The GSM standard started development in 1982 for technologies in the Second Generation (2G) digital cellular networks. Data transmissions over the radio link use digital techniques for full duplex voice telephony. Some security features of GSM include but not limited to:
- Authentication [ Verification of users to prevent cloning of duplicate users ] - CHAP (Challenge-Handshake Authentication Protocol)
- Confidentiality [ Prevents eavesdropping of voice, data and sensitive signalling information ] - Encryption of the radio channel
- Anonymity [ Protects the user from being tracked by eavesdropping on the radio path ] - Temporary identities
However, there are some security threats pertaining to these features. Some threats include but not limited to:
- Only access security is implemented - Communications and signalling network in the fixed traffic are not protected
- Identities cannot be trusted
- Encryption is lacking in the case of user visibility
This leads to several attacks on the GSM network that include but not limited to:
- Eavesdropping
- Impersonation of user
- Impersonation of network
- Man-in-the-middle attack
Thus, to reduce the risks of having a security breach, every mobile subscriber is issued with a unique 128-bit secret key (Ki). It it stored in a Subscriber Identity Module (SIM) card which must be inserted into the mobile phone. It is a tamper resistant smart card such that it is unfeasible to extract the subscriber's Ki.
The encryption algorithm of GSM is A5. It has a cipher key of 64-bit which makes it almost impossible to decrypt. This ensures that the information of subscribers is set to a basic level of security.
GPRS - General Packet Radio Service
The GPRS is a packet oriented mobile data service on the 2G and the 3G cellular GSM network, more commonly known as the 2.5G. Its main features is the wireless data services that extends GSM data capabilities for internet access, multimedia messaging services and early mobile internet applications via the wireless application protocol (WAP).
The security features of GPRS are very much similar to GSM. Such features include but not limited to:
- Authentication [ Verification of users to prevent cloning of duplicate users ] - CHAP (Challenge-Handshake Authentication Protocol)
- Confidentiality [ Provides privacy to the subscriber, so that it will be difficult to identify ] - Encryption of the radio channel
- User and signalling data confidentiality
- Only access security is implemented - Communications and signalling network in the fixed traffic are not protected
- Identities cannot be trusted
- Encryption is lacking in the case of user visibility
- Fraud issues
- Eavesdropping
- Impersonation of user
- Impersonation of network
- Man-in-the-middle attack
- Viruses and trojans
References
Hi Hong Yi,
ReplyDeleteI have realised that you had a brief description on GSM which is very good. Your information is related to the topic and you have organised all the points neatly which has allow me to have a better understanding of what you are explaining. Well done! However, for some of the points you could have elaborated a bit more to explain what is your point trying to mean. Nevertheless, it is a well done post that has useful information on the topic.
hi hong yi,your research is good and relevant to the topic,good job.You should put some images as an example for the readers to understand.However, for some of the points you could have elaborated a bit more to explain what is your point trying to mean. Nevertheless, it is a well done post that has useful information on the topic.
ReplyDeleteYou have plenty of details in both GSM and GPRS post. You can add some diagrams to allow your readers to have better understanding of your post. Overall you did a good job in giving sufficient infomation to your readers.
ReplyDeletehi shy, your research for both gsm and gprs are good and relevant. well organize and easy to understand also. It would be better if you can add some diagram.
ReplyDelete