SlideShare a Scribd company logo

Security in bluetooth, cdma and umts

â€ĸDownload as PPT, PDFâ€ĸ
â€ĸ
Ankit Gupta
Ankit Gupta
Education
1 of 35
SECURITY IN BLUETOOTH, CDMA AND UMTS MOTILAL NEHRU NATIONAL INSTITUTE OF TECHNOLOGY ALLAHABAD
BLUETOOTH ī‚Ą System for short range wireless communication ī‚Ą Wireless data transfer via ACL link ī‚Ą Data rates up to 3 Mb/s ī‚Ą 2.4 GHz ISM band (Industrial Scientific Medicine) ī‚Ą Typical communication range is 10-100 meters ī‚Ą Bluetooth SIG (Special Interest Group) developed the technology
SECURITY THREATS īŽ Disclosure Threat īŽ Integrity Threat īŽ Denial of Service (DoS)
ATTACKS īŽ Snarf Attack īŽ Backdoor Attack īŽ BlueBug Attack īŽ BlueJack Attack īŽ Denial of Service Attack īŽ BluePrinting Attack
SECURITY LEVELS AND MODES Security Levels: ī‚§ Silent ī‚§ Private ī‚§ Public Security Modes: ī‚§ Non Secure ī‚§ Service Level Enforced Security ī‚§ Link Level Enforced Security
AUTHENTICATION, AUTHORIZATION , ENCRYPTION īŽ Authentication is the process of proving the identity of one piconet member to another īŽ Authorization determines whether the user is authorized to have access to the services provided īŽ Encryption is the process of encoding the information so that no eavesdropper can read it
SECURITY OPERATIONS
AUTHENTICATION
AUTHORIZATION
ENCRYPTION īŽ Encryption Mode 1 īŽ Encryption Mode 2 īŽ Encryption Mode 3
ENCRYPTION PROCEDURE
KNOWN VULNERABILITIES īŽ Spoofing through Keys īŽ Spoofing through a Bluetooth Address īŽ PIN Length
COUNTERMEASURES ī‚Ą Know your Environment ī‚Ą Be Invisible ī‚Ą Abstinence is best ī‚Ą Use only long PIN codes (16 case sensitive alphanumerical characters) ī‚Ą Requiring Authentication for every L2CAP request ī‚Ą Using additional security at software level and an additional password to physically protect the Bluetooth devices
COUNTERMEASURES CONTDâ€Ļ ī‚Ą Requiring re authentication always prior to access of a sensitive information / service ī‚Ą To prevent Man-in-the-middle attack, approach is to make it difficult for an attacker to lock onto the frequency used for communication. Making the frequency hopping intervals and patterns reasonably unpredictable might help to prevent an attacker from locking onto the devices signal.
PROPOSED SOLUTION FOR DOS ATTACK īŽ When the pairing message is sent by one device īŽ When the attacker is sending the message with the address, which is already connected to Bluetooth device īŽ When the pairing message sent by more than one device īŽ When the attacker is changing the Bluetooth address of itself with another Bluetooth address
UMTS security
UMTS system architecture (R99) is based on GSM/GPRS
POSSIBLE ATTACKS ON UMTS īŽ Denial of service īŽ Identity catching īŽ Impersonation of the network īŽ Impersonation of the user
3G SECURITY FEATURES īŽ „ Mutual Authentication The mobile user and the serving network authenticate each other īŽ „ Data Integrity Signaling messages between the mobile station and RNC protected by integrity code īŽ Network to Network Security Secure communication between serving networks. IPsec suggested īŽ Secure IMSI (International Mobile Subscriber Identity) Usage The user is assigned a temporary IMSI by the serving network
3G SECURITY FEATURES CONTDâ€Ļ īŽ „ User – Mobile Station Authentication The user and the mobile station share a secret key, PIN īŽ „ Secure Services Protect against misuse of services provided by the home network and the serving network īŽ „ Secure Applications Provide security for applications resident on mobile station
AUTHENTICATION AND KEY AGREEMENT īŽ „ AuC and USIM share ī‚§ permanent secret key K ī‚§ Message authentication functions f1, f1*, f2 ī‚§ key generating functions f3, f4, f5 īŽ „ AuC has a random number generator īŽ „ AuC has scheme to generate fresh sequence numbers īŽ „ USIM has scheme to verify freshness of received
AUTHENTICATION AND KEY AGREEMENT home 128 bit secret key K is shared between the network and the mobile user Home Network Mobile station
Complete Message flow for successful AKA
Encryption
Integrity Check
NETWORK DOMAIN SECURITY īŽ IPSec ī‚§ IP traffic between networks can be protected with IPSEC between security gateways ī‚§ Encapsulating Security Payload (ESP) is used for protection of packets ī‚§ ESP is always used in tunnel mode ī‚§ Advance Encryption Standard (AES)
CDMA
CODE DIVISION MULTIPLE ACCESS (CDMA) īŽ Channel access method used by various radio communication technology īŽ Employs spread spectrum technology and a special coding scheme īŽ Attacks are very difficult and rare
DIFFERENCE BETWEEN CDMA, TDMA AND FDMA
TYPES OF CDMA īŽ Frequency Hopping Spread Spectrum CDMA īŽ Direct Sequence Spread Spectrum CDMA
SECURITY ī‚§ By design, CDMA technology makes eavesdropping very difficult īŽ 42-bit PN (Pseudo Random Noise) sequence īŽ 64-bit authentication key (A-Key) īŽ Electronic Serial Number (ESN) of the mobile
AUTHENTICATION
AUTHENTICATION MODEL
ENCRYPTION
Thank You!!!!!

Recommended

WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
Chandrak Trivedi
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALA
Saikiran Panjala
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network security
Ankit Anand
 
Bluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportBluetooth network-security-seminar-report
Bluetooth network-security-seminar-report
ROHIT SAGAR
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
Vignesh Suresh
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 

Recommended

WLAN Attacks and Protection
WLAN Attacks and ProtectionWLAN Attacks and Protection
WLAN Attacks and Protection
Chandrak Trivedi
 
WLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALAWLAN SECURITY BY SAIKIRAN PANJALA
WLAN SECURITY BY SAIKIRAN PANJALA
Saikiran Panjala
 
Cellular wireless network security
Cellular wireless network securityCellular wireless network security
Cellular wireless network security
Ankit Anand
 
Bluetooth network-security-seminar-report
Bluetooth network-security-seminar-reportBluetooth network-security-seminar-report
Bluetooth network-security-seminar-report
ROHIT SAGAR
 
Wlan networking and security
Wlan networking and securityWlan networking and security
Wlan networking and securityakki_hearts
 
Wireless security
Wireless securityWireless security
Wireless securityparipec
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
Vignesh Suresh
 
Ch20 Wireless Security
Ch20 Wireless SecurityCh20 Wireless Security
Ch20 Wireless Securityphanleson
 
Wifi Security
Wifi SecurityWifi Security
Wifi Security
Agris Ameriks
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
John Rhoton
 
Security in wireless cellular network
Security in wireless cellular networkSecurity in wireless cellular network
Security in wireless cellular network
Awais Mansoor Chohan
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
AirTight Networks
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hackingHarshit Varshney
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
VIKAS SINGH BHADOURIA
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
Mohammad Mahmud Kabir
 
BLUETOOTH SECURITY
BLUETOOTH SECURITYBLUETOOTH SECURITY
BLUETOOTH SECURITY
Jay Nagar
 
Presentation
PresentationPresentation
Presentationdarshpreet kaur
 
Telecom Security
Telecom SecurityTelecom Security
Telecom Security
Priyanka Aash
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
Aurobindo Nayak
 
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Djadja Sardjana
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj Verma
OWASP Delhi
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
Ankit Anand
 
Wlan security
Wlan securityWlan security
Wlan security
Upasona Roy
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
siDz
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan SecuritySANDEEPONSLIDESHARE
 
An IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesAn IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android Devices
Ben Graham
 
Wlan security
Wlan securityWlan security
Wlan security
Sajan Sahu
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
shrutisreddy
 
Wifi-Securite.com
Wifi-Securite.comWifi-Securite.com
Wifi-Securite.com
WifiSecurite
 
PrÊsentation wifi sÊcurisÊ
PrÊsentation wifi sÊcurisÊPrÊsentation wifi sÊcurisÊ
PrÊsentation wifi sÊcurisÊAline INIZAN PAYEN
 

More Related Content

What's hot

Wifi Security
Wifi SecurityWifi Security
Wifi Security
Agris Ameriks
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
John Rhoton
 
Security in wireless cellular network
Security in wireless cellular networkSecurity in wireless cellular network
Security in wireless cellular network
Awais Mansoor Chohan
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
AirTight Networks
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
VIKAS SINGH BHADOURIA
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
Mohammad Mahmud Kabir
 
BLUETOOTH SECURITY
BLUETOOTH SECURITYBLUETOOTH SECURITY
BLUETOOTH SECURITY
Jay Nagar
 
Telecom Security
Telecom SecurityTelecom Security
Telecom Security
Priyanka Aash
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
Aurobindo Nayak
 
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Djadja Sardjana
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj Verma
OWASP Delhi
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
Ankit Anand
 
Wlan security
Wlan securityWlan security
Wlan security
Upasona Roy
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
siDz
 
An IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesAn IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android Devices
Ben Graham
 
Wlan security
Wlan securityWlan security
Wlan security
Sajan Sahu
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
shrutisreddy
 

What's hot (20)

Wifi Security
Wifi SecurityWifi Security
Wifi Security
 
Windows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best PracticesWindows Mobile Enterprise Security Best Practices
Windows Mobile Enterprise Security Best Practices
 
Security in wireless cellular network
Security in wireless cellular networkSecurity in wireless cellular network
Security in wireless cellular network
 
Understanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and SolutionsUnderstanding WiFi Security Vulnerabilities and Solutions
Understanding WiFi Security Vulnerabilities and Solutions
 
Wifi hacking
Wifi hackingWifi hacking
Wifi hacking
 
Wireless Hacking
Wireless HackingWireless Hacking
Wireless Hacking
 
Security & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case StudySecurity & Privacy in WLAN - A Primer and Case Study
Security & Privacy in WLAN - A Primer and Case Study
 
BLUETOOTH SECURITY
BLUETOOTH SECURITYBLUETOOTH SECURITY
BLUETOOTH SECURITY
 
Presentation
PresentationPresentation
Presentation
 
Telecom Security
Telecom SecurityTelecom Security
Telecom Security
 
Wireless network security
Wireless network security Wireless network security
Wireless network security
 
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
Widyatama Lecture Applied Networking IV Week06 Mobile Security 2
 
GSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj VermaGSM Security 101 by Sushil Singh and Dheeraj Verma
GSM Security 101 by Sushil Singh and Dheeraj Verma
 
Wireless lan security
Wireless lan securityWireless lan security
Wireless lan security
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Security
Wireless SecurityWireless Security
Wireless Security
 
Wireless Lan Security
Wireless Lan SecurityWireless Lan Security
Wireless Lan Security
 
An IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android DevicesAn IDS for Secure Visible Light Communication on Android Devices
An IDS for Secure Visible Light Communication on Android Devices
 
Wlan security
Wlan securityWlan security
Wlan security
 
Wireless Security Needs For Enterprises
Wireless Security Needs For EnterprisesWireless Security Needs For Enterprises
Wireless Security Needs For Enterprises
 

Viewers also liked

Wifi-Securite.com
Wifi-Securite.comWifi-Securite.com
Wifi-Securite.com
WifiSecurite
 
PrÊsentation wifi sÊcurisÊ
PrÊsentation wifi sÊcurisÊPrÊsentation wifi sÊcurisÊ
PrÊsentation wifi sÊcurisÊAline INIZAN PAYEN
 
SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012
SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012
SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012
Le Moulin Digital
 
34 Robertson La Robotique Pour La RÊÊDucation
34 Robertson La Robotique Pour La RÊÊDucation34 Robertson La Robotique Pour La RÊÊDucation
34 Robertson La Robotique Pour La RÊÊDucation
guest9b25cb
 
MediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-GamingMediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-Gaming
marionflo
 
TOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en formeTOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en forme
TOPFORMPRO
 
Regnault jfk2011
Regnault jfk2011Regnault jfk2011
Regnault jfk2011
Pierre Trudelle
 
SÊcuritÊ-Wifi
SÊcuritÊ-WifiSÊcuritÊ-Wifi
SÊcuritÊ-Wifi
DAmien Gueg'
 
Lanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittalLanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittal
Luxemburger Wort
 
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
socialunit
 
Mon intervention lors du Ciro10
Mon intervention lors du Ciro10Mon intervention lors du Ciro10
Mon intervention lors du Ciro10
Mohamed El Merouani
 
bluetooth-security
bluetooth-securitybluetooth-security
bluetooth-security
Anand Dhana
 
Robotics In STEM Education
Robotics In STEM Education Robotics In STEM Education
Robotics In STEM Education
Kuka Robotics Corp.
 
SÊcuritÊ des rÊseaux sans fil WIFI
SÊcuritÊ des rÊseaux sans fil WIFISÊcuritÊ des rÊseaux sans fil WIFI
SÊcuritÊ des rÊseaux sans fil WIFI
Soukaina Boujadi
 
Conception et dÊveloppement d’un Système de rÊservation en ligne
Conception et dÊveloppement d’un Système de rÊservation en ligneConception et dÊveloppement d’un Système de rÊservation en ligne
Conception et dÊveloppement d’un Système de rÊservation en ligne
Aydi NÊbil
 
Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...
Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...
Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...
Luc Desruelle
 
Laugaudin UFR12
Laugaudin UFR12Laugaudin UFR12
Laugaudin UFR12
Xavier LAUGAUDIN
 
LOGICIEL RHUMATO, Cabinet MÊdical Rhumatologue
LOGICIEL RHUMATO, Cabinet MÊdical RhumatologueLOGICIEL RHUMATO, Cabinet MÊdical Rhumatologue
LOGICIEL RHUMATO, Cabinet MÊdical Rhumatologue
Zoubida Alaoui Mdaghri
 

Viewers also liked (20)

Wifi-Securite.com
Wifi-Securite.comWifi-Securite.com
Wifi-Securite.com
 
PrÊsentation wifi sÊcurisÊ
PrÊsentation wifi sÊcurisÊPrÊsentation wifi sÊcurisÊ
PrÊsentation wifi sÊcurisÊ
 
SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012
SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012
SÊcuritÊ rÊseau wifi - clusir drôme ardèche - mars 2012
 
34 Robertson La Robotique Pour La RÊÊDucation
34 Robertson La Robotique Pour La RÊÊDucation34 Robertson La Robotique Pour La RÊÊDucation
34 Robertson La Robotique Pour La RÊÊDucation
 
MediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-GamingMediMoov : plateforme de Physio-Gaming
MediMoov : plateforme de Physio-Gaming
 
TOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en formeTOPFORM68 une cellule d'expertise de remise en forme
TOPFORM68 une cellule d'expertise de remise en forme
 
Regnault jfk2011
Regnault jfk2011Regnault jfk2011
Regnault jfk2011
 
SÊcuritÊ-Wifi
SÊcuritÊ-WifiSÊcuritÊ-Wifi
SÊcuritÊ-Wifi
 
Version 01
Version 01Version 01
Version 01
 
Lanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittalLanzatech: le pari technologique d'ArcelorMittal
Lanzatech: le pari technologique d'ArcelorMittal
 
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
Billetterie en ligne : Une solution miracle pour le spectacle vivant ? - SOCI...
 
Mon intervention lors du Ciro10
Mon intervention lors du Ciro10Mon intervention lors du Ciro10
Mon intervention lors du Ciro10
 
bluetooth-security
bluetooth-securitybluetooth-security
bluetooth-security
 
PrÊsentation SIH
PrÊsentation SIHPrÊsentation SIH
PrÊsentation SIH
 
Robotics In STEM Education
Robotics In STEM Education Robotics In STEM Education
Robotics In STEM Education
 
SÊcuritÊ des rÊseaux sans fil WIFI
SÊcuritÊ des rÊseaux sans fil WIFISÊcuritÊ des rÊseaux sans fil WIFI
SÊcuritÊ des rÊseaux sans fil WIFI
 
Conception et dÊveloppement d’un Système de rÊservation en ligne
Conception et dÊveloppement d’un Système de rÊservation en ligneConception et dÊveloppement d’un Système de rÊservation en ligne
Conception et dÊveloppement d’un Système de rÊservation en ligne
 
Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...
Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...
Techniques de programmation avancÊe LabVIEW : gestion des donnÊes de la local...
 
Laugaudin UFR12
Laugaudin UFR12Laugaudin UFR12
Laugaudin UFR12
 
LOGICIEL RHUMATO, Cabinet MÊdical Rhumatologue
LOGICIEL RHUMATO, Cabinet MÊdical RhumatologueLOGICIEL RHUMATO, Cabinet MÊdical Rhumatologue
LOGICIEL RHUMATO, Cabinet MÊdical Rhumatologue
 

Similar to Security in bluetooth, cdma and umts

Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
Naveen Kumar
 
Cdma Security
Cdma SecurityCdma Security
Cdma Security
guestb2cc28
 
Mobile security
Mobile securityMobile security
Mobile security
Eng Hasan Shamroukh CISCO Exams Author
 
B010331019
B010331019B010331019
B010331019
IOSR Journals
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction Security
Meet Soni
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
ADVA
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
John Rhoton
 
124647123-Bluetooth.ppt
124647123-Bluetooth.ppt124647123-Bluetooth.ppt
124647123-Bluetooth.ppt
MEGHAB26
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentation
Nitesh Dubey
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docx
adolphoyonker
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
sweta dargad
 
Case study about voip
Case study about voipCase study about voip
Case study about voip
elmudthir
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
Editor IJMTER
 
Security in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using BroadcastingSecurity in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using Broadcasting
IJMER
 
Accessing remote networks
Accessing remote networksAccessing remote networks
Accessing remote networks
Westermo Network Technologies
 
Analysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkAnalysis Of Security In Wireless Network
Analysis Of Security In Wireless Network
Steven Wallach
 
Security model evaluation of 3 g
Security model evaluation of 3 gSecurity model evaluation of 3 g
Security model evaluation of 3 g
Rotract CLUB of BSAU
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final pptpriyanka Garg
 
CNS UNIT-VI.pptx
CNS UNIT-VI.pptxCNS UNIT-VI.pptx
CNS UNIT-VI.pptx
nandan543979
 
Ipsecurity
IpsecurityIpsecurity
Ipsecurity
Jyoshna Cec Cse Staf bejjam
 

Similar to Security in bluetooth, cdma and umts (20)

Security in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) NetworksSecurity in GSM(2G) and UMTS(3G) Networks
Security in GSM(2G) and UMTS(3G) Networks
 
Cdma Security
Cdma SecurityCdma Security
Cdma Security
 
Mobile security
Mobile securityMobile security
Mobile security
 
B010331019
B010331019B010331019
B010331019
 
Wireless Communiction Security
Wireless Communiction SecurityWireless Communiction Security
Wireless Communiction Security
 
Making networks secure with multi-layer encryption
Making networks secure with multi-layer encryptionMaking networks secure with multi-layer encryption
Making networks secure with multi-layer encryption
 
Mobile Device Security
Mobile Device SecurityMobile Device Security
Mobile Device Security
 
124647123-Bluetooth.ppt
124647123-Bluetooth.ppt124647123-Bluetooth.ppt
124647123-Bluetooth.ppt
 
wireless communication security PPT, presentation
wireless communication security PPT, presentationwireless communication security PPT, presentation
wireless communication security PPT, presentation
 
Wireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docxWireless Security and Mobile DevicesChapter 12Princi.docx
Wireless Security and Mobile DevicesChapter 12Princi.docx
 
Cyber security tutorial2
Cyber security tutorial2Cyber security tutorial2
Cyber security tutorial2
 
Case study about voip
Case study about voipCase study about voip
Case study about voip
 
A Survey on Communication for Smartphone
A Survey on Communication for SmartphoneA Survey on Communication for Smartphone
A Survey on Communication for Smartphone
 
Security in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using BroadcastingSecurity in Wireless Sensor Networks Using Broadcasting
Security in Wireless Sensor Networks Using Broadcasting
 
Accessing remote networks
Accessing remote networksAccessing remote networks
Accessing remote networks
 
Analysis Of Security In Wireless Network
Analysis Of Security In Wireless NetworkAnalysis Of Security In Wireless Network
Analysis Of Security In Wireless Network
 
Security model evaluation of 3 g
Security model evaluation of 3 gSecurity model evaluation of 3 g
Security model evaluation of 3 g
 
Ecommerce final ppt
Ecommerce final pptEcommerce final ppt
Ecommerce final ppt
 
CNS UNIT-VI.pptx
CNS UNIT-VI.pptxCNS UNIT-VI.pptx
CNS UNIT-VI.pptx
 
Ipsecurity
IpsecurityIpsecurity
Ipsecurity
 

Recently uploaded

Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
Celine George
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Po-Chuan Chen
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
CarlosHernanMontoyab2
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
Celine George
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
Tamralipta Mahavidyalaya
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
Peter Windle
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
DhatriParmar
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
joachimlavalley1
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
Jheel Barad
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
GeoBlogs
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
Special education needs
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
Delapenabediema
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 

Recently uploaded (20)

Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Model Attribute Check Company Auto Property
Model Attribute Check Company Auto PropertyModel Attribute Check Company Auto Property
Model Attribute Check Company Auto Property
 
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdfAdversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
Adversarial Attention Modeling for Multi-dimensional Emotion Regression.pdf
 
678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf678020731-Sumas-y-Restas-Para-Colorear.pdf
678020731-Sumas-y-Restas-Para-Colorear.pdf
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17How to Make a Field invisible in Odoo 17
How to Make a Field invisible in Odoo 17
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
Home assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdfHome assignment II on Spectroscopy 2024 Answers.pdf
Home assignment II on Spectroscopy 2024 Answers.pdf
 
Embracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic ImperativeEmbracing GenAI - A Strategic Imperative
Embracing GenAI - A Strategic Imperative
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 
The Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptxThe Accursed House by Émile Gaboriau.pptx
The Accursed House by Émile Gaboriau.pptx
 
Additional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdfAdditional Benefits for Employee Website.pdf
Additional Benefits for Employee Website.pdf
 
Instructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptxInstructions for Submissions thorugh G- Classroom.pptx
Instructions for Submissions thorugh G- Classroom.pptx
 
The geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideasThe geography of Taylor Swift - some ideas
The geography of Taylor Swift - some ideas
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
special B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdfspecial B.ed 2nd year old paper_20240531.pdf
special B.ed 2nd year old paper_20240531.pdf
 
The Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official PublicationThe Challenger.pdf DNHS Official Publication
The Challenger.pdf DNHS Official Publication
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 

Security in bluetooth, cdma and umts

  • 1. SECURITY IN BLUETOOTH, CDMA AND UMTS MOTILAL NEHRU NATIONAL INSTITUTE OF TECHNOLOGY ALLAHABAD
  • 2. BLUETOOTH ī‚Ą System for short range wireless communication ī‚Ą Wireless data transfer via ACL link ī‚Ą Data rates up to 3 Mb/s ī‚Ą 2.4 GHz ISM band (Industrial Scientific Medicine) ī‚Ą Typical communication range is 10-100 meters ī‚Ą Bluetooth SIG (Special Interest Group) developed the technology
  • 3. SECURITY THREATS īŽ Disclosure Threat īŽ Integrity Threat īŽ Denial of Service (DoS)
  • 4. ATTACKS īŽ Snarf Attack īŽ Backdoor Attack īŽ BlueBug Attack īŽ BlueJack Attack īŽ Denial of Service Attack īŽ BluePrinting Attack
  • 5. SECURITY LEVELS AND MODES Security Levels: ī‚§ Silent ī‚§ Private ī‚§ Public Security Modes: ī‚§ Non Secure ī‚§ Service Level Enforced Security ī‚§ Link Level Enforced Security
  • 6. AUTHENTICATION, AUTHORIZATION , ENCRYPTION īŽ Authentication is the process of proving the identity of one piconet member to another īŽ Authorization determines whether the user is authorized to have access to the services provided īŽ Encryption is the process of encoding the information so that no eavesdropper can read it
  • 10. ENCRYPTION īŽ Encryption Mode 1 īŽ Encryption Mode 2 īŽ Encryption Mode 3
  • 12. KNOWN VULNERABILITIES īŽ Spoofing through Keys īŽ Spoofing through a Bluetooth Address īŽ PIN Length
  • 13. COUNTERMEASURES ī‚Ą Know your Environment ī‚Ą Be Invisible ī‚Ą Abstinence is best ī‚Ą Use only long PIN codes (16 case sensitive alphanumerical characters) ī‚Ą Requiring Authentication for every L2CAP request ī‚Ą Using additional security at software level and an additional password to physically protect the Bluetooth devices
  • 14. COUNTERMEASURES CONTDâ€Ļ ī‚Ą Requiring re authentication always prior to access of a sensitive information / service ī‚Ą To prevent Man-in-the-middle attack, approach is to make it difficult for an attacker to lock onto the frequency used for communication. Making the frequency hopping intervals and patterns reasonably unpredictable might help to prevent an attacker from locking onto the devices signal.
  • 15. PROPOSED SOLUTION FOR DOS ATTACK īŽ When the pairing message is sent by one device īŽ When the attacker is sending the message with the address, which is already connected to Bluetooth device īŽ When the pairing message sent by more than one device īŽ When the attacker is changing the Bluetooth address of itself with another Bluetooth address
  • 17. UMTS system architecture (R99) is based on GSM/GPRS
  • 18. POSSIBLE ATTACKS ON UMTS īŽ Denial of service īŽ Identity catching īŽ Impersonation of the network īŽ Impersonation of the user
  • 19. 3G SECURITY FEATURES īŽ „ Mutual Authentication The mobile user and the serving network authenticate each other īŽ „ Data Integrity Signaling messages between the mobile station and RNC protected by integrity code īŽ Network to Network Security Secure communication between serving networks. IPsec suggested īŽ Secure IMSI (International Mobile Subscriber Identity) Usage The user is assigned a temporary IMSI by the serving network
  • 20. 3G SECURITY FEATURES CONTDâ€Ļ īŽ „ User – Mobile Station Authentication The user and the mobile station share a secret key, PIN īŽ „ Secure Services Protect against misuse of services provided by the home network and the serving network īŽ „ Secure Applications Provide security for applications resident on mobile station
  • 21. AUTHENTICATION AND KEY AGREEMENT īŽ „ AuC and USIM share ī‚§ permanent secret key K ī‚§ Message authentication functions f1, f1*, f2 ī‚§ key generating functions f3, f4, f5 īŽ „ AuC has a random number generator īŽ „ AuC has scheme to generate fresh sequence numbers īŽ „ USIM has scheme to verify freshness of received
  • 22. AUTHENTICATION AND KEY AGREEMENT home 128 bit secret key K is shared between the network and the mobile user Home Network Mobile station
  • 23. Complete Message flow for successful AKA
  • 26. NETWORK DOMAIN SECURITY īŽ IPSec ī‚§ IP traffic between networks can be protected with IPSEC between security gateways ī‚§ Encapsulating Security Payload (ESP) is used for protection of packets ī‚§ ESP is always used in tunnel mode ī‚§ Advance Encryption Standard (AES)
  • 27. CDMA
  • 28. CODE DIVISION MULTIPLE ACCESS (CDMA) īŽ Channel access method used by various radio communication technology īŽ Employs spread spectrum technology and a special coding scheme īŽ Attacks are very difficult and rare
  • 29. DIFFERENCE BETWEEN CDMA, TDMA AND FDMA
  • 30. TYPES OF CDMA īŽ Frequency Hopping Spread Spectrum CDMA īŽ Direct Sequence Spread Spectrum CDMA
  • 31. SECURITY ī‚§ By design, CDMA technology makes eavesdropping very difficult īŽ 42-bit PN (Pseudo Random Noise) sequence īŽ 64-bit authentication key (A-Key) īŽ Electronic Serial Number (ESN) of the mobile