Chapter 10 Real world security protocols

Slides:



Advertisements
Similar presentations
Sele-Call Radio Buoy System ( 선택호출 라디오부이 ) Sele-Call Radio Buoy transmits answer signal when mother vessel calls via THR- L400 / THR-L400-II with SSB radio.
Advertisements

도와드릴까요 ? 무슨 일 때문인지 여쭤봐도 될까요 ? 직 원직 원 직 원직 원 May I help you? Do you need any help? 직 원직 원 직 원직 원 Could I ask what this is regarding?
“ PPT WORLD PowerPoint template, you can become an expert. Your wishes for the successful presentation. Our company wishes to own a successful presentation.
지식정보사회의 도래와 전개 -응용: 연구주제 선정 연습 지식정보사회의 도래와 전개 -응용: 연구주제 선정 연습 한성대 김양우.
0/25 기업의 환경변화와 SK 경영법 SK 텔레콤 부회장 조 정 남 제 4 회 대덕이노폴리스포럼 초청강연.
이동통신 표준화 동향과 비젼 2008년 11월 수원대학교 정보통신 공학과 양윤기 1 참고문헌
Lync 2013 소개 및 구축 가이드 화상, 음성 및 회의 SMS&P TSS 양영건 차장 Microsoft Lync
FREE ONLINE WHITEBOARD TOOLS
IT집중교육1 (Mobile Multimedia Service & System Design)
WHAT IS ANT ? (TI CC2570, CC2571) Jae-hoon Woo.
Chapter 7 ARP and RARP.
Journals & Conferences
Chapter 3 데이터와 신호 (Data and Signals).
15 장 무선랜 15.1 IEEE 블루투스 15.3 요약.
Battery-Dynamics Driven TDMA MAC Protocols for Wireless Body-Area Monitoring Networks in Healthcare Applications Hang Su, Student Member, IEEE, and Xi.
Chapter 10 Real world security protocols
for Data Transmission)
중국Mobile시장조사 산업분석 왕루이.
이번 시간에는... 지난 시간에는 무선 네트워크 기술의 성장 요인, 성장 효과, 무선 네트워크 발전 Map 등, 무선 네트워크 기술과 무선 대역폭의 증가가 e-Business 산업에 미치는 영향에 대해서 알아보았습니다. 이번 시간에는 무선 Access 기술 소개와 무선.
7장 : 캐시와 메모리.
Internet Computing KUT Youn-Hee Han
‘CEO의 8가지 덕목’ 탁월한 리더의 공통점 ‘무엇을 하고 싶나’ 보다 ‘무엇을 해야 하나’ 를 물음
Chapter 6 무선 네트워크와 Mobile IP.
McGraw-Hill Technology Education
16장 다른 무선망들 (Other Wireless Networks)
Chapter 2 OSI 모델과 TCP/IP 프로토콜.
EPS Based Motion Recognition algorithm Comparison
외국인과 대화를~~ 대학에서 교환학생을~~
6장 무선과 이동 네트워크.
Chapter 3 3 모바일인터넷 구성 기술.
Chapter 10 Real world security protocols
Underlying Technologies
Chapter 8 교환 (Switching).
Chapter 8 교환 (Switching).
Ch. 5 : Analog Transmission
무선통신 기본지식 김 상 철.
외국인과 대화를~~ 대학에서 교환학생을~~
Young-Tae Han 무선WAN 셀방식 전화와 위성망 Young-Tae Han
제 14 장 거시경제학의 개관 PowerPoint® Slides by Can Erbil
1 도시차원의 쇠퇴실태와 경향 Trends and Features of Urban Decline in Korea
After You Read, Talk and Talk
(Bandwidth Utilization: Multiplexing and Spreading)
6장 무선과 이동 네트워크.
이동 통신의 역사 전자공학과 이재우.
Chapter 12 다중 접속 (Multiple Access).
계수와 응용 (Counting and Its Applications)
Cognitive radio Either a network or a wireless node changes its transmission or reception parameters to communicate efficiently avoiding interference with.
KMS 구현 및 활용사례 경쟁력 강화를 위한 2002년 5월 28일(화) 김 연 홍 상무 / 기술사
EnglishCare 토.마.토. 토익 L/C 일상 어휘 ④ 강 사 : 김 태 윤.
Chapter 16 무선 WANs: 셀 방식 전화의 위성망
PCA Lecture 9 주성분 분석 (PCA)
Write and say bye to friends,
Congestion Control for Vehicular Safety:
제4장 : 노동력 구조 1. 한국의 노동력 구조 2. 일본의 노동력구조 3. 유럽의 노동력 구조 4. 노동력 구조의 변화와 정책방향 동영상 학습과제 1. 노동력 구조와 의미는? 2. 각국의 노동력 구조를 조사하는 방법은? 3. 각국의 노동력 구조의 변화추이는? 4.
McGraw-Hill Technology Education
McGraw-Hill Technology Education
PhoeniX Technologies Incorporated
이산수학(Discrete Mathematics)
Chapter 6 목차 이동성(Mobility) 6.5 원리: 이동 단말의 주소 찾기와 라우팅 6.6 이동 IP
The World of English by George E.K. Whitehead.
Chapter 1 개요.
Presentation by Timothy Kane
6장 정보분류 신수정.
7/25/2019 경계선 방어 기술 공급원 May
Peer-to-Peer SIP Network Using Distributed Hash Table
빈칸에 알맞은 것을 [보기]에서 골라 문장을 완성하시오
Chapter 4. Energy and Potential
Chapter 7: Deadlocks.
Speaking -여섯 번째 강의 (Review ) RACHEL 선생님
Presentation transcript:

Chapter 10 Real world security protocols GSM Security http://www.answers.com/GSM The Global System for Mobile Communications, GSM (original acronym: Groupe Spécial Mobile) is the most popular standard for mobile phones in the world. GSM service is used by over 2 billion people across more than 212 countries and territories [1] [2]. The ubiquity of the GSM standard makes international roaming very common between mobile phone operators, enabling subscribers to use their phones in many parts of the world. GSM differs significantly from its predecessors in that both signaling and speech channels are Digital call quality, which means that it is considered a second generation (2G) mobile phone system. This fact has also meant that data communication was built into the system from the 3rd Generation Partnership Project (3GPP). From the point of view of the consumers, the key advantage of GSM systems has been higher digital voice quality and low cost alternatives to making calls such as text messaging. The advantage for network operators has been the ability to deploy equipment from different vendors because the open standard allows easy inter-operability. Like other cellular standards GSM allows network operators to offer roaming services which mean subscribers can use their phones all over the world. The GSM logo is used to identify compatible handsets and equipment As the GSM standard continued to develop, it retained backward compatibility with the original GSM phones; for example, packet data capabilities were added in the Release '97 version of the standard, by means of GPRS. Higher speed data transmission has also been introduced with EDGE in the Release '99 version of the standard. GSM is a cellular network, which means that mobile phones connect to it by searching for cells in the immediate vicinity. GSM networks operate in four different frequency ranges. Most GSM networks operate in the 900 MHz or 1800 MHz bands. Some countries in the Americas (including the United States and Canada) use the 850 MHz and 1900 MHz bands because the 900 and 1800 MHz frequency bands were already allocated. Radio interface The rarer 400 and 450 MHz frequency bands are assigned in some countries, notably Scandinavia, where these frequencies were previously used for first-generation systems. In the 900 MHz band the uplink frequency band is 890-915 MHz, and the downlink frequency band is 935-960 MHz. This 25 MHz bandwidth is subdivided into 124 carrier frequency channels, each spaced 200 kHz apart. Time division multiplexing is used to allow eight full-rate or sixteen half-rate speech channels per radio frequency channel. There are eight radio timeslots (giving eight burst periods) grouped into what is called a TDMA frame. Half rate channels use alternate frames in the same timeslot. The channel data rate is 270.833 kbit/s, and the frame duration is 4.615 ms. GSM has used a variety of voice codecs to squeeze 3.1kHz audio into between 6 and 13kbps. Originally, two codecs, named after the types of data channel they were allocated, were used, called "Full Rate" (13kbps) and "Half Rate" (6kbps). These used a system based upon linear predictive coding (LPC). In addition to being efficient with bitrates, these codecs also made it easier to identify more important parts of the audio, allowing the air interface layer to prioritize and better protect these parts of the signal. The transmission power in the handset is limited to a maximum of 2 watts in GSM850/900 and 1 watt in GSM1800/1900. GSM was further enhanced in the mid-nineties with the GSM-EFR codec, a 12.2kbps codec that uses a full rate channel. Finally, with the development of UMTS, EFR was refactored into a variable-rate codec called AMR-Narrowband, which is high quality and robust against interference when used on full rate channels, and less robust but still relatively high quality when used in good radio conditions on half-rate channels. There are four different cell sizes in a GSM network - macro, micro, pico and umbrella cells. The coverage area of each cell varies according to the implementation environment. Macro cells can be regarded as cells where the base station antenna is installed on a mast or a building above average roof top level. Micro cells are cells whose antenna height is under average roof top level; they are typically used in urban areas. Picocells are small cells whose diameter is a few dozen meters; they are mainly used indoors. On the other hand, umbrella cells are used to cover shadowed regions of smaller cells and fill in gaps in coverage between those cells. Cell radius varies depending on antenna height, antenna gain and propagation conditions from a couple of hundred meters to several tens of kilometers. The longest distance the GSM specification supports in practical use is 35 km or 22 miles. There are also several implementations of the concept of an extended cell, where the cell radius could be double or even more, depending on the antenna system, the type of terrain and the timing advance. Indoor coverage is also supported by GSM and may be achieved by using an indoor picocell base station, or an indoor repeater with distributed indoor antennas fed through power splitters, to deliver the radio signals from an antenna outdoors to the separate indoor distributed antenna system. These are typically deployed when a lot of call capacity is needed indoors, for example in shopping centers or airports. However, this is not a prerequisite, since indoor coverage is also provided by in-building penetration of the radio signals from nearby cells. The modulation used in GSM is Gaussian minimum shift keying (GMSK), a kind of continuous-phase frequency shift keying. In GMSK, the signal to be modulated onto the carrier is first smoothed with a Gaussian low-pass filter prior to being fed to a frequency modulator, which greatly reduces the interference to neighboring channels (adjacent channel interference). A nearby GSM handset is usually the source of the "dit dit dit, dit dit dit, dit dit dit" signal that can be heard from time to time on home stereo systems, televisions, computers, and personal music devices. When these audio devices are in the near field of the GSM handset, the radio signal is strong enough that the solid state amplifiers in the audio chain function as a detector. The clicking noise itself represents the power bursts that carry the TDMA signal. This is a form of RFI, and could be mitigated or eliminated by use of additional shielding and/or bypass capacitors in these audio devices, however, the increased cost of doing so is difficult for a designer to justify. Network structure the Base Station Subsystem (the base stations and their controllers). The network behind the GSM system seen by the customer is large and complicated in order to provide all of the services which are required. It is divided into a number of sections and these are each covered in separate articles. The structure of a GSM network all of the elements in the system combine to produce many GSM services such as voice calls and SMS. the GPRS Core Network (the optional part which allows packet based Internet connections). the Network and Switching Subsystem (the part of the network most similar to a fixed network). This is sometimes also just called the core network. One of the key features of GSM is the Subscriber Identity Module (SIM), commonly known as a SIM card. The SIM is a detachable smart card containing the user's subscription information and phonebook. This allows the user to retain his or her information after switching handsets. Alternatively, the user can also change operators while retaining the handset simply by changing the SIM. Some operators will block this by allowing the phone to use only a single SIM, or only a SIM issued by them; this practice is known as SIM locking, and is illegal in some countries. Subscriber identity module In the United States, Europe and Australia, many operators lock the mobiles they sell. This is done because the price of the mobile phone is typically subsidised with revenue from subscriptions and operators want to try to avoid subsidising competitor's mobiles. A subscriber can usually contact the provider to remove the lock for a fee, utilize private services to remove the lock, or make use of ample software and websites available on the Internet to unlock the handset themselves. While most web sites offer the unlocking for a fee, some do it for free. The locking applies to the handset, identified by its International Mobile Equipment Identity (IMEI) number, not to the account (which is identified by the SIM card). It is always possible to switch to another (non-locked) handset if such other handset is available. Some providers will unlock the phone for free if the customer has held an account for a certain period. Third party unlocking services exist that are often quicker and lower cost than that of the operator. In most countries removing the lock is legal. Cingular provides free unlock services to its customer after 3 months of subscriptions. In countries like India, Belgium, etc., all phones are sold unlocked. However, in Belgium, it is unlawful for operators there to offer any form of subsidy on the phone's price. This was also the case in Finland until April 1 2006, when selling subsidized combinations of handsets and accounts became legal though operators have to unlock phone free of charge after a certain amount of time (at most 24 months). GSM was designed with a moderate level of security. The system was designed to authenticate the subscriber using shared-secret cryptography. Communications between the subscriber and the base station can be encrypted. The development of UMTS introduces an optional USIM, that uses a longer authentication key to give greater security, as well as mutually authenticating the network and the user - whereas GSM only authenticated the user to the network (and not vice versa). The security model therefore offers confidentiality and authentication, but limited authorization capabilities, and no non-repudiation. GSM security GSM uses several cryptographic algorithms for security. The A5/1 and A5/2 stream ciphers are used for ensuring over-the-air voice privacy. A5/1 was developed first and is a stronger algorithm used within Europe and the United States; A5/2 is weaker and used in other countries. A large security advantage of GSM over earlier systems is that the Ki, the crypto variable stored on the SIM card that is the key to any GSM ciphering algorithm, is never sent over the air interface. Serious weaknesses have been found in both algorithms, and it is possible to break A5/2 in real-time in a ciphertext-only attack. The system supports multiple algorithms so operators may replace that cipher with a stronger one. Core technology: See also 2G 4G 3G 2.5G Architectural elements: Base Station Subsystem (BSS) Base Station Controller (BSC) Subscriber Identity Module (SIM) Mobile Switching Center (MSC) Home Location Register (HLR) Visitors Location Register (VLR) Radio: Equipment Identity Register (EIR) GSM frequency ranges Services: Cellular traffic GSM services GSM localization MMS GSM codes for supplementary services SMS Cell Broadcast GPRS WAP Wireless Application Protocol Standards: European Telecommunications Standards Institute (ETSI) Comparison of mobile phone standards Intelligent network (IN) Common terms: Parlay International Mobile Equipment Identity (IMEI) Handoff Mobile Station Integrated Services Digital Network (MSISDN) International Mobile Subscriber Identity (IMSI) Related technologies: External links GSM-R (GSM-Railway) 3GPP The current standardisation body for GSM with free standards available. GSM Association - the group representing GSM operators (official site) - includes coverage maps for all members GSM and GPRS Tutorials explained with realtime Scenario traces Overview of GSM by John Scourias GSM/Telecom Resources 3GPP numbering scheme Visualtron's tutorial on GSM GSM-security.net FAQ Number of GSM Subscribers GSM technical overview and tutorial from Radio-Electronics.Com GSM - ideas, origin and milestones - a Norwegian perspective from Telenor's journal of technology Telektronikk List of acronyms of GSM network parameters GSM Call Flow Diagrams Selection of GSM Handsets GSM Wireless Terminals Cell Phone Safety and Wireless Facts bat-smg:GSM Smart Car Surveillance System How to trace your missing car using a GSM cell phone (Wiki eHow) GSM in Africa This entry is from Wikipedia, the leading user-contributed encyclopedia. It may not have been reviewed by professional editors (see full disclaimer) Translations   Donate to Wikimedia Directory > Words > Translations Translations for: Gsm Dansk (Danish) abbr. - Global System for Mobile Communications, globalt system for mobilkommunikation Français (French) abbr. - (abrév = Global Systems for Mobile Communications) GSM, système global de communications mobiles Deutsch (German) abbr. - Globales System zur Standardisierung von Mobile Español (Spanish) abbr. - Sistema Global para Mobile 中文(简体) (Chinese (Simplified)) 全球数字移动电话系统图系统模块 中文(繁體) (Chinese (Traditional)) abbr. - 全球數位移動電話系統圖系統模組 한국어 (Korean) abbr. - general sales manager (판매 부장) עברית (Hebrew) abbr. - ‮רשת תקשורת של טלפון תאי (סלולרי)‬ If you are unable to view some languages clearly, click here. To select your translation preferences click here. GSM is mentioned in these AnswerPages: gsm (Shopping) gsm 95 (Shopping) gsm pda (Shopping) logo gsm (Shopping) S700i Gsm (Shopping) Gsm-fm-2w-4c (Shopping) Gsm Quadband (Shopping) P910 Gsm (Shopping) treo 600 gsm (Shopping) treo 650 gsm (Shopping) More>  Mentioned In Chapter 10 Real world security protocols

Chapter 10 Real world security protocols Cell Phones 1세대 이동 전화 아나로그, 표준이 거의 없었음 보안은 거의 고려되지 않음 복제(cloning)가 보안의 주 관심사였음 2세대 이동 전화: GSM 1982에 시작 Global System for Mobile Communications 3세대 3rd Generation Partnership Project (3GPP) Chapter 10 Real world security protocols

1G 2G 2.5G 3G 3.5G D-AMPS GSM GPRS EDGE WCDMA HSDPA AMPS TDMA/FDMA 30kbps 384kbps 144kbps 384kbps 2Mbps 10Mbps 2007년 Analog (FDMA) 9.6kbps 8Kbps IS-95 CDMA IS-95A IS-95B CDMA1x- EVDO 14.4kbps 64kbps 2.4Mbps 2003년 1992년 결정 1996년 개시 WiBro 18Mbps Wi-Fi 54Mbps

Chapter 10 Real world security protocols GSM Architecture VLR (Visitor Location Register) HLR (Home Location Register) AuC (Authentication Center) air interface Mobile Base Station AuC VLR “land line” HLR PSTN Internet Etc. Visited Network Base Station Controller Home Network Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM 시스템 구성요소 휴대 전화: cell phone SIM(Subscriber Identity Module)을 내장 Smart card Air interface 방문 네트워크(Visited network) 기지국(base station) 기지국 제어기(base station controller) SIM Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM 시스템 구성요소 PSTN (공중 전화망) Home network  휴대전화가 속해 있는 망 HLR (Home Location Register)  AuC (Authentication Center)  IMSI/Ki를 보관 IMSI(International Mobile Subscriber ID) Chapter 10 Real world security protocols

Mobile phone: cell phone SIM(Subscriber Identity Module) 내장 SIM은 security module로서 다음의 정보를 갖는다. IMSI (International Mobile Subscriber ID): 휴대전화 사용자를 구별 사용자 키 Ki (128 bits) SIM을 사용하는 목적은 조작을 방지하기 위한 H/W(smart card)를 제공하는 것이다. SIM Chapter 10 Real world security protocols

방문 네트워크(Visited network) 다수의 기지국 하나의 셀(cell) 마다 하나의 기지국 존재 기지국 제어기 VLR (Visitor Location Register)은 기지국 제어기에 존재한다. 현재 Visited network에 방문한 휴대전화의 정보를 기록한다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols Home network 휴대 전화가 속한 홈 네트워크 각 휴대전화는 하나의 홈 네트워크에 등록되어 있다. HLR (Home Location Register) 등록된 휴대전화가 현재 어떤 방문 네트워크에 있는지 기록한다. AuC (Authentication Center) IMSI(international Mobile Subscriber ID): 가입자 식별 번호 Ki: SIM 사용자 번호 모든 휴대전화 사용자에 대한 요금 정보를 갖는다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM 보안의 목표 주 목표 GSM를 공중 전화망과 같은 정도의 보안 유지 복제 방지 능동적인 공격은 고려하지 않음! 그때는 이러한 공격은 실현 가능성이 없었다. 가장 큰 위협은 안전하지 않은 요금 관리 Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM 보안 특징 익명성(Anonymity) 사용자의 신분이 드러나지 않도록 한다. 전화회사에는 그리 중요하지 않다. 인증(Authentication) 정확한 요금 청구를 위해서 필요 전화 회사에는 가장 중요한 문제! 기밀성(Confidentiality) 전화 회사에는 그리 중요하지 않다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 익명성 IMSI는 처음에 송신자를 식별하는데 사용된다. 공격자가 통신 메시지의 시작 부분을 캡쳐하면 IMSI를 알 수 있다. 그래서 TMSI (Temporary Mobile Subscriber ID)를 사용 TMSI는 자주 변경 TMSI는 보낼 때 암호화함 익명성을 확실하게 보장하지 않는다. 하지만 대부분의 사용자에게는 충분함 Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 인증 Caller는 기지국에 인증 상호 인증은 아니다. challenge-response에 의한 인증 Home network은 RAND를 발생하고 XRES = A3(RAND, Ki)를 계산한다. (A3는 hash) 그리고 (RAND,XRES)를 기지국에 보낸다. 기지국은 challenge RAND를 휴대 전화에 보낸다. 휴대전화의 response는 SRES = A3(RAND, Ki) 기지국은 검증: SRES = XRES Ki는 홈 네트워크를 벗어나지 않는다! Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 기밀성 데이터는 stream cipher로 암호화 에러율이 대략 1/1000 에러율이 높아서 block cipher를 사용할 수 없다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 기밀성 홈네트워크가 기지국으로부터 IMSI를 받을 때, 홈네트워크는 다음을 계산한다. Kc = A8(RAND, Ki), where A8 is a hash GSM 암호화 키 : Kc 그러면 Kc는 (RAND,XRES)와 함께 기지국으로 전송된다. 기지국은 앞에서와 같이 인증 절차가 완료되면, 휴대전화는 Kc = A8(RAND, Ki)를 계산 기지국은 이미 Kc를 알고 있다. 따라서 휴대전화와 기지국은 대칭키를 공유한다. A5(Kc)로부터 키스트림을 발생한다. Ki 는 홈 네트워크를 벗어나지 않는다! Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM의 보안상의 문제점 GSM에서 사용하는 암호 알고리즘에 결함 또한 프로토콜에 결함 가장 큰 문제는 처음 설계자들의 잘못된 보안의 가정이다. Chapter 10 Real world security protocols

GSM 보안 SRES와 Kc는 상관 관계가 없어야 한다. 1. IMSI 2. IMSI 4. RAND 3. (RAND,XRES,Kc) 5. SRES Mobile Base Station Home Network 6. Kc로 암호화 SRES와 Kc는 상관 관계가 없어야 한다. 둘 다 RAND와 Ki에서 유도되었더라도 알려진 RAND/SRES pair에서부터 Ki를 추측하는 것이 가능하지 않아야 한다. (known plaintext attack) 선택된 RAND/SRES pair에서부터 Ki를 추측하는 것이 가능하지 않아야 한다.(chosen plaintext attack)

Chapter 10 Real world security protocols GSM 암호 알고리즘 결함 A3/A8는 해쉬로 COMP128를 사용 150,000개의 선택된 평문으로 해독될 수 있다. SIM에서 2시간에서 10시간 만에 Ki를 구할 수 있다. 암호화 알고리즘 A5/1 알려진 평문 공격에 2초만에 깨진다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 잘못된 가정 GSM의 호(call)는 휴대 전화와 기지국 사에서 암호화 된다. 오직 휴대전화와 기지국 만을 보호한다. 하지만 기지국과 기지국 제어기 사이에는 암호화되지 않는다. 이 사이에서의 통신은 마이크로파를 사용할 때가 있다. Base Station VLR Base Station Controller Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: SIM 공격 SIM card에 대한 공격 Optical Fault Induction Partitioning Attacks SIM을 갖고 있으면 공격자는 수 초안에 Ki 을 찾아낼 수 있다. 휴대폰을 분실했다면 수초 안에 복제해 낼 수 있다!!! Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 프로토콜의 결함 (가짜 BS) 가짜 기지국은 프로토콜의 두 가지 결함을 이용한다. ① 상호 인증이 아니다. Caller는 기지국에 인증을 받지만 caller는 기지국을 인증하지 않는다. ② air interface에서의 암호화는 자동적으로 이루어지지 않는다. 기지국이 암호화할 지 않을지를 결정한다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 프로토콜 결함 (2/3) RAND Call to SRES destination No Mobile Fake Base Station encryption Base Station 가짜 기지국은 보통의 전화 같은 역할을 한다. 그래서 가짜 기지국과 합법적인 기지국 사이에는 보통의 GSM 전화 통신이 이루어지고 암호화된다. 기지국은 통화를 엿들을 수 있다. 요금은 가짜 기지국으로 청구된다! Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 프로토콜 결함 (3/3) RAND Call to SRES destination No Mobile Fake Base Station encryption Base Station 가짜 기지국은 어떤 RAND와 이에 해당하는 값을 보내기 때문에 SIM에 대한 선택 평문 공격(chosen plaintext attack)을 할 수 있다. Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM: 프로토콜 결함 (재사용) 기지국은 (RAND, XRES, Kc)을 재사용할 수 있다. 서비스 거부 공격이 가능하다. jamming(이것은 무선 통신에서 영원한 문제이다) Chapter 10 Real world security protocols

Chapter 10 Real world security protocols GSM 결론 GSM은 목표를 달성했는가? 복제 방지? Yes air interface를 PSTN 만큼 안전하게 한다? 아마도… 하지만 설계의 목표는 명백히 제한적이다. GSM의 불안전한 보안 암호화 알고리즘의 약점, SIM 문제, 위조 BS, 재사용 등등. PSTN 불안전성 도청, 적극적 공격, 수동적 공격 (e.g., 코드리스 전화), 등등. GSM의 보안은 어느 정도는 성공적이지 않는가? Chapter 10 Real world security protocols