Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection

Size: px
Start display at page:

Download "Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection"

Transcription

1 Efficient GSM Authentication and Key Agreement Protocols with Robust User Privacy Protection Author: Jing-Lin Wu, Wen-Shenq Juang and Sian-Teng Chen Department of Information Management, Shih Hsin University, Taipei, Taiwan.

2 Agenda Introduction Review related work Our proposed scheme Security and performance analysis Discussion Conclusion 2

3 Introduction GSM System is used widely Privacy issue Some problems on GSM - Attacks on GSM - Bill controversy 3

4 GSM AKA Review work - Being pointed some security problem Choi et al. s AKA scheme - Improve partially the privacy problem - Scheme for MS receiving an identity request - More efficient 4

5 Choi et al s GSM AKA Depend on A3, A5 and A8 algorithm Security - Mutual authentication - Having completely privacy protection on location privacy attack? - Withstand the redirection attack and the corrupted network attack? Efficiency - Using the temporary key mechanism 5

6 tations HLR VLR TMSI IMSI LAI A3() A5() A8() K VH SRES w i The Home location register. The visitor location register. The temporary mobile subscriber identity. The international mobile subscriber identity. The location area identity. The authentication algorithm. The encryption algorithm. The cipher key generation algorithm. The common shared key between HLR and MS. The symmetric encryption/decryption key between VLR and HLR The expected response. The secret token The concatenation symbol. 6

7 Choi et al. s AKA while MS receiving an identity request MS 1. Identity request VLR HLR 2. AL, HLR_ID,SRES1, (RAND) EK u 3. VLR_ID, E VH (AL), EK u (RAND) 5. E TK (TMSI new ), RAND? SRES1 = SRES2 4. SRES2, HLR_ID, E VH (RAND TK IMSI) K u =f(imsi HLR_ID K) 7

8 Some problems of Choi et al. s AKA Partially privacy protection - Easy to be traced by using the alias Vulnerable to some attacks - The redirection attack - The corrupted network attack - The modification attack - TMSI verifying 8

9 Our proposed schemes Proposed scheme - Proposed scheme while MS receiving an identity request Improved some problems of Choi et al. s scheme - Fully privacy protection for MS - Based on A3, A5 and A8 algorithm - Secret token for protecting IMSI 9

10 Proposed scheme while MS receiving an Identity request MS Identity request 1. N 3 VLR HLR 2. P i, ID HLR, SRES1,VAC, RAND, r i 3. ID VLR,P i, SRES1,VAC, RAND, r i P i =IMSI w i =IMSI A3(x r i ) 4. N 4, E VH (IMSI TK SRES2 T i+1 MAC r i+1 ) 5. AUTH, T i+1, r i+1, MAC, N 4, E TK (TMSI new ) T i+1 =w i+1 A3(K r i+1 ) 10

11 Security analysis Mutual authentication Identity privacy protection Secret token protection Withstanding attacks - Man-in-the-middle attack - Dictionary attack -Replay attack - Modification attack 11

12 Security comparisons Our scheme Chang et al. Choi et al. GSM Peinado S1 Partial S2 S3 S4 S5 S6 N/A N/A S7 S1: Identity privacy; S2: Mutual authentication between MS and VLR; S3: Preventing the replay attack S4: Preventing the redirection attack; S5: Preventing the corrupted network attack; S6: Preventing the modification attack while VLR assigns a new TMSI; S7: time synchronization problem. 12

13 Functionality comparisons Our scheme Chang et al. Choi et al. GSM Peinado C1 High C2 High High C3 C4 High C5 High C1: The computation cost for MS; C2: The computation cost for HLR; C3: The computation cost for VLR; C4: The communication cost between HLR and VLR; C5: The space overhead for VLR 13

14 Performance considerations while MS receiving an identity request E1 E2 E3 E4 E5 E6 Our scheme 352 bits 160 bits 320 bits 1 Sym + 1 H + 2 XOR 2 Sym + 1H Chang et al. 128 bits 146 bits 128 bits 2 Sym + 2 H 2 Sym 2 H 1 Sym + 7 H + 2 XOR Choi et al. 192 bits 160 bits 192 bits 2 Sym + 3 H 3 Sym 3 Sym + 3 H GSM 192 bits (224 n) bits 128 bits 1 Sym + 2 H 1 Sym (2 n) H Peinado 832 bits 146 bits 640 bits 1 Exp + 1 Sym + 3 H 1 Sym 1 Exp + 2 H E1: Memory needed in MS; E2: Memory needed in VLR; E3: Memory needed in HLR; E4: Computation cost for MS; E5: Computation cost for VLR; E6: Computation cost for HLR; Exp: Exponential operation; Sym: Symmetric encryption/decryption operation; H: Hash operation; XOR: Exclusive-or operation; n: numbers of authentication vectors. 14

15 Discussions An alternative way for protecting the secret token - Symmetric cryptosystem Specifying the life time of a temporary key - Embedded in authenticator 15

16 Conclusions Identity privacy protection complete for IMSI Mutual authentication Efficiency Withstand attacks, i.e., the redirect attack and the corrupted network attack 16

17 The End

NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks

NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks NS-AKA: An Improved and Efficient AKA Protocol for 3G (UMTS) Networks Neetesh Saxena, Narendra S. Chaudhari Abstract- In this paper, we propose an improved and efficient AKA protocol named NS-AKA to prevent

More information

Security functions in mobile communication systems

Security functions in mobile communication systems Security functions in mobile communication systems Dr. Hannes Federrath University of Technology Dresden Security demands Security functions of GSM Known attacks on GSM Security functions of UMTS Concepts

More information

Defeating IMSI Catchers. Fabian van den Broek et al. CCS 2015

Defeating IMSI Catchers. Fabian van den Broek et al. CCS 2015 Defeating IMSI Catchers Fabian van den Broek et al. CCS 2015 Ren-Jay Wang CS598 - COMPUTER SECURITY IN THE PHYSICAL ckground 3GPP 3GPP 3 rd Generation Partnership Project Encompasses: GSM and related 2G

More information

Efficient password authenticated key agreement using bilinear pairings

Efficient password authenticated key agreement using bilinear pairings Mathematical and Computer Modelling ( ) www.elsevier.com/locate/mcm Efficient password authenticated key agreement using bilinear pairings Wen-Shenq Juang, Wei-Ken Nien Department of Information Management,

More information

Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup

Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup Private Identification, Authentication and Key Agreement Protocol with Security Mode Setup Farshid Farhat, Somayeh Salimi, Ahmad Salahi ICT Security Faculty Iran Telecommunication Research Centre Tehran,

More information

ETSI TS V3.4.0 ( )

ETSI TS V3.4.0 ( ) TS 133 103 V3.4.0 (2000-10) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Integration Guidelines (3GPP TS 33.103 version 3.4.0 Release 1999) 1 TS 133 103 V3.4.0

More information

Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography.

Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography. Secure and Authentication Communication in GSM, GPRS, and UMTS Using Asymmetric Cryptography T K Mohanta 1, R K Samantaray 2, S Panda 3 1. Dept.of Electronics & Communication.Engg, Sudhananda Engg & Research

More information

Designing Authentication for Wireless Communication Security Protocol

Designing Authentication for Wireless Communication Security Protocol Designing Authentication for Wireless Communication Security Protocol Ms. Roshni Chandrawanshi, Prof. Ravi Mohan, Mr. Shiv Prakash Chandrawanshi Abstract Security is considered an important issue for mobile

More information

City Research Online. Permanent City Research Online URL:

City Research Online. Permanent City Research Online URL: Komninos, N. & Dimitriou, T. (2006). Adaptive authentication and key agreement mechanism for future cellular systems. Paper presented at the 15th IST Mobile & Wireless Communications Summit, 04-08 June

More information

Authenticated Key Agreement Without Using One-way Hash Functions Based on The Elliptic Curve Discrete Logarithm Problem

Authenticated Key Agreement Without Using One-way Hash Functions Based on The Elliptic Curve Discrete Logarithm Problem Authenticated Key Agreement Without Using One-way Hash Functions Based on The Elliptic Curve Discrete Logarithm Problem Li-Chin Huang and Min-Shiang Hwang 1 Department of Computer Science and Engineering,

More information

PORTABLE communication systems (PCSs) do not require

PORTABLE communication systems (PCSs) do not require IEEE TRANSACTIONS ON WIRELESS COMMUNICATIONS, VOL. 4, NO. 1, JANUARY 2005 57 A New Delegation-Based Authentication Protocol for Use in Portable Communication Systems Wei-Bin Lee and Chang-Kuo Yeh Abstract

More information

Secure Smart Card Based Remote User Authentication Scheme for Multi-server Environment

Secure Smart Card Based Remote User Authentication Scheme for Multi-server Environment Secure Smart Card Based Remote User Authentication Scheme for Multi-server Environment Archana P.S, Athira Mohanan M-Tech Student [Cyber Security], Sree Narayana Gurukulam College of Engineering Ernakulam,

More information

GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017

GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017 GLOBAL SYSTEM FOR MOBILE COMMUNICATION (2) ETI2511 Friday, 31 March 2017 1 SYLLABUS GSM General architecture and interfaces of cellular system and the PSTN and Internet networks: BTS, MSC, Internetworking,

More information

EFFICIENT MECHANISM FOR THE SETUP OF UE-INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING. 1. Introduction

EFFICIENT MECHANISM FOR THE SETUP OF UE-INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING. 1. Introduction Trends in Mathematics Information Center for Mathematical Sciences Volume 8, Number 1, June, 2005, Pages 77 85 EFFICIENT MECHANISM FOR THE SETUP OF -INITIATED TUNNELS IN 3GPP-WLAN INTERWORKING SANG UK

More information

A SECURE PASSWORD-BASED REMOTE USER AUTHENTICATION SCHEME WITHOUT SMART CARDS

A SECURE PASSWORD-BASED REMOTE USER AUTHENTICATION SCHEME WITHOUT SMART CARDS ISSN 1392 124X INFORMATION TECHNOLOGY AND CONTROL, 2012, Vol.41, No.1 A SECURE PASSWORD-BASED REMOTE USER AUTHENTICATION SCHEME WITHOUT SMART CARDS Bae-Ling Chen 1, Wen-Chung Kuo 2*, Lih-Chyau Wuu 3 1

More information

A Smart Card Based Authentication Protocol for Strong Passwords

A Smart Card Based Authentication Protocol for Strong Passwords A Smart Card Based Authentication Protocol for Strong Passwords Chin-Chen Chang 1,2 and Hao-Chuan Tsai 2 1 Department of Computer Science and Information Engineering, Feng Chia University, Taichung, Taiwan,

More information

Authentication in the Smart Grids

Authentication in the Smart Grids Authentication in the Smart Grids Mario H. F. Latuf Universidade Federal de Itajubá UNIFEI July 17, 2013 1 Reference Soohyun, Kwak Jin, Mutual authentication and key establishment mechanism using DCU certificate

More information

Network Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013

Network Security: Cellular Security. Tuomas Aura T Network security Aalto University, Nov-Dec 2013 Network Security: Cellular Security Tuomas Aura T-110.5241 Network security Aalto University, Nov-Dec 2013 Outline Cellular networks GSM security architecture and protocols Counters UMTS AKA and session

More information

Efficient remote mutual authentication and key agreement

Efficient remote mutual authentication and key agreement computers & security 25 (2006) 72 77 available at www.sciencedirect.com journal homepage: www.elsevier.com/locate/cose Efficient remote mutual authentication and key agreement Wen-Gong Shieh*, Jian-Min

More information

Secure 3G user authentication in ad-hoc serving networks

Secure 3G user authentication in ad-hoc serving networks Louisiana State University LSU Digital Commons LSU Master's Theses Graduate School 2005 Secure 3G user authentication in ad-hoc serving networks Lyn L. Evans Louisiana State University and Agricultural

More information

Security of Cellular Networks: Man-in-the Middle Attacks

Security of Cellular Networks: Man-in-the Middle Attacks Security of Cellular Networks: Man-in-the Middle Attacks Mario Čagalj University of Split 2013/2014. Security in the GSM system by Jeremy Quirke, 2004 Introduction Nowadays, mobile phones are used by 80-90%

More information

Wireless Communications and Mobile Computing

Wireless Communications and Mobile Computing WNMC-MPR-Sec 1 Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto SECURITY - BASIC CONCEPTS WNMC-MPR-Sec 2 WNMC-MPR-Sec 3 Symmetric

More information

Request for Comments: Cisco Systems January 2006

Request for Comments: Cisco Systems January 2006 Network Working Group Request for Comments: 4186 Category: Informational H. Haverinen, Ed. Nokia J. Salowey, Ed. Cisco Systems January 2006 Status of This Memo Extensible Authentication Protocol Method

More information

SSL/TLS. How to send your credit card number securely over the internet

SSL/TLS. How to send your credit card number securely over the internet SSL/TLS How to send your credit card number securely over the internet The security provided by SSL SSL is implemented at level 4 The transport control layer In practice, SSL uses TCP sockets The underlying

More information

Remote User Authentication Scheme in Multi-server Environment using Smart Card

Remote User Authentication Scheme in Multi-server Environment using Smart Card Remote User Authentication Scheme in Multi-server Environment using Smart Card Jitendra Kumar Tyagi A.K. Srivastava Pratap Singh Patwal ABSTRACT In a single server environment, one server is responsible

More information

On the Security of Yoon and Yoo s Biometrics Remote User Authentication Scheme

On the Security of Yoon and Yoo s Biometrics Remote User Authentication Scheme On the Security of Yoon and Yoo s Biometrics Remote User Authentication Scheme MING LIU * Department of Tourism Management WEN-GONG SHIEH Department of Information Management Chinese Culture University

More information

ISSN X INFORMATION TECHNOLOGY AND CONTROL, 2011, Vol.40, No.3. ISSN X INFORMATION TECHNOLOGY AND CONTROL, 2011 Vol.?, No.?, 1?

ISSN X INFORMATION TECHNOLOGY AND CONTROL, 2011, Vol.40, No.3. ISSN X INFORMATION TECHNOLOGY AND CONTROL, 2011 Vol.?, No.?, 1? ISSN 1392 124X INFORMATION TECHNOLOGY AND CONTROL, 2011, Vol.40, No.3 ISSN 1392 124X INFORMATION TECHNOLOGY AND CONTROL, 2011 Vol.?, No.?, 1? A ROBUST A Robust REMOTE RemoteUSER User Authentication AUTHENTICATION

More information

GPRS security. Helsinki University of Technology S Security of Communication Protocols

GPRS security. Helsinki University of Technology S Security of Communication Protocols GPRS security Helsinki University of Technology S-38.153 Security of Communication Protocols vrantala@cc.hut.fi 15.4.2003 Structure of the GPRS Network BSS GTP PLMN BSS-Base Station sub-system VLR - Visiting

More information

Contents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications

Contents. GSM and UMTS Security. Cellular Radio Network Architecture. Introduction to Mobile Telecommunications Royal Holloway, University of London, IC3 Network Security, 13 November 2006 Contents GSM and UMTS Security Introduction to mobile telecommunications Second generation systems - GSM security Third generation

More information

Securing SMS of a GSM Network Message Center Using Asymmetric Encryption Technique Algorithm.

Securing SMS of a GSM Network Message Center Using Asymmetric Encryption Technique Algorithm. Securing SMS of a GSM Network Message Center Using Asymmetric Encryption Technique Algorithm. Garba S. (1), Abdu-Aguye U.-F., Raubilu A.A., Ibrahim Y. Department of Electrical and Computer Engineering,

More information

EUROPEAN ETS TELECOMMUNICATION July 1998 STANDARD

EUROPEAN ETS TELECOMMUNICATION July 1998 STANDARD EUROPEAN ETS 300 929 TELECOMMUNICATION July 1998 STANDARD Third Edition Source: SMG Reference: RE/SMG-030320QR1 ICS: 33.020 Key words: Digital cellular telecommunications system, Global System for Mobile

More information

Key Management Protocol for Roaming in Wireless Interworking System

Key Management Protocol for Roaming in Wireless Interworking System IJCSNS International Journal of Computer Science and Network Security, VOL.7 No.8, August 2007 59 Key Management Protocol for Roaming in Wireless Interworking System Taenam Cho, Jin-Hee Han and Sung-Ik

More information

Mobile Security Fall 2013

Mobile Security Fall 2013 Mobile Security 14-829 Fall 2013 Patrick Tague Class #3 Telecom Security from 1G to 4G Basics of Telecom Security Different players in the mobile ecosystem have different security concerns Security concerns

More information

Auth. Key Exchange. Dan Boneh

Auth. Key Exchange. Dan Boneh Auth. Key Exchange Review: key exchange Alice and want to generate a secret key Saw key exchange secure against eavesdropping Alice k eavesdropper?? k This lecture: Authenticated Key Exchange (AKE) key

More information

Cryptanalysis. Ed Crowley

Cryptanalysis. Ed Crowley Cryptanalysis Ed Crowley 1 Topics Cryptanalysis History Modern Cryptanalysis Characterization of Cryptanalysis Attacks Attack Types 2 Cryptanalysis Science of cracking ciphers and codes, decoding secrets,

More information

ETSI TS V3.5.0 ( )

ETSI TS V3.5.0 ( ) TS 133 102 V3.5.0 (2000-07) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Security Architecture (3G TS 33.102 version 3.5.0 Release 1999) 1 TS 133 102 V3.5.0 (2000-07)

More information

Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme

Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme Smart-card-loss-attack and Improvement of Hsiang et al. s Authentication Scheme Y.. Lee Department of Security Technology and Management WuFeng niversity, hiayi, 653, Taiwan yclee@wfu.edu.tw ABSTRAT Due

More information

Wireless Security Security problems in Wireless Networks

Wireless Security Security problems in Wireless Networks Wireless Security Security problems in Wireless Networks Security of Wireless Networks Wireless networks are everywhere more and more electronic devices are becoming wireless However, ensuring security

More information

Cryptography ThreeB. Ed Crowley. Fall 08

Cryptography ThreeB. Ed Crowley. Fall 08 Cryptography ThreeB Ed Crowley Fall 08 Cryptanalysis History Modern Cryptanalysis Characterization of Cryptanalysis Attacks Attack Types Cryptanalysis. Science of cracking ciphers and codes, decoding secrets,

More information

Mobility and Security Management in the GSM System

Mobility and Security Management in the GSM System IOSR Journal of Engineering (IOSRJEN) ISSN: 2250-3021 ISBN: 2878-8719 PP 13-18 National Symposium on engineering and Research Mobility and Security Management in the GSM System 1 Mr. Yogesh S. Amle 2 Mr.

More information

New Privacy Issues in Mobile Telephony: Fix and Verification

New Privacy Issues in Mobile Telephony: Fix and Verification New Privacy Issues in Mobile Telephony: Fix and Verification Myrto Arapinis, Loretta Mancini, Eike Ritter, Mark Ryan, Kevin Redon, Nico Golde, Ravi Borgaonkar CCS 2012, Raleigh, NC October 2012 In my bag

More information

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment. CS355: Cryptography Lecture 17: X509. PGP. Authentication protocols. Key establishment. Public Keys and Trust Public Key:P A Secret key: S A Public Key:P B Secret key: S B How are public keys stored How

More information

Cryptanalysis on Four Two-Party Authentication Protocols

Cryptanalysis on Four Two-Party Authentication Protocols Cryptanalysis on Four Two-Party Authentication Protocols Yalin Chen Institute of Information Systems and Applications, NTHU, Tawain d949702@oz.nthu.edu.tw Jue-Sam Chou * Dept. of Information Management

More information

GSM Mobility Management

GSM Mobility Management GSM Mobility Management Phone Lin Ph.D. Email: plin@csie.ntu.edu.tw 1 Outlines Introduction GSM Location Update Basic Call Origination and Termination Procedures Mobility Databases Failure Restoration

More information

Enhanced Delegation Based Authentication Protocol for Secure Roaming Service with Synchronization

Enhanced Delegation Based Authentication Protocol for Secure Roaming Service with Synchronization JOURNAL OF ELECTRONIC SCIENCE AND TECHNOLOGY, VOL. 9, NO. 4, DECEMBER 2011 345 Enhanced Delegation Based Authentication Protocol for Secure Roaming Service with Synchronization Hsing-Bai Chen, Yung-Hsiang

More information

Provably Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks *

Provably Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks * JOURNAL OF INFORMATION SCIENCE AND ENGINEERING 31, 727-742 (2015) Provably Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks * KUO-YANG WU 1, KUO-YU TSAI 2, TZONG-CHEN

More information

Secure Algorithms for SAKA Protocol in the GSM Network

Secure Algorithms for SAKA Protocol in the GSM Network Secure Algorithms for SAKA Protocol in the GSM Network Neetesh Saxena Department of Computing and Informatics Faculty of Science and Technology Bournemouth University, UK Email: nsaxena@bournemouth.ac.uk

More information

UNIT-5. GSM System Operations (Traffic Cases) Registration, call setup, and location updating. Call setup. Interrogation phase

UNIT-5. GSM System Operations (Traffic Cases) Registration, call setup, and location updating. Call setup. Interrogation phase UNIT-5 GSM System Operations (Traffic Cases) Registration, call setup, and location updating Call setup Interrogation phase For the interrogation phase The initial address message comes outside the GSM

More information

Past & Future Issues in Smartcard Industry

Past & Future Issues in Smartcard Industry Past & Future Issues in Smartcard Industry Ecrypt 2 Summer School Guillaume Dabosville Oberthur Technologies Oberthur Technologies the group its divisions payment, mobile, transport and digital TV markets

More information

Security Management System of Cellular Communication: Case Study

Security Management System of Cellular Communication: Case Study Security Management System of Cellular Communication: Case Study Othman O. Khalifa, Abdulrazzag Aburas, A. Al Bagul, Meftah Hrairi, Muhammad Shahril bin Shahbuddin, and Harman bin Mat Kasa Abstract Cellular

More information

A Review of 3G-WLAN Interworking

A Review of 3G-WLAN Interworking A Review of 3G-WLAN Interworking B.Bindusha Reddy #, Dr Syed Umar *, M.Satya Anusha & *Assistant. Professor, Department of ECM, KL University, A.P., INDIA. #, & Student, Department of ECM, KL University,

More information

Data Integrity. Modified by: Dr. Ramzi Saifan

Data Integrity. Modified by: Dr. Ramzi Saifan Data Integrity Modified by: Dr. Ramzi Saifan Encryption/Decryption Provides message confidentiality. Does it provide message authentication? 2 Message Authentication Bob receives a message m from Alice,

More information

Security issues in mobile communications

Security issues in mobile communications University of Wollongong Research Online University of Wollongong Thesis Collection 1954-2016 University of Wollongong Thesis Collections 1994 Security issues in mobile communications Chenthurvasan Duraiappan

More information

Questioning the Feasibility of UMTS GSM Interworking Attacks

Questioning the Feasibility of UMTS GSM Interworking Attacks Questioning the Feasibility of UMTS GSM Interworking Attacks Christoforos Ntantogian 1, Christos Xenakis 2 1 Department of Informatics and Telecommunications, University of Athens, Greece 2 Department

More information

authentication will be required between roaming user, visited network and home network.

authentication will be required between roaming user, visited network and home network. Classification of Security Authentication for Roaming User in Mobile Networks Ja afer AL-Saraireh & Sufian Yousef j.al-saraireh@anglia.ac.uk, s.yousef@anglia.ac.uk Anglia Ruskin University Chelmsford UK

More information

A Pattern Language for Mobility Management [1] Petri Jokela

A Pattern Language for Mobility Management [1] Petri Jokela A Pattern Language for Mobility Management [1] Petri Jokela petri.jokela@nomadiclab.com 2G systems (GSM, D-AMPS) D Visited network Home network HLR VLR VLR HLR AuC AuC A Pattern Language for Mobility Management!Wireless

More information

Chapter 3 GSM and Similar Architectures

Chapter 3 GSM and Similar Architectures CSF645 Mobile Computing 行動計算 Chapter 3 GSM and Similar Architectures 吳俊興 國立高雄大學資訊工程學系 Chapter 3 GSM and Similar Architectures 3.1 GSM Services and System Architecture 3.2 Radio Interfaces 3.3 Protocols

More information

ETSI TS V3.1.0 ( )

ETSI TS V3.1.0 ( ) ETSI TS 133 103 V3.1.0 (2000-01) Technical Specification Universal Mobile Telecommunications System (UMTS); 3G Security; Integration Guidelines (3G TS 33.103 version 3.1.0 Release 1999) (3G TS 33.103 version

More information

A Hash-based Strong Password Authentication Protocol with User Anonymity

A Hash-based Strong Password Authentication Protocol with User Anonymity International Journal of Network Security, Vol.2, No.3, PP.205 209, May 2006 (http://isrc.nchu.edu.tw/ijns/) 205 A Hash-based Strong Password Authentication Protocol with User Anonymity Kumar Mangipudi

More information

CSCE 813 Internet Security Symmetric Cryptography

CSCE 813 Internet Security Symmetric Cryptography CSCE 813 Internet Security Symmetric Cryptography Professor Lisa Luo Fall 2017 Previous Class Essential Internet Security Requirements Confidentiality Integrity Authenticity Availability Accountability

More information

Homework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING

Homework 2. Out: 09/23/16 Due: 09/30/16 11:59pm UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING UNIVERSITY OF MARYLAND DEPARTMENT OF ELECTRICAL AND COMPUTER ENGINEERING ENEE 457 Computer Systems Security Instructor: Charalampos Papamanthou Homework 2 Out: 09/23/16 Due: 09/30/16 11:59pm Instructions

More information

Threat patterns in GSM system. Basic threat patterns:

Threat patterns in GSM system. Basic threat patterns: Threat patterns in GSM system Usage of mobile devices in business simpli es, speeds up and optimizes business processes. However, it is necessary to understand that the more complicated the device is the

More information

Cryptography and Network Security

Cryptography and Network Security Cryptography and Network Security Spring 2012 http://users.abo.fi/ipetre/crypto/ Lecture 14: Folklore, Course summary, Exam requirements Ion Petre Department of IT, Åbo Akademi University 1 Folklore on

More information

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some 3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some popular block ciphers Triple DES Advanced Encryption

More information

ISSN: ISO 9001:2008 Certified International Journal of Engineering and Innovative Technology (IJEIT) Volume 3, Issue 10, April 2014

ISSN: ISO 9001:2008 Certified International Journal of Engineering and Innovative Technology (IJEIT) Volume 3, Issue 10, April 2014 Two Way User Authentication Using Biometric Based Scheme for Wireless Sensor Networks Srikanth S P (Assistant professor, CSE Department, MVJCE, Bangalore) Deepika S Haliyal (PG Student, CSE Department,

More information

Key Establishment and Authentication Protocols EECE 412

Key Establishment and Authentication Protocols EECE 412 Key Establishment and Authentication Protocols EECE 412 1 where we are Protection Authorization Accountability Availability Access Control Data Protection Audit Non- Repudiation Authentication Cryptography

More information

IEEE WiMax Security

IEEE WiMax Security IEEE 80.6 WiMax Security Dr. Kitti Wongthavarawat Thai Computer Emergency Response Team (ThaiCERT) National Electronics and Computer Technology Center Thailand Presented at 7 th Annual FIRST Conference,

More information

Diminishing Signaling Traffic for Authentication in Mobile Communication System

Diminishing Signaling Traffic for Authentication in Mobile Communication System Diminishing Signaling Traffic for Authentication in Mobile Communication System Chi-Chun Lo and Kuen-Liang Sue Institute of Information Management National Chiao Tung University Hsinchu, Taiwan cclo@cc.nctu.edu.tw,

More information

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Data Security and Privacy. Topic 14: Authentication and Key Establishment Data Security and Privacy Topic 14: Authentication and Key Establishment 1 Announcements Mid-term Exam Tuesday March 6, during class 2 Need for Key Establishment Encrypt K (M) C = Encrypt K (M) M = Decrypt

More information

Chapter 13 Location Privacy

Chapter 13 Location Privacy Chapter 13 Location Privacy Security aspects of mobile communication Implicit addressing Pseudonyms Communication mixes [NetSec], WS 2007/2008 13.1 Security Aspects of Mobile Communication Mobile communication

More information

A Design of Authentication Protocol for a Limited Mobile Network Environment

A Design of Authentication Protocol for a Limited Mobile Network Environment Vol.29 (SecTech 2013), pp.41-45 http://dx.doi.org/10.14257/astl.2013.29.08 A Design of Authentication Protocol for a Limited Mobile Network Environment Minha Park 1,1, Yeog Kim 2, Okyeon Yi 3 1, 3 Dept.

More information

A robust smart card-based anonymous user authentication protocol for wireless communications

A robust smart card-based anonymous user authentication protocol for wireless communications University of Wollongong Research Online Faculty of Engineering and Information Sciences - Papers: Part A Faculty of Engineering and Information Sciences 2014 A robust smart card-based anonymous user authentication

More information

Security Requirements

Security Requirements Message Authentication and Hash Functions CSCI 454/554 Security Requirements disclosure traffic analysis masquerade content modification sequence modification timing modification source repudiation destination

More information

Wireless and Mobile Network Architecture

Wireless and Mobile Network Architecture Wireless and Mobile Network Architecture Chapter 8: GSM Mobility Management Prof. Yuh-Shyan Chen Department of Computer Science and Information Engineering National Taipei University Nov. 2006 1 Outline

More information

CIS 4360 Secure Computer Systems Applied Cryptography

CIS 4360 Secure Computer Systems Applied Cryptography CIS 4360 Secure Computer Systems Applied Cryptography Professor Qiang Zeng Spring 2017 Symmetric vs. Asymmetric Cryptography Symmetric cipher is much faster With asymmetric ciphers, you can post your Public

More information

Test 2 Review. (b) Give one significant advantage of a nonce over a timestamp.

Test 2 Review. (b) Give one significant advantage of a nonce over a timestamp. Test 2 Review Name Student ID number Notation: {X} Bob Apply Bob s public key to X [Y ] Bob Apply Bob s private key to Y E(P, K) Encrypt P with symmetric key K D(C, K) Decrypt C with symmetric key K h(x)

More information

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1

Cryptography CS 555. Topic 16: Key Management and The Need for Public Key Cryptography. CS555 Spring 2012/Topic 16 1 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography CS555 Spring 2012/Topic 16 1 Outline and Readings Outline Private key management between two parties Key management

More information

Security Handshake Pitfalls

Security Handshake Pitfalls Security Handshake Pitfalls 1 Authentication Handshakes Secure communication almost always includes an initial authentication handshake: Authenticate each other Establish sessions keys This process may

More information

A New Anonymous Channel Protocol in Wireless Communications

A New Anonymous Channel Protocol in Wireless Communications Int. J. Electron. Commun. (AEÜ) 58 (2004): 1 5 http://www.elsevier-deutschland.de/aeue A New Anonymous Channel Protocol in Wireless Communications Min-Shiang Hwang, Cheng-Chi Lee, and Ji-Zhe Lee Abstract:

More information

(2½ hours) Total Marks: 75

(2½ hours) Total Marks: 75 (2½ hours) Total Marks: 75 N. B.: (1) All questions are compulsory. (2) Makesuitable assumptions wherever necessary and state the assumptions made. (3) Answers to the same question must be written together.

More information

GSM Mobility Databases

GSM Mobility Databases GSM Mobility Databases 1 Outline Mobility Databases Failure Restoration VLR Identification Algorithm VLR Overflow Control Summary 2 Two Issues of GSM Mobility Databases Fault Tolerance If the location

More information

Application of ESA in the CAVE Mode Authentication

Application of ESA in the CAVE Mode Authentication Application of ESA in the Mode Authentication Keonwoo Kim, Dowon Hong, and Kyoil Chung Abstract This paper proposes the authentication method using ESA algorithm instead of using algorithm in the CDMA

More information

Securing Your Wireless LAN

Securing Your Wireless LAN Securing Your Wireless LAN Pejman Roshan Product Manager Cisco Aironet Wireless Networking Session Number 1 Agenda Requirements for secure wireless LANs Overview of 802.1X and TKIP Determining which EAP

More information

ONE TIME SECRET KEY MECHANISM FOR MOBILE COMMUNICATION

ONE TIME SECRET KEY MECHANISM FOR MOBILE COMMUNICATION ONE TIME SECRET KEY MECHANISM FOR MOBILE COMMUNICATION Vasu.R 1 and Dr.Sunitha Abburu 2 1 Adhiyamaan College of Engineering, Department of Computer Application, Hosur vasu.shriram2@gmail.com 2 Professor

More information

A secure GSM-based electronic Murabaha transaction. 2. Background

A secure GSM-based electronic Murabaha transaction. 2. Background A secure GSM-based electronic Murabaha transaction Mansour A. Al-Meaither and Chris J. Mitchell Information Security Group, Royal Holloway, University of London Egham, Surrey, TW20 0EX, United Kingdom

More information

HOST Authentication Overview ECE 525

HOST Authentication Overview ECE 525 Authentication Overview Authentication refers to the process of verifying the identity of the communicating principals to one another Usually sub-divided into Entity authentication Authentication in real-time

More information

Expert Systems with Applications

Expert Systems with Applications Expert Systems with Applications 38 (2011) 13863 13870 Contents lists available at ScienceDirect Expert Systems with Applications journal homepage: www.elsevier.com/locate/eswa A secure dynamic ID based

More information

The security of existing wireless networks

The security of existing wireless networks Security and Cooperation in Wireless Networks Cellular networks o o GSM UMTS WiFi LANs Bluetooth Security in Wireless Networks Wireless networks are more vulnerable to security issues: Broadcast communications

More information

10 Call Set-up. Objectives After this chapter the student will: be able to describe the activities in the network during a call set-up.

10 Call Set-up. Objectives After this chapter the student will: be able to describe the activities in the network during a call set-up. 10 Call Set-up Objectives After this chapter the student will: be able to describe the activities in the network during a call set-up. 10.1 INTRODUCTION... 2 10.2 CALL TO MS (MT)... 3 10.3 CALL FROM MS

More information

Security Handshake Pitfalls

Security Handshake Pitfalls Security Handshake Pitfalls Ahmet Burak Can Hacettepe University abc@hacettepe.edu.tr 1 Cryptographic Authentication Password authentication is subject to eavesdropping Alternative: Cryptographic challenge-response

More information

Wireless Communications

Wireless Communications Wireless Communications Lecture 6: Mobility Management Module Representive: Prof. Dr.-Ing. Hans D. Schotten schotten@eit.uni-kl.de Lecturer: Dr.-Ing. Bin Han binhan@eit.uni-kl.de Institute of Wireless

More information

Practical Operator Considerations Cellular Analog Cellular Rogue Base Station Tumbling Cloning

Practical Operator Considerations Cellular Analog Cellular Rogue Base Station Tumbling Cloning Practical Operator Considerations Cellular Analog Cellular Rogue Base Station Tumbling Cloning Getting paid Prevent (limit) subscriber fraud Ensure accurate clearing with other operators Reduce churn Ensure

More information

Network Working Group Request for Comments: 3310 Category: Informational V. Torvinen Ericsson September 2002

Network Working Group Request for Comments: 3310 Category: Informational V. Torvinen Ericsson September 2002 Network Working Group Request for Comments: 3310 Category: Informational A. Niemi Nokia J. Arkko V. Torvinen Ericsson September 2002 Hypertext Transfer Protocol (HTTP) Digest Authentication Using Authentication

More information

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security 1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security Dr. L. Christofi 1 0. Overview As the knowledge of computer networking and protocols has become more widespread, so the threat of

More information

Network Encryption 3 4/20/17

Network Encryption 3 4/20/17 The Network Layer Network Encryption 3 CSC362, Information Security most of the security mechanisms we have surveyed were developed for application- specific needs electronic mail: PGP, S/MIME client/server

More information

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures MIS5206 Week 11 Identity and Access Control Week 10 continued Cryptography, Public Key Encryption and

More information

CSC 774 Network Security

CSC 774 Network Security CSC 774 Network Security Topic 2. Review of Cryptographic Techniques CSC 774 Dr. Peng Ning 1 Outline Encryption/Decryption Digital signatures Hash functions Pseudo random functions Key exchange/agreement/distribution

More information

L13. Reviews. Rocky K. C. Chang, April 10, 2015

L13. Reviews. Rocky K. C. Chang, April 10, 2015 L13. Reviews Rocky K. C. Chang, April 10, 2015 1 Foci of this course Understand the 3 fundamental cryptographic functions and how they are used in network security. Understand the main elements in securing

More information

3GPP TSG SA WG3 Security S November 19-22, 2002 Oxford, UK. WLAN Pseudonym Generation for EAP-SIM/AKA Discussion and decision

3GPP TSG SA WG3 Security S November 19-22, 2002 Oxford, UK. WLAN Pseudonym Generation for EAP-SIM/AKA Discussion and decision TSG SA WG3 Security S3-020654 November 19-22, 2002 Oxford, UK Agenda Item: Source: Title: Document for: WLAN Ericsson WLAN Pseudonym Generation for EAP-SIM/AKA Discussion and decision 1. Introduction Both

More information

Communication Networks 2 Signaling 2 (Mobile)

Communication Networks 2 Signaling 2 (Mobile) Communication Networks 2 Signaling 2 (Mobile) Gusztáv Adamis BME TMIT 2017 GSM signaling Signaling of GSM is based on the ISDN signaling systems SS7/DSS1 But, because of mobility, roaming, radio access

More information