Upload
nadeem-ashraf
View
191
Download
3
Tags:
Embed Size (px)
Citation preview
ABSTRACT
Mobile handsets are insecure, it is a common knowledge. New developments to make
handsets secure are facing many challenges and difficulties.
This project analysed the GSM security mechanism based on IMSI/IMEI
combination. All handset security problems are clarified by understanding the security
provided by 2G and 3G.
Technical and non technical solutions are identified with network operators, handset
manufacturers, and GSM association approaches. National and International efforts
are discussed.
On the base of the lessons from 2G and 3G security possible developments in 4G
suggested. At the end few recommendation are made for further research on this
topic.
1
1.0 INTRODUCTION
Mobile Phones are used by the hundreds of million people every day and this trend is
increasing day by day. As compared to the land line, mobile phones are more
vulnerable because of their wireless link. Mobile handsets are very attractive for the
thieves due to their light weight and high cost.
The wireless communication as compared to wired communication is inherently
unsecured. Three types of wireless communication [1] are WAN (Wide Area Network
e.g. GSM, GPRS), LAN (Local Area Network e.g. Wi-Fi) and PAN (Personal Area
Network e.g. Bluetooth). The WAN and LAN are more venerable because it cover the
large geographic area as compared to the PAN, which cover small geographic area.
There are six generic security problems [1] associated with the wireless
communication which are:
Physical access to networks/devices not required
Facilitates anonymous attacks
Device authentication
- Risk of stolen device
Confidentiality
Integrity
Availability
In wireless communication electromagnetic waves propagate through air so it is easy
to access data. In the wired communication physical link (coaxial cable, optical fibre)
make it difficult to access the information. As wireless communication is inherently
unsecured so it is more likely to make easy unknown attacks. Every device needs to
authenticate itself to the network in order to get services. One problem in the wireless
communication is the device authentication rather than user makes it easy use of
stolen device, for e.g. a stolen mobile phone can be used by the thieves as only device
authentication is required instead of user. All other usual risk of communication
confidentiality, integrity and availability are also associated with wireless.
In wireless WAN (GSM, GPRS) security has always been a problem for e.g. in the
first generation analogue phones due to eavesdrop on the radio path people easily
listen other’s conversation. Another common security related problem [2] was to
reprogram the identities of mobile phone such that the cast of the calls made using
2
them appeared on the others customer’s bill. The second generation GSM system was
designed by keeping in mind the problems of eavesdropping and cloning. The second
generation provided the features of authentication, confidentiality and anonymity [2].
The authentication is use to identify the subscriber, it practically make the fraudulent
calls impossible by recognizing the genuine user. The eavesdropping along the radio
link for both voice and data is control by the authentication. The anonymity1 is use to
make IMSI (International Mobile Subscriber Identify) secure.
Initially three protocols were introduced to provide the security in the GSM which are
GSM authentication protocol, GSM confidentiality protocol and GSM location
privacy protocol. [3] Later many flaws found in these GSM protocols. The flaws in
GSM security has been improved to some extent with the arrival of GSM 1800,
HSCSD, GRPS, EDGE and UMTS but still it needs more improvement.
Two common security problems in handsets are:
(1) Insufficient linkage between SIM and Mobile terminal (IMEI and IMSI).
(2) Reprogramming of IMEI (International Mobile Equipment Identity) and non
unique IMEI.
Many protocols have been proposed by the standard bodies to cope with the security
situation of LAN for e.g. 802.11 standards for the wireless communication used the
WEP (Wired Equivalent Privacy) protocol in order to bring the security equivalent to
the wire one. The primary goal of the WEP is to maintain the confidentiality of
subscriber by protecting from eavesdropping. WEP work fine to some extent but later
many flaws has been found in it. Two drawback of the WEP are:
(1) It can easily crack by getting a software form internet.
(2) All users in WEP must use the same encryption key.
WEP replaced by the WPA (Wi-Fi Protected Access) which provides the stronger
security.
This project begins with the GSM Architecture builds on three main subsystems
Mobile Station, Base Station and Network Subsystem. Mobile Station and Network
Subsystems are discussed briefly as a demand of this project with a short description
of Base Station. IMEI (International Mobile Equipment Identity) and IMSI
(International Mobile Subscriber Identity) are described briefly in Mobile Station for
1 The quality or state of being unknown or unacknowledged.
3
clear understanding. GSM security feature are discourse with flaws at the end of
chapter 3.
In the fourth chapter problems with handset security are clarified with the possible
technical and non technical solutions. Network Operators, Handset Manufacturers and
GSM Association efforts to make handset secure are included. National Laws and
International (UNO) Approaches are discussed with an investigation of public
perception on mobile handset security.
Finally chapter 5 summarise the work and chapter 6 will conclude the write up with
further research recommendations.
4
2. 1 AIM
To produce recommendations for unsecured Mobile handsets.
2.2 OBJECTIVES
To understand what are the IMSI and IMEI. How do they work?
To clarify the problems associated with mobile handset security.
To critically analyse the 2G and 3G security.
To identify the possible security solution technical and non technical.
To discuss what happen if fully implemented.
- Advantages and disadvantages
- Partial implementation drawbacks
To discuss Network operator approaches.
- As an example the UK mobile Network studied.
To investigate the public perception of mobile security
- A survey has been carried out.
To highlight the National and international level approaches.
- Laws regarding security.
- UN approaches
To evaluate new developments in 4G.
5
3.0 Technical Background
3.1 Global System for Mobile Communication
In order to solve the fragmentation problem in the first cellular system in Europe,
GSM was introduced as a second generation cellular system. Before the GSM there
was not any global mobile system. Most European countries used their own systems
which were incompatible with other courtiers systems in operation and equipment.
The task of specifying a common mobile communication system for Europe in the
900MHz was taken up in the mid 1980s by the GSM(Groupe special mobile)
committee which was a work group of CEPT(Conference of Europe Post and
Telegraph).[4]
GSM was first introduced in the European market in 1991 and in 1992 it changed its
name to Global System for Mobile Communication. The number of the GSM
subscriber increased dramatically during the last fifteen years. The GSM subscribers
exceeded above 2 billion by the end of year 2005 according to the GSM association
report.2
2 GSM Association press release 18 September 2005 London.
6
3.2 GSM Architecture
The GSM has three major subsystems as shown in the figure 3.2. [5]
(1) Mobile Station
(2) Network Subsystem
(3) Base Station Subsystem
Figure 3.23
3 Figure 3.2 is directly copied from REF [5].
7
3.2.1 Mobile Station
It consists of two parts.
(1) Subscriber Identity Module(SIM)
(2) Mobile Equipment
3.2.2 Subscriber Identity Module (SIM)
It is a smart card which contains both programming and information. The SIM
card is shown in figure 3.3 below. The main function of SIM is not only to store
subscriber data but also user authentication and authentication of validity of MS.
The mobile equipment without a SIM does not work except for emergency calls.
A SIM can be use in different GSM phones which make the upgrading easy.
Figure 3.3
SIM card
8
Five data types store4 in the SIM are as follow. [6]
(1) Administrative data
(2) Security related data
(3) Subscriber data
(4) Roaming data
(5) PLMN5 data
The Personal Identification Number (PIN), Algorithm A3 and A8, Key Ki, Key
Kc , IMSI (International Mobile Subscriber Identify) ,TMSI(Temporary Mobile
Subscriber Identity) and Network identifier all store in the SIM.
3.2.3 International Mobile Subscriber Identity (IMSI)
It is a unique number allocated to all subscribers in GSM and UMTS network used for
the identification. It consists of three types of identification numbers which are MCC
(Mobile Country Code), MNC (Mobile Network Code) and MSIN (Mobile Station
Identification Number) which is subscriber personal telephone number. The IMSI is
shown in figure (3.4) below with MCC, MNC and MSIN specification.
Figure 3.4
The IMSI is store in the SIM .It is sent by the mobile to network and is use to share
security related data (Key ki) with HLR (Home Location Register) or VLR (Visitor
Location Register).
An example of IMSI used by the Orange Mobile UK is as follow.
IMSI: 234337966968338
MCC: 234
MNC: 33
MSIN: 79669683384 See REF [6] table 2.1 for full details.5 Public Land Mobile Network.
9
The combination of the MCC and MNC is the called Home Network Identity. The
HNI is important in the countries which have multiple country codes (e.g. USA has
code 310 to 316) there may be two different networks, with the same Mobile Network
Code, but only one of which is home network.[7] By analysing the HNI one can
easily find the corresponding network.
In order to avoid from the eavesdropping6 on radio interface the randomly
generated number TMSI is used.
3.2.4 Temporary Mobile Subscriber Identity (TMSI)
It is a randomly generated number given to the mobile when it is switched on. It is use
instead of IMSI as a temporary subscriber identity in order to avoid from the
eavesdropping. Every time mobile moves to new geographic area the TMSI change
because it is local to the particular area.
The network can also change the TMSI [7] in order to avoid from subscriber being
identified .It makes difficult to trace the mobile, except when the mobile is just switch
on. When the data of mobile is become invalid for any reason the IMSI must send to
the network instead of TMSI.
The main uses of TIMSI are as follow. [8]
(1) TMSI is assigned by transmitting IMSI for Authentication, when the first time
mobile phone switches on.
(2) Every time a location update (new MSC) occur the networks assigns a new
TMSI.
(3) TMSI is used by the MS to report to the network or during a call initialization.
(4) Network uses TMSI to communicate with MS.
(5) On MS switch off TMSI is stored on SIM card to be reused next time.
The Visitor Location Register (VLR) performs assignment, administration and update
of the TMSI.
The TMSI consist of four octets. The TMSI can take any value except FF FF FF
FFhex [6] which is reserved in case SIM does not contain a valid IMSI. The exact
encoding of TMSI is chosen by agreement between the network operator and
equipment to suit the local needs. [11] Assignment and use of TMSI is only possible
with active ciphering. [6]An important use of TMSI is Paging. It is use for one to one
communication in between the mobile and base station.
6 Listen secretly private conversation of others.
10
Two methods are use for TMSI allocation.
Consider a scenario, a network consists of two neighbours MSC and a mobile station
which is currently operating in the first MSC. Each MSC transmit a Validity Area
Parameter (VAP), which are called first VAP and second VAP for the first and second
MSC respectively. The first TMSI is allocated to the mobile station by the first MSC,
which is use to identify the mobile station while mobile station operates within the
first MSC service area. The mobile station invalidates the first TMSI when it receives
the second VAP and registers itself in the second MSC using MIN (Mobile
Identification Number).The second TMSI is assign by the second MSC which is use
to identify the mobile station while it operates in the second MSC service area.
In an alternative embodiment, TMSIs are allocated by each visitor location register
(VLR) in the network, and a single TMSI is utilized to identify the mobile station in
all MSCs associated with the allocating VLR.[look website]
3.2.5 Mobile Equipment
The Mobile Equipment is the terminal in which a GSM SIM is inserted in order to
work as a Mobile Station. The Mobile Equipment is identified by the IMEI
(International Mobile Equipment Identity).
3.2.6 International Mobile Equipment Identity (IMEI)
It is a unique number use to identity the each Mobile Equipment (Mobile Phone) of
GSM and UMTS. The IMEI is usually found beneath the battery of phone and can
also find by dialling *#06# (star hash 0 6 hash) into the phone.
IMEI is one of important number use for the mobile handset security. The IMEI is
store in EIR7 (Equipment Identity Register).It is use to identity the stolen device by
looking in the EIR.
Three type of IMEI are store in the EIR: White for valid GSM Mobile Station, Grey
for GSM Mobile Station to be tracked and black for Barred Mobile Station.
IMEI is use by the network operator for the passive theft protection. It authenticates
the mobile equipment rather then the subscriber (SIM).It is not always necessary for
the Network Operator to query the IMEI. Whenever a phone stolen subscriber
complain the Network Operator, which ban that IMEI (consider as black).No service
possible once an IMEI blacklist.
7 It is described later in the Mobile Switching Centre.
11
IMEI format
IMEI is a 15- digit number which included model, origin and device serial number.
The first 8 digit called Type Allocation Code (TAC) include the model and origin.
The last 7 digit called Lunch check digit are defined by manufacturer are never
transmitted where last digit is spare and is set to 0.
Before 2002 the TAC was 6 digits long with two digit long FAC (Final Assembly
Code) .FAC is a manufacturer specific code which shows the location of device’s
construction.
The FAC ceased to exist from April 1, 2004 and Type Approval Code increased to 8
digit and became known as Type Allocation Code(TAC).FAC for all phone from
January 1,2003 until this time was set to 00.
The format of an IMEI is AABBBB--CC-DDDDDD-E. [9]
AA Country Code
BBBB Final Assembly Code
CC Manufacturer Code
DDDDDD Serial Number
E Unused
IMEI manufacture code
IMEI Manufacturer Codes include: [9]
01 AEG
02 AEG
07 Motorola
10 Nokia
20 Nokia
40 Motorola
41 Siemens
44 Siemens
51 Sony, Siemens, Ericsson
3.2.7 Network Subsystem
12
The Network Subsystem provide the switching and communication between mobile
and PSTN (Public switch Telephone Networks).The Network Subsystem is roughly
similar to the ordinary telephone exchange but not exactly as it works for the mobile
telephones.
There are four main parts in the Network Subsystem.
(1) Mobile Switching Centre (MSC)
(2) Home Location Register /Authentication Centre(AUC)
(3) Visitor Location Register
(4) Equipment Identity Register
3.2.8 Mobile Switching Centre (MSC)
The basic switching in the NSS is carried out in the Mobile Switching Centre, which
is just an ordinary ISDN (Integrated Services Digital Network) with added feature
required for handling mobile communication application. MSC control several base
stations several base station systems through the A interface that follows a signalling
protocol used in the telephone network. [10]
The MSC provide the services like circuit switching, mobility management
(subscriber location finding), roaming and all other GSM services.
MSC has different names indifferent context e.g. Gate way MSC, Visited MSC,
Target MSC and Anchor MSC
Gate way MSC: It is the MSC which interface with other networks .All MSC can be
Gateway MSC, this is up to the network operator which MSC is equip with gateway.
The gateways MSC perform some additional task during call establishment. The call
has to enter PLMN via MSC which queries the HLR and then forward the call to the
MSC where the called party is currently located. [6]
3.2.9 Home Location Register/Authentication Centre
The home location register is the main database of all locally resident subscribers. The
HLR is the important part of GSM .It contains user information such as address,
account status and preferences. HLR manage the data for the hundred of the thousand
users, so it is important that response from HLR must be quick to connect each call in
a reasonable time. Every PLMN usually connected with one HLR. The HLR store
details of every SIM card issued by the network operator and IMSI. Other important
information store in the HLR are subscriber telephone number, specific GSM services
requested by subscriber, current location of subscriber(VLR) and call divert
information.
13
To reduce the load of HLR the VLR is introduced. As the HLR is the central database
which contains sensitive data so it is necessary to prevent the loss of subscriber data.
The authentication (AuC) is implemented in HLR as an essential part to keep the data
safe.
Authentication Centre
Telecommunication services access by cloning of the valid identifier is a common
problem in many mobile networks. To prevent the unauthorised access, process used
is called authentication. A mobile phone needs to authenticate its SIM card to the
GSM network when it attempts to connect with it. If the authentication fails no
service is possible. The major function of AuC is provide the authentication triplets,
that is, the signed response (SRES), the random number (RAND) and Kc. [6]
AuC does not directly engage in authentication instead it generates triplets which
MSC use during the authentication procedure.
RAND: It is 128 bit random number generated by the HLR.
Kc: Over the air encryption is carried out by 64-bit ciphering key used as a session
key. Kc is calculated using the RAND, Ki and Algorithm A8.
Ki: It is secret parameter key store in the SIM but unknown to the user. The Ki also
store in the HLR known to the network operator.
SRES: It is a 32 bit signed response produce by the mobile and network. It is
calculated using Ki, RAND and Algorithm A3.
The GSM authentication procedure is later discussed in the GSM security.
3.2.10 Visitor Location Register
Visitor Location Register as by name Visitor contains temporary information of all
subscribers which currently resides in that particular area. VLR is a database which
provides dynamic subscriber data management while HLR provides static data
management. Consider an example of roaming subscriber. [6] As the subscriber
moves from one location to another, data are passed between the VLR of the location
the subscriber is leaving (old VLR) to the VLR of the location being entered (new
VLR).In this scenario, old VLR handover the related data to new VLR.
VLR As compared to HLR cover a limited geographic area. Dynamic data
management can only be done by VLR even subscriber resides in the home area.
3.2.11 Equipment Identity Register
14
It is the database which store three types of mobiles .Basically it contains three types
of IMEI black, white and grey .When a mobile phone request a service from the
network its IMEI may check by looking in the EIR. The black mobile phones are
those which are stolen or to barred for some technical reason. These mobile phones
are not allowed to get services from network. White contains all the approved types of
mobile station. [6] Grey mobile phones are those which contain non-conforming but
may be allow using at network. EIR store information of only one network which
CEIR (Central Equipment Identify Register) store information of all networks within
a country.
3.2.12 Central Equipment Identity Register
The CEIR is the unique computer located in the GSM Association headquarters in
Dublin, Ireland.[12] It is a global central database which hold all the
information(IMEI) of all the mobile phone. It contains list of IMEI ranges from
million of the handsets .The IMEI store as a black are banned to get any service from
the network while IMEI stores as a white are approved handset. The CEIR is link with
the all its register EIR (which store information of different networks) of country.
Whenever a mobile phone stolen from any network it pass the data to CEIR as a black
IMEI. The CEIR stores all the black IMEI into a big black list .Every EIR download
this list of big black for its own use. The CEIR share the information with all the
register EIR on a secure internet connection on daily basis. IMEI number which
containing information on serial number (IMEI) ranges of millions of handsets that
have been approved for use on GSM networks. [12]
3.2.13 Base Station Subsystem
All radio related functions are performed in the Base Station Subsystem (BSS). It
consists of two main parts:
(1) Base Station Controller (BSC)
(2) Base Transceiver Station (BTS)
BSC- It provides a link between MSC and BTS. It is high capacity switch
which provides all control function such as handover, cell configuration data
and control of Radio Frequency (RF) power levels in Base Transceiver
Stations. A single MSC sever many BSCs.
15
BTS- It provides radio interface for Mobile Equipment (ME). BTS needed
radio equipment (transceiver and antennas) to server all the cell in the
network. A group of BTSs are controlled by a BSC.
3.3 GSM SECURITY
GSM is the public radio network and hence it is necessary to build a security features
which protect the network against fraudulent access and ensure subscriber privacy.
[13] Due to tremendous growth of mobile phone in international market, GSM
security has became more important for international communication.
The security function in GSM include: [13, 14]
(1) Authentication, to prevent access by unregistered user.
(2) Encryption, to prevent unauthorised listening.
(3) Anonymity, to prevent subscriber location disclosure.
Fig 3.5 GSM Security Features
The security mechanisms of GSM are implemented in three different system
elements; [13] the Subscriber Identity Module (SIM), the GSM handset or MS,
and the GSM network. Figure show the distribution of security feature among all
three different system. SIM contains IMSI, individual subscriber authentication
key Ki, ciphering algorithm A8, authentication algorithm A3 and PIN(Personal
Identification Number) .Mobile station contains ciphering algorithm A5.Ciphering
algorithm A3, A5 and A8 are also store in the GSM network. Security
information in the GSM network is further divides into the AUC, HLR and VLR.
All three different systems (SIM, GSM handset and GSM network) are required to
provide the security and authentication.
3.3.1 Authentication
16
Two methods used for the authentication, in first method a PIN (Personal
Identification Number) is used to identify the subscriber. The PIN which is
usually 4 digits long is store in the SIM. Any subscriber when want to make a
call enters the PIN which is checked by the SIM, without transmission on the
radio interface.
Second method use for the Authentication is more sophisticated. It is based on the
challenge response protocol and start from the fixed network. Every GSM
subscriber assigned a unique identity a secret parameter key Ki .The Ki is also
known to network operator and store in the HLR of the mobile. [14] In order to
authenticate the user, 128 bit random number RAND in sent to the MS. Mobile
station computes the 32 bit response SRES using secret key Ki , RAND and
authentication algorithm A3.
Fig 3.6 Authentication procedure
Mobile station send this signed response SRES to the Network, upon receiving the
SRES from subscriber network computes the SRES again. Both SRES compare if
identical authentication authorised otherwise connection is terminated and
authentication failure message send to the MS. The authentication procedure is
shown in above figure. The signed response is calculated in SIM. This provides
enhanced security, because the confidential subscriber information such as the
IMSI or the individual subscriber authentication key (Ki) is never released from
the SIM during the authentication process. [14]
17
3.3.3 Encryption
In order to prevent the unauthorised listening between MS (Mobile Station) and
BS (Base Station), Encryption (also known as ciphering) was introduced.
Encryption applies only to the Air-interface .Therefore taping of the call is
possible on the terrestrial part of the connection. [6]
Two modes of transmission are used in between mobile and base station for all
data transmission:
(1) Protected mode (encrypted)
(2) Clear text mode
It is necessary to protect the actual user identity even in the open mode. This is
achieved by using an identity alias known as Mobile Subscriber Roaming Number
(MRSN) instead of the International Mobile Subscriber Identity (IMSI).[13]
After successful authentication, 64 bit ciphering key Kc is calculated by using the
Ki, RAND (same as used in authentication) and ciphering key algorithm
A8.Ciphering key Kc is used to encrypt and decrypt the data between MS and BS.
The security level can be increase by changing the ciphering key which makes the
system more resistive to eavesdropping. The ciphering key may be changed at
regular intervals as required by network design and security considerations. [14]
Fig 3.7 Ciphering key Generation
Ciphering is achieved by exclusive or (XOR) in between the normal burst data bits
(114) and pseudo random sequence (A5). In order to reproduce the original data bits
(114) deciphering can be achieved by same operation (XOR twice with the A5).
18
Fig 3.8 Ciphering Mode Mechanism
3.3.4 Anonymity
The word “Anonymity” has meaning of unknown or undeclared origin. The
anonymity feature was designed to protect against someone who know the user’s
IMSI form using this information to track the location of the user or to identity calls
made to or from the user by eavesdropping on radio path. [23]
In order to protect the IMSI a randomly generated TMSI (Temporary Mobile
Subscriber Identity) is used. TMSI change because of two reasons:
1. Every time when subscriber move to new geographic as it is particular for a
specific area.
2. Change by network for subscriber being identified.
3.4 Flaws in GSM security
Many flaws found in the second generation GSM system some important are as
follow. [3]
(1) SIM/MS Interface Tapping
(2) Attacks on the Algorithm A3/8
(3) Flaws in A5/1 and A5/2 algorithm
(4) Attacks on the SIM Card
(5) False base station
SIM/MS Interface Tapping
19
Due to the insufficient linkage between SIM and MS, it is possible to use the SIM
with any MS. The SIM can be connected with the terminal emulator instead of
genuine. In this way message can be tapped on SIM/MS Interface.
Attack on Algorithm A3/8:
The authentication and radio link privacy are provided in GSM network by the GSM
security algorithms .GSM provided different algorithms such as A3, A5 and A8.
Practically when A3 and A8 implemented together it is known as A3/A8.It is
implemented in SIM and GSM authentication centres used to authenticate the
customer and generate a key for encrypting voice and data. [15]
Many GSM operators used the COM 128, new version of A3/8.The key Ki used in
this algorithm has been found by the Wagnner and Gold Berg in 1998 by collecting
160000 RAND-SRES pairs.[3] A simple way of doing this is to steal the SIM card
connection to PC emulator which send 160000 chosen RAND to SIM card and
receive SRES. This method takes almost ten hours because of the SIM card slow
version of encryption algorithm. More than 250 million users worldwide, use the
Algorithm A3/8 for over the air privacy of data and voice, so it is very important to
make it secure.
Flaws in A5/1 and A5/2 algorithm:
Algorithm A5 is used in GSM for communication, in between the MS (Mobile
Station) and BS (Base Station).A5 is the stream cipher which comes in two flavour
A5/1 and A5/2.The algorithm A5/1 is the original cipher invented in 1989.The
effective key length in this algorithm is 40 bits.A5/2 was developed in the 1999 with
breakability in mind and was used in some non EU GSM nets. [16] Both algorithms
were breakable even in late 90ies and it is very easy today to break them. Attacks
on these algorithm were initially made by Biryukov and Shamir[17] and , later on
further improved by the Wagner[18] . In this method Kc is calculated for decrypting
purpose.
Attacks on SIM card:
Subscriber Identity Module (SIM) store very sensitive information and any attack on
SIM affect the IMSI and Ki .SIM card implemented on the smart card and
vulnerability on smart card directly affect security of SIM.[ 3]Many attacks were
made on SIM card, some important are as follow.
Optical Fault Induction:
20
These attack revealed by the Andresn[19] after skorobogatov research. These attacks
are possible now a days and they do not need even laser equipment. Illumination of a
target transistor causes it to conduct inducing a transient fault .This can be carried out
by using a flash gun. Operation of smart card processor can be intercepted by using
this electric camera flash bulb. In this method secret information of IMSI and Ki
were found by reverse engineer the memory address map.
Partitioning attacks:
These attacks are also known as SIM cloning. All GSM phones use some secret and
cryptographic keys for security and privacy. In these attacks hacker find your phone
secret keys and using these secret keys he makes the phone calls and transaction on
your behalf.
The IBM Research team is the first one to illustrate a new class of side-channel
attacks, called partitioning attacks, which extract secret key information from SIM
cards by monitoring side-channels, such as power consumption and electromagnetic
(EM) emanations. [20] The attack can get the key information within minutes. In
order to make these attacks hacker needs physical access to the phone. Over the air
SIM cloning is not possible but it can’t be completely ruled out.
The cryptographic algorithm ( COM128) or its derivatives are used by GSM phones
for user identification and communication security. The IBM Research team
discovered a new way to quickly extract the COMP128 keys in SIM cards using side
channels in spite of existing protections. [20] This new method extract the
information from SIM with in one minute while the method used before require up to
eight hours.
IBM research introduced new technique to protect SIM card from side channels
attacks. All cryptographic algorithm use the table look up as an integral part of its
practice to retrieve the value store in the particular location of computer memory.
IBM research designed a new way of table look up in which instead of single table
look up sequence of table lookup used at a random location. This replacement is
achieved by using a small randomly generated ancillary table. [20] This technique
stopped the information leaking to the side channels.
Remote attacks:
A few lines of code and one SMS message can terminate thousands of subscriber SIM
cards at the same time. [21] In this method attacker can remotely attack the SIM
cards. Once terminated, the SIM become useless and subscriber is forced to contact
21
the nearest GSM office to swap the SIM card. Riscure8 demonstrated how an attacker
can remotely control and terminate SIM cards of subscribers by sending a specific
data-download SMS to the card.
Mostly SIM cards used in the world are the java card. Mobile telecom companies use
the Java technology on the card to offer extra functionality (e.g. electronic wallet,
games etc) to their subscribers via so-called applets9. [21] The applet is nothing more
than a small program on SIM card consisting of up to 2000 lines.
The attack implemented by Riscure is based on five lines of trojan code in an
otherwise valid Java applet. This causes the SIM card terminates by listening the
incoming message.
An alternative attack consists of eavesdropping of sensitive data, in which SIM card
hack when the subscriber asked to enter the PIN.
False Base Station:
GSM security provided only one way authentication in between the MS/ME and BS
(Base Station).Every time user get services from base station it authenticates itself to
it but base station do not authenticate itself to the MS/ME. Due to this unilateral
authentication, attacks made as the false base on the GSM system. In the beginning
this it was assumed to impossible to make this type of attacks due to the high cost of
GSM base station. Now a days cost of GSM devices decrease and these attacks
become very easy to make. This method is base to the fact that ciphering of the call
does not start automatically, rather the ciphering starts when BS instructs ME to start
encryption. [3]
False base station is shown in fig with all the necessary steps which it follows to make
a false BS attacks. Target MS, False BS emulated acting as a MS and genuine BS
(Wired access network PLMN) are shown in figure. When false BS try to connect
with the genuine BS (PLMN) it realise the problem that PLMN expecting encryption.
The call in between the target MS and False BS is unencrypted but the call in between
the False BS and genuine BS is encrypted, so it seems to the caller that it is a genuine
call. Due to the unencrypted call in between the target MS and False BS data can be
heard. PLMN does not know anything because the call in between false BS and
PLMN is an encrypted genuine call. One effect of this attack is that the call made on
8 An independent smart card security evaluation company based in Netherlands.9 REF[21] for dtails.
22
the false BS subscription and not that of the MS.s. [3] . This attack can be detected
once some one gets the itemised bill.
Fig GSM False Base Station [3]
23
4.0 Technical Approach
The 2nd Generation GSM mobiles phones have all security related problem described
above. Many new technologies (GSM1800, HSCSD, GPRS, EDGE) were introduced
to solve all these problems .Every new technology contribute to some extent but 3rd
Generation technology UMTS has really improved these security flaws.
Some of the important issue that have had an impact on the design of UMTS
security are as follow. [21] [22] [23]
1. The currently used GSM cipher algorithms (used to provide the
confidentiality) are not published with the bulk of GSM standards. GSM
Association controls the distribution of algorithm. Due to this reason GSM
cipher algorithms were not available for the peer review. Later this decision
has been changed due to the criticism from the academic bodies. In 1990
3GPP adopt more open approach to publish cipher algorithms with other
UMTS standards.
2. The strength of the cipher algorithm depends on the length of the cipher key.
GSM used the 64 bit cipher key , although the 10 bits were set to zero which
reduce the effective key length to 54.This restriction was applied by the
regularity control which relaxed later, GSM used full length 64 cipher key
algorithm. UMTS required a new algorithm of 128 bits for better security.
3. New implementation of A3/A8 (COM 128-2 & COM 128-3) to stop the SIM
cloning.
4. Development of new security feature to protect against the active attacks (false
base station attacks) on radio path.
Arrivals of GPRS/UMTS bring following security features in mobile security. [3]
New A3/A8 Implementation:
24
The new implementation of Algorithm A3/A8 are known as COM 128-2 & COM
128-3 (Originally derived from COM 128) has done much to stop the SIM cloning.
COM 128-2 still have same 10 bit weakening of ciphering Kc (54-bit ), however
COM 128-3 have stopped SIM cloning by using the 64-bit Kc. It also makes the Ki
extraction difficult over the air.
A5/3 ciphering:
Flaws in A5/1 and A5/2 improved with the arrival of A5/3 which is based on the
Kasumi core (the core encryption algorithm for UMTS).
GPRS- GEA3 ciphering:
Similarly like the A5/3 the new algorithm called GEA3 added to the GPRS system.
GAE3 is also based on the Kasumi.
GPRS/UMTS-ciphering before FEC:
In order to minimize the errors ciphering is used before the FEC (Forward Error
Correction). In GPRS and UMTS, ciphering occurs at RLC/MAC10. FEC is performed
at physical layer.
UMTS- Network authentication to phone:
UMTS uses the two way authentication between mobile phone and network. The
procedure which mobile phone used to authenticates itself to the network is same as
like the GSM. Network in UMTS send an Authentication Token (AUTN) along with
the RAND .The authentication consists of a sequence number (SQN) encrypted using
the RAND and the root key (K). [3] The MAC code in the UMTS work same like the
GSM SRES but in opposite direction.
In order to authenticate both MAC compare, if both are different authentication reject
message send to network and connection is over.
4.2 Mobile Handset Security Problems
After wide consultation [23] [26] [29] the most important problems concerning
mobile handset have been identified as follows*:
(1) Insufficient linkage between handset software and hardware.(handset cloning)
(2) Insufficient linkage between SIM and Mobile terminal (IMSI and IMEI).
10 RLC : Radio Link Control MAC : Medium Access Control
25
(3) Reprogramming of IMEI (International Mobile Equipment Identity) and non
unique IMEI.
(4) Authentication of IMEI at serving network.
(5) Allocation of TMSI by sending the IMSI in clear text.
* They are not listed in order of importance.
It is a common practice to use one network SIM with other network Mobile Handset.
Due to insufficient linkage between SIM and Mobile terminal, use of stolen handset is
very common all around the World. As described in the background that a subscriber
is recognized by the IMSI and Mobile terminal is recognized by the IMEI. On the
base of linkage between IMSI and IMEI strong security can be provided.
Reprogramming of IMEI is another serious problem now a days. It is common
practice that IMEI is not secure.
4.3 Technical & Non Technical Solutions
A mobile handset has three external interfaces which must consider in order to
providing the security. [24]
(1) Network Interface
(2) SIM card Interface
(3) User Interface
Network Interface
This is an interface between network (GSM, 3 G, Bluetooth) and the handset. The
handset sends the identification number (IMEI) to the network, which allow or restrict
the services by looking in the EIR (Equipment Identity Register). This interface only
identifies the handset not users.
SIM Card Interface
The interface between the SIM card and handset is called SIM Card Interface. Usually
the Handsets are programmed for the restricted use. Data store on the handset and
SIM Card are compare for authentication purposes. The common descriptive data for
this family : country code, network code, service code, user,s IMSI value. [24]
User Interface
The interface between user (subscriber) and handset is user interface. The user
authenticates itself to the handset by entering PIN (Personal Identification Number).
26
Other common authentication values for this interface are password, secret key+
ciphering component and biometrics (fingerprint).
4.3.1 Linkage between software & Hardware
All handset security functions need a strong link between software and hardware. The
more strong linkage between software and hardware make handset more secure.
Handset cloning is very common and serious problem which arises because of the
weak link between handset software and hardware. In cloning complete reload of
software allow to make duplicate handset. Identity and phone number both are copied
in other handset. Model and brand are not necessary to be same for cloning.
Second phone (cloned phone) is exactly copy of first one (genuine phone). When
original phone ring, duplicated ring as well. In short cloned phone work same like the
original handset and any call made by it, will cost the original user.
There is much about the legality of cloning. In one sense it is totally illegal but in
other it may legal. By stealing somebody else's mobile number (MIN) and Electronic
Serial Number (ESN), a person can "clone" a cellular phone and then make calls
which are charged unlawfully to another. [25] This is clearly illegal. It’s called fraud.
If someone cloned other phone and use it for him. Is this illegal? No definitely not. If
someone needs a extension he can use clone phone. This is same a subscriber have
one landline number and he use many extension.
This problem aroused due to the use of cloning for fraudulent purposes. If every thing
work fine people use cloning only as an extension there would not be any problem
notice.
In the media lot of propaganda is going on by the network operator about cloning with
out knowing about it. Every network operator wants that subscriber get a new phone
and pay twice. On the other hand subscribers don’t want to get two lines with two
different numbers. Although a law exist to stop tampering for fraudulent purposes but
in this situation cloning of handset can’t be totally consider illegal. The law has since
been updated. Interesting enough, some cellular companies are now starting (11-4-
1998) to offer cloning as part of their service packages. [25]
In order to stop cloning a strong linkage between hardware and software is necessary.
Usually a pin code is used to make anti theft system in the mobile phones. If one
27
mobile phone handset with an anti theft solution inactivated (e.g. mobile pin code off)
and another handset with the anti theft solution activated (mobile pin code on),
cloning the first on the second will have the result that anti theft solution of second
handset become inactivated. [24]
GSM Europe [24] proposes that linkage between hardware and software should be
based on the secure IMEI number which is already attributed to most mobile terminal
as it was used historically for type approval purposes.
It cannot be fair to completely stop the cloning by making a strong linkage between
handset hardware and software. It will affect the innocent user.
4.3.2 Linkage between SIM card and Mobile Terminal:
A mobile handset has two essential parts mobile terminal and SIM card, in order to
provide all the services. Without the SIM card mobile terminal can’t provide any
service except emergency calls. Every GSM subscriber (SIM) is recognized by a 15
digit unique number called IMSI (International Mobile Subscriber identity)11.
Similarly mobile terminal recognized by the 15 digit unique number called IMEI
(International Mobile Equipment Identity)12.
A GSM SIM can be used with any GSM handset ideally. In the past there was not
any linkage between SIM and mobile terminal. Many problems arose due to this fact.
It made use of stolen devices very easy. A stolen mobile phone can easily used by
inserting the new SIM. This made the mobile phone very insecure.
Many of the first generation analogue phones were susceptible in abuse. [23]
Problems like cloning and eavesdropping were common in the first generation
phones. Due to the eavesdropping people easily listen other conversation and
reprogram the identities of mobile phone such that cost of call made appear on other
customer’s bill.
Second generation GSM system is based on the linkage between software and
hardware. The most important feature of the GSM is the use of SIM card which store
all the identification and security related data needs to make or receive calls. Each
subscriber use IMSI for identification. Similarly IMEI used to identify the mobile
terminal start work with the arrival of 2G handset although it proved an unsecured
identity later.
11 Described in the technical background.12 Described in the technical background.
28
3G handsets were introduced with extra built in security. It introduced integrity in
IMEI. A secure IMEI is necessary in every handset.
A strong relationship between IMSI and IMEI can built a better security. Very few
network operators in World introduced this security feature. For example 3 Mobile
Network in UK has built a strong linkage between SIM and Mobile Terminal. 3
Mobile Network SIM can only be use with the specific handsets. It makes the
handsets less attractive for thieves.
The security feature based on the linkage between IMSI and IMEI is useful. On the
other hand people want to use any network SIM with any handset. According to a
“Handset Security Survey” which was carried out during this project more than 85
percent people want to keep the handset free to use with any available SIM. Network
Operators are not ready to implement this type of security feature which subscribers
do not like.
It was found during the “Handset Security Survey” that more than 60 percent people
believe that SIM card and Mobile Terminal do not have sufficient linkage. This fact is
true as it is. People want the secure handset but free to use with any SIM.
Mobile phones users are increasing day by day globally. New handsets are
introducing with extra facilities. Mobile phone trade is getting better globally. Due to
this fact to make handset secure become important. In developing countries people are
not able buy new handsets. Old mobile phones import from the developed countries at
reasonable prices. If the handset restricted to some specific SIM definitely
international mobile phone trade become affected.
4.3.3 Reprogramming of IMEI or non unique IMEI
In many countries IMEI is used to stop the mobile phone theft. This is the main
purpose of IMEI. Secondary purposes [24] include special network handling of
specific mobile equipment types (e.g. for compensation of mobile, Network
internetworking issues), the tracing and prevention of malicious call use, assistance in
fraud investigation and configuration management of the customer equipment base. In
short IMEI security is equally important for mobile manufacturer and network
operator.
All type of IMEI numbers (grey, white, black) are store in the EIR (Equipment
Identity Register) and CEIR (Central Equipment Identity Register). Every EIR mange
IMEI usually belongs to one Network while CEIR manages all the IMEI of different
29
Networks. When a mobile phone stolen, owner contact the operator which banned
IMEI in his own EIR and send the information for CEIR which blacklist the stolen
handset in all operator switches. It makes the mobile phone unusable. Due to this
mobile phone theft became a useless business.
The IMEI is supposed to a unique number which cannot be change easily but this is
not true due to the following resons [7][30]
“New IMEIs can be programmed into stolen handsets and 10 percent of IMEI
are not unique” According to a BT-Cellnet sposkesman.
Facilities do not exist to de-bare number listed in error.
IMEI is sent in clear (open identity).
No proof of origin or type approval is possible.
IMEI function in GSM failed till now.
IMEI security depends on software security.
Practically it seems to nearly impossible to make the IMEI totally unchangeable. Two
requirements to make the IMEI secure are as follow: [30]
(1) “It shall not be possible to change the IMEI after the ME’s final production
process. It shall resist tampering by any means (e.g. physical, electrical or
software).”
(2) The security policy for the Software Version Number (SVN) is such
that it cannot be readily changed by the user, but can be updated with
changes to the software. The security of the SVN shall be separate from that of the
IMEI.
IMEI can be change at very cheap price all around the world. At present it is a
common knowledge that IMEI is unsecured. Reprogramming of IMEI is called
unlocking. In unlocking, IMEI of a handset is reprogram by using the some
specific soft wares. These soft wares are easily available at internet.
Due to the unlocking mobile phone become very attractive for the thieves. A
stolen handset can be used after unlocking with any network SIM all around the
world. This problem created due to the above given two reasons (non unique IMEI
and no way to debar number listed in error).
According to “Handset Security Survey” more than 50%t people believe that recently
used IMEI blacklist method is worthy but on the other hand more 70% people do not
30
keep the IMEI number at safe place. This is the problem where any technical or non
technical method can’t work.
In some countries reprogramming of IMEI is illegal. For example, in the United
Kingdom under the Mobile Telephones (Re-programming) Act, changing the IMEI of
a phone, or possessing equipment caught that can change it, is considered an offence
under some circumstances. [7] This legislation enables the police to tackle those
fuelling the trade in stolen mobile phones with penalties of up to five years in prison
for those reprogramming the IMEI number on mobile phones.
This is not possible to completely stop the reprogramming the IMEI, as discussed
before that international trade of used mobile phone is increasing day by day.
IMEI requires physical protection of removed and replace. If it is essential to change
its content must be done by the authorised individual.
4.3.4 Suggestions
Some suggestions to make IMEI secure are as follow [26] []
Each mobile equipment must be identify by a unique IMEI.
IMEI must not be change out side its manufacturer place if necessary must be
done by the authorised bodies.
To make the Re-programming of IMEI less attractive financially.
IMEI should be electronically sign by the manufacture. A standard body
verify the signature.
A secret IMEI (only known to manufacturer) should be use to identify the
mobile terminal. This secret IMEI must store in the non volatile memory in
such a way it is hard to remove and replace.
Modification of IMEI should be impossible without the secret part.
In case if any part which contain IMEI need repair must replace by new one.
There should not be any way to duplicate the IMEI.
4.3.5 Authentication of IMEI at serving Network
In certain cases serving network may request to send the IMEI for authentication.
Neither GSM nor UMTS provide a method for authenticating the mobile
equipment identity. [23] This is due to the complexity of designing a robust
system. It is expected that mobile terminal send every time genuine IMEI. Any
31
system which black list the stolen mobile phones depends totally on the mobile
terminal.
It has been discussed that 10% of IMEI are not unique and re-programming is
possible in mobile phones. Standard bodies impose the requirement on the mobile
terminal to make sure the integrity of IMEI and stop any re-programming or
tampering.
4.3.6 Allocation of TMSI by sending the IMSI in clear text
Every GSM or UMTS subscriber is recognize by a 15 digit number called IMSI
(International Mobile Subscriber Identity). This number stored in the SIM. In order to
avoid the subscriber being identified from the eavesdropping on radio interface
instead of IMSI, TMSI (Temporary Mobile Subscriber Identity) is used.
TMSI change after some time due to the following two reasons.
(1) New TMSI allocated every time when subscriber moves to new area.
(2) Subscriber can’t be identified.
Sometime it is necessary to send the IMSI instead of TMSI:
(1) First time to identify the subscriber.
(2) If the data in mobile become invalid due to some reason.
IMSI send in the clear text for above given two reasons. Due to eavesdropping on
radio path subscriber identified.
4.4 Network Operator approaches
All security problems are important for the network operator as well as the handset
manufacturers. Specially need of secure IMEI is necessary for both. During this
project UK mobile network (Orange, Vodafone, O2, T-Mobile, Virgin Mobile, 3
mobile and BT cell net) has been studied.
In UK the mobile phone database (CEIR) can prevent the use of stolen mobile phone
on any UK mobile network by barring the IMEI numbers. This made the phone
useless for thieves. Any stolen mobile phone can be banned same like the stolen credit
card. This facility is provided both for the pay as you go and contract phones. Every
mobile network has dedicated contact numbers for its customers to bar the stolen
handsets for e.g.
Orange
Contract 07973100150
32
Prey-pay 08700776655
Vodafone
Contract 07836191191
Prey-pay 08700776655
Unfortunately not all of the UK mobile network operators are ready to corporate.
Vodafone and BT Cellnet are not completely agreed to use IMEI blacklist method.
Virgin, O2, Orange and 3 Mobile networks are ready to offer the service.
3 G Mobile Network:
Most advance security features are provided by the 3 G mobile network in UK. A 3 G
mobile network SIM can only used with 3G dedicated handsets. Even if a handset is
unlocked it can’t work with the 3G SIM. If all mobile networks follow the 3 G, it can
make unlocking (re-programming) useless.
4.5 National level approaches
Rate of mobile phone theft is increasing all over the World. Use of mobile phones for
crimes is a serious problem. In UK mobile phones are involved in 28% of robberies.
The Mobile Telephones (Re-programming) Act 2002 came into force on October 4,
2002 and makes offences of: [27]
Changing without the authorisation of the manufacturer, the unique identifying
characteristic of a mobile phone , (the IMEI number) and
Possessing, supplying or offering to supply the necessary equipment with the
intent to use it for re-programming mobile phones.
The offences carry maximum penalties of five years imprisonment of unlimited fines
or both.
Many actions has been taken by the Home Office to make handset secure. Minister
John Denham said [b] “A start has been made, but more needs to be done before
Britain’s mobile phone system can lead the world in security.”
Home Office has spent years to persuade the network operator to install equipment for
barring the stolen handsets.
Two UK mobile network operators (BT Cellnet & Vodafone) have failed to meet new
measures. A Home Office spokesman has said[b], “they are saying it is not worth
because the next generation of phones are coming along in a couple of years and
customer are not demanding”.
33
The opinions of BT Cellnet and Vodafone about the IMEI security are as follow:
BT Cellnet
A BT Cellnet spokeswoman said[b]: “IMEI barring does not solve the problem and is
a red herring.”
This method is not worthy because:
1. By changing the SIM mobile phone is useable with all other networks.
2. All IMEI are not unique and reprogramming is possible in stolen handset.
“We are working with the Home Office on all aspects of security for current and
future networks,” she said.
“We are a network, not a handset manufacturer. Handset manufacturer will have to
asked question as well.”
Vodafone:
Vodafone has not adopted the technology because it is “unreliable” a spokesman said
and lead to innocent phone user being disconnected.
“Duplicate numbers are coming out of the factories now and you can have two or
three handsets with the same number, “she said.
“You might be blocking several other people who have done nothing wrong.”
Re-programming .Both network operators are worried about the reprogramming of
IMEI. Vodafone is ready to corporate with government. A Vodafone spokesman
had told the government if it was sent all stolen IMEI number it could search records
and hand over names and hand over names and addresses of user matching the
number.
He said, “We thought it would perhaps lead police to someone with spurious reason
for holding the phone and would be a step in the right direction to breaking up these
crime rings.”
“But the government declined the offer for whatever reason.”
Face Recognition
Vodafone KK13 introduce a face recognition method [] to secure the handset by
recognizing the user. A sub-camera is used to recognize the customer by sensing the
position of their eyes, eyebrows, mouth and other facial feature. By pre registering the
customer face and a secret question and answer, the camera will automatically
13 It is leading mobile operator in Japan and is a subsidiary of Vodafone.
34
activate when the handset is opened and authenticate a customer in less than a
second.14
Some network operators are ready to corporate. Opinion of the Orange and Virgin
Mobile Network Operator say about these problems.
Home Office has made many efforts for securing the handsets. Thousands of leaflet
has been distributed to aware the public from mobile phone thieves. You have seen
the many sign boards on high streets, tube/trains station and all others public places to
keep the mobile phones safe.
Advice from Home Office:
Additional advice from the Home Office to coincide with the launch of the database is to:
* Register your phone with your network operator. This will make barring easier.
*Record your IMEI number and your phone number and keep these in a safe place separate from your phone. Your IMEI number can be accessed by keying *#06# into most phones or by looking behind the battery of your phone.
* Report the number of your stolen phone to your network operator as quickly as you can. It can now be disabled.
* Remain alert. Your phone is a valuable item. When you are out be aware of your surroundings and don't use your phone in crowded areas or where you might feel unsafe.
14 REF [] for details
35
4.6 Layman Approaches
Mobile Handset security is a common serious public problem. A Handset Security
Survey has been carried out during this project.
The graph shows the positive results received during the survey. Handset Survey with
accurate results is given in the appendix.
It was found that Males are mostly targeted of mobile phone theft. Mostly people
want to use any SIM with any network. More than 50% people think that recently
used IMEI blacklist method is worthy but on other hand only 22% keep the IMEI safe
by writing it.
People are not happy with the SIM- Mobile terminal linkage. In answering the
question about the most important change to make the phone less attractive for
thieves’ people said “make it simple and less attractive.
.
36
4.7 International Approaches
Need of secure handset is important everywhere, however rate of mobile phone theft
is not same all around the World. Number of mobile phone users dramatically
increased in the last ten years. Growth in mobile phone connection world-wide
running at an unprecedented 40 million new connection per month, with China and
India leading the way. [27]
International trade of new and used mobile phones is getting better. A stolen mobile
phone can easily used in any country (except GSM IMEI DB registered) after
unlocking. A central database CEIR exist to keep the records of all IMEI number but
this is not possible until now.
No law exist nor any effort were made by international bodies until now .United
Nation need to introduce laws to make handset secure internationally.
4.8 Handset Manufacturer Approaches
Mobile handset security is equally important for manufacturer as well. Manufacturer
can play an important role in this effort. All the suggestion made to secure the IMEI
need manufacturer co-operation.
37
The GSM Association (GSMA) and leading manufacturers including Alcatel,
Motorola, NEC, Nokia, Panasonic, Sagem, Siemens and Sony Ericsson announce
agreement on measures to drastically reduce the theft of mobile phones in the world.
[31]
GSM Association and handset manufacturers have done many efforts to enhance the
integrity of IMEI. As a result of this effectiveness of EIR greatly increased.
4.9 GSM Association Approaches
Founded in 1987, The GSM Association (GSMA) is a global trade association
representing more than 690 GSM mobile phone operators across 214 territories and
countries of the world. In addition, more than 180 manufacturers and suppliers
support the Association’s initiatives as associate members. [32]
GSM Association is working in close relation with the handset manufacturer to bring
the extra security in handsets. Rob Conway, CEO of the GSM Association said, "The
commitment by manufacturers, together with the continued extension of the GSMA's
handset database are critical elements in tackling the problem of handset theft, but
they are only part of the overall solution,” "We would like to see a more
comprehensive approach that includes additional government-led action, such as we
have seen in the UK."[31]
4.10 New Development in 4G
Recently used 3G mobile phones have many security flaws. Some necessary new
developments in 4G should be as follow.
To make sure the integrity of IMEI by making it unique.
To make the IMEI authentication possible at network.
To introduce the electronic signature in such a way that a third party confirm
it.
To develop the face recognition function handsets by using cameras.
To send IMSI always encrypted when it is necessary.
5.0 SUMMARY
38
6.0 Conclusions
39
This report clarified the handset security weakness build on the IMSI and IMEI.
During the report GSM Security Architecture was critically anatomised. It was found
that security provided by the 2G and 3G has many flaws.
Integrity and reprogramming of IMEI are two problems without solving them handset
cannot be secure. With the increasing trade of mobile phones these problems became
clearer.
It is true that it is not possible to completely exclude the reprogramming of IMEI.
Insufficient linkage between SIM and mobile terminal cannot be removed as it was
found people want to use any SIM with any available handset. Authentication of IMEI
at serving network is difficult as it needs a complex and robust system.
It was found that almost all problems are linked with the IMEI security. Although
technically it needs many improvement but without co operation between handset
manufacturer, Network Operator, GSM Association, mobile phone subscriber and
Laws enforcement agencies it seems impossible to solve it.
All the sources are working to make handset secure but lack of co operation has been
found. UNO is unique body which represent the ……..countries. any effort made by it
will be very helpful.
6.1 Recommendations
Several areas of further research were identified to include mainly:
Further research on IMEI to make sure its integrity.
Further research on serving network so that it provides IMEI authentication.
REFRENCES
40
[1] Wireless Security problems, Pen Test Ltd 2003, available from
www.pentest.co.uk/documents/wless-salford.pdf,
Accessed: August 2006.
[2] K. Boman, G. Horn, P.Howard and V.Neimi, UMTS security, Electronics &
communication Engineering Journal October 2002.
Accessed: June 2006
[3] Dr. S. Muhammad Siddique, Muhammad Amir, UET Peshawar Pakistan,
IEEE Computer Society.
Accessed: June 2006
[4] Wireless Communication Principle and Practice 2/e, Theodore S.Rappaport,
Prentice Hall, 2002
[5] John Scourias, Overview of Global System for Mobile Communication available
from https://styx.uwaterloo.ca/~jscouria/GSM/gsmreport.html#3.1,
Accessed: July 2006.
[6] GSM Network: Protocols, Terminology and implementation, Gunnar Heine,
Artech House Publishers Boston London, 1998
[7] International Mobile Subscriber Identity, Wikepedia, the free encyclopaedia,
available from http://en.wikipedia.org/wiki/IMSI,
Accessed: August, 2006.
[8] Max Stapanov, GSM Security Overview available from
www.cs.huji.ac.il/~sans/students_lectures/GSM%20Security.ppt
Accessed: July 2006.
[9] GSM-Security.net, GSM Security from http://www.gsm-security.net/faq/imei-
international-mobile-equipment-identity-gsm.shtml
Accessed: August, 2006.
[10] Yi-Bin Lin, No Wire Attached, Reaching out with GSM, 0278-6648/95/$4.00 0
1995 IEEE.
[11] Sumit Kasera, Nishit Narang ,3G Mobile Networks, Architecture, Protocol and
procedures, McGraw-Hill Companies, Inc 2005.
[12] GSM security algorithm available from
http://www.gsmworld.com/using/algorithms/index.shtml ,
Accessed: September, 2006.
[13] J. Dunlop and D.G Smith, Telecommunications Engineering 3rd edition, Stanley
Thrones(Publisers) Ltd UK 1998.
41
[14] http://www.hackcanada.com/blackcrawl/cell/gsm/gsm-secur/gsm-secur.html,
Accessed: October 2006.
[15]Chii-Hwa Lee, M in-Shiang Hwang, Wei-Pang Yang,Enhance privacy and
authentication for global system for mobile communications, National Chiao Thug
Uni, Hsinchu, Taiwan
[16] Florian Schmidt, Security and Privacy in wireless communication available from
http://www.sasase.ics.keio.ac.jp/jugyo/2005/wireless_privacy1.pdf
Accessed: June 2006
[17] A.BIRYUKOV, A.SHAMIR, Real time cryptanalysis of the alleged A5/1 on a
PC. Preliminary draft, December 1999.
[18] A. BIRYUKOV , A.SHAMIR, D. WAGNER, . Real time cryptanalysis to A5/1
on a PC., in FSE 2000, LNCS NO.1978, Springer Verlag, Berlin, 2000.
[19] S.SKOTOBOGATOV , R. ANDERSON, Optical fault Induction Attacks,
Universeity of Cambridge, in IEEE Sympsium on Security and Privacy, Oakland May
2000.
[20] IBM Develop Technology to Protect GSM Cell Phone ID Cards from Hackers,
YORKTOWN HEIGHTS, N.Y May 7, 2002 available from
http://domino.watson.ibm.com/comm/pr.nsf/pages/news.20020507_simcard.html
Accessed: October, 2006.
[21] PIPER, F and WALKER, M: Cryptographic solutions for voice and telephony
and GSM. Proc COMPSEC 98 (Elsevier, 1998)
[22] WALKER, M, and WRICHT, T “Security aspect in HILLEBRAND, F (Ed)
: GSM and UMTS: The creation of global mobile communication (John Willey &
Sons, 2002)
[23] K. Boman, G. Horn , P.Howard and V. Niemi, “ UMTS SECURITY” Electronics
& Communication Engineering Journal , October 2002.
[24] GSME proposal regarding mobile theft and IMEI security, GSM Europe, The
European interest group of the GSM Association available from
www.gsmeuope.org
Accessed: September 2006
[25] Cloning cellular telephone, Technical notes Hakerscatalouge.com available from
http://66.40.78.100/Services/TECH_Notes/one.html
Accessed: October 2006.
42
[26] Sophia Antipolis, IMEI Security, ETSI STC SMG10 #2/99, 3-6 August 1999
available from
http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_06_9910/docs/AP99-
101_IMEI_CR_SMG10.doc accessed August 2006.
Accessed: October 2006
[27] STREET CRIME, Mobile Phone Barring Database Launched, available from
http://www.crimereduction.gov.uk/stolengoods/stolengoods5.htm
Accessed: June 2006
[28] MIYA KNIGHTS, The China Connection, IET Communication Engineer,
October /November 2006
[29] 3G Security Principle, 3GPP, available from
http://srg.cs.uiuc.edu/MobilSec/posted_docs/3G_Security_Overview.ppt
Accessed October 2006
[30] Antwerpen 2000,01,20, 3GPP, Terminal Identity Security available from
http://www.3gpp.org/ftp/tsg_sa/WG3_Security/TSGS3_10/Docs/PDF/S3-000071.pdf
accessed October 2006.
[31] Industry takes lead to halt the Mobile Phone theft, 3 GSM World Congress,
Cannes, France, 24th February 2004. available from
http://www.gsmworld.com/news/press_2004/press04_13.shtml
Accessed: October 2006
[32] GSM Association available from http://www.gsmworld.com/about/index.shtml
Accessed: October 2006
[33] Vodafone KK Introduce face Recognition security features available from http://www.vodafone.jp/english/release/2006/20060228_3e.pdf Accessed: July 2006
BIBLIOGHRPHY
43
1.Timo Halonen, GSM, GPRS & EDGE Performance, 2nd Edition, John Wiley & Sons
Ltd West Sussex England 2003.
2. J. Dunlop and D.G Smith, Telecommunications Engineering 3 rd edition, Stanley
Thrones(Publishers) Ltd UK 1998.
44
ACRONYMS
AuC Authentication Centre
AUTN Authentication Token
AKA Authentication Key Management
BTS Base Transceiver Station
BSC Base Station Controller
BSS Base Station System
CEPT Conference of Europe Post & Telegraph
CSPDN Circuit Switched Public Data Network
CKSN Cipher Key Sequence Number
CEIR Central Equipment Identity Register
EIR Equipment Identity Register
EDGE Enhanced Data rate for GSM Evolution
ESN Electronic Serial Number
FEC Forward Error Control
GSM Global System for Mobile Communication
GPRS General Packet Radio Service
HLR Home Location Register
HNI Home Network Identity
HSCSD High Speed Circuit Switched Data
ISDN Integrated Services Digital Network
IMSI International Mobile Subscriber Identity
IMEI International Mobile Equipment Identity
LAI Location Area Identity
LAN Local Area Network
MCC Mobile Country Code
MNC Mobile Network Code
MSIN Mobile Station Identification Number
ME Mobile Equipment
MS Mobile Station
MSC Mobile Switching Centre
MAC Medium Access Control
MRSN Mobile Subscriber Roaming Number
MIN Mobile Identification Number (not sure)
45
NSS Network Subsystem
OSS Operation & Support System
PAN Personal Area Network
PIN Personal Identification Number
PSTN Public Switched Telephone Network
PSPDN Packet Switched Public Data Network
RLC Radio Link Control
RAND Random Number (128 bit)
SIM Subscriber Identity Module
SRES Signed Response
SN Serving Network
TMSI Temporary Mobile Subscriber Identity
USIM Universal Subscriber Identity Module
UMTS Universal Mobile Telecommunications System
VLR Visitor Location Register
WAN Wide Area Network
WEP Wire Equivalent Privacy
3GPP 3G Partnership Project
46
Appendix: A
Mobile Handset Security Survey:
Mobile Phones are perhaps most attractive devices for thieves now a days because of
their light weight and high price. In the UK Mobile Phone are used in 28 percent of
robberies according to a Home Office report.
This survey is being carried out by a student of London South Bank University as a
demand of his Msc project on Mobile Handset Security. The purpose of this survey is
to access, which people are most targeted of mobile phone theft and what a layman
think about handset security.
Please try to answer all the questions, extra page can be used to answer any question.
Note: Question number a & b are optional.
(a) What is your name?
(b) What are your age, sex and ethnicity?
(1) Have you or a member of your family or a friend had your/their mobile phone
stolen?
(2) Would you prefer to keep the handset free to use with any available SIM?
(3) Do you consider that using a Mobile Phone outside the home/office is safe?
47
(4) What do you think how much chances are there, to get back a stolen or lost
Mobile Phone?
(5) Do you think that recently IMEI15 blacklist method for stolen Mobile Phone is
worthy?
(6) Do you always write the IMEI number and keep it safe when you get a new
handset?
(7) Do you register handset with Network Operator when you buy a new phone?
(8) Is it difficult and expensive to unlock a stolen Mobile Phone?
(9) Do you think that Network Operator, Handset Manufacturer16 and the Law
enforcement agencies of your country have sufficient linkage to make Mobile Phone
secure?
(10) Is the SIM17 (Subscriber Identity Module) is secure at present?
15 It stand for International Mobile Equipment Identity, it is 15 digit number currently use to banned the stolen Mobile Phones .It is found beneath the phone battery or can be find by dialling *#06#.16 World well known Handset Manufactures are Sony Erickson, Motorola, Nokia, Samsung, and LG.17 It is a smart card use in every GSM Mobile phone, it contain programming and information.
48
(11) Do you think that today’s Mobile Phone has sufficient linkage between Handset
(terminal) and SIM (Subscriber Identity Module)?
(12) What do you think the most important change should be carried out in Mobile
Phone to make it less attractive for thieves?
Results
Q NO 1 2 3 4 5 6 7 8 9 10 11
Male 64.285% 85.71% 78.57% .8% 50% 21.4% 50% .5% 7.14% 42.8% 57.1%
Female 57.148% 42.85% 57.128% .9% 57.148% 14.3% 42.8% .3% 0% 28.5% 14.2%
Children 20% 66.66% 45% 25% 0% 33.33% 5% .8% 33.3% 0% 0%
Appendix: B
More than 328 mobile phone stolen in UK every day.
GSM WORLD NEWS PRESS
http://www.gsmworld.com/news/press_2004/press04_13.shtml
49