Kumar gunjan 20160213 mobile communication security

Mobile Communication and its Security Analysis

byK Gunjan

Agenda

• evolution of mobile communication• 1G technology• 2G technology• GSM architecture• GSM channels• SIM• Sharing Spectrum• Authentication and Encryption Scheme• GSM calling sequence• GSM called sequence• Security issues

Evolution of Mobile CommAncient time: light for comm... eg ship,becon..150 BC: smoke signals...color/strength1794: optical telegraphy1877: First wireline telephone1895: wireless telegraphy1915: wireless voice transmission(AM)1928: TV broadcast1933: FM patented.. radios in 1950s

Evolution of Mobile Comm

1946: Mobile Telephone was introducedSystem:MTS,Device wt:36KGIn Bell System, used in St. LouisSetup by operator,Only 3 channels for whole metro

1960: Bell Labs -> Celular concept1970: Mobile User M<=>PSTN

System: IMTS(improved mobile tele service)

Reduced size and wtEliminate setup by operator32 channels across 3 bands450-470MHz

Other wireless systems:

Push to talk(PTT)AMTS-Advance Mobile tele system

Etc

These were also called mobile radio systems

1G technology

=>Deployed in early 1990s1.AMPS-Advanced Mobile Phone System

Developed and deployed in USA2.NMT-Nordic mobile Tele System

developed and deployed in Scandinavian countries

3.TACS-Total Access Communication Systemdeveloped in UK, Deployed in Europe

.

1G technologyAll analogFDMA + FMOnly voicePoor Voice qualityPoor battery lifeLarge phone sizePoor handoff reliabilityNo Roaming—

even between two same technology

1G technology

No security Analog Signals does not allow advance encryption methods

hence there is no security

FM receivers can be used to listen in on any conversation

Anyone could collect a large database of identity etc by driving around and go into business by reprogramming stolen phones and reselling them.

Airtime thefts were also reported

2G technologyDeployed in early 90sThree popular systems: GSM, D-AMPS and CDMA One/IS-95Digital systemsSMSMMS-Multi Media MessagesData Service-GPRS-64kbpsRoamingVoice encryption provisionBetter security

GSM

GSM is the most popular 2G TechnologyDeveloped in Europe and has European standards

Low data rate: 9.6 kbps

Higher data rates using 2G:GPRS: General Packet Radio Service

2.5G171kbps(50kbps)

EDGE: Enhanced Data Rates for GSM Evolution

2.75G473.6kbps(100kbps)

GSM

New network elements required to achieve higher data rate:

Serving GPRS Support Node (SGSN),The SGSN handles all packet switched data within the network and is responsible for the authentication and tracking of the users. The SGSN performs the same functions as the MSC for voice traffic

Gateway GPRS Support Node (GGSN).The GGSN is the interface from the GSM/GPRS network to external networks. The GGSN is also responsible for the allocation of IP-addresses.

GSM ARCHITECHTUREService

Provisioning & billing/CRM

CDR archive

CRBT systemUSSD gateways

STPMNP D/B

USAU

SMP Voucher Centers

OMC

Architecture form network perspectiveMPLS,

RoutersE1s

STP

GSM Links

Motivation

Understand it

&

Look for CIA

GSM ARCHITECHTURE

GSM Protocol stack

GSM Protocol stack

Sharing Spectrum

GSM uses TDMA & FDMA

Sharing Spectrum

GSM channels

GSM channels

31

Subscriber Identification Module (SIM)

Smart Card – a single chip computer containing OS, File System, Applications

Protected by PINOwned by operator (i.e. trusted)SIM applications can be written with SIM

ToolkitContains PIN, Ki and Kc

Contains A3, A5 and A8 algos

32

Authentication and Encryption Scheme

A3

Mobile Station Radio Link GSM Operator

A8

A5

A3

A8

A5

Ki Ki

Challenge RAND 128bit

KcKc 64 bit

mi Encrypted Data mi

SIM

Signed response (SRES32 bit) SRESSRES

Fn Fn

Authentication: are SRES values equal?

Authentication and Encryption Scheme

* A3 Input: 128-bit RAND random challenge, Ki 128- bit private key • A3 Output: 32-bit SRES signed response • A8 Input: 128-bit RAND random challenge, Ki 128-bit private key • A8 Output: 64-bit Kc Cipher Key, used for A5

GSM Basic Call Sequence

The process for calling MS and called MS are two independent flow. The calling party begins with channel request and ends with TCH assignment competition. In general, the calling party includes following several stages: access process, authentication and ciphering process, TCH assignment process. So, we take the sequence from mobile to land as example, in this sequence, we mainly devote to the calling party.

Mobile to Land SequenceMS BSS MSC VLR HLR

1 CHANNEL REQUEST <RACH>

<AGCH>DCCH ASSIGNSIGNALING LINK ESTABLISHED

PSTN

MS BSS MSC VLR HLR1 CHANNEL REQUEST <RACH>

<AGCH>DCCH ASSIGN

<SDCCH>

SIGNALING LINK ESTABLISHED

2 REQ. FOR SERVICECRCC

PSTN

Mobile to Land Sequence

Mobile to Land SequenceMS BSS MSC VLR HLR

1 CHANNEL REQUEST <RACH>

<AGCH>DCCH ASSIGNSIGNALING LINK ESTABLISHED

PSTN


<AGCH>DCCH ASSIGN

<SDCCH>



PSTN



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

PSTN



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

4 SET-UP <SDCCH>

Call Info

PSTN

SFOC



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

4 SET-UP <SDCCH>

Call Info5 EQUIP. ID REQ.

PSTN

SFOC



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

4 SET-UP <SDCCH>


6 COMPLETE CALL

CALL PROCEEDING <SDCCH>

PSTN

SFOC



7 ASSIG. COMMAND <SDCCH>

ASSIG. COMPLETEcircuit<FACCH>

MS BSS MSC VLR HLR PSTN

7 ASSIG. COMMAND<SDCCH>

ASSIG. COMPLETE

Address Complete(ACM)

Alerting

circuit<FACCH>

Initial and Final Address 8 Message (IFAM)

MS hears ring tone from land phone

<FACCH>




ASSIG. COMPLETE


Alerting

<FACCH>9 Answer (ANS)Connect

circuit<FACCH>



<FACCH>

Ring tone stops




ASSIG. COMPLETE


Alerting


10 Connect Acknowledge<FACCH>

circuit<FACCH>

<TCH>



<FACCH>

Ring tone stops

HELLO!


BILLING STARTS



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

PSTN



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

4 SET-UP <SDCCH>

Call Info

PSTN

SFOC



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

4 SET-UP <SDCCH>


PSTN

SFOC



<AGCH>DCCH ASSIGN

<SDCCH>



3 AUTHENTICATION

SET Cipher MODE

4 SET-UP <SDCCH>


6 COMPLETE CALL

CALL PROCEEDING <SDCCH>

PSTN

SFOC



7 ASSIG. COMMAND <SDCCH>

ASSIG. COMPLETEcircuit<FACCH>



ASSIG. COMPLETE


Alerting

circuit<FACCH>



<FACCH>




ASSIG. COMPLETE


Alerting


circuit<FACCH>



<FACCH>

Ring tone stops




ASSIG. COMPLETE


Alerting


10 Connect Acknowledge<FACCH>

circuit<FACCH>

<TCH>



<FACCH>

Ring tone stops

HELLO!


BILLING STARTS


GSM Basic Call Sequence

For the called party, the flow for the called party begins when MSC sends paging command to the called party, ends when two party start talk. In general, this call flow includes several stages: access process, authentication and ciphering process, TCH assignment process, talk process, release process.

MS BSS MSC VLR HLR GMSC

(MSISDN)

(MSISDN) (IMSI)

(MSRN)

(MSRN)

(LAI & TMSI)(TMSI)(TMSI)

Initial and Final 1 Address Message

PSTN

(MSRN) (MSRN)

2 Send Routing Info

3 Routing Info Ack

Initial and Final Address Message

4 Send Info For I/C Call Setup

5 PagePaging Request

<PCH>

Land to Mobile Sequence

<FACCH>

(channel) (circuit)<FACCH>

9 Assignment Command

Assignment Complete

Alert<TCH>

<FACCH>10 Connect

Connect ACK ANS

<TCH>

Hello...

Address Complete

MS BSS MSC VLR HLR GMSC PSTN

Billing starts

Ring Tone at the land phone

Ringing stops at land phoneSubscriber

picks up

Land to Mobile Sequence

Attacks on GSM

OSMOCOMBBsniffingMIMT attack on callMIMT attack on SMSAttack using data card…………..…...

Twitter: @[email protected]