua Chen and Shaohua Tang
More informationA Review of 3G-WLAN Interworking
A Review of 3G-WLAN Interworking B.Bindusha Reddy #, Dr Syed Umar *, M.Satya Anusha & *Assistant. Professor, Department of ECM, KL University, A.P., INDIA. #, & Student, Department of ECM, KL University,
More informationSecure 3G user authentication in ad-hoc serving networks
Louisiana State University LSU Digital Commons LSU Master's Theses Graduate School 2005 Secure 3G user authentication in ad-hoc serving networks Lyn L. Evans Louisiana State University and Agricultural
More informationComputer Networks & Security 2016/2017
Computer Networks & Security 2016/2017 Network Security Protocols (10) Dr. Tanir Ozcelebi Courtesy: Jerry den Hartog Courtesy: Kurose and Ross TU/e Computer Science Security and Embedded Networked Systems
More informationMarcus Wong
Security Implications and Considerations for Femtocells Marcus Wong mwong@huawei.com www.huawei.com HUAWEI TECHNOLOGIES Co., Ltd. Agenda Introduction Architecture Latest attack Overview Threats and attacks
More informationSecurity Provisions in CDMA2000 Networks
Security Provisions in CDMA2000 Networks White Paper November 2011 80-W3633-1 Rev A www.qualcomm.com/esg Notice Each User acknowledges that CDG does not review the disclosures or contributions of any CDG
More informationLecture 41 Blockchain in Government III (Digital Identity)
Blockchains Architecture, Design and Use Cases Prof. Sandip Chakraborty Department of Computer Science and Engineering Indian Institute of Technology, Kharagpur Lecture 41 Blockchain in Government III
More informationCommunication Networks 2 Signaling 2 (Mobile)
Communication Networks 2 Signaling 2 (Mobile) Gusztáv Adamis BME TMIT 2017 GSM signaling Signaling of GSM is based on the ISDN signaling systems SS7/DSS1 But, because of mobility, roaming, radio access
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationIntroduction to VANET
VANET Introduction to VANET -Vehicles connected to each others through an ad hoc formation form a wireless network called Vehicular Ad Hoc Network. -Vehicular ad hoc networks (VANETs) are a subgroup of
More informationSecurity Setup CHAPTER
CHAPTER 8 This chapter describes how to set up your bridge s security features. This chapter contains the following sections: Security Overview, page 8-2 Setting Up WEP, page 8-7 Enabling Additional WEP
More informationDefinition. Quantifying Anonymity. Anonymous Communication. How can we calculate how anonymous we are? Who you are from the communicating party
Definition Anonymous Communication Hiding identities of parties involved in communications from each other, or from third-parties Who you are from the communicating party Who you are talking to from everyone
More information3GPP SA3-5G SECURITY. Major changes in 5G security architecture and procedures Sander de Kievit
3GPP SA3-5G SECURITY Major changes in 5G security architecture and procedures Sander de Kievit THIS TALK Short introduction about me and some words on 3GPP SA3. Major changes since 4G, what do we really
More informationSecure military communications on 3G, 4G and WiMAX
Calhoun: The NPS Institutional Archive DSpace Repository Theses and Dissertations Thesis and Dissertation Collection 2013-09 Secure military communications on 3G, 4G and WiMAX Schoinas, Panagiotis Monterey,
More informationGLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017
GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017 1 SYLLABUS GSM General architecture and interfaces of cellular system and the PSTN and Internet networks: BTS, MSC, Internetworking,
More information11:1 Anonymous Internet Access Method for Wireless Systems
11:1 Anonymous Internet Access Method for Wireless Systems Petri Jokela Juha-Petri Kärnä NomadicLab, Ericsson Research FIN-02420 Jorvas Finland {petri.jokela, juha-petri.karna}@ericsson.com 1 Introduction
More informationCT30A8800 Secured communications
CT30A8800 Secured communications Pekka Jäppinen October 31, 2007 Pekka Jäppinen, Lappeenranta University of Technology: October 31, 2007 Secured Communications: Key exchange Schneier, Applied Cryptography:
More informationDesign of Secure End-to-End Protocols for Mobile Systems
26 Design of Secure End-to-End Protocols for Mobile Systems V. Varadharajan and Y. Mu Department of Computing, University of Western Sydney, Nepean, PO Box 10, Kingswood, NSW 2747, Australia Telephone:
More informationDesigning Authentication for Wireless Communication Security Protocol
Designing Authentication for Wireless Communication Security Protocol Ms. Roshni Chandrawanshi, Prof. Ravi Mohan, Mr. Shiv Prakash Chandrawanshi Abstract Security is considered an important issue for mobile
More informationVerifying Real-World Security Protocols from finding attacks to proving security theorems
Verifying Real-World Security Protocols from finding attacks to proving security theorems Karthik Bhargavan http://prosecco.inria.fr + many co-authors at INRIA, Microsoft Research, Formal security analysis
More informationSecurity in ECE Systems
Lecture 11 Information Security ECE 197SA Systems Appreciation Security in ECE Systems Information security Information can be very valuable Secure communication important to protect information Today
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationNext Week. Network Security (and related topics) Project 3 Q/A. Agenda. My definition of network security. Network Security.
Next Week No sections Network Security (and related topics) EE122 Fall 2012 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other
More informationUMTS Security Features. Technical Brief
UMTS Security Features Although Ciphering and Cryptanalysis became a hot topic accelerated by the current geo-politic environment, information security is not a new issue. Caesar was ciphering secret information
More informationNetwork Security (and related topics)
Network Security (and related topics) EE122 Fall 2012 Scott Shenker http://inst.eecs.berkeley.edu/~ee122/ Materials with thanks to Jennifer Rexford, Ion Stoica, Vern Paxson and other colleagues at Princeton
More informationSession key establishment protocols
our task is to program a computer which gives answers which are subtly and maliciously wrong at the most inconvenient possible moment. -- Ross Anderson and Roger Needham, Programming Satan s computer Session
More informationSecurity of Cellular Networks: Man-in-the Middle Attacks
Security of Cellular Networks: Man-in-the Middle Attacks Mario Čagalj University of Split 2013/2014. Security in the GSM system by Jeremy Quirke, 2004 Introduction Nowadays, mobile phones are used by 80-90%
More informationCIS 4360 Secure Computer Systems Applied Cryptography
CIS 4360 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2017 Symmetric vs. Asymmetric Cryptography Symmetric cipher is much faster With asymmetric ciphers, you can post your Public
More informationUNIT-5. GSM System Operations (Traffic Cases) Registration, call setup, and location updating. Call setup. Interrogation phase
UNIT-5 GSM System Operations (Traffic Cases) Registration, call setup, and location updating Call setup Interrogation phase For the interrogation phase The initial address message comes outside the GSM
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationThe SSL/TLS protocol. Myrto Arapinis School of Informatics University of Edinburgh. October 27, 2016
The SSL/TLS protocol Myrto Arapinis School of Informatics University of Edinburgh October 27, 2016 1 / 27 SSL/TLS protocol Goals: Confidentiality, Integrity, Non repudiation SSL/TLS use X.509 certificates
More informationData Security and Privacy. Topic 14: Authentication and Key Establishment
Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt
More informationWAP Security. Helsinki University of Technology S Security of Communication Protocols
WAP Security Helsinki University of Technology S-38.153 Security of Communication Protocols Mikko.Kerava@iki.fi 15.4.2003 Contents 1. Introduction to WAP 2. Wireless Transport Layer Security 3. Other WAP
More informationENEE 459-C Computer Security. Security protocols (continued)
ENEE 459-C Computer Security Security protocols (continued) Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p
More informationFederated access service authorization
Federated access service authorization MIKKO NIIRANEN and PREETIDA VINAYAKRAY-JANI Nokia Reseach Center Itämerenkatu 11-13 00180 Helsinki FINLAND Abstract: - The increasing variety of access technologies
More informationOnline Anonymity & Privacy. Andrew Lewman The Tor Project
Online Anonymity & Privacy Andrew Lewman The Tor Project https://torproject.org/ Outline Why anonymity? Crash course on Tor Future Informally: anonymity means you can't tell who did what Who wrote this
More informationKNX Secure. KNX Position Paper on Data Security and Privacy
KNX Secure KNX Position Paper on Data Security and Privacy KNX Secure Position Paper This paper is intended as a guide for both installers as well as KNX manufacturers to learn about the current measures
More informationFormal Methods for Assuring Security of Computer Networks
for Assuring of Computer Networks May 8, 2012 Outline Testing 1 Testing 2 Tools for formal methods Model based software development 3 Principals of security Key security properties Assessing security protocols
More informationkey distribution requirements for public key algorithms asymmetric (or public) key algorithms
topics: cis3.2 electronic commerce 24 april 2006 lecture # 22 internet security (part 2) finish from last time: symmetric (single key) and asymmetric (public key) methods different cryptographic systems
More informationWireless Network Security Spring 2015
Wireless Network Security Spring 2015 Patrick Tague Class #7 More WiFi Security 2015 Patrick Tague 1 Class #7 Continuation of WiFi security 2015 Patrick Tague 2 Device Private WiFi Networks AP Local AAA
More informationUNIVERSAL MOBILE TELECOMMUNICATIONS
IEEE JOURNAL ON SELECTED AREAS IN COMMUNICATIONS, VOL. 23, NO. 6, JUNE 2005 1233 One-Pass GPRS and IMS Authentication Procedure for UMTS Yi-Bing Lin, Fellow, IEEE, Ming-Feng Chang, Meng-Ta Hsu, and Lin-Yi
More information