SECR3T: Secure End-to-End Communication over 3G Telecommunication Networks

Nowadays the use of video conference tools from mobile devices is becoming more widespread. Unfortunately, solutions based only on the security features inherited from the operator infrastructure cannot be blindly trusted. Therefore, the need for secure communication tools is rapidly increasing. Currently, voice and video communication tools are considered unreliable when used in either a mobile context or under poor signal strength conditions. This is particularly true for IP connections routed on the Packet-Switched Domain (PSD) over 3G mobile networks. This paper presents the design and the implementation of SECR3T (Secure End-to-End Communication over 3G Telecommunication Networks), a fully-fledged secure communication system for mobile devices based on the native Circuit-Switched Domain (CSD) of 3G networks. To the authors knowledge, this is the first solution for secure communication over the CSD of 3G networks. The security schemes implemented by SECR3T include mutual end-to-end authentication as well as data encryption. The adopted end-to-end security mechanisms have been embedded within the native 3G-324M protocol and do not require any form of interaction with the mobile network operator. Relying on the CSD, SECR3T provides a better QoS with respect to the PSD based solutions for 3G networks. It also requires less power consumption as the user is registered once on the Base Station (BS), with the handset not having to implement any heavy keep-alive protocols. In order to prove the effectiveness of the adopted strategy, a prototype was implemented to compare its performance with the well-known PSD solutions. Subsequently, the authors experimentally evaluated the security strengths and the impacts produced on the user experience with respect to traditional tools using CSD.