3G Security Annual Report
Bạn đang xem bản rút gọn của tài liệu. Xem và tải ngay bản đầy đủ của tài liệu tại đây (977.25 KB, 18 trang )
1
1
Annual Motorola Project Review:
Annual Motorola Project Review:
Analysis of Third Generation
Analysis of Third Generation
Mobile Security
Mobile Security
Principal Investigators:
Principal Investigators:
Roy Campbell, DennisMckunas
Roy Campbell, DennisMckunas
Research Assistants:
Research Assistants:
Suvda Myagmar, Vineet Gupta
Suvda Myagmar, Vineet Gupta
Motorola Contact:
Motorola Contact:
Bruce Briley
Bruce Briley
Computer Science Department
Computer Science Department
University of Illinois at Urbana-Champaign
University of Illinois at Urbana-Champaign
June 28, 2002
June 28, 2002
2
2
Motivation for 3G Security
Motivation for 3G Security
Multibillion dollar industry, millions of potential
Multibillion dollar industry, millions of potential
subscribers worldwide ($3B to setup a network)
subscribers worldwide ($3B to setup a network)
Boom of handset devices and wireless
Boom of handset devices and wireless
technology
technology
Users want richer content for their mobile
Users want richer content for their mobile
devices (multimedia messaging, video
devices (multimedia messaging, video
conferencing, voice-over-IP, m-business)
conferencing, voice-over-IP, m-business)
Need security features to ensure user and data
Need security features to ensure user and data
confidentiality, QoS, billing, protection against
confidentiality, QoS, billing, protection against
intruders
intruders
3
3
Motorola Interest
Motorola Interest
A major provider of wireless solutions (cdma2000
A major provider of wireless solutions (cdma2000
network, i.300 chipset)
network, i.300 chipset)
3G devices are required to have built-in security per
3G devices are required to have built-in security per
3GPP specs
3GPP specs
Evaluate current security protocols
Evaluate current security protocols
Cost and feasibility of security features
Cost and feasibility of security features
Are the authentication and encryption algorithms strong?
Are the authentication and encryption algorithms strong?
Is the key length sufficient?
Is the key length sufficient?
Possible risks and threats
Possible risks and threats
What’s the impact of security upon the network
What’s the impact of security upon the network
performance?
performance?
Service setup delay
Service setup delay
End-to-end packet delay
End-to-end packet delay
Network load variation
Network load variation
4
4
3G Network Architecture
3G Network Architecture
Serving Core
Network
Radio
Network
Controller
Base
Station
Mobile
Station
5
5
Problems with GSM Security
Problems with GSM Security
Weak authentication and encryption algorithms
Weak authentication and encryption algorithms
(COMP128 has a weakness allowing user
(COMP128 has a weakness allowing user
impersonation; A5 can be broken to reveal the cipher
impersonation; A5 can be broken to reveal the cipher
key)
key)
Short key length (32 bits)
Short key length (32 bits)
No data integrity (allows certain denial of service
No data integrity (allows certain denial of service
attacks)
attacks)
No network authentication (false base station attack
No network authentication (false base station attack
possible)
possible)
Limited encryption scope (Encryption terminated at the
Limited encryption scope (Encryption terminated at the
base station, in clear on microwave links)
base station, in clear on microwave links)
Insecure key transmission (Cipher keys and
Insecure key transmission (Cipher keys and
authentication parameters are transmitted in clear
authentication parameters are transmitted in clear
between and within networks)
between and within networks)
6
6
3G Security Features
3G Security Features
Mutual Authentication
Mutual Authentication
The mobile user and the serving network authenticate each other
The mobile user and the serving network authenticate each other
Data Integrity
Data Integrity
Signaling messages between the mobile station and RNC
Signaling messages between the mobile station and RNC
protected by integrity code
protected by integrity code
Network to Network Security
Network to Network Security
Secure communication between serving networks. IPsec
Secure communication between serving networks. IPsec
suggested
suggested
Wider Security Scope
Wider Security Scope
Security is based within the RNC rather than the base station
Security is based within the RNC rather than the base station
Secure IMSI (International Mobile Subscriber
Secure IMSI (International Mobile Subscriber
Identity) Usage
Identity) Usage
The user is assigned a temporary IMSI by the serving network
The user is assigned a temporary IMSI by the serving network
7
7
3G Security Features
3G Security Features
User – Mobile Station Authentication
User – Mobile Station Authentication
The user and the mobile station share a secret key, PIN
The user and the mobile station share a secret key, PIN
Secure Services
Secure Services
Protect against misuse of services provided by the home
Protect against misuse of services provided by the home
network and the serving network
network and the serving network
Secure Applications
Secure Applications
Provide security for applications resident on mobile station
Provide security for applications resident on mobile station
Fraud Detection
Fraud Detection
Mechanisms to combating fraud in roaming situations
Mechanisms to combating fraud in roaming situations
Flexibility
Flexibility
Security features can be extended and enhanced as
Security features can be extended and enhanced as
required by new threats and services
required by new threats and services
