The document discusses security in GSM networks. It describes the GSM architecture including mobile stations, base stations, and network switching systems. It then explains the security concerns with GSM and the features used to address them, including subscriber authentication using algorithms A3 and A8, and voice encryption with algorithm A5/1. The document provides details on how these algorithms work to authenticate users and encrypt communications in GSM networks.
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
This presentation is created for Applied Data Communication lecture of Computer Systems Engineering master programme at Tallinn University of Technology
A short introduction to cryptography. What is public and private key cryptography? What is a Caesar Cipher and how do we decrypt it? How does RSA work?
This presentation is created for Applied Data Communication lecture of Computer Systems Engineering master programme at Tallinn University of Technology
Hardware Security Modules (HSMs) are widely use for cryptography key management in many areas such as PKI, card payment, trusted platform modules, etc. However they are rarely used in in-house software development.
This presentation will explain about why we need the key management and its fundamental, overview of HSM and how it take parts in key management, HSM selection criterias, and finally, an idea to make a web service wrapper easier to adopt by developers those lack of knowledge in cryptography programming.
this presentation is on block cipher modes which are used for encryption and decryption to any message.That are Defined by the National Institute of Standards and Technology . Block cipher modes of operation are part of symmetric key encryption algorithm.
i hope you may like this.
Hardware Security Modules (HSMs) are widely use for cryptography key management in many areas such as PKI, card payment, trusted platform modules, etc. However they are rarely used in in-house software development.
This presentation will explain about why we need the key management and its fundamental, overview of HSM and how it take parts in key management, HSM selection criterias, and finally, an idea to make a web service wrapper easier to adopt by developers those lack of knowledge in cryptography programming.
this presentation is on block cipher modes which are used for encryption and decryption to any message.That are Defined by the National Institute of Standards and Technology . Block cipher modes of operation are part of symmetric key encryption algorithm.
i hope you may like this.
Algorithme de chiffrement RC4, A5/1 & A5/2Max Benana
Description de A à Z de l'algorithme de chiffrement RC4 utilisé pour SSL, Web...
Détails des prodédures de chiffrement des algorithmes A5/1 & A5/2 utilisé par le GSM
Global system for mobile communication Introduction, GSM architecture, GSM interfaces, Signal processing in GSM,
Frame structure of GSM, Channels used in GSM
Index
GSM: Introduction
Security in GSM
Access control and authentication
Authentication
Authentication in GSM
Distribution of Security Features in the GSM Network
Confidentiality (Encryption)
Encryption
Key generation and Encryption
Algorithms used in GSM
Algorithms used in GSM
Conclusion
International Journal of Engineering Research and DevelopmentIJERD Editor
Electrical, Electronics and Computer Engineering,
Information Engineering and Technology,
Mechanical, Industrial and Manufacturing Engineering,
Automation and Mechatronics Engineering,
Material and Chemical Engineering,
Civil and Architecture Engineering,
Biotechnology and Bio Engineering,
Environmental Engineering,
Petroleum and Mining Engineering,
Marine and Agriculture engineering,
Aerospace Engineering.
The global system for mobile communications (GSM) is a set of recommendations and specifications for a digital cellular telephone network (known as a Public Land Mobile Network, or PLMN). These recommendations ensure the compatibility of equipment from different GSM manufacturers, and interconnectivity between different administrations, including operations across international boundaries
The GSM network is comprised of the following components:
Network Elements
The GSM network incorporates a number of network elements to support mobile equipment. They are listed and described in the GSM network elements section of this chapter.
GSM subsystems
In addition, the network includes subsystems that are not formally recognized as network elements but are necessary for network operation. These are described in the GSM subsystems (non-network elements) section of this chapter.
Standardized Interfaces
GSM specifies standards for interfaces between network elements, which ensure the connectivity of GSM equipment from different manufacturers. These are listed in the Standardized interfaces section of this chapter.
Network Protocols
For most of the network communications on these interfaces, internationally recognized communications protocols have been used
These are identified in the Network protocols section of this chapter.
GSM Frequencies
The frequency allocations for GSM 900, Extended GSM and Digital Communications Systems are identified in the GSM frequencies section of this chapter.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
In the rapidly evolving landscape of technologies, XML continues to play a vital role in structuring, storing, and transporting data across diverse systems. The recent advancements in artificial intelligence (AI) present new methodologies for enhancing XML development workflows, introducing efficiency, automation, and intelligent capabilities. This presentation will outline the scope and perspective of utilizing AI in XML development. The potential benefits and the possible pitfalls will be highlighted, providing a balanced view of the subject.
We will explore the capabilities of AI in understanding XML markup languages and autonomously creating structured XML content. Additionally, we will examine the capacity of AI to enrich plain text with appropriate XML markup. Practical examples and methodological guidelines will be provided to elucidate how AI can be effectively prompted to interpret and generate accurate XML markup.
Further emphasis will be placed on the role of AI in developing XSLT, or schemas such as XSD and Schematron. We will address the techniques and strategies adopted to create prompts for generating code, explaining code, or refactoring the code, and the results achieved.
The discussion will extend to how AI can be used to transform XML content. In particular, the focus will be on the use of AI XPath extension functions in XSLT, Schematron, Schematron Quick Fixes, or for XML content refactoring.
The presentation aims to deliver a comprehensive overview of AI usage in XML development, providing attendees with the necessary knowledge to make informed decisions. Whether you’re at the early stages of adopting AI or considering integrating it in advanced XML development, this presentation will cover all levels of expertise.
By highlighting the potential advantages and challenges of integrating AI with XML development tools and languages, the presentation seeks to inspire thoughtful conversation around the future of XML development. We’ll not only delve into the technical aspects of AI-powered XML development but also discuss practical implications and possible future directions.
GridMate - End to end testing is a critical piece to ensure quality and avoid...ThomasParaiso2
End to end testing is a critical piece to ensure quality and avoid regressions. In this session, we share our journey building an E2E testing pipeline for GridMate components (LWC and Aura) using Cypress, JSForce, FakerJS…
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Free Complete Python - A step towards Data Science
Presentation one-gsm
1. Presented by :
Abu Sadat Mohammed Yasin
Debotosh Dey
Cryptography and Information Security
Topic: GSM Security Overview
2. Content
Introduction
Architecture
Security Concern
Security Features
Security model
Security Algorithms
A3, The MS Authentication Algorithm
A8, The Voice-Privacy Key Generation Algorithm
A5/1 Stream Cipher
A5/1 (Key Generation)
Conclusion
3. GSM: Introduction
GSM - Group Special Mobile or General System for
Mobile Communications.
GSM is the Pan-European standard for digital cellular
communications.
GSM was established in 1982 within the European
Conference of Post and Telecommunication
Administrations (CEPT).
In 1991 the first GSM based networks commenced
operations.
5. GSM: Architecture
A GSM network is made up of three subsystems:
The Mobile Station (MS)
Mobile Equipment (ME)
Physical mobile device
Identifiers
IMEI – International Mobile Equipment Identity
Subscriber Identity Module (SIM)
Smart Card containing keys, identifiers and algorithms
Identifiers
Ki – Subscriber Authentication Key
IMSI – International Mobile Subscriber Identity
TMSI – Temporary Mobile Subscriber Identity
MSISDN – Mobile Station International Service Digital
Network
PIN – Personal Identity Number protecting a SIM
LAI – location area identity
6. GSM: Architecture
The Base Station Sub-system (BSS)
Comprising a Base Station Controller (BSC) and
Several Base Transceiver Stations (BTS)s
The Network and Switching Sub-system (NSS)
comprising an Mobile services Switching Center (MSC) and
associated registers Home Location Register (HLR),
Authentication Center (AuC), Visitor Location Register (VLR)
The interfaces defined between each of these sub
systems include:
'A' interface between NSS and BSS
'Abis' interface between BSC and BTS (within the BSS)
'Um' air interface between the BSS and the MS
8. GSM: Security Features
Key management is independent of equipment
Subscribers can change handsets without compromising
security
Subscriber identity protection
not easy to identify the user of the system intercepting a
user data
Detection of compromised equipment
Detection mechanism whether a mobile device was
compromised or not
Subscriber authentication
The operator knows for billing purposes who is using the
system
Signaling and user data protection
Signaling and data channels are protected over the radio
path
9. GSM: Security Features
The security mechanisms of GSM are implemented
in three different system elements:
The Subscriber Identity Module (SIM) - The SIM
contains the International Mobile Subscriber Identity
IMSI, the individual subscriber authentication key (Ki), the
ciphering key generating algorithm (A8), the
authentication algorithm (A3), as well as a Personal
Identification Number(PIN).
The GSM handset - The GSM handset contains the
ciphering algorithm (A5).
The GSM network - The encryption algorithms (A3, A5,
A8) are present in the GSM network
11. GSM: Security Algorithms.
A3, The MS Authentication Algorithm
A8, The Voice-Privacy Key Generation Algorithm
A5/1, The Strong Over-the-Air Voice-Privacy
Algorithm
12. GSM: A3, The MS Authentication Algorithm
Inputs are
the RAND from the MSC
the secret key Ki from the SIM
generates a 32-bit output, which is the SRES
response.
A3
RAND (128 bit)
Ki (128 bit)
SRES (32 bit)
13. GSM: A8, The Voice-Privacy Key Generation Algorithm
Inputs are
the RAND from the MSC
the secret key Ki from the SIM
generates a 64-bit output, which is Session Key
Kc.
A8
RAND (128 bit)
Ki (128 bit)
KC (64 bit)
14. GSM: A5/1 Stream Cipher
Combination of 3 linear feedback shift registers
(LFSRs)
Each register has an associated clocking bit.
The registers are clocked in a stop/go fashion
using a majority rule.
15. GSM: A5/1 Stream Cipher
At each cycle, the clocking bit of all three registers is examined
and the majority bit is determined.
A register is clocked if the clocking bit agrees with the majority
bit.
At each step at least
two or three registers
are clocked.
16. GSM: A5/1 Stream Cipher(Example)
Majority of clock bit (1,0,1) = 1
First and third LFSRs will be clocked but not the
second.
1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 0 1
1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 1
1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1
18. GSM: A5/1 Stream Cipher (Initialization)
64-bit Session Key loaded in to the LFSR(bit by bit)
The majority clocking rule is disabled
22-bit frame number is also loaded into the register
The majority clocking rule applies from now on.
The registers are clocked one hundred times.
Generated keystream bits are discarder.
In order to mix the frame number and keying material
together.
19. GSM: A5/1 (Key Generation)
228 bits of keystream output are generated.
The first 114 bits are used to encrypt the frame from
MS(Mobile Station) to BTS(base transceiver station).
The next 114 bits are used to encrypt the frame from BTS
to MS.
The same Session Key is used throughout the call,
but the 22-bit frame number changes during the
call, that is why, A5 algorithm is initialized again
with the same session key and the number of the
next frame.
20. Conclusion
GSM is the most widely used cellular network
standard.
Security mechanism specified in the GSM make it a
secure cellular telecommunication available.
The use of authentication, encryptions ensures the
privacy and anonymity of the system’s users.