GSM Security Threats and Countermeasures

Saravanan BalaTanvir Ahmed

Samuel SolomonTravis Atkison

Outline

Introduction

A5/1 algorithm

Security & attacks

Proposed Solution Hardware Enhancement

Software Application

Conclusion

Mobile Communication-GSM

Most widely used cellular technology

Cryptographic Algorithms- A5/1, A5/2, A5/3

A5/1 Algorithm provides over the air privacy

A5/1• GSM phone conversations:

sequences of frames.• One 228 bit = frame is sent in 4.6

milliseconds: 114 bits for the communication in each direction.

• A5/1 produces 228 bits to XOR with the plaintext in each frame

A5/1 LFSRsConsists of 3 LFSRs of

different lengths

19 bits • x18 + x17 + x16 + x13 + 1

• clock bit 8 • tapped bits: 13, 16, 17,

18

22 bits • x21 + x20 + 1 • clock bit 10

• tapped bits 20, 21

23 bits • x22 + x21 + x20 + x7 + 1

• clock bit 10 • tapped bits 7, 20, 21, 22

A5/1 - Clocking

A5/1 clocking

Majority rule

m=maj(c1, c2, c3)

m=maj(1, 1, 0)

maj = 1

Registers R1 & R2

Design Vulnerability

Design of Clock Controlling Unit

Linear Combination Function  

Possible Attacks

Chosen plain Text attacks

Time memory trade off attacks

Correlation attacks

Proposed Counter Measures

Hardware Enhancement

Software Application- Additional Encryption

Hardware Enhancement

 

Contd..

Enhanced Majority Rule

Computes two majority values

m1=maj(b1, b2, b3) m2=maj(c1, c2, c3)

Let S1 = { } and S2 = { } (Imaginary sets)

S1∩S2

Contd..

Linear combining functions are cryptographically weak functions

Non Linear Combining Function

Combining function not fixed - changed dynamically by using a 2:1 multiplexer.

Software Application

End to end encryption Encrypt speech signal at user end Solution includes using transmission of encrypted voice GSM

Data Call CSW Example : SecureGSM

Another solution includes usage of connection based packet switching. Example : Babylon nG

Both techniques use Diffie-Hellman key agreement protocol for ciphering key exchange and AES cipher for encryption of voice.

Experimentally proved that the implementation of AES cipher provides more robust and efficient system.

 CONCLUSION

Proposed scheme generates cryptographically better key sequence than the current version of A5/1

Future mobile communications can be handled using UMTS

REFERENCES

 [1]     “Secure Mobile Communication Using Low Bit-Rate Coding Method”. IEEE paper published by Wasif, M.; Sanghavi, C.R.; Elahi, M.; [2]     “Another attack on A5/1”. IEEE paper published by Patrik Ekdahl and Thomas Johansson.[3]     “Enhanced A5/1 Cipher with Improved Linear Complexity”. IEEE paper published by Musheer Ahmad and Izharuddin. [4]     “Introduction to the design & analysis of algorithms” by Anany Levitin.[5]     Based on the presentation given by Karsten Nohl on the “26th Chaos Communication Congress (26C3)” conference.[6]     “Security Enhancements in GSM Cellular Standard”. IEEE paper published by Musheer Ahmad and Izharuddin.[7]     “Communication Security in GSM Networks” published on 2008 international conference on security technology by Petr Bouška, Martin Drahanský.[8]     “Implementation and Analysis of AES, DES and Triple DES on GSM network” an IEEE paper published by Sachin and Dinesh kumar[9]     “Construction of nonlinear Boolean functions with important Cryptographic properties - Advances in Cryptology” by Sarkar and Maitra.[10] Diagram in slide number 6 taken from wikipedia.

 

Questions ????

Thank you all