Crypto U12 (part 1), crypto for mobile telecom

Mind Map by , created over 6 years ago

IYM002 (Unit 12 - Crypto Systems) Mind Map on Crypto U12 (part 1), crypto for mobile telecom, created by jjanesko on 04/28/2013.

Created by jjanesko over 6 years ago
Crypto U1, Basic Principles
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
GCSE Physics Revision notes
Megan McDonald
Crypto U12 (part 2), crypto for mobile telecom
Crypto U12, SSL
Crypto U12, WLAN
Crypto U12 GSM,UTMS Hierarchy Diagram
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
Crypto U12 (part 1), crypto for mobile telecom
1 background
1.1 mobile telecom companies share operational standards
1.2 original mobile systems not secure
1.2.1 sent serial numbers in the clear
1.2.2 eavesdropping easy
1.2.3 cloning possible
1.3 GSM
1.3.1 designed by ETSI European Telecommunications Standards Institute
1.3.2 improved security over original
1.4 UTMS
1.4.1 next step in evolution after GSM
1.5 cellular network diagram


2 general design
2.1 main motivation for security: revenue protection
2.2 must be cost effective
2.3 should be as secure as the public switched telephone network and not more
2.4 adapts to evolving constraints
2.5 shifted from proprietary algorithms (GSM) to publicly known ones (UTM)
2.6 must handle noisy comm channel
3.1 new features
3.1.1 mutual entity authentication supported by AKE (similar to GSM except additonal MAC key is generated) sequence # added for freshness and maintained by mobile device and base station
3.1.2 prevention of AKE triplet replay sequence #'s prevent replay roaming authentication upgraded to have quintlets
3.1.3 longer key lengths
3.1.4 publicly know algorithms
3.1.5 integrity of signalling data with a MAC
4.1 security requirements
4.1.1 entity authentication of the user
4.1.2 confidentiality on radio path
4.1.3 anonymity on radio path prevents an attacker form linking the source of several calls
4.1.4 constraints not excessively strong export! do not add to much overhead especially on call setup
4.2 design
4.2.1 fully symmetric architecture GSM closed system fast
4.2.2 stream cipher noisy comm channel
4.2.3 fixed encryption algorithms
4.2.4 proprietary algorithms closed system ETSI has crypto expertise performance
4.3 crypto components
4.3.1 subscriber identification module (SIM) has international mobile subscriber identity maps user to phone has unique 128 bit crypto key used for all crypto services
4.3.2 AKE (authentication and key establishment) uses dynamic password scheme protocols A3 challenge response protocol A8 generate encryption key not shared with other access providers special roaming scheme
4.3.3 comm encryption service shared with other mobile networks Uses standard A5/1 64 bit key, stream cipher
4.4 security analysis
4.4.1 popular implementation of A3 and A8 was COMP 128 designs leadked and weaknesses found
4.4.2 A5/1 reverse engineered powerful attacks developed
4.4.3 effective because it addressed cloning and eavesdropping

Media attachments