Security in GPRS Cryptology Presentation Pehme Taavi Rey Charles Technolac, February 2008
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Security in GPRS
Cryptology Presentation
Pehme Taavi Rey Charles
Technolac, February 2008
What you will hear ...
Architecture of GPRS systems
User authentication
Ciphering
Inter working with other GPRS networks
Inter working with packet data network
Basic security threats for GPRS
Solutions for security threats
GPRS - security issues
1. Security aspect related to the mobile phone and the SIM card. 2. Security mechanics between the MS and the SGSN
3. The PLMNs between SGSN and GGSN. subscriber information - HLR
4. Security between different operators. 5. Security between GGSN and the external connected networks, like Internet.
GPRS - security issues
GPRS system
GPRS system
MS - Mobile StationClasses A, B, C
BSS – Base Station System Base Transceiver Station(BTS)- send and receive information Base Station Controller (BSC)- controls a group of BTS
HLR – Home Location Register - subscription information
VLR – Visitor Location Register - MSs that are currently located in the SGSN routing area
GPRS system
SGSN – Serving GPRS Support Node -
Ciphering and authentication, registration Session management Mobility management
Logical link management towards the MS
Statistics collection
GPRS system
GGSN - Gateway GPRS Support Node
Communication setup towards external network. Functionality for associating the subscribers to the right SGSN.Output of billing data.
BG – Border Gateway - SGSN and GGSN can be located in different PLMNs - connection via BG - Roaming
GPRS system
EIR – Equipment Identity RegisterList of stolen phones
AuC – Authentication Center - information for identifying authorized users - may be a physical part of HLR
LIN - Lawful Interception Node - collect information about some pre-defined subscriber or subscribers (location)
GPRS backbone networks - IP-based networks. intra-operator- connect to single operator’s GSMinter-operator - connects GPRS operators, international GPRS roaming.
User authentication
Ki - Individual Subscriber Authentication Key 128 bits stored on SIM and HLR
Algorithm used - A3
Authentication tripletRAND: random number between 0 and 2128-1
SRES: signed response which is result of the A3 algorithm used for subscriber authentication
Kc: Ciphering key which computed using the A8 algorithm and it is used by the GPRS Encryption Algorithm (GEA)
User authentication
User authentication
Ciphering
Communication on cyphered from SGSN to MS
Ciphering method is GPRS Encryption Algorithm (GEA)
Ciphering key - Kc 64 bits
When using GSM and GPRS - two different keys
Key is set by the authentication procedure (calculated from RAND) and can be reset as operator wishes it
LLC - Logical Link Control - protocol to maintain communication channel between a MS station and the GPRS core network.
Ciphering
Ciphering
NPUT - the sequence number of the LLC packet, its initial value is selected by the network
DIRECTION - MS -> network network -> MS
Secure inter working between GPRS networks
Inter working between GPRS networks
This is what supports roaming
Connects two inter-operator GGSN
The link - internet(1) or dedicated link(2) - QoS
All data and signaling via BG
Inter working with IP Networks
Support IPv4 and IPv6 protocolsAcces to Internet or IntranetFrom external - seen as simple routersCommunication between GGSN and IP nw operator
Firewall is configured by the GPRS operatorDNS managed by the GPRS or IP nw operatorGGSN may allocate dynamic addresses by itself or use an DHCP operated by IP nw operator
Inter working with IP networks Transparent access to Internet
MS receives an IP address from operators address space
This address can be static or dynamic
MS does NOT send any authentication information for activating IP context
GGSN does not participate in authorization or encryption
SO - authentication and encryption are left for an additional protocol like IPSec
Inter working with IP networks Non-transparent access to Internet
MS receives an address, either static or dynamic from the address space of ISP
MS transmits an authentication request at IP context activation
GGSN requests user authentication from the same server as the IP address was acquired
GPRS and ISP can connect over every network
Unsecure nw (Internet) - dedicated link or a special secured tunnel - (IPSec)
Security threats - Availability (DoS)
Border Gateway (BG) bandwidth saturation - Connect to a roaming context (GRX) and generate traffic to block roaming
DNS Flood - Generate traffic on DNS servers to deny subscribers to locate the GGSN to connect external nw
Flood the connection between SGSN and GGSN to deny the access to external network
Removing the GPRS tunnel between SGSN and GGSN by creating IP context delete message (need special information)
Security threats - Availability (DoS) 2
Bad Routing Information - Injecting info into GRX operators’ route tables - causes losing routes for roaming partners and denying access to roaming partners
DNS Cache Poisoning - Forging DNS queries as users would not be able to find a GGSN to access ext. nw.
Flooding an MS – Flooding the traffic of a IP address of aparticular MS, so that the MS will most likely be unable to use the GPRS network at all
Security threats - Authent. & Author.
Spoofed Create IP Context Request - somebody with an access to the GRX can create their own bogus SGSN and create a GTP tunnel to the GGSN pretending to be a subscriber
Spoofed Update PDP Context Request - Using acompromised SGSN to hijack the subscriber data connection with update request
"Overbilling Attacks" - Hijacking an IP, starting a malicious download, exiting the session -> The subscriber gets billed
Security threats - internal network
The attacker who has disguise as a member of the network can attack while undetected till the damage is done
Can remove the tunnel between SGSN and GGSN
Can learn some information
Once disguised, execute "Over billing" attacks on innocent users.
Security solutions - firewall
We protect the operators network from any outside accessNo unwanted data for MS'sNo attacks against MS's
Security solutions - firewall (2)
We shouldn't trust another MS who is connected to the same GGSN!
Security solutions - firewall - APN
MS belongs to a certain APN (Access Point Names)
By default the one of the provider
Cell phones have: WAP APN and WEB APN
But still - other devices like SGSN are not protected
Security solutions - firewall
Use a design where all the network interfaces are separated
Security solutions - VPN
End-to-end VPN - provides best security for the customer but denies the LEA to gather the information
Only between GGSN and Corporate Internet - better for LEA but needs extra security for MS -> GGSN
Security solution - IPSec
Intranet protocol - offers encryption and authentication
Ensure secure communication over insecure networks
2 operations modes :
Transport mode - Only the data is encrypted
Tunnel mode - Entire IP Packet is encrypted
References
GPRS security Ksenia Orman
Geir Stian Bjan and Erling Kaasin. Security in GPRS,Master thesis, 2001http://student.grm.hia.no/master/ikt01/ikt6400/ekaasin/
GPRS Security Threats and SolutionRecommendationsAlan Bavosa
Related Documents
