SecurityIssuesinMobileCommunicationSystems.pptVIP

Security Issues in Mobile Communication Systems N. Asokan Nokia Research Center IAB workshop on wireless internetworking February 29 - March 2, 2000 What is different about wireless networks? Low bandwidth minimize message sizes, number of messages Increased risk of eavesdropping use link-level encryption (wired equivalency) Also wireless networks typically imply user/device mobility Security issues related to mobility authentication charging privacy Focus of this presentation Overview Brief overview of how GSM and 3GPP/UMTS address these issues Potential additional security concerns in the wireless Internet Ways to address these concerns, and their implications GSM/GPRS security Authentication one-way authentication based on long-term shared key between users SIM card and the home network Charging network operator is trusted to charge correctly; based on user authentication Privacy data link-level encryption over the air; no protection in the core network identity/location/movements, unlinkability use of temporary identifiers (TMSI) reduce the ability of an eavedropper to track movements within a PLMN but network can ask the mobile to send its real identity (IMSI): on synchronization failure, on database failure, or on entering a new PLMN network can also page for mobiles using IMSI 3GPP/UMTS enhancements (current status) Authentication support for mutual authentication Charging same as in GSM Privacy data some support for securing core network signaling data increased key sizes identity/location/movements, unlinkability enhanced user identity confidentiality using group keys a group key is shared by a group of users Other improvements integrity of signaling, cryptographic algorithms made public Enhanced user identity confidentiality IMSI is not sent in clear. Instead, it is encrypted by a static group key KG and the group identity IMSGI is sent in clear. What is different in the wireless Internet? Potentially low cost of entry for ISPs supporting mobile acces