SlideShare a Scribd company logo

Cryptography in GSM

Download as PPT, PDF
Tharindu Weerasinghe
Tharindu Weerasinghe
Engineering
1 of 44
Analysis of CryptographyAnalysis of Cryptography inin GSM NetworksGSM Networks Research ProjectResearch Project Master of the Sciences Degree in Communication and Information EngineeringMaster of the Sciences Degree in Communication and Information Engineering University of PeradeniyaUniversity of Peradeniya By:By: Tharindu WeerasingheTharindu Weerasinghe (PG/EE/08/MSc/24)(PG/EE/08/MSc/24)
OutlineOutline  IntroductionIntroduction  Common Security RequirementsCommon Security Requirements  CryptographyCryptography  Symmetric KeySymmetric Key  Public keyPublic key  Cryptographic hashesCryptographic hashes  GSMGSM  Cryptography in GSM (A5/1, A5/3….)Cryptography in GSM (A5/1, A5/3….)  Their issuesTheir issues  My proposalMy proposal  ConclusionConclusion
IntroductionIntroduction The world today is hostile… Eavesdropping Impersonation Hacker Modification Internet
Common Security RequirementsCommon Security Requirements  Privacy (Confidentiality)Privacy (Confidentiality)  User AuthenticationUser Authentication  Data Authentication (Data Integrity)Data Authentication (Data Integrity)  Non-repudiation (Non-refutation)Non-repudiation (Non-refutation)  Access ControlAccess Control  AvailabilityAvailability
How to protect?How to protect? Cryptography
What Cryptography can do?What Cryptography can do?  Encryption:Encryption: Only the authorized party can understandOnly the authorized party can understand the message after the process of encryption.the message after the process of encryption.  Data authentication:Data authentication: Ascertain that informationAscertain that information exchanged is indeed the one from the sender.exchanged is indeed the one from the sender.  Signature:Signature: Allow people to verify the authenticity ofAllow people to verify the authenticity of the message or authenticate the peer user.the message or authenticate the peer user.
CryptographyCryptography  CryptographyCryptography  symmetric-key cryptographysymmetric-key cryptography  public-key cryptographypublic-key cryptography  cryptographic hashescryptographic hashes  Used forUsed for  authentication, integrity protection, encryption, keyauthentication, integrity protection, encryption, key managementmanagement
Symmetric-Key CryptographySymmetric-Key Cryptography  EncryptionEncryption C=EC=Ekk(M)(M)  DecryptionDecryption M=DM=Dkk(C)(C)  Encryption/Decryption uses the same or similar keyEncryption/Decryption uses the same or similar key  Ideally, a different key for each pair of usersIdeally, a different key for each pair of users  For example,For example, DESDES ((DDataata EEncryptionncryption SStandard )tandard )
Symmetric-Key Cryptography:Symmetric-Key Cryptography: Encryption / DecryptionEncryption / Decryption encoder decoder (plain text in - cipher text out) cipher textcipher text msgmsg (cipher text in - plain text out) (should understand nothingnothing about the msg) eavesdropper bla-bla cmb-cmb- cmbcmb bla-bla Shared KeyAliceAlice BobBob How can Alice & BobHow can Alice & Bob share the secret key inshare the secret key in advance?advance?
Symmetric-Key Cryptography:Symmetric-Key Cryptography: Authentication & Key AgreementAuthentication & Key Agreement  However, this suffers from “However, this suffers from “Man-In-The-MiddleMan-In-The-Middle”” attack.attack. Man-In-the-middle attackMan-In-the-middle attack
Public Key EncryptionPublic Key Encryption  Each user has a public/private key pair. Keys areEach user has a public/private key pair. Keys are inverses of each other.inverses of each other.  Only the owner knows the private key, but everyoneOnly the owner knows the private key, but everyone knows the public key.knows the public key.  If the message is encrypted with the private key,If the message is encrypted with the private key, then everyone with the public key can recover thethen everyone with the public key can recover the message, but only the owner can generate themessage, but only the owner can generate the encrypted message .encrypted message .
 If the message is encrypted with the public key, onlyIf the message is encrypted with the public key, only the owner can decrypt it using its private key.the owner can decrypt it using its private key.  The first property can be used for signature and theThe first property can be used for signature and the second property can be used for encryption.second property can be used for encryption.  Examples: RSA, Digital SignaturesExamples: RSA, Digital Signatures Public Key Encryption (contd.)Public Key Encryption (contd.)
Public Key Encryption :Public Key Encryption : ProblemsProblems  If an Attacker can substitute their own publicIf an Attacker can substitute their own public key for another users, the attacker can recoverkey for another users, the attacker can recover messages intended for the other user.messages intended for the other user.  Require method of binding user’s ID withRequire method of binding user’s ID with their public key.their public key.
Public Key InfrastructurePublic Key Infrastructure  User ( or entity ) gets a related key pair:User ( or entity ) gets a related key pair: . one private key, known only to the user. one private key, known only to the user . one public key, distributable to the user. one public key, distributable to the user  A message encrypted with one key requires the otherA message encrypted with one key requires the other key for decryptionkey for decryption
Public Key InfrastructurePublic Key Infrastructure (Contd.)(Contd.)  Need this infrastructure to prevent A fromNeed this infrastructure to prevent A from claiming that B uses the public key that Aclaiming that B uses the public key that A generates.generates.  All users have incorruptible copy ofAll users have incorruptible copy of Certificate Authority’s (Certificate Authority’s (CACA) public key.) public key.  CA signs each users ID/Public Key pair.CA signs each users ID/Public Key pair.  However, certificate revocation list a majorHowever, certificate revocation list a major headache.headache.
Public Key CertificatesPublic Key Certificates
Cryptographic hashesCryptographic hashes  AA cryptographic hash functioncryptographic hash function is a deterministic procedureis a deterministic procedure thatthat takes an arbitrary blocktakes an arbitrary block of data andof data and returns a fixed-sizereturns a fixed-size bitbit string, the (string, the (cryptographiccryptographic)) hash valuehash value, such that an accidental, such that an accidental or intentional change to the data will change the hash value. Theor intentional change to the data will change the hash value. The data to be encoded is often called the "message", and the hashdata to be encoded is often called the "message", and the hash value is sometimes called thevalue is sometimes called the message digestmessage digest or simplyor simply digestdigest..  The ideal cryptographic hash function has four main properties:The ideal cryptographic hash function has four main properties:  it is easy to compute the hash value for any given message,it is easy to compute the hash value for any given message,  it isit is infeasibleinfeasible to find a message that has a given hash,to find a message that has a given hash,  it is infeasible to modify a message without changing its hash,it is infeasible to modify a message without changing its hash,  it is infeasible to find two different messages with the same hash.it is infeasible to find two different messages with the same hash.
Cryptographic hashes: ExampleCryptographic hashes: Example
Well…Well… that was Cryptography in a nut-shell….that was Cryptography in a nut-shell…. Now we will see what is GSM..?Now we will see what is GSM..?
GSM
 GSMGSM ((Global System for Mobile communicationsGlobal System for Mobile communications: originally from: originally from Groupe Spécial MobileGroupe Spécial Mobile) is the most popular standard for mobile phones in) is the most popular standard for mobile phones in the world. Its promoter, the GSM Association, estimates that 80% of thethe world. Its promoter, the GSM Association, estimates that 80% of the global mobile market uses the standard. GSM is used by over 3 billionglobal mobile market uses the standard. GSM is used by over 3 billion people across more than 212 countries and territories.people across more than 212 countries and territories.
GSM SECURITY Cryptography in GSMCryptography in GSM
 GSM was designed with a moderate level of security. The systemGSM was designed with a moderate level of security. The system was designed to authenticate the subscriber using awas designed to authenticate the subscriber using a pre-sharedpre-shared keykey andand challenge-responsechallenge-response..  Communications between theCommunications between the subscribersubscriber and theand the base stationbase station can be encrypted.can be encrypted.  The development of UMTS (The development of UMTS (UUniversalniversal MMobileobile TTelecommunicationselecommunications SSystem) introduces an optional USIMystem) introduces an optional USIM ((UUniversalniversal SSubscriberubscriber IIdentitydentity MModule, a software applicationodule, a software application for UMTS mobile telephony, that uses a longer authenticationfor UMTS mobile telephony, that uses a longer authentication key to give greater security, as well as mutually authenticating thekey to give greater security, as well as mutually authenticating the network and the user - whereasnetwork and the user - whereas GSM only authenticates theGSM only authenticates the user to the network (not vice versa).user to the network (not vice versa).  The security model therefore offers confidentiality andThe security model therefore offers confidentiality and authentication, but limited authorization capabilities, and noauthentication, but limited authorization capabilities, and no non-repudiation.non-repudiation.
 GSM uses several cryptographic algorithms for security.GSM uses several cryptographic algorithms for security. A5/1A5/1 && A5/2A5/2 stream ciphersstream ciphers are used for ensuring “are used for ensuring “over-the-air voiceover-the-air voice”” privacy. A5/1 was developed first and it is a stronger algorithmprivacy. A5/1 was developed first and it is a stronger algorithm used within Europe and the United States; A5/2 is weaker andused within Europe and the United States; A5/2 is weaker and used in other countries.used in other countries.  Serious weaknesses have been found in both algorithms: it isSerious weaknesses have been found in both algorithms: it is possible to break A5/2 in real-time with apossible to break A5/2 in real-time with a Ciphertext-OnlyCiphertext-Only AttackAttack, and in February 2008, Pico Computing, Inc revealed its, and in February 2008, Pico Computing, Inc revealed its ability and plans to commercializeability and plans to commercialize FPGAsFPGAs that allow A5/1 to bethat allow A5/1 to be broken with abroken with a RRainbow Table Attackainbow Table Attack..  The system supports multiple algorithms so operators mayThe system supports multiple algorithms so operators may replace that cipher with a stronger one.replace that cipher with a stronger one.
How do Authentication & Key generationHow do Authentication & Key generation work in a GSM network?work in a GSM network?  Encryption in the GSM network utilizes a Challenge/Response mechanism.Encryption in the GSM network utilizes a Challenge/Response mechanism.  The Mobile Station (The Mobile Station (MSMS) signs into the network.) signs into the network.  The Mobile Services Switching Center (The Mobile Services Switching Center (MSCMSC) requests 5 triples from the) requests 5 triples from the Home Location Register (Home Location Register (HLRHLR).).  The Home Location Register creates five triples utilizing theThe Home Location Register creates five triples utilizing the A8A8 algorithm.algorithm. These five triples each contain:These five triples each contain:  A 128-bit Random Challenge (A 128-bit Random Challenge (RANDRAND))  A 32-bit matching Signed Response (A 32-bit matching Signed Response (SRESSRES))  A 64-bit ciphering key used as a Session Key (A 64-bit ciphering key used as a Session Key (KcKc).).  The Home Location Register sends the Mobile Services Switching Center theThe Home Location Register sends the Mobile Services Switching Center the five triples.five triples.  The Mobile Services Switching Center sends the Random Challenge from theThe Mobile Services Switching Center sends the Random Challenge from the first triple to the Base Transceiver Station (first triple to the Base Transceiver Station (BTSBTS).).
 The Base Transceiver Station sends the random challenge from the first tripleThe Base Transceiver Station sends the random challenge from the first triple to the Mobile Station.to the Mobile Station.  The Mobile Station receives the random challenge from the Base TransceiverThe Mobile Station receives the random challenge from the Base Transceiver Station and encrypts it with the Individual Subscriber Authentication KeyStation and encrypts it with the Individual Subscriber Authentication Key (Ki) assigned to the Mobile Station utilizing the A3 algorithm.(Ki) assigned to the Mobile Station utilizing the A3 algorithm.  The Mobile Station sends the Signed Response to the Base TransceiverThe Mobile Station sends the Signed Response to the Base Transceiver Station.Station.  The Base Transceiver Station sends the Signed Response to the MobileThe Base Transceiver Station sends the Signed Response to the Mobile Services Switching Center.Services Switching Center.  The Mobile Services Switching Center verifies the Signed Response.The Mobile Services Switching Center verifies the Signed Response.  The Mobile Station generates a Session Key (Kc) utilizing the A8 algorithm,The Mobile Station generates a Session Key (Kc) utilizing the A8 algorithm, the Individual Subscriber Authentication Key (Ki) assigned to the Mobilethe Individual Subscriber Authentication Key (Ki) assigned to the Mobile Station, and the random challenge received from the Base TransceiverStation, and the random challenge received from the Base Transceiver Station.Station.
 The Mobile Station sends the Session Key (Kc) to the Base TransceiverThe Mobile Station sends the Session Key (Kc) to the Base Transceiver Station.Station.  The Mobile Services Switching Center sends the Session Key (Kc) to the BaseThe Mobile Services Switching Center sends the Session Key (Kc) to the Base Transceiver Station.Transceiver Station.  The Base Transceiver Station receives the Session Key (Kc) from the MobileThe Base Transceiver Station receives the Session Key (Kc) from the Mobile Services Switching Center.Services Switching Center.  The Base Transceiver Station receives the Session Key (Kc) from the MobileThe Base Transceiver Station receives the Session Key (Kc) from the Mobile Station.Station.  The Base Transceiver Station verifies the Session Keys from the MobileThe Base Transceiver Station verifies the Session Keys from the Mobile Station and the Mobile Services switching Center.Station and the Mobile Services switching Center.
 The A5 algorithm is initialized with the Session Key (Kc) and the number ofThe A5 algorithm is initialized with the Session Key (Kc) and the number of the frame to be encrypted.the frame to be encrypted.  Over-the-air communication channel between the Mobile Station and BaseOver-the-air communication channel between the Mobile Station and Base Transceiver Station can now be encrypted utilizing the A5 algorithm.Transceiver Station can now be encrypted utilizing the A5 algorithm.  This process authenticates the GSM Mobile Station (MS) to the GSMThis process authenticates the GSM Mobile Station (MS) to the GSM network. One known security limitation of GSM networks is that the GSMnetwork. One known security limitation of GSM networks is that the GSM network is never authenticated by the GSM Mobile Station (MS).network is never authenticated by the GSM Mobile Station (MS).  This one-way authentication makes it possible for an attacker to pretend to beThis one-way authentication makes it possible for an attacker to pretend to be a GSM network provider.a GSM network provider.
Authentication in GSMAuthentication in GSM  Home Location Register (HLR)Home Location Register (HLR)  Visitor Location Register (VLR)Visitor Location Register (VLR)  MS (Mobile Station)MS (Mobile Station)  AP (Access Point or Base Station)AP (Access Point or Base Station)  MSC (Mobile Exchange Center)MSC (Mobile Exchange Center)
GSM Authentication ProtocolGSM Authentication Protocol 1.IMSI MS VLR HLR 2.IMSI 3.IMSI,RAND,SRES,Kc 4.RAND 5.SRES 6.A5(Kc,TMSI) SRES=A3(Ki, RAND) Kc=A8(Ki, RAND) SRES=A3(Ki, RAND) Kc=A8(Ki, RAND)
Let us talk aboutLet us talk about the algorithms used…the algorithms used…  There are 3 main types:There are 3 main types:  A5 – A stream cipher used for encryptionaA5 – A stream cipher used for encryptiona  A3 – An authentication algorithmA3 – An authentication algorithm  A8 – A key agreement algorithmA8 – A key agreement algorithm  From those A3 and A8 areFrom those A3 and A8 are NOTNOT specified in GSM. Yet they arespecified in GSM. Yet they are used in some occasions.used in some occasions.  So I pay my attention more on A5 (A5/1, A5/2 and A5/3, ButSo I pay my attention more on A5 (A5/1, A5/2 and A5/3, But the most famous and widely used one is A5/1)the most famous and widely used one is A5/1)
Let us talk about A5/1Let us talk about A5/1  A5/1A5/1  A5/1 is aA5/1 is a stream cipherstream cipher used to provideused to provide over-the-airover-the-air communicationcommunication privacy in the GSM cellular telephone standard. It was initially keptprivacy in the GSM cellular telephone standard. It was initially kept secret, but became public knowledge through leaks and reversesecret, but became public knowledge through leaks and reverse engineering. A number of serious weaknesses in the cipher have beenengineering. A number of serious weaknesses in the cipher have been identified.identified.  Stream Cipher:Stream Cipher:  In cryptography, aIn cryptography, a stream cipherstream cipher is a symmetric key cipher where plaintext bitsis a symmetric key cipher where plaintext bits are combined with a pseudorandom cipher bit stream (keystream), typically by anare combined with a pseudorandom cipher bit stream (keystream), typically by an exclusive-or (exclusive-or (xorxor) operation. In a stream cipher the plaintext digits are encrypted) operation. In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during theone at a time, and the transformation of successive digits varies during the encryption.encryption.  A5/1 is used in Europe and the United States. It was developed in 1987,A5/1 is used in Europe and the United States. It was developed in 1987, when GSM was not yet considered for use outside Europe, and A5/2 waswhen GSM was not yet considered for use outside Europe, and A5/2 was developed in 1989. Both were initially kept secret. However, the generaldeveloped in 1989. Both were initially kept secret. However, the general design was leaked in 1994, and the algorithms were entirely reversedesign was leaked in 1994, and the algorithms were entirely reverse engineered in 1999 by Marc Briceno from a GSM telephone. In 2000,engineered in 1999 by Marc Briceno from a GSM telephone. In 2000, around 130 million GSM customers relied on A5/1 to protect thearound 130 million GSM customers relied on A5/1 to protect the confidentiality of their voice communications.confidentiality of their voice communications.
 Description of A5/1Description of A5/1  A GSM transmission is organized as sequences ofA GSM transmission is organized as sequences of burstsbursts. In a typical. In a typical channel and in one direction, one burst is sent everychannel and in one direction, one burst is sent every 4.615ms4.615ms andand containscontains 114 bits114 bits available for information.available for information.  A5/1 is used to produce for each burst aA5/1 is used to produce for each burst a 114 bit sequence of keystream114 bit sequence of keystream which iswhich is XORXORed with the 114 bits prior to modulation.ed with the 114 bits prior to modulation.  A5/1 is initialized using aA5/1 is initialized using a 64-bit key64-bit key together with atogether with a publicly-knownpublicly-known 22-bit frame number22-bit frame number. In fielded GSM implementations 10 of the key. In fielded GSM implementations 10 of the key bits are fixed at zero, resulting in anbits are fixed at zero, resulting in an effective key length of 54 bitseffective key length of 54 bits..  A5/1 can also be used for data encryptions in EDGE, in which case upA5/1 can also be used for data encryptions in EDGE, in which case up to eight bursts are sent every 4.615 ms, each containingto eight bursts are sent every 4.615 ms, each containing 348 data bits348 data bits..
 A5/1 is based around a combination of threeA5/1 is based around a combination of three LLinearinear FFeedbackeedback SShifthift RRegisters (egisters (LFSRLFSRs) with irregular clocking.s) with irregular clocking. The three shift registers are specified as follows:The three shift registers are specified as follows:
 The bits are indexed with the least significant bit (LSB) as 0.The bits are indexed with the least significant bit (LSB) as 0.  The registers are clocked in a stop/go fashion using a majority rule. EachThe registers are clocked in a stop/go fashion using a majority rule. Each register has an associated clocking bit. At each cycle, the clocking bit ofregister has an associated clocking bit. At each cycle, the clocking bit of all three registers is examined and the majority bit is determined.all three registers is examined and the majority bit is determined.  A register is clocked if the clocking bit agrees with the majority bit. HenceA register is clocked if the clocking bit agrees with the majority bit. Hence at each step two or three registers are clocked, and each register stepsat each step two or three registers are clocked, and each register steps with probability 3/4.with probability 3/4.  Initially, the registers are set to zero. Then for 64 cycles, the 64-bit secretInitially, the registers are set to zero. Then for 64 cycles, the 64-bit secret key is mixed in according to the following scheme: in cycle , thekey is mixed in according to the following scheme: in cycle , the iith keyth key bit is added to the least significant bit of each register using XOR —bit is added to the least significant bit of each register using XOR —   Each register is then clocked.Each register is then clocked.  Similarly, the 22-bits of the frame number are added in 22 cycles. ThenSimilarly, the 22-bits of the frame number are added in 22 cycles. Then the entire system is clocked using the normal majority clockingthe entire system is clocked using the normal majority clocking mechanism for 100 cycles, with the output discarded. After this ismechanism for 100 cycles, with the output discarded. After this is completed, the cipher is ready to produce two 114 bit sequences ofcompleted, the cipher is ready to produce two 114 bit sequences of output keystream, first 114 for downlink, last 114 for uplink.output keystream, first 114 for downlink, last 114 for uplink.
Graphical Notation of A5/1Graphical Notation of A5/1
Some Attacks on A5/1Some Attacks on A5/1  Passive Ciphertext-Only Attack[1]Passive Ciphertext-Only Attack[1]  Biased Birthday Attack[2]Biased Birthday Attack[2]  Random Subgraph Attack[2]Random Subgraph Attack[2]
Possible Attack ScenariosPossible Attack Scenarios  Attacks on A5 can be in the following forms:[1]Attacks on A5 can be in the following forms:[1]  Call wire-tappingCall wire-tapping  Call HijackingCall Hijacking  Altering of SMSAltering of SMS  Call theft – Dynamic CloningCall theft – Dynamic Cloning
What I Propose?What I Propose?  (STREAM & BLOCK CIPHER) COMBINED(STREAM & BLOCK CIPHER) COMBINED ALGORITHM FOR DATA ENCRYPTION &ALGORITHM FOR DATA ENCRYPTION & DECRYPTIONDECRYPTION  Provides more security to data, making it hardProvides more security to data, making it hard to cryptanalysis the cipher textto cryptanalysis the cipher text
 Encryption procedureEncryption procedure
 Decryption procedureDecryption procedure
My Next StepMy Next Step  Implementation of the above mentionedImplementation of the above mentioned algorithm in a normal PCalgorithm in a normal PC  Verify it is better than A5/1Verify it is better than A5/1
 Reference:Reference: [1] [2] [3] Lecture Notes of Haojin Zhu and Xiaodong Lin of the Department of Electrical and Computer Engineering, University of Waterloo, Canada. [4] Types & modes combined algorithm for data encryption and decryption by[4] Types & modes combined algorithm for data encryption and decryption by D.M.A.B MailewaD.M.A.B Mailewa,, T.D.B WeerasingheT.D.B Weerasinghe,, C.A MunasingheC.A Munasinghe,, Piyal J. PereraPiyal J. Perera of theof the Department of Computer Engineering, University of Peradeniya.Department of Computer Engineering, University of Peradeniya.
Thank You!Thank You!

Recommended

Gsm security algorithms A3 , A5 , A8
Gsm security algorithms A3 , A5 , A8Gsm security algorithms A3 , A5 , A8
Gsm security algorithms A3 , A5 , A8RUpaliLohar
 
WIRELESS ATM BY SAIKIRAN PANJALA
WIRELESS ATM BY SAIKIRAN PANJALAWIRELESS ATM BY SAIKIRAN PANJALA
WIRELESS ATM BY SAIKIRAN PANJALASaikiran Panjala
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
TDMA
TDMATDMA
TDMAExpress News
 
Gprs ppt
Gprs pptGprs ppt
Gprs pptsanket chougule
 
GSM & UMTS Security
GSM & UMTS SecurityGSM & UMTS Security
GSM & UMTS SecuritySohaib Altaf
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksNaveen Kumar
 

Recommended

Gsm security algorithms A3 , A5 , A8
Gsm security algorithms A3 , A5 , A8Gsm security algorithms A3 , A5 , A8
Gsm security algorithms A3 , A5 , A8RUpaliLohar
 
WIRELESS ATM BY SAIKIRAN PANJALA
WIRELESS ATM BY SAIKIRAN PANJALAWIRELESS ATM BY SAIKIRAN PANJALA
WIRELESS ATM BY SAIKIRAN PANJALASaikiran Panjala
 
S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)S/MIME & E-mail Security (Network Security)
S/MIME & E-mail Security (Network Security)Prafull Johri
 
TDMA
TDMATDMA
TDMAExpress News
 
Gprs ppt
Gprs pptGprs ppt
Gprs pptsanket chougule
 
GSM & UMTS Security
GSM & UMTS SecurityGSM & UMTS Security
GSM & UMTS SecuritySohaib Altaf
 
Cryptography ppt
Cryptography pptCryptography ppt
Cryptography pptOECLIB Odisha Electronics Control Library
 
Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksNaveen Kumar
 
CNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block CiphersCNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block CiphersGyanmanjari Institute Of Technology
 
wireless cellular network
wireless cellular networkwireless cellular network
wireless cellular networkMaulik Patel
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Gprs architecture ppt
Gprs architecture pptGprs architecture ppt
Gprs architecture pptArpita Sanghani
 
Cryptography
CryptographyCryptography
CryptographyIGZ Software house
 
Presentation on 5G security
Presentation on 5G securityPresentation on 5G security
Presentation on 5G securityRanjitUpadhyay4
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Lte(long term evolution) 4G LTE
Lte(long term evolution) 4G LTELte(long term evolution) 4G LTE
Lte(long term evolution) 4G LTEkaishik gundu
 
Diameter Presentation
Diameter PresentationDiameter Presentation
Diameter PresentationBeny Haddad
 
Cryptography
Cryptography Cryptography
Cryptography 1326OmkarKamble
 
Presentation on CDMA
Presentation on CDMAPresentation on CDMA
Presentation on CDMAShuvangkar Dhar
 
WSN-IEEE 802.15.4 -MAC Protocol
WSN-IEEE 802.15.4 -MAC ProtocolWSN-IEEE 802.15.4 -MAC Protocol
WSN-IEEE 802.15.4 -MAC ProtocolArunChokkalingam
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
Cryptography
CryptographyCryptography
CryptographyKalyani Government Engineering College
 
LTE Architecture
LTE ArchitectureLTE Architecture
LTE ArchitectureManje Gowda
 
S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
Cognitive radio networks
Cognitive radio networksCognitive radio networks
Cognitive radio networksAmeer Sameer
 
Symmetric Key Algorithm
Symmetric Key AlgorithmSymmetric Key Algorithm
Symmetric Key AlgorithmSHUBHA CHATURVEDI
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryptionRK Nayak
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryptionjyothsnapaidi
 

More Related Content

What's hot

wireless cellular network
wireless cellular networkwireless cellular network
wireless cellular networkMaulik Patel
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key ExchangeSAURABHDHAGE6
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Presentation on 5G security
Presentation on 5G securityPresentation on 5G security
Presentation on 5G securityRanjitUpadhyay4
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemesravik09783
 
Lte(long term evolution) 4G LTE
Lte(long term evolution) 4G LTELte(long term evolution) 4G LTE
Lte(long term evolution) 4G LTEkaishik gundu
 
Diameter Presentation
Diameter PresentationDiameter Presentation
Diameter PresentationBeny Haddad
 
WSN-IEEE 802.15.4 -MAC Protocol
WSN-IEEE 802.15.4 -MAC ProtocolWSN-IEEE 802.15.4 -MAC Protocol
WSN-IEEE 802.15.4 -MAC ProtocolArunChokkalingam
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN securityRajan Kumar
 
LTE Architecture
LTE ArchitectureLTE Architecture
LTE ArchitectureManje Gowda
 
Cognitive radio networks
Cognitive radio networksCognitive radio networks
Cognitive radio networksAmeer Sameer
 

What's hot (20)

CNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block CiphersCNS - Unit - 2 - Stream Ciphers and Block Ciphers
CNS - Unit - 2 - Stream Ciphers and Block Ciphers
 
wireless cellular network
wireless cellular networkwireless cellular network
wireless cellular network
 
Diffie Hellman Key Exchange
Diffie Hellman Key ExchangeDiffie Hellman Key Exchange
Diffie Hellman Key Exchange
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Gprs architecture ppt
Gprs architecture pptGprs architecture ppt
Gprs architecture ppt
 
Cryptography
CryptographyCryptography
Cryptography
 
Presentation on 5G security
Presentation on 5G securityPresentation on 5G security
Presentation on 5G security
 
Digital signature schemes
Digital signature schemesDigital signature schemes
Digital signature schemes
 
Lte(long term evolution) 4G LTE
Lte(long term evolution) 4G LTELte(long term evolution) 4G LTE
Lte(long term evolution) 4G LTE
 
Diameter Presentation
Diameter PresentationDiameter Presentation
Diameter Presentation
 
Cryptography
Cryptography Cryptography
Cryptography
 
Presentation on CDMA
Presentation on CDMAPresentation on CDMA
Presentation on CDMA
 
WSN-IEEE 802.15.4 -MAC Protocol
WSN-IEEE 802.15.4 -MAC ProtocolWSN-IEEE 802.15.4 -MAC Protocol
WSN-IEEE 802.15.4 -MAC Protocol
 
Wireless LAN security
Wireless LAN securityWireless LAN security
Wireless LAN security
 
Cryptography
CryptographyCryptography
Cryptography
 
LTE Architecture
LTE ArchitectureLTE Architecture
LTE Architecture
 
S/MIME
S/MIMES/MIME
S/MIME
 
Cognitive radio networks
Cognitive radio networksCognitive radio networks
Cognitive radio networks
 
Symmetric Key Algorithm
Symmetric Key AlgorithmSymmetric Key Algorithm
Symmetric Key Algorithm
 

Viewers also liked

Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryptionRK Nayak
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryptionjyothsnapaidi
 
Gsm security
Gsm securityGsm security
Gsm securityAli Kamil
 
Module securite
Module securiteModule securite
Module securiteKaes1337
 
DISY.BE Conférence de Presse
DISY.BE Conférence de PresseDISY.BE Conférence de Presse
DISY.BE Conférence de PresseHubert DEKOCK
 
Stream ciphers presentation
Stream ciphers presentationStream ciphers presentation
Stream ciphers presentationdegarden
 
Gsm technology
Gsm technologyGsm technology
Gsm technologyggrajan46
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2Max Benana
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & SteganographyAnimesh Shaw
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 
Architecture d'un réseau GSM 2G (Téléphonie Mobile)
Architecture d'un réseau GSM 2G (Téléphonie Mobile)Architecture d'un réseau GSM 2G (Téléphonie Mobile)
Architecture d'un réseau GSM 2G (Téléphonie Mobile)Assia Mounir
 

Viewers also liked (20)

Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
 
Presentation one-gsm
Presentation one-gsmPresentation one-gsm
Presentation one-gsm
 
Gsm security
Gsm securityGsm security
Gsm security
 
Module securite
Module securiteModule securite
Module securite
 
DISY.BE Conférence de Presse
DISY.BE Conférence de PresseDISY.BE Conférence de Presse
DISY.BE Conférence de Presse
 
Cryptoppt
CryptopptCryptoppt
Cryptoppt
 
Stream ciphers presentation
Stream ciphers presentationStream ciphers presentation
Stream ciphers presentation
 
Gsm technology
Gsm technologyGsm technology
Gsm technology
 
Gsm security final
Gsm security finalGsm security final
Gsm security final
 
GSM Security
GSM SecurityGSM Security
GSM Security
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Mobile Communication
Mobile CommunicationMobile Communication
Mobile Communication
 
Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2
 
RC4&RC5
RC4&RC5RC4&RC5
RC4&RC5
 
Cryptography & Steganography
Cryptography & SteganographyCryptography & Steganography
Cryptography & Steganography
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 
Architecture d'un réseau GSM 2G (Téléphonie Mobile)
Architecture d'un réseau GSM 2G (Téléphonie Mobile)Architecture d'un réseau GSM 2G (Téléphonie Mobile)
Architecture d'un réseau GSM 2G (Téléphonie Mobile)
 
Le Réseau GSM
Le Réseau GSMLe Réseau GSM
Le Réseau GSM
 
Présentation GSM
Présentation GSMPrésentation GSM
Présentation GSM
 

Similar to Cryptography in GSM

CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...ams1ams11
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444IJRAT
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPrabhatMishraAbvp
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptvinitajain703
 
Presentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYPresentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYBARATH800940
 
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptPresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptso6281019
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCSCJournals
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)newbie2019
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackMona Rajput
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptPayalChopra9
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Saif Kassim
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)newbie2019
 
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointNt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointJanet Robinson
 

Similar to Cryptography in GSM (20)

network security
network securitynetwork security
network security
 
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
CH2 Stallings,_William_Computer_Security_Principles_and_Practice_Pearson [54-...
 
Iss lecture 2
Iss lecture 2Iss lecture 2
Iss lecture 2
 
Paper id 27201444
Paper id 27201444Paper id 27201444
Paper id 27201444
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
PresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.pptPresentationonCRYPTOGRAPHYppt.ppt
PresentationonCRYPTOGRAPHYppt.ppt
 
Presentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHYPresentationon ON THE TOPIC CRYPTOGRAPHY
Presentationon ON THE TOPIC CRYPTOGRAPHY
 
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.pptPresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
PresentationonCRYPTOGRAPHYppt.ppt - Read-Only - Compatibility Mode.ppt
 
Cryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data CommunicationCryptographic Algorithms For Secure Data Communication
Cryptographic Algorithms For Secure Data Communication
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)
 
Cryptography
CryptographyCryptography
Cryptography
 
Types of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic AttackTypes of Cryptosystem and Cryptographic Attack
Types of Cryptosystem and Cryptographic Attack
 
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.pptCRYPTOGRAPHY-PAYAL CHOPRA.ppt
CRYPTOGRAPHY-PAYAL CHOPRA.ppt
 
Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01Computer Security (Cryptography) Ch01
Computer Security (Cryptography) Ch01
 
H42063743
H42063743H42063743
H42063743
 
Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)Pertemuan 4 information hiding (cryptography)
Pertemuan 4 information hiding (cryptography)
 
cryptography
cryptographycryptography
cryptography
 
Analysis of Cryptography Techniques
Analysis of Cryptography TechniquesAnalysis of Cryptography Techniques
Analysis of Cryptography Techniques
 
Nt1310 Unit 6 Powerpoint
Nt1310 Unit 6 PowerpointNt1310 Unit 6 Powerpoint
Nt1310 Unit 6 Powerpoint
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
 

More from Tharindu Weerasinghe

Basics of Computer Networks in Sinhala
Basics of Computer Networks in SinhalaBasics of Computer Networks in Sinhala
Basics of Computer Networks in SinhalaTharindu Weerasinghe
 
Data Structures & Algorithms in Sinhala
Data Structures & Algorithms in SinhalaData Structures & Algorithms in Sinhala
Data Structures & Algorithms in SinhalaTharindu Weerasinghe
 
Object Oriended Programming in Sinhala
Object Oriended Programming in Sinhala Object Oriended Programming in Sinhala
Object Oriended Programming in Sinhala Tharindu Weerasinghe
 
Tips For A Better Undergraduate Research
Tips For A Better Undergraduate ResearchTips For A Better Undergraduate Research
Tips For A Better Undergraduate ResearchTharindu Weerasinghe
 
Cloud Conputing Basics and some Related Research Topics
Cloud Conputing Basics and some Related Research TopicsCloud Conputing Basics and some Related Research Topics
Cloud Conputing Basics and some Related Research TopicsTharindu Weerasinghe
 
Basic Concepts and Trends in Emerging Technologies
Basic Concepts and Trends in Emerging TechnologiesBasic Concepts and Trends in Emerging Technologies
Basic Concepts and Trends in Emerging TechnologiesTharindu Weerasinghe
 
Introduction to Enterprise Applications and Tools
Introduction to Enterprise Applications and ToolsIntroduction to Enterprise Applications and Tools
Introduction to Enterprise Applications and ToolsTharindu Weerasinghe
 
Introduction to Agile Software Development & Python
Introduction to Agile Software Development & PythonIntroduction to Agile Software Development & Python
Introduction to Agile Software Development & PythonTharindu Weerasinghe
 
Agile Languages for Rapid Prototyping
Agile Languages for Rapid PrototypingAgile Languages for Rapid Prototyping
Agile Languages for Rapid PrototypingTharindu Weerasinghe
 
Things to ponder before you start building [cooperate] software
Things to ponder before you start building [cooperate] softwareThings to ponder before you start building [cooperate] software
Things to ponder before you start building [cooperate] softwareTharindu Weerasinghe
 
How to make screens and the internet safe for Children
How to make screens and the internet safe for Children How to make screens and the internet safe for Children
How to make screens and the internet safe for Children Tharindu Weerasinghe
 
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
A Survey Study on Higher Education Trends among Sri Lankan IT ProfessionalsA Survey Study on Higher Education Trends among Sri Lankan IT Professionals
A Survey Study on Higher Education Trends among Sri Lankan IT ProfessionalsTharindu Weerasinghe
 
A Survey Study on Higher Education Trends among Information Technology Prof...
A Survey Study on Higher Education Trends among Information Technology Prof...A Survey Study on Higher Education Trends among Information Technology Prof...
A Survey Study on Higher Education Trends among Information Technology Prof...Tharindu Weerasinghe
 
Professionalism and Industry Expectations related to IT industry
Professionalism and Industry Expectations related to IT industry Professionalism and Industry Expectations related to IT industry
Professionalism and Industry Expectations related to IT industry Tharindu Weerasinghe
 

More from Tharindu Weerasinghe (20)

C Propgramming.pdf
C Propgramming.pdfC Propgramming.pdf
C Propgramming.pdf
 
Basics of Computer Networks in Sinhala
Basics of Computer Networks in SinhalaBasics of Computer Networks in Sinhala
Basics of Computer Networks in Sinhala
 
Data Structures & Algorithms in Sinhala
Data Structures & Algorithms in SinhalaData Structures & Algorithms in Sinhala
Data Structures & Algorithms in Sinhala
 
Object Oriended Programming in Sinhala
Object Oriended Programming in Sinhala Object Oriended Programming in Sinhala
Object Oriended Programming in Sinhala
 
Tips For A Better Undergraduate Research
Tips For A Better Undergraduate ResearchTips For A Better Undergraduate Research
Tips For A Better Undergraduate Research
 
Basics of Block Chain
Basics of Block ChainBasics of Block Chain
Basics of Block Chain
 
Basics of IoT
Basics of IoTBasics of IoT
Basics of IoT
 
REST API Basics
REST API BasicsREST API Basics
REST API Basics
 
Cloud Conputing Basics and some Related Research Topics
Cloud Conputing Basics and some Related Research TopicsCloud Conputing Basics and some Related Research Topics
Cloud Conputing Basics and some Related Research Topics
 
Basic Concepts and Trends in Emerging Technologies
Basic Concepts and Trends in Emerging TechnologiesBasic Concepts and Trends in Emerging Technologies
Basic Concepts and Trends in Emerging Technologies
 
Introcution to EJB
Introcution to EJBIntrocution to EJB
Introcution to EJB
 
Introduction to Enterprise Applications and Tools
Introduction to Enterprise Applications and ToolsIntroduction to Enterprise Applications and Tools
Introduction to Enterprise Applications and Tools
 
Introduction to Agile Software Development & Python
Introduction to Agile Software Development & PythonIntroduction to Agile Software Development & Python
Introduction to Agile Software Development & Python
 
Agile Languages for Rapid Prototyping
Agile Languages for Rapid PrototypingAgile Languages for Rapid Prototyping
Agile Languages for Rapid Prototyping
 
Things to ponder before you start building [cooperate] software
Things to ponder before you start building [cooperate] softwareThings to ponder before you start building [cooperate] software
Things to ponder before you start building [cooperate] software
 
How to make screens and the internet safe for Children
How to make screens and the internet safe for Children How to make screens and the internet safe for Children
How to make screens and the internet safe for Children
 
Different Concepts on Databases
Different Concepts on DatabasesDifferent Concepts on Databases
Different Concepts on Databases
 
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
A Survey Study on Higher Education Trends among Sri Lankan IT ProfessionalsA Survey Study on Higher Education Trends among Sri Lankan IT Professionals
A Survey Study on Higher Education Trends among Sri Lankan IT Professionals
 
A Survey Study on Higher Education Trends among Information Technology Prof...
A Survey Study on Higher Education Trends among Information Technology Prof...A Survey Study on Higher Education Trends among Information Technology Prof...
A Survey Study on Higher Education Trends among Information Technology Prof...
 
Professionalism and Industry Expectations related to IT industry
Professionalism and Industry Expectations related to IT industry Professionalism and Industry Expectations related to IT industry
Professionalism and Industry Expectations related to IT industry
 

Recently uploaded

DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationBhangaleSonal
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxmaisarahman1
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesMayuraD1
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxSCMS School of Architecture
 
Computer Lecture 01.pptxIntroduction to Computers
Computer Lecture 01.pptxIntroduction to ComputersComputer Lecture 01.pptxIntroduction to Computers
Computer Lecture 01.pptxIntroduction to ComputersMairaAshraf6
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxJuliansyahHarahap1
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Arindam Chakraborty, Ph.D., P.E. (CA, TX)
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesRAJNEESHKUMAR341697
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityMorshed Ahmed Rahath
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesChandrakantDivate1
 
Rums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfRums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfsmsksolar
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptDineshKumar4165
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsvanyagupta248
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startQuintin Balsdon
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptDineshKumar4165
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Servicemeghakumariji156
 
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadkiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadhamedmustafa094
 
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills KuwaitKuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwaitjaanualu31
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptNANDHAKUMARA10
 

Recently uploaded (20)

Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in South Ex (delhi) call me [🔝9953056974🔝] escort service 24X7
 
DC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equationDC MACHINE-Motoring and generation, Armature circuit equation
DC MACHINE-Motoring and generation, Armature circuit equation
 
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptxA CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
A CASE STUDY ON CERAMIC INDUSTRY OF BANGLADESH.pptx
 
DeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakesDeepFakes presentation : brief idea of DeepFakes
DeepFakes presentation : brief idea of DeepFakes
 
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptxS1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
S1S2 B.Arch MGU - HOA1&2 Module 3 -Temple Architecture of Kerala.pptx
 
Computer Lecture 01.pptxIntroduction to Computers
Computer Lecture 01.pptxIntroduction to ComputersComputer Lecture 01.pptxIntroduction to Computers
Computer Lecture 01.pptxIntroduction to Computers
 
Work-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptxWork-Permit-Receiver-in-Saudi-Aramco.pptx
Work-Permit-Receiver-in-Saudi-Aramco.pptx
 
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
Navigating Complexity: The Role of Trusted Partners and VIAS3D in Dassault Sy...
 
Engineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planesEngineering Drawing focus on projection of planes
Engineering Drawing focus on projection of planes
 
A Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna MunicipalityA Study of Urban Area Plan for Pabna Municipality
A Study of Urban Area Plan for Pabna Municipality
 
Computer Networks Basics of Network Devices
Computer Networks Basics of Network DevicesComputer Networks Basics of Network Devices
Computer Networks Basics of Network Devices
 
Rums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdfRums floating Omkareshwar FSPV IM_16112021.pdf
Rums floating Omkareshwar FSPV IM_16112021.pdf
 
Thermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . pptThermal Engineering Unit - I & II . ppt
Thermal Engineering Unit - I & II . ppt
 
AIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech studentsAIRCANVAS[1].pdf mini project for btech students
AIRCANVAS[1].pdf mini project for btech students
 
Design For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the startDesign For Accessibility: Getting it right from the start
Design For Accessibility: Getting it right from the start
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best ServiceTamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
Tamil Call Girls Bhayandar WhatsApp +91-9930687706, Best Service
 
kiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal loadkiln thermal load.pptx kiln tgermal load
kiln thermal load.pptx kiln tgermal load
 
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills KuwaitKuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
Kuwait City MTP kit ((+919101817206)) Buy Abortion Pills Kuwait
 
Block diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.pptBlock diagram reduction techniques in control systems.ppt
Block diagram reduction techniques in control systems.ppt
 

Cryptography in GSM

  • 1. Analysis of CryptographyAnalysis of Cryptography inin GSM NetworksGSM Networks Research ProjectResearch Project Master of the Sciences Degree in Communication and Information EngineeringMaster of the Sciences Degree in Communication and Information Engineering University of PeradeniyaUniversity of Peradeniya By:By: Tharindu WeerasingheTharindu Weerasinghe (PG/EE/08/MSc/24)(PG/EE/08/MSc/24)
  • 2. OutlineOutline  IntroductionIntroduction  Common Security RequirementsCommon Security Requirements  CryptographyCryptography  Symmetric KeySymmetric Key  Public keyPublic key  Cryptographic hashesCryptographic hashes  GSMGSM  Cryptography in GSM (A5/1, A5/3….)Cryptography in GSM (A5/1, A5/3….)  Their issuesTheir issues  My proposalMy proposal  ConclusionConclusion
  • 3. IntroductionIntroduction The world today is hostile… Eavesdropping Impersonation Hacker Modification Internet
  • 4. Common Security RequirementsCommon Security Requirements  Privacy (Confidentiality)Privacy (Confidentiality)  User AuthenticationUser Authentication  Data Authentication (Data Integrity)Data Authentication (Data Integrity)  Non-repudiation (Non-refutation)Non-repudiation (Non-refutation)  Access ControlAccess Control  AvailabilityAvailability
  • 5. How to protect?How to protect? Cryptography
  • 6. What Cryptography can do?What Cryptography can do?  Encryption:Encryption: Only the authorized party can understandOnly the authorized party can understand the message after the process of encryption.the message after the process of encryption.  Data authentication:Data authentication: Ascertain that informationAscertain that information exchanged is indeed the one from the sender.exchanged is indeed the one from the sender.  Signature:Signature: Allow people to verify the authenticity ofAllow people to verify the authenticity of the message or authenticate the peer user.the message or authenticate the peer user.
  • 7. CryptographyCryptography  CryptographyCryptography  symmetric-key cryptographysymmetric-key cryptography  public-key cryptographypublic-key cryptography  cryptographic hashescryptographic hashes  Used forUsed for  authentication, integrity protection, encryption, keyauthentication, integrity protection, encryption, key managementmanagement
  • 8. Symmetric-Key CryptographySymmetric-Key Cryptography  EncryptionEncryption C=EC=Ekk(M)(M)  DecryptionDecryption M=DM=Dkk(C)(C)  Encryption/Decryption uses the same or similar keyEncryption/Decryption uses the same or similar key  Ideally, a different key for each pair of usersIdeally, a different key for each pair of users  For example,For example, DESDES ((DDataata EEncryptionncryption SStandard )tandard )
  • 9. Symmetric-Key Cryptography:Symmetric-Key Cryptography: Encryption / DecryptionEncryption / Decryption encoder decoder (plain text in - cipher text out) cipher textcipher text msgmsg (cipher text in - plain text out) (should understand nothingnothing about the msg) eavesdropper bla-bla cmb-cmb- cmbcmb bla-bla Shared KeyAliceAlice BobBob How can Alice & BobHow can Alice & Bob share the secret key inshare the secret key in advance?advance?
  • 10. Symmetric-Key Cryptography:Symmetric-Key Cryptography: Authentication & Key AgreementAuthentication & Key Agreement  However, this suffers from “However, this suffers from “Man-In-The-MiddleMan-In-The-Middle”” attack.attack. Man-In-the-middle attackMan-In-the-middle attack
  • 11. Public Key EncryptionPublic Key Encryption  Each user has a public/private key pair. Keys areEach user has a public/private key pair. Keys are inverses of each other.inverses of each other.  Only the owner knows the private key, but everyoneOnly the owner knows the private key, but everyone knows the public key.knows the public key.  If the message is encrypted with the private key,If the message is encrypted with the private key, then everyone with the public key can recover thethen everyone with the public key can recover the message, but only the owner can generate themessage, but only the owner can generate the encrypted message .encrypted message .
  • 12.  If the message is encrypted with the public key, onlyIf the message is encrypted with the public key, only the owner can decrypt it using its private key.the owner can decrypt it using its private key.  The first property can be used for signature and theThe first property can be used for signature and the second property can be used for encryption.second property can be used for encryption.  Examples: RSA, Digital SignaturesExamples: RSA, Digital Signatures Public Key Encryption (contd.)Public Key Encryption (contd.)
  • 13. Public Key Encryption :Public Key Encryption : ProblemsProblems  If an Attacker can substitute their own publicIf an Attacker can substitute their own public key for another users, the attacker can recoverkey for another users, the attacker can recover messages intended for the other user.messages intended for the other user.  Require method of binding user’s ID withRequire method of binding user’s ID with their public key.their public key.
  • 14. Public Key InfrastructurePublic Key Infrastructure  User ( or entity ) gets a related key pair:User ( or entity ) gets a related key pair: . one private key, known only to the user. one private key, known only to the user . one public key, distributable to the user. one public key, distributable to the user  A message encrypted with one key requires the otherA message encrypted with one key requires the other key for decryptionkey for decryption
  • 15. Public Key InfrastructurePublic Key Infrastructure (Contd.)(Contd.)  Need this infrastructure to prevent A fromNeed this infrastructure to prevent A from claiming that B uses the public key that Aclaiming that B uses the public key that A generates.generates.  All users have incorruptible copy ofAll users have incorruptible copy of Certificate Authority’s (Certificate Authority’s (CACA) public key.) public key.  CA signs each users ID/Public Key pair.CA signs each users ID/Public Key pair.  However, certificate revocation list a majorHowever, certificate revocation list a major headache.headache.
  • 16. Public Key CertificatesPublic Key Certificates
  • 17. Cryptographic hashesCryptographic hashes  AA cryptographic hash functioncryptographic hash function is a deterministic procedureis a deterministic procedure thatthat takes an arbitrary blocktakes an arbitrary block of data andof data and returns a fixed-sizereturns a fixed-size bitbit string, the (string, the (cryptographiccryptographic)) hash valuehash value, such that an accidental, such that an accidental or intentional change to the data will change the hash value. Theor intentional change to the data will change the hash value. The data to be encoded is often called the "message", and the hashdata to be encoded is often called the "message", and the hash value is sometimes called thevalue is sometimes called the message digestmessage digest or simplyor simply digestdigest..  The ideal cryptographic hash function has four main properties:The ideal cryptographic hash function has four main properties:  it is easy to compute the hash value for any given message,it is easy to compute the hash value for any given message,  it isit is infeasibleinfeasible to find a message that has a given hash,to find a message that has a given hash,  it is infeasible to modify a message without changing its hash,it is infeasible to modify a message without changing its hash,  it is infeasible to find two different messages with the same hash.it is infeasible to find two different messages with the same hash.
  • 19. Well…Well… that was Cryptography in a nut-shell….that was Cryptography in a nut-shell…. Now we will see what is GSM..?Now we will see what is GSM..?
  • 20. GSM
  • 21.  GSMGSM ((Global System for Mobile communicationsGlobal System for Mobile communications: originally from: originally from Groupe Spécial MobileGroupe Spécial Mobile) is the most popular standard for mobile phones in) is the most popular standard for mobile phones in the world. Its promoter, the GSM Association, estimates that 80% of thethe world. Its promoter, the GSM Association, estimates that 80% of the global mobile market uses the standard. GSM is used by over 3 billionglobal mobile market uses the standard. GSM is used by over 3 billion people across more than 212 countries and territories.people across more than 212 countries and territories.
  • 23.  GSM was designed with a moderate level of security. The systemGSM was designed with a moderate level of security. The system was designed to authenticate the subscriber using awas designed to authenticate the subscriber using a pre-sharedpre-shared keykey andand challenge-responsechallenge-response..  Communications between theCommunications between the subscribersubscriber and theand the base stationbase station can be encrypted.can be encrypted.  The development of UMTS (The development of UMTS (UUniversalniversal MMobileobile TTelecommunicationselecommunications SSystem) introduces an optional USIMystem) introduces an optional USIM ((UUniversalniversal SSubscriberubscriber IIdentitydentity MModule, a software applicationodule, a software application for UMTS mobile telephony, that uses a longer authenticationfor UMTS mobile telephony, that uses a longer authentication key to give greater security, as well as mutually authenticating thekey to give greater security, as well as mutually authenticating the network and the user - whereasnetwork and the user - whereas GSM only authenticates theGSM only authenticates the user to the network (not vice versa).user to the network (not vice versa).  The security model therefore offers confidentiality andThe security model therefore offers confidentiality and authentication, but limited authorization capabilities, and noauthentication, but limited authorization capabilities, and no non-repudiation.non-repudiation.
  • 24.  GSM uses several cryptographic algorithms for security.GSM uses several cryptographic algorithms for security. A5/1A5/1 && A5/2A5/2 stream ciphersstream ciphers are used for ensuring “are used for ensuring “over-the-air voiceover-the-air voice”” privacy. A5/1 was developed first and it is a stronger algorithmprivacy. A5/1 was developed first and it is a stronger algorithm used within Europe and the United States; A5/2 is weaker andused within Europe and the United States; A5/2 is weaker and used in other countries.used in other countries.  Serious weaknesses have been found in both algorithms: it isSerious weaknesses have been found in both algorithms: it is possible to break A5/2 in real-time with apossible to break A5/2 in real-time with a Ciphertext-OnlyCiphertext-Only AttackAttack, and in February 2008, Pico Computing, Inc revealed its, and in February 2008, Pico Computing, Inc revealed its ability and plans to commercializeability and plans to commercialize FPGAsFPGAs that allow A5/1 to bethat allow A5/1 to be broken with abroken with a RRainbow Table Attackainbow Table Attack..  The system supports multiple algorithms so operators mayThe system supports multiple algorithms so operators may replace that cipher with a stronger one.replace that cipher with a stronger one.
  • 25. How do Authentication & Key generationHow do Authentication & Key generation work in a GSM network?work in a GSM network?  Encryption in the GSM network utilizes a Challenge/Response mechanism.Encryption in the GSM network utilizes a Challenge/Response mechanism.  The Mobile Station (The Mobile Station (MSMS) signs into the network.) signs into the network.  The Mobile Services Switching Center (The Mobile Services Switching Center (MSCMSC) requests 5 triples from the) requests 5 triples from the Home Location Register (Home Location Register (HLRHLR).).  The Home Location Register creates five triples utilizing theThe Home Location Register creates five triples utilizing the A8A8 algorithm.algorithm. These five triples each contain:These five triples each contain:  A 128-bit Random Challenge (A 128-bit Random Challenge (RANDRAND))  A 32-bit matching Signed Response (A 32-bit matching Signed Response (SRESSRES))  A 64-bit ciphering key used as a Session Key (A 64-bit ciphering key used as a Session Key (KcKc).).  The Home Location Register sends the Mobile Services Switching Center theThe Home Location Register sends the Mobile Services Switching Center the five triples.five triples.  The Mobile Services Switching Center sends the Random Challenge from theThe Mobile Services Switching Center sends the Random Challenge from the first triple to the Base Transceiver Station (first triple to the Base Transceiver Station (BTSBTS).).
  • 26.  The Base Transceiver Station sends the random challenge from the first tripleThe Base Transceiver Station sends the random challenge from the first triple to the Mobile Station.to the Mobile Station.  The Mobile Station receives the random challenge from the Base TransceiverThe Mobile Station receives the random challenge from the Base Transceiver Station and encrypts it with the Individual Subscriber Authentication KeyStation and encrypts it with the Individual Subscriber Authentication Key (Ki) assigned to the Mobile Station utilizing the A3 algorithm.(Ki) assigned to the Mobile Station utilizing the A3 algorithm.  The Mobile Station sends the Signed Response to the Base TransceiverThe Mobile Station sends the Signed Response to the Base Transceiver Station.Station.  The Base Transceiver Station sends the Signed Response to the MobileThe Base Transceiver Station sends the Signed Response to the Mobile Services Switching Center.Services Switching Center.  The Mobile Services Switching Center verifies the Signed Response.The Mobile Services Switching Center verifies the Signed Response.  The Mobile Station generates a Session Key (Kc) utilizing the A8 algorithm,The Mobile Station generates a Session Key (Kc) utilizing the A8 algorithm, the Individual Subscriber Authentication Key (Ki) assigned to the Mobilethe Individual Subscriber Authentication Key (Ki) assigned to the Mobile Station, and the random challenge received from the Base TransceiverStation, and the random challenge received from the Base Transceiver Station.Station.
  • 27.  The Mobile Station sends the Session Key (Kc) to the Base TransceiverThe Mobile Station sends the Session Key (Kc) to the Base Transceiver Station.Station.  The Mobile Services Switching Center sends the Session Key (Kc) to the BaseThe Mobile Services Switching Center sends the Session Key (Kc) to the Base Transceiver Station.Transceiver Station.  The Base Transceiver Station receives the Session Key (Kc) from the MobileThe Base Transceiver Station receives the Session Key (Kc) from the Mobile Services Switching Center.Services Switching Center.  The Base Transceiver Station receives the Session Key (Kc) from the MobileThe Base Transceiver Station receives the Session Key (Kc) from the Mobile Station.Station.  The Base Transceiver Station verifies the Session Keys from the MobileThe Base Transceiver Station verifies the Session Keys from the Mobile Station and the Mobile Services switching Center.Station and the Mobile Services switching Center.
  • 28.  The A5 algorithm is initialized with the Session Key (Kc) and the number ofThe A5 algorithm is initialized with the Session Key (Kc) and the number of the frame to be encrypted.the frame to be encrypted.  Over-the-air communication channel between the Mobile Station and BaseOver-the-air communication channel between the Mobile Station and Base Transceiver Station can now be encrypted utilizing the A5 algorithm.Transceiver Station can now be encrypted utilizing the A5 algorithm.  This process authenticates the GSM Mobile Station (MS) to the GSMThis process authenticates the GSM Mobile Station (MS) to the GSM network. One known security limitation of GSM networks is that the GSMnetwork. One known security limitation of GSM networks is that the GSM network is never authenticated by the GSM Mobile Station (MS).network is never authenticated by the GSM Mobile Station (MS).  This one-way authentication makes it possible for an attacker to pretend to beThis one-way authentication makes it possible for an attacker to pretend to be a GSM network provider.a GSM network provider.
  • 29. Authentication in GSMAuthentication in GSM  Home Location Register (HLR)Home Location Register (HLR)  Visitor Location Register (VLR)Visitor Location Register (VLR)  MS (Mobile Station)MS (Mobile Station)  AP (Access Point or Base Station)AP (Access Point or Base Station)  MSC (Mobile Exchange Center)MSC (Mobile Exchange Center)
  • 30. GSM Authentication ProtocolGSM Authentication Protocol 1.IMSI MS VLR HLR 2.IMSI 3.IMSI,RAND,SRES,Kc 4.RAND 5.SRES 6.A5(Kc,TMSI) SRES=A3(Ki, RAND) Kc=A8(Ki, RAND) SRES=A3(Ki, RAND) Kc=A8(Ki, RAND)
  • 31. Let us talk aboutLet us talk about the algorithms used…the algorithms used…  There are 3 main types:There are 3 main types:  A5 – A stream cipher used for encryptionaA5 – A stream cipher used for encryptiona  A3 – An authentication algorithmA3 – An authentication algorithm  A8 – A key agreement algorithmA8 – A key agreement algorithm  From those A3 and A8 areFrom those A3 and A8 are NOTNOT specified in GSM. Yet they arespecified in GSM. Yet they are used in some occasions.used in some occasions.  So I pay my attention more on A5 (A5/1, A5/2 and A5/3, ButSo I pay my attention more on A5 (A5/1, A5/2 and A5/3, But the most famous and widely used one is A5/1)the most famous and widely used one is A5/1)
  • 32. Let us talk about A5/1Let us talk about A5/1  A5/1A5/1  A5/1 is aA5/1 is a stream cipherstream cipher used to provideused to provide over-the-airover-the-air communicationcommunication privacy in the GSM cellular telephone standard. It was initially keptprivacy in the GSM cellular telephone standard. It was initially kept secret, but became public knowledge through leaks and reversesecret, but became public knowledge through leaks and reverse engineering. A number of serious weaknesses in the cipher have beenengineering. A number of serious weaknesses in the cipher have been identified.identified.  Stream Cipher:Stream Cipher:  In cryptography, aIn cryptography, a stream cipherstream cipher is a symmetric key cipher where plaintext bitsis a symmetric key cipher where plaintext bits are combined with a pseudorandom cipher bit stream (keystream), typically by anare combined with a pseudorandom cipher bit stream (keystream), typically by an exclusive-or (exclusive-or (xorxor) operation. In a stream cipher the plaintext digits are encrypted) operation. In a stream cipher the plaintext digits are encrypted one at a time, and the transformation of successive digits varies during theone at a time, and the transformation of successive digits varies during the encryption.encryption.  A5/1 is used in Europe and the United States. It was developed in 1987,A5/1 is used in Europe and the United States. It was developed in 1987, when GSM was not yet considered for use outside Europe, and A5/2 waswhen GSM was not yet considered for use outside Europe, and A5/2 was developed in 1989. Both were initially kept secret. However, the generaldeveloped in 1989. Both were initially kept secret. However, the general design was leaked in 1994, and the algorithms were entirely reversedesign was leaked in 1994, and the algorithms were entirely reverse engineered in 1999 by Marc Briceno from a GSM telephone. In 2000,engineered in 1999 by Marc Briceno from a GSM telephone. In 2000, around 130 million GSM customers relied on A5/1 to protect thearound 130 million GSM customers relied on A5/1 to protect the confidentiality of their voice communications.confidentiality of their voice communications.
  • 33.  Description of A5/1Description of A5/1  A GSM transmission is organized as sequences ofA GSM transmission is organized as sequences of burstsbursts. In a typical. In a typical channel and in one direction, one burst is sent everychannel and in one direction, one burst is sent every 4.615ms4.615ms andand containscontains 114 bits114 bits available for information.available for information.  A5/1 is used to produce for each burst aA5/1 is used to produce for each burst a 114 bit sequence of keystream114 bit sequence of keystream which iswhich is XORXORed with the 114 bits prior to modulation.ed with the 114 bits prior to modulation.  A5/1 is initialized using aA5/1 is initialized using a 64-bit key64-bit key together with atogether with a publicly-knownpublicly-known 22-bit frame number22-bit frame number. In fielded GSM implementations 10 of the key. In fielded GSM implementations 10 of the key bits are fixed at zero, resulting in anbits are fixed at zero, resulting in an effective key length of 54 bitseffective key length of 54 bits..  A5/1 can also be used for data encryptions in EDGE, in which case upA5/1 can also be used for data encryptions in EDGE, in which case up to eight bursts are sent every 4.615 ms, each containingto eight bursts are sent every 4.615 ms, each containing 348 data bits348 data bits..
  • 34.  A5/1 is based around a combination of threeA5/1 is based around a combination of three LLinearinear FFeedbackeedback SShifthift RRegisters (egisters (LFSRLFSRs) with irregular clocking.s) with irregular clocking. The three shift registers are specified as follows:The three shift registers are specified as follows:
  • 35.  The bits are indexed with the least significant bit (LSB) as 0.The bits are indexed with the least significant bit (LSB) as 0.  The registers are clocked in a stop/go fashion using a majority rule. EachThe registers are clocked in a stop/go fashion using a majority rule. Each register has an associated clocking bit. At each cycle, the clocking bit ofregister has an associated clocking bit. At each cycle, the clocking bit of all three registers is examined and the majority bit is determined.all three registers is examined and the majority bit is determined.  A register is clocked if the clocking bit agrees with the majority bit. HenceA register is clocked if the clocking bit agrees with the majority bit. Hence at each step two or three registers are clocked, and each register stepsat each step two or three registers are clocked, and each register steps with probability 3/4.with probability 3/4.  Initially, the registers are set to zero. Then for 64 cycles, the 64-bit secretInitially, the registers are set to zero. Then for 64 cycles, the 64-bit secret key is mixed in according to the following scheme: in cycle , thekey is mixed in according to the following scheme: in cycle , the iith keyth key bit is added to the least significant bit of each register using XOR —bit is added to the least significant bit of each register using XOR —   Each register is then clocked.Each register is then clocked.  Similarly, the 22-bits of the frame number are added in 22 cycles. ThenSimilarly, the 22-bits of the frame number are added in 22 cycles. Then the entire system is clocked using the normal majority clockingthe entire system is clocked using the normal majority clocking mechanism for 100 cycles, with the output discarded. After this ismechanism for 100 cycles, with the output discarded. After this is completed, the cipher is ready to produce two 114 bit sequences ofcompleted, the cipher is ready to produce two 114 bit sequences of output keystream, first 114 for downlink, last 114 for uplink.output keystream, first 114 for downlink, last 114 for uplink.
  • 36. Graphical Notation of A5/1Graphical Notation of A5/1
  • 37. Some Attacks on A5/1Some Attacks on A5/1  Passive Ciphertext-Only Attack[1]Passive Ciphertext-Only Attack[1]  Biased Birthday Attack[2]Biased Birthday Attack[2]  Random Subgraph Attack[2]Random Subgraph Attack[2]
  • 38. Possible Attack ScenariosPossible Attack Scenarios  Attacks on A5 can be in the following forms:[1]Attacks on A5 can be in the following forms:[1]  Call wire-tappingCall wire-tapping  Call HijackingCall Hijacking  Altering of SMSAltering of SMS  Call theft – Dynamic CloningCall theft – Dynamic Cloning
  • 39. What I Propose?What I Propose?  (STREAM & BLOCK CIPHER) COMBINED(STREAM & BLOCK CIPHER) COMBINED ALGORITHM FOR DATA ENCRYPTION &ALGORITHM FOR DATA ENCRYPTION & DECRYPTIONDECRYPTION  Provides more security to data, making it hardProvides more security to data, making it hard to cryptanalysis the cipher textto cryptanalysis the cipher text
  • 42. My Next StepMy Next Step  Implementation of the above mentionedImplementation of the above mentioned algorithm in a normal PCalgorithm in a normal PC  Verify it is better than A5/1Verify it is better than A5/1
  • 43.  Reference:Reference: [1] [2] [3] Lecture Notes of Haojin Zhu and Xiaodong Lin of the Department of Electrical and Computer Engineering, University of Waterloo, Canada. [4] Types & modes combined algorithm for data encryption and decryption by[4] Types & modes combined algorithm for data encryption and decryption by D.M.A.B MailewaD.M.A.B Mailewa,, T.D.B WeerasingheT.D.B Weerasinghe,, C.A MunasingheC.A Munasinghe,, Piyal J. PereraPiyal J. Perera of theof the Department of Computer Engineering, University of Peradeniya.Department of Computer Engineering, University of Peradeniya.