59651
Crypto U12 (part 1),
crypto for mobile telecom
- background
- mobile
telecom
companies
share
operational
standards
- original mobile systems not secure
- sent serial numbers in the clear
- eavesdropping easy
- cloning possible
- sent serial numbers in the clear
- GSM
- designed by ETSI
- European Telecommunications Standards Institute
- European Telecommunications Standards Institute
- improved security over original
- designed by ETSI
- UTMS
- next step in evolution after GSM
- next step in evolution after GSM
- cellular network diagram
Nota:
- http://en.wikipedia.org/wiki/Zero-knowledge_proof#Abstract_example
- mobile
telecom
companies
share
operational
standards
- general design
- main motivation for security: revenue protection
- must be cost effective
- should be as secure as the public
switched telephone network and not more
- adapts to evolving constraints
- shifted from proprietary algorithms (GSM)
to publicly known ones (UTM)
- must handle noisy comm channel
- main motivation for security: revenue protection
- UTMS
- new features
- mutual entity authentication
- supported by AKE (similar to GSM except
additonal MAC key is generated)
- sequence # added for freshness and
maintained by mobile device and base station
- supported by AKE (similar to GSM except
additonal MAC key is generated)
- prevention of AKE triplet replay
- sequence #'s prevent replay
- roaming authentication upgraded to have quintlets
- sequence #'s prevent replay
- longer key lengths
- publicly know algorithms
- integrity of signalling data with a MAC
- mutual entity authentication
- new features
- GSM
- security
requirements
- entity authentication
of the user
- confidentiality
on radio path
- anonymity on radio path
- prevents an attacker
form linking the source
of several calls
- prevents an attacker
form linking the source
of several calls
- constraints
- not
excessively
strong
- export!
- export!
- do not add to much overhead
- especially on call setup
- especially on call setup
- not
excessively
strong
- entity authentication
of the user
- design
- fully symmetric architecture
- GSM closed system
- fast
- GSM closed system
- stream cipher
- noisy comm channel
- noisy comm channel
- fixed encryption algorithms
- proprietary algorithms
- closed system
- ETSI has crypto
expertise
- performance
- closed system
- fully symmetric architecture
- crypto components
- subscriber identification
module (SIM)
- has international mobile
subscriber identity
- maps user to phone
- maps user to phone
- has unique 128 bit crypto key
used for all crypto services
- has international mobile
subscriber identity
- AKE (authentication
and key establishment)
- uses dynamic
password scheme
- protocols
- A3
- challenge
response protocol
- challenge
response protocol
- A8
- generate
encryption key
- generate
encryption key
- A3
- not shared with other
access providers
- special roaming scheme
- uses dynamic
password scheme
- comm encryption
- service shared
with other mobile
networks
- Uses
standard
A5/1
- 64 bit key,
stream cipher
- 64 bit key,
stream cipher
- service shared
with other mobile
networks
- subscriber identification
module (SIM)
- security analysis
- popular implementation of
A3 and A8 was COMP 128
- designs leadked and weaknesses found
- designs leadked and weaknesses found
- A5/1
reverse
engineered
- powerful attacks developed
- powerful attacks developed
- effective
because it
addressed
cloning and
eavesdropping
- popular implementation of
A3 and A8 was COMP 128
- security
requirements
¿Quieres crear tus propios Mapas Mentales gratis con GoConqr? Más información.