|
|
Cellular Phones and Cell Phone Information
A mobile phone is a device which behaves as a normaltelephone whilst being able to move over a wide area (compare cordless phone which acts as a telephone only within a limited range). Mobilephones allow connections to be made to the telephone network, normally bydirectly dialling the other party's number on an inbuilt keypad. ...
Below, you'll find extensive
information on leading nokia cellular phone accessory articles and products to help
you on your way to success.
Security Of Gsm System
By Priyanka Agarwal, Sat Dec 10th
By Priyanka Agarwal http://M6.net Introduction Every day millions of people use cellular phonesover radio links. With the increasing features, the mobile phoneis gradually becoming a handheld computer. In the early 1980’s,when most of the mobile telephone system was analog, theinefficiency in managing the growing demands in a cost-effectivemanner led to the opening of the door for digital technology(Huynh & Nguyen, 2003). According to Margrave (n.d), “With theolder analog-based cellular telephone systems such as theAdvanced Mobile Phone System (AMPS) and the Total AccessCommunication System (TACS)”, cellular fraud is extensive. It’svery simple for a radio hobbyist to tune in and hear cellulartelephone conversations since without encryption, the voice anduser data of the subscriber is sent to the network (Peng, 2000).Margrave (n.d) states that apart from this, cellular fraud canbe committed by using complex equipment to receive theElectronic Serial Number so as to clone another mobile phone andplace calls with that. To counteract the aforementioned cellularfraud and to make mobile phone traffic secure to a certainextent, GSM (Global System for Mobile communication or GroupSpecial Mobile) is one of the many solutions now out there.According to GSM-tutorials, formed in 1982, GSM is a worldwideaccepted standard for digital cellular communication. GSMoperates in the 900MHz, 1800MHz, or 1900Mhz frequency bands by“digitizing and compressing data and then sending it down achannel with two other streams of user data, each in its owntime slot.” GSM provides a secure and confidential method ofcommunication Security provided by GSM The limitation ofsecurity in cellular communication is a result of the fact thatall cellular communication is sent over the air, which thengives rise to threats from eavesdroppers with suitablereceivers. Keeping this in account, security controls wereintegrated into GSM to make the system as secure as publicswitched telephone networks. The security functions are: 1. Anonymity: It implies that it is not simple and easy to trackthe user of the system. According to Srinivas (2001), when a newGSM subscriber switches on his/her phone for the first time, itsInternational Mobile Subscriber Identity (IMSI), i.e. realidentity is used and a Temporary Mobile Subscriber Identity(TMSI) is issued to the subscriber, which from that time forwardis always used. Use of this TMSI, prevents the recognition of aGSM user by the potential eavesdropper.
2. Authentication: It checks the identity of the holder of thesmart card and then decides whether the mobile station isallowed on a particular network. The authentication by thenetwork is done by a response and challenge method. A random128-bit number (RAND) is generated by the network and sent tothe mobile. The mobile uses this RAND as an input and through A3algorithm using a secret key Ki (128 bits) assigned to thatmobile, encrypts the RAND and sends the signed response (SRES-32bits) back. Network performs the same SRES process and comparesits value with the response it has received from the mobile soas to check whether the mobile really has the secret key(Margrave, n.d). Authentication becomes successful when the twovalues of SRES matches which enables the subscriber to join thenetwork. Since every time a new random number is generated,eavesdroppers don’t get any relevant information by listening tothe channel. (Srinivas, 2001) 3. User Data and Signalling Protection: Srinivas (2001) statesthat to protect both user data and signalling, GSM uses a cipherkey. After the authentication of the user, the A8 ciphering keygenerating algorithm (stored in the SIM card) is used. Takingthe RAND and Ki as inputs, it results in the ciphering key Kcwhich is sent through. To encipher or decipher the data, this Kc(54 bits) is used with the A5 ciphering algorithm. Thisalgorithm is contained within the hardware of the mobile phoneso as to encrypt and decrypt the data while roaming. Algorithmsused to make mobile traffic secure Authentication Algorithm A3: One way function, A3 is anoperator-dependent stream cipher. To compute the output SRES byusing A3 is easy but it is very difficult to discover the input(RAND and Ki) from the output. To cover the issue ofinternational roaming, it was mandatory that each operator maychoose to use A3 independently. The basis of GSM’s security isto keep Ki secret (Srinivas, 2001) Ciphering Algorithm A5: In recent times, many series of A5exists but the most common ones are A5/0(unencrypted), A5/1 andA5/2. Because of the export regulations of encryptiontechnologies there is the existence of a series of A5 algorithms(Brookson, 1994). A8 (Ciphering Key Generating Algorithm): Like A3, it is alsooperator-dependent. Most providers combine A3 and A8 algorithmsinto a single hash function known as COMP128. The COMP128creates KC and SRES, in a single instance (Huynh & Nguyen, 2003). GSM security flaws ·Security by obscurity. According to (Li, Chen & Ma) some peopleasserts that since the GSM algorithms are not publicized so itis not a secure system. “Most security analysts believe anysystem that is not subject to the scrutiny of the world’s bestminds can’t be as secure.” For instance, A5 was never madepublic, only its description is divulged as part of the GSMspecification. ·Another limitation of GSM is that although all communicationbetween the Mobile station and the Base transceiver station areencrypted, in the fixed network all the communication andsignalling is not protected as it is transmitted in plain textmost of the time (Li, Chen & Ma). ·One more problem is that it is hard to upgrade thecryptographic mechanisms timely. ·Flaws are present within the GSM algorithms. According toQuirke (2004) “ A5/2 is a deliberately weakened
Denso Cell Phone Accessories - For Your Phone
]]>
Cell Phones for Kids - How Young is Too Young?
LG Cell Phones - Made To Last
now and their cell phones are no exception. LG cell phones are
high on style and features. You owe it to yourself to check out LG
cell phones.
]]>
Cingular Wireless - There For The Consumer
]]>
Liberty Wireless - Inexpensive Cell Phone
]]>
MCI Wireless - Still In Business
]]>
version of A5/1,since A5/2 can be cracked on the order of about 216”. Security breaches Time to time, people have tried to decode GSM algorithms. Forinstance, according to Issac press release (1998) in April 1998,the SDA (Smartcard Developer Association) along with two U.CBerkeley researchers alleged that they have cracked the COMP128algorithm, which is stored on the SIM. They claimed that withinseveral hours they were able to deduce the Ki by sending immensenumbers of challenges to the authorization module. They alsosaid that out of 64 bits, Kc uses only 54 bits with zerospadding out the other 10, which makes the cipher keypurposefully weaker. They felt government interference might bethe reason behind this, as this would allow them to monitorconversations. However, they were unable to confirm theirassertion since it is illegal to use equipment to carry out suchan attack in the US. In reply to this assertion, the GSMalliance stated that since the GSM network allows only one callfrom any phone number at any one time it is of no relevant useeven if a SIM could be cloned. GSM has the ability to detect andshut down duplicate SIM codes found on multiple phones (Businesspress release, 1998). According to Srinivas (2001), one of the other claims was madeby the ISAAC security research group. They asserted that a fakebase station could be built for around $10,000, which wouldallow a “man-in-the-middle” attack. As a result of this, thereal base station can get deluged which would compel a mobilestation to connect to the fake station. Consequently, the basestation could eavesdrop on the conversation by informing thephone to use A5/0, which is without encryption. One of the other possible scenarios is of insider attack. In theGSM system, communication is encrypted only between the Mobilestation and the Base Transceiver station but within theprovider’s network, all signals are transmitted in plain text,which could give a chance for a hacker to step inside (Li, Chen& Ma). Measures taken to tackle these flaws According to Quirke (2004),since the emergence of these, attacks, GSM have been revisingits standard to add newer technologies to patch up the possiblesecurity holes, e.g. GSM1800, HSCSD, GPRS and EDGE. In the lastyear, two significant patches have been implemented. Firstly,patches for COMP 128-2 and COMP128-3 hash function have beendeveloped to address the security hole with COMP 128 function.COMP128-3 fixes the issue where the remaining 10 bits of theSession Key (Kc) were replaced by zeroes. Secondly, it has beendecided that a new A5/3 algorithm, which is created as part ofthe 3rd Generation Partnership Project (3GPP) will replace theold and weak A5/2. But this replacement would result inreleasing new versions of the software and hardware in order toimplement this new algorithm and it requires the co-operation ofthe hardware and software manufacturers. GSM is coming out oftheir “security by obscurity” ideology, which is actually a flawby making their 3GPP algorithms available to securityresearchers and scientists (Srinivas, 2001). Conclusion To provide security for mobile phone traffic is onethe goals described in GSM 02.09 specification, GSM has failedin achieving it in past (Quirke, 2004). Until a certain pointGSM did provide strong subscriber authentication andover-the-air transmission encryption but different parts of anoperator’s network became vulnerable to attacks (Li, Chen, Ma).The reason behind this was the secrecy of designing algorithmsand use of weakened algorithms like A5/2 and COMP 128. One ofother vulnerability is that of inside attack. In order toachieve its stated goals, GSM is revising its standards and itis bringing in new technologies so as to counteract thesesecurity holes. While no human-made technology is perfect, GSMis the most secure, globally accepted, wireless, public standardto date and it can be made more secure by taking appropriatesecurity measures in certain areas. Bibliography Business Wire Press release (1998). GSM Alliance Clarifies False& Misleading Reports of Digital Phone Cloning. Retrieved October26th, 2004 Web site: http://jya.com/gsm042098.txt Brookson (1994). Gsmdoc Retrieved October 24th, 2004 from gsmWeb site: http://www.brookson.com/gsm/gsmdoc.pdf Chengyuan Peng (2000). GSM and GPRS security. Retrieved October24th, 2004 from Telecommunications Software and MultimediaLaboratory Helsinki University of Technology Web site:http://www.tml.hut.fi/Opinnot/Tik-110.501/2000/papers/peng.pdfEpoker Retrieved October 27th, 2004 from Department ofMathematics Boise State University, Mathematics 124,Fall 2004Website:http://math.boisestate.edu/~marion/teaching/m124f04/epoker.htm Huynh & Nguyen (2003). Overview of GSM and GSM security.Retrieved October 25th, 2004 from Oregon State university,project Web site:http://islab.oregonstate.edu/koc/ece478/project/2003RP/huynh_nguyen_gsm.doc Li, Chen & Ma (n.d). Security in gsm. Retrieved October 24th,2004 from gsm-security Web site:http://www.gsm-security.net/papers/securityingsm.pdf Quirke (2004). Security in the GSM system. Retrieved October25th, 2004 from SecurityWebsite:http://www.ausmobile.com/downloads/technical/Security inthe GSM system 01052004.pdf Margrave (n.d). GSM system and Encryption. Retrieved October25th, 2004 from gsm-secur Web site:http://www.hackcanada.com/blackcrawl/cell/gsm/gsm-secur/gsm-secur.html Press release (1998). Smartcard Developer AssociationClones Digital GSM 1998). Retrieved October 26th, 2004 from issac Web site: http://www.isaac.cs.berkeley.edu/isaac/gsm.html Srinivas (2001). The GSM Standard (An overview of its security)Retrieved October 25th, 2004 from papers Website:http://www.sans.org/rr/papers/index.php?id=317 Stallings (2003). Cryptography and Network Security: Principlesand practices. USA: Prentice Hall. About the author:A novice trying to create her niche on network of networks
|
nokia cellular phone accessory
Navigation
Directory
Article
/ Links
Cellular Phone Service Provider
Latest Cellular Phone
Free Cellular Phone Game
Cellular Phone Comparison
Audiovox Cellular Phone Accessory
Cellular Phone Rating
Ebay Cellular Phone
Virgin Mobile Cellular Phone
Cellular Phone Number Search
Nokia Cellular Phone Accessory
Cellular Phone For Kid
1. Motorola RAZR V3 Unlocked Cell Phone with Video Player--International Version with No Warranty (Black)
 ]]>2. Motorola KRZR K1 Unlocked Cell Phone with 2 MP Camera, MP3/Video Player, MicroSD Slot--International Version with No Warranty (Cosmic Blue)
 ]]>3. Motorola SLVR L7 Unlocked Cell Phone with MP3/Video Player, MicroSD Slot/TransFlash--International Version with No Warranty (Black)
 ]]>4. Motorola V197 Unlocked Cell Phone--U.S. Version with Warranty (Charcoal)
 ]]>
More
Resources
Computers
Cell Phones
PeekPort
Article
/ Links
Sorting Through Your Cellular Phone Options
By Tim Gorman, Sat Dec 10th
Some people purchase a cellular phone for emergency use only,but others use their cellular phone on a daily basis as areplacement for their land-line home phone. With the number ofoptions Read more...
Article / Links
Lg Cell Phones - Made To Last
By Martin Smith, Sat Dec 10th
LG has been producing top of the line products for quite a whilenow and their cell phones are no exception. LG cell phones arehigh on style and features. You owe it to yourself to check outLG cell Read more...
|