SlideShare a Scribd company logo

Presentation one-gsm

Download as PPTX, PDF
Abu Sadat Mohammed Yasin
Abu Sadat Mohammed Yasin

The document discusses security in GSM networks. It describes the GSM architecture including mobile stations, base stations, and network switching systems. It then explains the security concerns with GSM and the features used to address them, including subscriber authentication using algorithms A3 and A8, and voice encryption with algorithm A5/1. The document provides details on how these algorithms work to authenticate users and encrypt communications in GSM networks.

Technology
1 of 21
Presented by : Abu Sadat Mohammed Yasin Debotosh Dey Cryptography and Information Security Topic: GSM Security Overview
Content  Introduction  Architecture  Security Concern  Security Features  Security model  Security Algorithms  A3, The MS Authentication Algorithm  A8, The Voice-Privacy Key Generation Algorithm  A5/1 Stream Cipher  A5/1 (Key Generation)  Conclusion
GSM: Introduction  GSM - Group Special Mobile or General System for Mobile Communications.  GSM is the Pan-European standard for digital cellular communications.  GSM was established in 1982 within the European Conference of Post and Telecommunication Administrations (CEPT).  In 1991 the first GSM based networks commenced operations.
GSM: Architecture
GSM: Architecture  A GSM network is made up of three subsystems:  The Mobile Station (MS)  Mobile Equipment (ME)  Physical mobile device  Identifiers  IMEI – International Mobile Equipment Identity  Subscriber Identity Module (SIM)  Smart Card containing keys, identifiers and algorithms  Identifiers  Ki – Subscriber Authentication Key  IMSI – International Mobile Subscriber Identity  TMSI – Temporary Mobile Subscriber Identity  MSISDN – Mobile Station International Service Digital Network  PIN – Personal Identity Number protecting a SIM  LAI – location area identity
GSM: Architecture  The Base Station Sub-system (BSS)  Comprising a Base Station Controller (BSC) and  Several Base Transceiver Stations (BTS)s  The Network and Switching Sub-system (NSS)  comprising an Mobile services Switching Center (MSC) and  associated registers Home Location Register (HLR), Authentication Center (AuC), Visitor Location Register (VLR)  The interfaces defined between each of these sub systems include:  'A' interface between NSS and BSS  'Abis' interface between BSC and BTS (within the BSS)  'Um' air interface between the BSS and the MS
GSM: Security Concerns  Operators  Bills right people  Avoid fraud  Protect Services  Customers  Privacy  Anonymity
GSM: Security Features  Key management is independent of equipment  Subscribers can change handsets without compromising security  Subscriber identity protection  not easy to identify the user of the system intercepting a user data  Detection of compromised equipment  Detection mechanism whether a mobile device was compromised or not  Subscriber authentication  The operator knows for billing purposes who is using the system  Signaling and user data protection  Signaling and data channels are protected over the radio path
GSM: Security Features  The security mechanisms of GSM are implemented in three different system elements:  The Subscriber Identity Module (SIM) - The SIM contains the International Mobile Subscriber Identity IMSI, the individual subscriber authentication key (Ki), the ciphering key generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number(PIN).  The GSM handset - The GSM handset contains the ciphering algorithm (A5).  The GSM network - The encryption algorithms (A3, A5, A8) are present in the GSM network
GSM: Security Model  Mobile station authentication
GSM: Security Algorithms.  A3, The MS Authentication Algorithm  A8, The Voice-Privacy Key Generation Algorithm  A5/1, The Strong Over-the-Air Voice-Privacy Algorithm
GSM: A3, The MS Authentication Algorithm  Inputs are  the RAND from the MSC  the secret key Ki from the SIM  generates a 32-bit output, which is the SRES response. A3 RAND (128 bit) Ki (128 bit) SRES (32 bit)
GSM: A8, The Voice-Privacy Key Generation Algorithm  Inputs are  the RAND from the MSC  the secret key Ki from the SIM  generates a 64-bit output, which is Session Key Kc. A8 RAND (128 bit) Ki (128 bit) KC (64 bit)
GSM: A5/1 Stream Cipher  Combination of 3 linear feedback shift registers (LFSRs)  Each register has an associated clocking bit.  The registers are clocked in a stop/go fashion using a majority rule.
GSM: A5/1 Stream Cipher  At each cycle, the clocking bit of all three registers is examined and the majority bit is determined.  A register is clocked if the clocking bit agrees with the majority bit.  At each step at least two or three registers are clocked.
GSM: A5/1 Stream Cipher(Example)  Majority of clock bit (1,0,1) = 1  First and third LFSRs will be clocked but not the second. 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 1     1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1   
GSM: A5/1 Stream Cipher(Example) 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 0 1 0 1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0     0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0     Keystream bit will be 0  1  0 = 1
GSM: A5/1 Stream Cipher (Initialization)  64-bit Session Key loaded in to the LFSR(bit by bit)  The majority clocking rule is disabled  22-bit frame number is also loaded into the register  The majority clocking rule applies from now on.  The registers are clocked one hundred times.  Generated keystream bits are discarder.  In order to mix the frame number and keying material together.
GSM: A5/1 (Key Generation)  228 bits of keystream output are generated.  The first 114 bits are used to encrypt the frame from MS(Mobile Station) to BTS(base transceiver station).  The next 114 bits are used to encrypt the frame from BTS to MS.  The same Session Key is used throughout the call, but the 22-bit frame number changes during the call, that is why, A5 algorithm is initialized again with the same session key and the number of the next frame.
Conclusion  GSM is the most widely used cellular network standard.  Security mechanism specified in the GSM make it a secure cellular telecommunication available.  The use of authentication, encryptions ensures the privacy and anonymity of the system’s users.
_________ _____ __

Recommended

HSM (Hardware Security Module)
HSM (Hardware Security Module)HSM (Hardware Security Module)
HSM (Hardware Security Module)
Umesh Kolhe
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
Anas Rock
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
university of education,Lahore
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum Cryptography
CSNP
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
 
Crypto graphy
Crypto graphyCrypto graphy
Crypto graphyCherkaoui Younes
 

Recommended

HSM (Hardware Security Module)
HSM (Hardware Security Module)HSM (Hardware Security Module)
HSM (Hardware Security Module)
Umesh Kolhe
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
Popescu Petre
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
Anas Rock
 
Fundamentals of cryptography
Fundamentals of cryptographyFundamentals of cryptography
Fundamentals of cryptography
Hossain Md Shakhawat
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
university of education,Lahore
 
Emily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum CryptographyEmily Stamm - Post-Quantum Cryptography
Emily Stamm - Post-Quantum Cryptography
CSNP
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
Gulcin Yildirim Jelinek
 
Crypto graphy
Crypto graphyCrypto graphy
Crypto graphyCherkaoui Younes
 
Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
Sou Jana
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
Vittorio Giovara
 
Tp rsa1
Tp rsa1Tp rsa1
Tp rsa1ZIZI Yahia
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical Overview
Ramesh Nagappan
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
Narudom Roongsiriwong, CISSP
 
Public private key
Public private keyPublic private key
Public private keyStudsPlanet.com
 
Hash Function
Hash Function Hash Function
Hash Function
ssuserdfb2da
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
Vittorio Giovara
 
Criptosistemas
CriptosistemasCriptosistemas
Criptosistemas
Juan Carlos Broncanotorres
 
Rsa
RsaRsa
Rsamagentie
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
Mohamed Loey
 
Topic20 The RC4 Algorithm.pptx
Topic20 The RC4 Algorithm.pptxTopic20 The RC4 Algorithm.pptx
Topic20 The RC4 Algorithm.pptx
UrjaDhabarde
 
Ipsec
IpsecIpsec
Ipsec
Baidyanath Dutta
 
Cryptography
CryptographyCryptography
Cryptography
Vicky Kamboj
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
harshit chavda
 
Block cipher modes of operations
Block cipher modes of operationsBlock cipher modes of operations
Block cipher modes of operations
AkashRanjandas1
 
HSM Basic Training
HSM Basic TrainingHSM Basic Training
HSM Basic Training
Md. Budrul Hasan Bhuiyan
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
UVM: Basic Sequences
UVM: Basic SequencesUVM: Basic Sequences
UVM: Basic Sequences
Arrow Devices
 
Cryptography in GSM
Cryptography in GSMCryptography in GSM
Cryptography in GSMTharindu Weerasinghe
 
Stream ciphers presentation
Stream ciphers presentationStream ciphers presentation
Stream ciphers presentationdegarden
 

More Related Content

What's hot

Cryptography
CryptographyCryptography
Cryptography
Jens Patel
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
Sou Jana
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
Vittorio Giovara
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical Overview
Ramesh Nagappan
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
Narudom Roongsiriwong, CISSP
 
Hash Function
Hash Function Hash Function
Hash Function
ssuserdfb2da
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
Vittorio Giovara
 
Criptosistemas
CriptosistemasCriptosistemas
Criptosistemas
Juan Carlos Broncanotorres
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
Mohamed Loey
 
Topic20 The RC4 Algorithm.pptx
Topic20 The RC4 Algorithm.pptxTopic20 The RC4 Algorithm.pptx
Topic20 The RC4 Algorithm.pptx
UrjaDhabarde
 
Ipsec
IpsecIpsec
Ipsec
Baidyanath Dutta
 
Cryptography
CryptographyCryptography
Cryptography
Vicky Kamboj
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
harshit chavda
 
Block cipher modes of operations
Block cipher modes of operationsBlock cipher modes of operations
Block cipher modes of operations
AkashRanjandas1
 
HSM Basic Training
HSM Basic TrainingHSM Basic Training
HSM Basic Training
Md. Budrul Hasan Bhuiyan
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
UVM: Basic Sequences
UVM: Basic SequencesUVM: Basic Sequences
UVM: Basic Sequences
Arrow Devices
 

What's hot (20)

Cryptography
CryptographyCryptography
Cryptography
 
PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
 
Authenticated Encryption Gcm Ccm
Authenticated Encryption Gcm CcmAuthenticated Encryption Gcm Ccm
Authenticated Encryption Gcm Ccm
 
Tp rsa1
Tp rsa1Tp rsa1
Tp rsa1
 
Post Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical OverviewPost Quantum Cryptography: Technical Overview
Post Quantum Cryptography: Technical Overview
 
Secure Your Encryption with HSM
Secure Your Encryption with HSMSecure Your Encryption with HSM
Secure Your Encryption with HSM
 
Public private key
Public private keyPublic private key
Public private key
 
Hash Function
Hash Function Hash Function
Hash Function
 
Block Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For AuthenticationBlock Cipher Modes of Operation And Cmac For Authentication
Block Cipher Modes of Operation And Cmac For Authentication
 
Criptosistemas
CriptosistemasCriptosistemas
Criptosistemas
 
Rsa
RsaRsa
Rsa
 
Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2Computer Security Lecture 3: Classical Encryption Techniques 2
Computer Security Lecture 3: Classical Encryption Techniques 2
 
Topic20 The RC4 Algorithm.pptx
Topic20 The RC4 Algorithm.pptxTopic20 The RC4 Algorithm.pptx
Topic20 The RC4 Algorithm.pptx
 
Ipsec
IpsecIpsec
Ipsec
 
Cryptography
CryptographyCryptography
Cryptography
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
 
Block cipher modes of operations
Block cipher modes of operationsBlock cipher modes of operations
Block cipher modes of operations
 
HSM Basic Training
HSM Basic TrainingHSM Basic Training
HSM Basic Training
 
Cryptography
CryptographyCryptography
Cryptography
 
UVM: Basic Sequences
UVM: Basic SequencesUVM: Basic Sequences
UVM: Basic Sequences
 

Viewers also liked

Stream ciphers presentation
Stream ciphers presentationStream ciphers presentation
Stream ciphers presentationdegarden
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptographysubhradeep mitra
 
Cryptoppt
CryptopptCryptoppt
Cryptoppt
Meenakshi Tripathi
 
Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2
Max Benana
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
RK Nayak
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniquesMohd Arif
 

Viewers also liked (10)

Cryptography in GSM
Cryptography in GSMCryptography in GSM
Cryptography in GSM
 
Stream ciphers presentation
Stream ciphers presentationStream ciphers presentation
Stream ciphers presentation
 
Different types of Symmetric key Cryptography
Different types of Symmetric key CryptographyDifferent types of Symmetric key Cryptography
Different types of Symmetric key Cryptography
 
Gsm Security and Attacks
Gsm Security and AttacksGsm Security and Attacks
Gsm Security and Attacks
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptoppt
CryptopptCryptoppt
Cryptoppt
 
Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2Algorithme de chiffrement RC4, A5/1 & A5/2
Algorithme de chiffrement RC4, A5/1 & A5/2
 
RC4&RC5
RC4&RC5RC4&RC5
RC4&RC5
 
Gsm security and encryption
Gsm security and encryptionGsm security and encryption
Gsm security and encryption
 
Cipher techniques
Cipher techniquesCipher techniques
Cipher techniques
 

Similar to Presentation one-gsm

GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
Saikiran Panjala
 
GSM Architecture.ppt
GSM Architecture.ppt GSM Architecture.ppt
GSM Architecture.ppt
Danish Mahmood
 
Rk 3 gsm network
Rk 3 gsm networkRk 3 gsm network
Rk 3 gsm network
Azri Randy
 
GSM network
GSM networkGSM network
GSM network
WebAshlar
 
Digital cellular networks GSM
Digital cellular networks GSMDigital cellular networks GSM
Digital cellular networks GSM
RAVIKIRAN ANANDE
 
Gsm security final
Gsm security finalGsm security final
Gsm security final
Sanket Yavalkar
 
Securing Wireless Cellular Systems
Securing Wireless Cellular SystemsSecuring Wireless Cellular Systems
Securing Wireless Cellular Systems
ACMBangalore
 
gsm-archtecture.ppt mobile computing ppt
gsm-archtecture.ppt mobile computing pptgsm-archtecture.ppt mobile computing ppt
gsm-archtecture.ppt mobile computing ppt
kavitamittal18
 
105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt
AkbarpashaShaik3
 
Security Issues Implement GSM.pptx
Security Issues Implement GSM.pptxSecurity Issues Implement GSM.pptx
Security Issues Implement GSM.pptx
Student Conscious Club
 
Mbile communication and computingGSM Network.ppt
Mbile communication and computingGSM Network.pptMbile communication and computingGSM Network.ppt
Mbile communication and computingGSM Network.ppt
SomnathMule5
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
IJERD Editor
 
GSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE TechnologiesGSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE TechnologiesEngr.MEESHU SHARKER
 
GSM Introduction
GSM IntroductionGSM Introduction
GSM Introduction
Tempus Telcosys
 
Mob. comp . prst
Mob. comp . prstMob. comp . prst
Mob. comp . prst
Bhanu Pratap
 
GSM.ppt
GSM.pptGSM.ppt
GSM.ppt
DeepakBaghel50
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntation
TECOS
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntation
TECOS
 

Similar to Presentation one-gsm (20)

GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALAGSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
GSM SECURITY AND ENCRYPTION BY SAIKIRAN PANJALA
 
GSM Architecture.ppt
GSM Architecture.ppt GSM Architecture.ppt
GSM Architecture.ppt
 
Rk 3 gsm network
Rk 3 gsm networkRk 3 gsm network
Rk 3 gsm network
 
Rk 3 gsm network @guddu
Rk 3 gsm network @gudduRk 3 gsm network @guddu
Rk 3 gsm network @guddu
 
GSM network
GSM networkGSM network
GSM network
 
Gsm Network
Gsm NetworkGsm Network
Gsm Network
 
Digital cellular networks GSM
Digital cellular networks GSMDigital cellular networks GSM
Digital cellular networks GSM
 
Gsm security final
Gsm security finalGsm security final
Gsm security final
 
Securing Wireless Cellular Systems
Securing Wireless Cellular SystemsSecuring Wireless Cellular Systems
Securing Wireless Cellular Systems
 
gsm-archtecture.ppt mobile computing ppt
gsm-archtecture.ppt mobile computing pptgsm-archtecture.ppt mobile computing ppt
gsm-archtecture.ppt mobile computing ppt
 
105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt105093_633617613676087500 GSM technology.ppt
105093_633617613676087500 GSM technology.ppt
 
Security Issues Implement GSM.pptx
Security Issues Implement GSM.pptxSecurity Issues Implement GSM.pptx
Security Issues Implement GSM.pptx
 
Mbile communication and computingGSM Network.ppt
Mbile communication and computingGSM Network.pptMbile communication and computingGSM Network.ppt
Mbile communication and computingGSM Network.ppt
 
International Journal of Engineering Research and Development
International Journal of Engineering Research and DevelopmentInternational Journal of Engineering Research and Development
International Journal of Engineering Research and Development
 
GSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE TechnologiesGSM security solution by FINETUNE Technologies
GSM security solution by FINETUNE Technologies
 
GSM Introduction
GSM IntroductionGSM Introduction
GSM Introduction
 
Mob. comp . prst
Mob. comp . prstMob. comp . prst
Mob. comp . prst
 
GSM.ppt
GSM.pptGSM.ppt
GSM.ppt
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntation
 
Gsm presntation
Gsm presntationGsm presntation
Gsm presntation
 

Recently uploaded

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
DianaGray10
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
Alex Pruden
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
Ana-Maria Mihalceanu
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Vladimir Iglovikov, Ph.D.
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
Kumud Singh
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
Adtran
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
Rohit Gautam
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
SOFTTECHHUB
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
Octavian Nadolu
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
Matthew Sinclair
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
Uni Systems S.M.S.A.
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
ThomasParaiso2
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
Neo4j
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
Matthew Sinclair
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
RinaMondal9
 

Recently uploaded (20)

Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5UiPath Test Automation using UiPath Test Suite series, part 5
UiPath Test Automation using UiPath Test Suite series, part 5
 
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofszkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex Proofs
 
Monitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR EventsMonitoring Java Application Security with JDK Tools and JFR Events
Monitoring Java Application Security with JDK Tools and JFR Events
 
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIEnchancing adoption of Open Source Libraries. A case study on Albumentations.AI
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AI
 
Mind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AIMind map of terminologies used in context of Generative AI
Mind map of terminologies used in context of Generative AI
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Pushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 daysPushing the limits of ePRTC: 100ns holdover for 100 days
Pushing the limits of ePRTC: 100ns holdover for 100 days
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
Large Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial ApplicationsLarge Language Model (LLM) and it’s Geospatial Applications
Large Language Model (LLM) and it’s Geospatial Applications
 
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...
 
Artificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopmentArtificial Intelligence for XMLDevelopment
Artificial Intelligence for XMLDevelopment
 
20240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 202420240605 QFM017 Machine Intelligence Reading List May 2024
20240605 QFM017 Machine Intelligence Reading List May 2024
 
Microsoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdfMicrosoft - Power Platform_G.Aspiotis.pdf
Microsoft - Power Platform_G.Aspiotis.pdf
 
GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...GridMate - End to end testing is a critical piece to ensure quality and avoid...
GridMate - End to end testing is a critical piece to ensure quality and avoid...
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
GraphSummit Singapore | Enhancing Changi Airport Group's Passenger Experience...
 
20240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 202420240607 QFM018 Elixir Reading List May 2024
20240607 QFM018 Elixir Reading List May 2024
 
Free Complete Python - A step towards Data Science
Free Complete Python - A step towards Data ScienceFree Complete Python - A step towards Data Science
Free Complete Python - A step towards Data Science
 

Presentation one-gsm

  • 1. Presented by : Abu Sadat Mohammed Yasin Debotosh Dey Cryptography and Information Security Topic: GSM Security Overview
  • 2. Content  Introduction  Architecture  Security Concern  Security Features  Security model  Security Algorithms  A3, The MS Authentication Algorithm  A8, The Voice-Privacy Key Generation Algorithm  A5/1 Stream Cipher  A5/1 (Key Generation)  Conclusion
  • 3. GSM: Introduction  GSM - Group Special Mobile or General System for Mobile Communications.  GSM is the Pan-European standard for digital cellular communications.  GSM was established in 1982 within the European Conference of Post and Telecommunication Administrations (CEPT).  In 1991 the first GSM based networks commenced operations.
  • 5. GSM: Architecture  A GSM network is made up of three subsystems:  The Mobile Station (MS)  Mobile Equipment (ME)  Physical mobile device  Identifiers  IMEI – International Mobile Equipment Identity  Subscriber Identity Module (SIM)  Smart Card containing keys, identifiers and algorithms  Identifiers  Ki – Subscriber Authentication Key  IMSI – International Mobile Subscriber Identity  TMSI – Temporary Mobile Subscriber Identity  MSISDN – Mobile Station International Service Digital Network  PIN – Personal Identity Number protecting a SIM  LAI – location area identity
  • 6. GSM: Architecture  The Base Station Sub-system (BSS)  Comprising a Base Station Controller (BSC) and  Several Base Transceiver Stations (BTS)s  The Network and Switching Sub-system (NSS)  comprising an Mobile services Switching Center (MSC) and  associated registers Home Location Register (HLR), Authentication Center (AuC), Visitor Location Register (VLR)  The interfaces defined between each of these sub systems include:  'A' interface between NSS and BSS  'Abis' interface between BSC and BTS (within the BSS)  'Um' air interface between the BSS and the MS
  • 7. GSM: Security Concerns  Operators  Bills right people  Avoid fraud  Protect Services  Customers  Privacy  Anonymity
  • 8. GSM: Security Features  Key management is independent of equipment  Subscribers can change handsets without compromising security  Subscriber identity protection  not easy to identify the user of the system intercepting a user data  Detection of compromised equipment  Detection mechanism whether a mobile device was compromised or not  Subscriber authentication  The operator knows for billing purposes who is using the system  Signaling and user data protection  Signaling and data channels are protected over the radio path
  • 9. GSM: Security Features  The security mechanisms of GSM are implemented in three different system elements:  The Subscriber Identity Module (SIM) - The SIM contains the International Mobile Subscriber Identity IMSI, the individual subscriber authentication key (Ki), the ciphering key generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number(PIN).  The GSM handset - The GSM handset contains the ciphering algorithm (A5).  The GSM network - The encryption algorithms (A3, A5, A8) are present in the GSM network
  • 10. GSM: Security Model  Mobile station authentication
  • 11. GSM: Security Algorithms.  A3, The MS Authentication Algorithm  A8, The Voice-Privacy Key Generation Algorithm  A5/1, The Strong Over-the-Air Voice-Privacy Algorithm
  • 12. GSM: A3, The MS Authentication Algorithm  Inputs are  the RAND from the MSC  the secret key Ki from the SIM  generates a 32-bit output, which is the SRES response. A3 RAND (128 bit) Ki (128 bit) SRES (32 bit)
  • 13. GSM: A8, The Voice-Privacy Key Generation Algorithm  Inputs are  the RAND from the MSC  the secret key Ki from the SIM  generates a 64-bit output, which is Session Key Kc. A8 RAND (128 bit) Ki (128 bit) KC (64 bit)
  • 14. GSM: A5/1 Stream Cipher  Combination of 3 linear feedback shift registers (LFSRs)  Each register has an associated clocking bit.  The registers are clocked in a stop/go fashion using a majority rule.
  • 15. GSM: A5/1 Stream Cipher  At each cycle, the clocking bit of all three registers is examined and the majority bit is determined.  A register is clocked if the clocking bit agrees with the majority bit.  At each step at least two or three registers are clocked.
  • 16. GSM: A5/1 Stream Cipher(Example)  Majority of clock bit (1,0,1) = 1  First and third LFSRs will be clocked but not the second. 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0 1     1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1   
  • 17. GSM: A5/1 Stream Cipher(Example) 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 1 1 0 0 0 1 0 1 1 1 0 0 0 0 1 1 1 1 0 0 0 0 1 1 1 1 0 0 0     0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0 1 0     Keystream bit will be 0  1  0 = 1
  • 18. GSM: A5/1 Stream Cipher (Initialization)  64-bit Session Key loaded in to the LFSR(bit by bit)  The majority clocking rule is disabled  22-bit frame number is also loaded into the register  The majority clocking rule applies from now on.  The registers are clocked one hundred times.  Generated keystream bits are discarder.  In order to mix the frame number and keying material together.
  • 19. GSM: A5/1 (Key Generation)  228 bits of keystream output are generated.  The first 114 bits are used to encrypt the frame from MS(Mobile Station) to BTS(base transceiver station).  The next 114 bits are used to encrypt the frame from BTS to MS.  The same Session Key is used throughout the call, but the 22-bit frame number changes during the call, that is why, A5 algorithm is initialized again with the same session key and the number of the next frame.
  • 20. Conclusion  GSM is the most widely used cellular network standard.  Security mechanism specified in the GSM make it a secure cellular telecommunication available.  The use of authentication, encryptions ensures the privacy and anonymity of the system’s users.