Security model evaluation of 3 g

1

SECURITY MODEL EVALUATION OF 3G

WIRELESS NETWORKS

MERCY J

ABINAYA K

OVERVIEW

• Abstract • Wireless Network• 3G Wireless Network• Security Principles for 3 G • References • Conclusion

2

3

ABSTRACT

• 3G mobile phone networks are currently the most widely used wireless telephone networks in the world.

• While being an improvement over earlier analog systems, active attacks, authentication, encryption, channel hijack, inflexibility

• 3G mobile phone standards have been designed to address the issues in 2G and provide a better security model.

• Overview of security in 3G networks along with pointing out the known problems.

• Security features of 3G systems are presented and solved .

1G WIRELESS TECHNOLOGY

Developed in 1980s and completed in early 1990’s

1G was old analog system and supported the 1st generation of

analog cell phones speed up to 2.4kbps

Advance mobile phone system (AMPS) was first launched by

the US and is a 1G mobile system

Allows users to make voice calls in 1 country

4

5

SECOND GENERATION

2G phones using global system for mobile communications

(GSM) were first used in Europe.

GSM provides voice and limited data services and uses digital

modulation for improved audio quality.

Digital AMPS , CDMA were some of the 2G systems.

THIRD GENERATION

To meet the growing demand in network capacity, rates required for high speed data transfer and multimedia applications , 3G standards started evolving.

It is based on the InternationalTelecommunication Union (ITU) family of standards.

3G technologies enable network operators to offer users a wider range of more advanced services.

Services include wide-area wireless voice telephony, video-calls and broadband wireless data , all in a mobile environment.

The data are sent through the technology called Packet switching.Voice calls are interpreted through circuit switching.

6

FEATURES INCLUDES

Phone calls/ fax Global roaming Send/receive large email messages High speed web Navigation / maps Video conferencing TV streaming Electronic agenda meeting reminder Speed: 200 kb/sec-2mb/sec Time to download a 3 min MP3 song:

11 sec-1.5 min

7

8

3G Network Security Architecture

Circuit/ SignalingGateway

2G/2.5G2G

IN Services

Call Agent

FeatureServer(s)

RNC

3G

Data + Packet Voice

Circuit Switch

CircuitNetwork

Packet Network(Internet)

Packet Gateway

RAC

Voice

Mobility Manager

IP CoreNetwork

IP RAN

9

3G Security Principles

• Build on GSM security

• Correct problems with GSM security

• Add new security features

Source: 3GPP

10

GSM Security Architecture

10

11

GSM Security Elements, 1Key functions: privacy, integrity and confidentiality

Authentication Protect from unauthorized service access

Based on the authentication algorithm A3(Ki, RAND)=> SRESProblems with inadequate algorithms

Encryption Scramble bit streams to protect signaling and user dataCiphering algorithm A8(Ki, RAND) => Kc

A5(Kc, Data) => Encrypted DataNeed stronger encryption

ConfidentialityPrevent intruder from identifying users by IMSITemporary MSINeed more secure mechanism

12

SIM

A removable hardware security module

Manageable by network operators

Terminal independent Secure Application Layer

Secure application layer channel between subscriber module and home network

Transparency

Security features operate without user assistance

Needs greater user visibility Minimized Trust

Requires minimum trust between HE and SN

GSM Security Elements, 2

13

Problems with GSM Security, 1 Active Attacks

Impersonating network elements such as false BTS is possible

Key TransmissionCipher keys and authentication values are transmitted in clear within

and between networks (IMSI, RAND, SRES, Kc)

Limited Encryption ScopeEncryption terminated too soon at edge of network to BTS

Communications and signaling in the fixed network portion aren’t protected

Designed to be only as secure as the fixed networks

Channel HijackProtection against radio channel hijack relies on encryption. However, encryption is not used in some networks.

14

Problems with GSM Security, 2

• Implicit Data IntegrityNo integrity algorithm provided

• Unilateral AuthenticationOnly user authentication to the network is provided.

No means to identify the network to the user.

• Weak Encryption AlgorithmsKey lengths are too short, while computation speed is increasing

Encryption algorithm COMP 128 has been broken

Replacement of encryption algorithms is quite difficult

• Unsecured TerminalIMEI is an unsecured identity

Integrity mechanisms for IMEI are introduced late

15

Problems with GSM Security, 3

Lawful Interception & Fraud

Considered as afterthoughts Lack of Visibility

No indication to the user that encryption is on

No explicit confirmation to the HE that authentication parameters are properly used in SN when subscribers roam

Inflexibility

Inadequate flexibility to upgrade and improve security functionality over time

16

New Security Features, 1 Network Authentication

The user can identify the network Explicit Integrity

Data integrity is assured explicitly by use of integrity algorithms

Also stronger confidentiality algorithms with longer keys Network Security

Mechanisms to support security within and between networks Switch Based Security

Security is based within the switch rather than the base station

IMEI Integrity

Integrity mechanisms for IMEI provided from the start

17

New Security Features, 2 Secure Services

Protect against misuse of services provided by SN and HE

Secure ApplicationsProvide security for applications resident on USIM

Fraud DetectionMechanisms to combating fraud in roaming situations

FlexibilitySecurity features can be extended and enhanced as required by new threats and services

Visibility and ConfigurabilityUsers are notified whether security is on and what level of security

is available

Users can configure security features for individual services

18

New Security Features, 3 Compatibility

Standardized security features to ensure world-wide interoperability and roaming

At least one encryption algorithm exported on world-wide basis

Lawful Interception

Mechanisms to provide authorized agencies with certain information about subscribers

Evolution to 3GDrivers: Capacity, Data Speed, Cost

cdmaOnecdmaOne

GSMGSM

TDMA TDMA

2G

PDC PDC

CDMA2000 1x

CDMA2000 1x

First Step into 3G

GPRSGPRS 90%

10%

EDGEEDGE

WCDMA

WCDMA

3G phase 1 Evolved 3G

3GPP CoreNetwork

CDMA2000 1x EV/DO

CDMA2000 1x EV/DO

HSDPA/HSUPA

HSDPA/HSUPA

Expected market share

EDGEEvolution

EDGEEvolution

CDMA2000 EV/DO Rev A

CDMA2000 EV/DO Rev A

19

CONCLUTION

This paper presented a survey of three generations of mobile phone

systems from a security perspective

3G networks standards were evaluated within availability

confidentiality- integrity framework and found to not be secure

Hence New Security Features has been presented and solved.

Finally, there is no experimental data supporting the claim that 3G

systems aren’t secure.

Future work can be geared toward filling those gaps.

References

• 3G TS 33.120 Security Principles and Objectiveshttp://www.3gpp.org/ftp/tsg_sa/WG3_Security/_Specs/33120-300.pdf

• 3G TS 33.120 Security Threats and Requirementshttp://www.arib.or.jp/IMT-2011/ARIB-spec/ARIB/21133-310.PDF

• Michael Walker “On the Security of 3GPP Networks”http://www.esat.kuleuven.ac.be/cosic/eurocrypt2000/mike_walker.pdf

• Redl, Weber, Oliphant “An Introduction to GSM”Artech House, 2010

• Joachim Tisal “GSM Cellular Radio Telephony”John Wiley & Sons, 2009

• Lauri Pesonen “GSM Interception”http://www.dia.unisa.it/ads.dir/corso-security/www/CORSO-9900/a5/Netsec/netsec.html

• 3G TR 33.900 A Guide to 3rd Generation Securityftp://ftp.3gpp.org/TSG_SA/WG3_Security/_Specs/33900-120.pdf

• 3G TS 33.102 Security Architectureftp://ftp.3gpp.org/Specs/2000-12/R1999/33_series/33102-370.zip

• 3G TR 21.905 Vocabulary for 3GPP Specificationshttp://www.quintillion.co.jp/3GPP/Specs/21905-010.pdf

21

THANK U

Are Their Any Questions??

22