Title :
On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks
Author :
Meyer, Ulrike ; Wetzel, Susanne
Author_Institution :
Dept. of Comput. Sci., Darmstadt Univ. of Technol., Germany
Abstract :
GSM suffers from various security weaknesses: Just recently, Barkan, Biham and Keller presented a ciphertext-only attack on the GSM encryption algorithm A5/2 which recovers the encryption key from a few dozen milliseconds of encrypted traffic within less than a second. Furthermore, it is well-known that it is possible to mount a man-in-the-middle attack in GSM during authentication which allows an attacker to make a victim mobile station authenticate itself to a fake base station which in turn forwards the authentication traffic to the real network, thus impersonating the victim mobile station to a real network and vice versa. We discuss the impact of GSM encryption attacks, that recover the encryption key, and the man-in-the-middle attack on the security of networks, which employ UMTS and GSM base stations simultaneously. We suggest to protect UMTS connections from GSM attacks by integrating an additional authentication and key agreement on intersystem handovers between GSM and UMTS.
Keywords :
3G mobile communication; cellular radio; cryptography; message authentication; telecommunication security; telecommunication traffic; GSM encryption; Global System for Mobile Communication; UMTS network; Universal Mobile Telecommunication System; ciphertext-only attack; man-in-the-middle attacks; message authentication; 3G mobile communication; Authentication; Base stations; Computer science; Computer security; Cryptography; GSM; Protection; Telecommunication traffic; Telephony;
Conference_Titel :
Personal, Indoor and Mobile Radio Communications, 2004. PIMRC 2004. 15th IEEE International Symposium on
Print_ISBN :
0-7803-8523-3
DOI :
10.1109/PIMRC.2004.1368846
