Universal Subscriber Identity Module (USIM) Application Toolkit (USAT)
Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS...
Transcript of Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS...
![Page 1: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/1.jpg)
![Page 2: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/2.jpg)
Outline
§ CellularNetworkArchitecture
§ SecurityRequirements
§ Authenticationin1Gto4G
§ Issuesrelatedtoauthentication
§ Conclusion
Slide 2
Note:SomeresourcesinthispresentationareusedfromthecourseIusedtoteachatTUBerlinwithProf.Jean-PierreSeifert.
![Page 3: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/3.jpg)
SIM– pillarforauthentication
§ SubscriberIdentityModule
§ UniversalIntegratedCircuitCard(UICC)§ InGSM,refersasSIM§ InUMTSsystem,runsUSIMsoftware(entirecardisnottheUSIM)
§ Supportsdifferentsoftwaremodules:ISIM(IMS),CSIM(CDMA)
§ R-UIM(RemovableUserIdentityModule)- CDMAsystem
Slide 3
![Page 4: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/4.jpg)
Hardware/OS
§ Hardwareistypicallyasmartcardpunchout (25x15mm)§ UICCcontainsCPU,ROM,RAM,EEPROM,andI/Ocircuits
§ SIMoperatingsystemsareeitherproprietaryorJavaCard
§ JavaCardiscommonlyfoundonbothSIMsandATMcards§ UsesasubsetoftheJavalanguage§ Optimizedbyte-codeformat§ Appletsare“firewalled”fromoneanother
Slide 4
![Page 5: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/5.jpg)
SIMData(1)
§ IntegratedCircuitCardID(ICC-ID)(akaSIMSerialNumber-SSN)
§ UniquelyidentifiesaSIMcard(hardware)§ ConformstoISO/IEC7812(19-20digits)
§ InternationalMobileSubscriberIdentityModule(IMSI)§ Uniquelyidentifiesthemobilesubscriber(15digits,ITUE.212standard)
§ MCC(3digits),MNC(2or3digits),MSIN(9or10digits)§ AuthenticationKey(Ki)
§ Keysharedwithprovider§ NeverleavestheSIMinanycomputation
§ authenticationalgorithmsperformedon-chip
Slide 5
![Page 6: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/6.jpg)
SIMData(2)
§ LocationAreaIdentity(LAI)§ Storesthelastknownlocationarea(savestimeonpowercycle)
§ AddressbookandSMSmessages§ Highercapacityinmoreadvancedcards§ Haveyouseen“Inboxfullmessage”inoldphones?
§ Andmore...§ SMSCnumber§ ServiceProviderName(SPN)§ ServiceDialingNumbers(SDN)§ value-added-services
Slide 6
![Page 7: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/7.jpg)
CurrentSIMarchitecture
Source:ofcom
Slide 7
![Page 8: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/8.jpg)
SIMApplicationToolkit
§ Beforesmartphonesbecamepopular,theSIMApplicationToolkit(STK)wasapopularmethodofdeployingapplicationsonmobilephones
§ Allowedformobilebankingapplications(andothervalueaddedservices)torunofftheSIM(nohandsethardware/OSdependence)
§ CommonlywritteninJava(forJavaCard)usingpredefinedcommands(applicationsaremenudriven)
§ SenddatatoremoteapplicationusingSMS§ OTAupdatemethodwereeventuallyincorporated
§ STKinUMTSdefinedastheUSIMApplicationToolkit(USAT)-3GPPTS31.111,securityis3GPPTS23.048
§ WillnewmobilephoneOSesmakeSTKandUSATobsolete?
Slide 8
![Page 9: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/9.jpg)
SIMCardReaders
§ SIMcardscanbeconnectedtoaPCforvariouspurposes
§ SIMcardreadersarecheap(~$10-20)orbuildyourself§ Provideaserial(TTY)interface(DB9orUSB)
§ Allowsyouto:backupcontactsandSMS,seelistofpreviouslycallednumbers,probekeyingdatatoextractKi ...
§ FrequentlyusedforForensics§ SeeNIST“GuidelinesonCellPhoneForensics”,SpecialPub800-101
§ IncludeslistofSIMtools
Slide 9
![Page 10: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/10.jpg)
LockingSIMandUSSDcodes
§ TheSIMcardrestrictsaccessusingtwoPINs(4-8digits)§ PIN1:Ifset,thePINisrequiredtomakecalls§ PIN2:Protectscertainnetworksettings
§ WhathappensifyouforgetyourPIN?§ Commonly,threefailedattemptslockstheSIM
§ WhatarethewaystounlockSIM?USSDattackstory?
§ UnlockingalockedSIMcard§ PersonalUnblockingCode(PUC)orPersonalUnblockingKey(PUK)§ Commonlyacquiredfromthenetworkprovider§ TenfailedattemptsoftenpermanentlylockstheSIM
Slide 10
![Page 11: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/11.jpg)
SecurityinSIMcards
§ IdentityandAccesscontrol(IMSI,PINcode)
§ Authentication tonetworkoperator(Ki,A3)
§ Confidentiality (Kc,A8)
§ Anonymity(TMSI)
§ SIMapplicationtoolkit
Slide 11
![Page 12: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/12.jpg)
SIMCloning§ SIMCloningistheprocessofextractingKifromoneSIMcardandwritingitontoanother.
§ Itlessfrequentlythanbeforeduetoupdatesincryptoalgorithmsandauthenticationprotocols,butisstillpossibleinsomecases.
§ Manysoftwareandhardwareclonersexist
§ Whyclone?- stealservice,forensics,SIM/networklockcircumvention,noteavesdropping(butknowingKi helps)
§ NetworkcandetectclonedSIMs;protectionsvary§ Simultaneouscallscannotoccur§ CannetworkdetecttheclonedSIMcard?§ WhogetstheSMSincaseofcloning?
Slide 12
![Page 13: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/13.jpg)
PowerAnalysis
§ SIMcardsaresmartcards,therefore,theyarealsovulnerabletopoweranalysisattacks(requiresspecialequipment).
§ Hardwareimplementationscausepowerconsumptionofthechiptobecomeaside-channeltodeterminethekeyusedtoperformsomecryptographicalgorithms.
§ SeeworkbyKocheretal.(DifferentialPowerAnalysis)
§ GoalistorecoverKifromtheanalysis
Slide 13
![Page 14: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/14.jpg)
Securityattacks
� SIMCloning(1998)§ Comp128algorithmleaked§ Reverseengineered&cryptanalyzed
� SIMtoolkitattacks§ FuzzingSMS§ SendpremiumSMS
� CrackingSIMUpdatekeys§ RecoverDESOTAkeys§ Singedmaliciousappletswithkey
Slide 14
![Page 15: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/15.jpg)
ChangingTelcoworld
§ Goalachievedinlat 25years- “billionsusersconnectingeverycontinent”
§ Nextgoal- “Connectingbillionsofdevices(m2mdevices,vehicles,IoT
devices)”
§ SIMtoUSIMtoeSIM
§ EmbeddedSIMvsSoftSIM
§ Newsecurityarchitecture
Slide 15
![Page 16: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/16.jpg)
EmbeddedSIM
� DesignedforM2Mdevices
� Non-removable
� NoSoft/virtualSIM
� Newsecuritystandard
� Nochangeinauthentication/encryptiontotheoperator
� Securityarchitectureforremoteprovisioning
Slide 16
![Page 17: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/17.jpg)
2G,3Gand4GArchitecture
Slide 17
![Page 18: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/18.jpg)
Network Components (GSM)
§ HLR stores records of all mobile subscribers
§ MSC/VLR connect wired and wireless components of the network and responsible handoffs
§ BS communicate with mobile devices over radio link
§ MS is a subscriber’s mobile device
Slide 18
![Page 19: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/19.jpg)
HLR
§ Storesrecordsofmobilesubscribersandtheircurrentlocationservingarea
§ AuthenticationCenter(AuC)§ InternationalMobileSubscriberIdentity(IMSI)ofallsubscribers§ Storescryptokeys(Ki)andperformsoperationsforauthentication
§ Devicelevelauthentication§ EquipmentIdentityRegister(EIR)
§ Includesablacklist(e.g.,forstolenphones)§ InternationalMobileEquipmentIdentity(IMEI)identifiesamobiledevice
Slide 19
![Page 20: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/20.jpg)
MSCandVLR
§ TheMobileSwitchingCenter(MSC)deliverscircuitswitchedtelephonytrafficwithinthecellularnetwork
§ GatewayMSCisthetermgiventoanMSCbridgingthecellularnetworkandanothernetwork,e.g.,PublicSwitchedTelephoneNetwork(PSTN)oranothercellularnetwork.
§ ServingMSCisthetermgiventoanMSCcurrentlyservinganMS§ TheMSCalsoassistshandoffsbetweenbasestationsandbilling
§ TheVisitorLocationRegister(VLR)cachesinformationfromtheHLRforfastlookupbyanMSC
§ AparticularVLRmayservemultipleMSCcomponents(notalways)§ TheVLRstores“triplets”fromHLR(forauthentication)
Slide 20
![Page 21: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/21.jpg)
BSS
§ BaseStationSubsystem(BSS)linksmobiledevicestothecorenetworkandconsistsof
§ BaseTransceiverStation(BTS):thetransmissionradio(multipledirectionalantennasdividingthecellintosectors)
§ BaseStationController(BSC):intelligenceforradios(includeschedulingandencryption),controllingoneormoreBTSs
§ GenerallyreferredasbasestationandoftengroupedintoLocationAreas(LAs)correspondingtogeographicregions
§ DevicescanmovebetweenbasestationsinanLAwithoutre-registering (handover)
Slide 21
![Page 22: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/22.jpg)
PhoneRegistration
Slide 22
![Page 23: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/23.jpg)
3GArchitectureandComponents
Slide 23
![Page 24: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/24.jpg)
3GArchitectureandComponents(Simplified)
Slide 24
![Page 25: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/25.jpg)
4GArchitecture
Slide 25
![Page 26: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/26.jpg)
Authenticationin1G,GSM,3G
Slide 26
![Page 27: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/27.jpg)
Authenticationin1Gnetworks
§ Noauthentication
§ Noencryption
§ Whatarepossiblethreats?
Slide 27
Source:Ericsson
![Page 28: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/28.jpg)
PhoneAuthentication(GSM)
§ threealgorithms(basedon128-bitkey,Ki)§ A3- Authentication§ A8- Generatescipherkey§ A5- Cipheringdata
§ VLRretrievestripletsfromHLR(AuC)§ RAND- randomchallenge§ SRES- expectedresponse§ [SRES=A3(Ki,RAND),32bits]§ Kc - correspondingcipherkey§ [Kc =A8(Ki,RAND),64bits]
§ OnlytheHLRandSIMcardknowKi
Slide 28
![Page 29: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/29.jpg)
SecurityissuesinGSM
§ IMSIistransferredinplaintext
§ IMEIcanberequestedinplaintextandnotauthenticated
§ Nomutualauthentication
§ Encryptionendsatthebasestation
Slide 29
![Page 30: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/30.jpg)
Authentication/EncryptioninGSM
A3
MobileStation RadioLink GSMOperator
A8
A5
A3
A8
A5
Ki Ki
ChallengeRAND
KcKc
mi EncryptedData mi
SIM
Signedresponse(SRES) SRESSRES
Fn Fn
Authentication:areSRESvaluesequal?
Slide 30
![Page 31: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/31.jpg)
AuthenticationandKeyAgreementinUMTS
Slide 31
![Page 32: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/32.jpg)
AKAprotocolissue
Slide 32
Source:Arapinis M,ManciniL,RitterE,RyanM,Golde N,RedonKandBorgaonkarR(2012), "NewPrivacyIssuesinMobileTelephony:FixandVerification",In
Proceedingsofthe2012ACMconferenceonComputerandcommunicationssecurity.,pp.205-216
![Page 33: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/33.jpg)
SecurityissuesinUMTS
§ IMSIistransferredinplaintext
§ IMEIcanberequestedinplaintextandnotauthenticated
§ EncryptionendsatRNCbutstillnotendtoend
§ Privacyissue– allowstrackingofsubscribers
Slide 33
![Page 34: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/34.jpg)
Authenticationin4G
Slide 34
![Page 35: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/35.jpg)
NeedofLTENetworks
§ Higherdatarates
§ upto 100Mbps
§ Highlevelofsecurity
§ strongerthanGSM/3G§ Enhancedqualityofservice
§ Capabilitiesforinternetworkingwithnon3GPPsystems(for
exampleWiMAX)
Slide 35
![Page 36: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/36.jpg)
LTE/SAENetworks
§ RadionetworkE-UTRANwithanewradiointerface
§ FlatIPbasedcorenetworkEPC
§ E-UTRAN:EvolvedUniversalTerrestrialRadioAccessNetwork)§ EPC:EvolvedPacketCore§ LTE:LongTermEvolution§ SAE:SystemArchitectureEvolution
Slide 36
![Page 37: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/37.jpg)
LTESecurityFeatures
§ Reuseof3GAKA
§ Reuseof3GUSIM(2GSIMisnotallowed)
§ Extendedkeyhierarchy
§ Tokeepsecuritybreacheslocal
§ Morecomplexinternetworkingsecurity
§ AdditionalsecurityforeNodeB (comparedtoNBin3GandBTS
inGSM)
Slide 37
![Page 38: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/38.jpg)
LTENetworkArchitecture
Source:ETSIpresentation,CharlesBrookson – ChairmanETSIOCGSecurity
Slide 38
![Page 39: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/39.jpg)
NewNetworkComponents
§ MME– MobileManagementEntity§ Keycontrolnode§ Userauthentication,autherization,NASsignalling,lawfulinterception
etc.
§ eNB§ Radioresourcemanagement§ IPheadercompressionandencryption
§ ServingGateway§ Routesandforwardsuserdatapackets§ Actsasanchorformobillity betweenLTEandothersystems.
Slide 39
![Page 40: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/40.jpg)
Rolesofcomponents
Source:Artiza Networks
Slide 40
![Page 41: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/41.jpg)
AuthenticationandKeyAgreement
Slide 41
![Page 42: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/42.jpg)
LTEAKAprotocol(simplified)
ME+UICC MME HSS
GenerateAV
IMSI,SNid
RAND,XRES,AUTNKASME
RAND,AUTN
VerifyAUTNComputeRES RES
RES≠XRES
ComputeKASME
Authenticationandkeyestablishment
DistributionofAVfromHSStoMME
Slide 42
![Page 43: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/43.jpg)
KeyHierarchy
Slide 43
![Page 44: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/44.jpg)
MotivationforKeyHierarchy
§ Cryptographickeyseparation
§ Keysfromonecontextcannotbeusedinother
§ Keyrenewal
§ Minimizedistributionofsamesecretkeyelements
§ Keyfreshnessisimportantforsecuredsystems
Slide 44
![Page 45: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/45.jpg)
SecurityAlgorithms§ Twosetsofalgorithms– whatIfonebreaksup,otheroneasbackup§ AESandSnow3Galgorithmsarechoosen§ Botharekeptpossiblydifferent,crackingofonealgorithmsshouldnot
revealotherone§ IntegrityAlgorithms
§ 128-EIA1Snow3G§ 128-EIA2AES
§ CipheringAlgorithms§ 128-EEA1Snow3G§ 128-EEA2AES
§ Keysize128bitbutpossibilityofextendingto256bits§ ThirdsetbasedonChineseZUCalgorithmisdeveloped
Slide 45
![Page 46: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/46.jpg)
Attacksin2G,3G,and4G
Slide 46
![Page 47: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/47.jpg)
Securityevolutioninmobilenetworks
Base Station
Phone
nomutualauthentication
mutualauthenticationintegrityprotection
mutualauthenticationdeepermandatoryintegrityprotection
2G
3G
4G
decidesencryption/authenticationrequestsIMSI/IMEI
Slide 47
![Page 48: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/48.jpg)
Securityaspects
Authentication
AvailabilityConfidentialityIntegrity
Slide 48
![Page 49: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/49.jpg)
Securityaspectsandattacks
Authentication
AvailabilityConfidentialityIntegrity
FakeBTS
DoSInterceptionTracking
Securitytradeoffsplayessentialroleinprotocoldesign.
Slide 49
![Page 50: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/50.jpg)
Lowcostattackinginfrastructure
§ 2G/3G/4G*networksetupcost<1000USD§ Opensourcesoftware&hardware§ USRP,Osmocom,OpenBTS,OpenLTE,etc
§ IMSIcatcherdeviceproblem
§ Targetedattacksfromillegalactors
§ Almostnodetectioncapabilitiesfortheend-users
Slide 50
![Page 51: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/51.jpg)
Emergingattackexamples
Slide 51
![Page 52: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/52.jpg)
IMSIcatchers(1)
• Exploitweaknessinauthenticationmethods
• Locationtrackingandinterception
• Protectionfor‘activeattacks’notconsidered
• Lackofsecurityindicatorimplementation
Slide 52
![Page 53: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/53.jpg)
ImplementationissuesonRAN
FromTS124.008v11.8.0:IfMACfailure,thenphoneshouldnotcommunicationwithBTS(2G)Tablefromthepaper“ImplementinganAffordableandEffectiveGSMIMSICatcherwith3GAuthentication”
Slide 53
![Page 54: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/54.jpg)
3GAKAvulnerability(2)
• LinkabilityattackbyArpanisetal
• Affectsin4Gaswell
Slide 54
![Page 55: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/55.jpg)
3GPPSpecificationissues
•RRCprotocol– 3GPPTS36.331
•‘UEMeasurementReport’messages
•Necessaryforhandovers&troubleshooting
•Noauthenticationformessages
•Reportsnotencrypted
Slide 55
![Page 56: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/56.jpg)
Vulnerabilitiesinthefeature
activeattacker
SendmeMeasurement/RLFreport
Specification
UEmeasurementreports– Requestsnotauthenticated– Reportsarenotencrypted
Implementations
RLFreports– Requestsnotauthenticated– Reportsarenotencrypted– Allbasebandvendors
Slide 56
![Page 57: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/57.jpg)
4GFeature:MobilityManagement
TrackingAreaUpdate(TAU)procedure§ DuringTAU,MME&UEagreeonnetworkmode(2G/3G/4G)
§ “TAUReject”usedtorejectsomeservicesservices(e.g.,4G)toUE
Specificationvulnerability:Rejectmessagesarenotintegrityprotected
EMMprotocol– 3GPPTS36.331
Slide 57
![Page 58: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/58.jpg)
3GPPSpecificationissues
• EMMprotocol– 3GPPTS36.331
• ‘TrackingAreaUpdateReject’messages
• NecessaryforUEmobility
• Nointegrityprotectionforrejectmessages
• Recoverymechanismnoteffective
Slide 58
![Page 59: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/59.jpg)
PracticalAttackswithlowcosttools
Slide 59
![Page 60: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/60.jpg)
LocationLeaks:trackingsubscribercoarselevel
Semi-passiveAttacker(TA/cell)
paging
Target
Target
LocationAccuracy:2Sq.Km
MappingGUTItoSocialIdentity
Slide 60
![Page 61: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/61.jpg)
DoSAttacks
• Downgradetonon-LTEnetworkservices(2G/3G)
• Denyallservices(2G/3G/4G)
• Denyselectedservices(blockincomingcalls)
• GSM– IMSIdetach,RACHflood
• FloodingDOSattackstowardsHLR
• Jammingattacks
Slide 61
![Page 62: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/62.jpg)
Tradeofbetweensecurityand
• Performance
• Availability
• Functionality
• Attackingcost
Reasons for differentvulnerabilities
Slide 62
![Page 63: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/63.jpg)
5G Networks Perspective
Authentication
Asymmetric keysforIMSI
protection
Improve AKAprotocols
Availability
Removeunnecessary
protocolmessages
Effectiverecoverymechanisms
Slide 63
![Page 64: Outline - COINS · PDF file§ In UMTS system , runs USIM software ... § BS communicate with mobile devices over radio link ... From TS 124.008 v11.8.0 : If MAC failure, then phone](https://reader034.fdocuments.in/reader034/viewer/2022042800/5a707a157f8b9aa2538c17c4/html5/thumbnails/64.jpg)
5G Networks Perspective
Confidentiality&Integrity
EncryptionIndicators& APIs
DynamicPolicies
Slide 64