Crypto U12 (part 1), crypto for mobile telecom

jjanesko
Mind Map by , created over 6 years ago

IYM002 (Unit 12 - Crypto Systems) Mind Map on Crypto U12 (part 1), crypto for mobile telecom, created by jjanesko on 04/28/2013.

91
10
0
Tags
jjanesko
Created by jjanesko over 6 years ago
Crypto U1, Basic Principles
jjanesko
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
jjanesko
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
jjanesko
GCSE Physics Revision notes
Megan McDonald
Carbohydrates
Jubby
Crypto U12 (part 2), crypto for mobile telecom
jjanesko
Crypto U12, SSL
jjanesko
Crypto U12, WLAN
jjanesko
Crypto U12 GSM,UTMS Hierarchy Diagram
jjanesko
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
jjanesko
Crypto U12 (part 1), crypto for mobile telecom
1 background
1.1 mobile telecom companies share operational standards
1.2 original mobile systems not secure
1.2.1 sent serial numbers in the clear
1.2.2 eavesdropping easy
1.2.3 cloning possible
1.3 GSM
1.3.1 designed by ETSI
1.3.1.1 European Telecommunications Standards Institute
1.3.2 improved security over original
1.4 UTMS
1.4.1 next step in evolution after GSM
1.5 cellular network diagram

Annotations:

  • http://en.wikipedia.org/wiki/Zero-knowledge_proof#Abstract_example
2 general design
2.1 main motivation for security: revenue protection
2.2 must be cost effective
2.3 should be as secure as the public switched telephone network and not more
2.4 adapts to evolving constraints
2.5 shifted from proprietary algorithms (GSM) to publicly known ones (UTM)
2.6 must handle noisy comm channel
3 UTMS
3.1 new features
3.1.1 mutual entity authentication
3.1.1.1 supported by AKE (similar to GSM except additonal MAC key is generated)
3.1.1.2 sequence # added for freshness and maintained by mobile device and base station
3.1.2 prevention of AKE triplet replay
3.1.2.1 sequence #'s prevent replay
3.1.2.2 roaming authentication upgraded to have quintlets
3.1.3 longer key lengths
3.1.4 publicly know algorithms
3.1.5 integrity of signalling data with a MAC
4 GSM
4.1 security requirements
4.1.1 entity authentication of the user
4.1.2 confidentiality on radio path
4.1.3 anonymity on radio path
4.1.3.1 prevents an attacker form linking the source of several calls
4.1.4 constraints
4.1.4.1 not excessively strong
4.1.4.1.1 export!
4.1.4.2 do not add to much overhead
4.1.4.2.1 especially on call setup
4.2 design
4.2.1 fully symmetric architecture
4.2.1.1 GSM closed system
4.2.1.2 fast
4.2.2 stream cipher
4.2.2.1 noisy comm channel
4.2.3 fixed encryption algorithms
4.2.4 proprietary algorithms
4.2.4.1 closed system
4.2.4.2 ETSI has crypto expertise
4.2.4.3 performance
4.3 crypto components
4.3.1 subscriber identification module (SIM)
4.3.1.1 has international mobile subscriber identity
4.3.1.1.1 maps user to phone
4.3.1.2 has unique 128 bit crypto key used for all crypto services
4.3.2 AKE (authentication and key establishment)
4.3.2.1 uses dynamic password scheme
4.3.2.2 protocols
4.3.2.2.1 A3
4.3.2.2.1.1 challenge response protocol
4.3.2.2.2 A8
4.3.2.2.2.1 generate encryption key
4.3.2.3 not shared with other access providers
4.3.2.4 special roaming scheme
4.3.3 comm encryption
4.3.3.1 service shared with other mobile networks
4.3.3.2 Uses standard A5/1
4.3.3.2.1 64 bit key, stream cipher
4.4 security analysis
4.4.1 popular implementation of A3 and A8 was COMP 128
4.4.1.1 designs leadked and weaknesses found
4.4.2 A5/1 reverse engineered
4.4.2.1 powerful attacks developed
4.4.3 effective because it addressed cloning and eavesdropping

Media attachments