Академический Документы
Профессиональный Документы
Культура Документы
org )
Security and Encryption in GSM, GPRS, CDMA System
21
GSM SECURITY
2.1.1 Introduction [7]
The security methods standardized for the GSM System make it the most secure cellular telecommunications standard
currently available. Although the confidentiality of a call and anonymity of the GSM subscriber is only guaranteed on
the radio channel, this is a major step in achieving end-to- end security. The subscriber's anonymity is ensured through
the use of temporary identification numbers. The confidentiality of the communication itself on the radio link is
performed by the application of encryption algorithms and frequency hopping which could only be realized using
digital systems and signaling.
Algorithms: up to 7 A5 variants
Anonymity:
efficiency: no more bandwidth needed for security, no long delays (user acceptance), cost-
efficient
2.1.3.2Users view
22
correct billing
correct billing
23
24
25
26
GPRS Security
2.2.1 introduction [8]
The GPRS is a new service that is offered to the mobile phone user. Netcom and Telenor, who are the two largest
operators in Norway introduced GPRS on January 31 and February 1, 2001. So far it is just a small number of mobile
phone on the marked that supports GPRS and it is also difficult to get hold of a mobile phone. The operators offer a
limited numbers of services to the GPRS customers. One of the services that GPRS is supporting today is the Mobile
Mail. Mobile Mail is possible to use with the entire mobile phone that use WAP, but with the GPRS functionality
"always on" the email service Mobile Mail is more attractive It is important that the security is taken care of. This is
because the users; both private persons and companies, can feel safe and use the services that the operators offer.
Security and Encryption in GSM, GPRS, CDMA System
27
28
Attach process
Process by which the MS attaches (i.e. connected)
To the SGSN in the GPRS
Authentication prosess
Process by which the SGSN authentication the mobile subscriber.
Detach process
Process by which the MS detaches (i.e. disconnected ) from the SGSN in the GPRS network .
29
30
31
32
CDMA security
2.3.1 Introduction [6]
Since the birth of the cellular industry, security has been a major concern for both service providers and subscribers.
Service providers are primarily concerned with security to prevent fraudulent operations such as cloning or
subscription fraud, while subscribers are mainly concerned with privacy issues. In 1996, fraudulent activities through
cloning and other means cost operators some US$750 million in lost revenues in the United States alone. Fraud is still
a problem today, and IDC estimates that in 2000, operators lost more than US$180M in revenues from fraud.
Technical fraud, such as cloning, is decreasing in the United States, while subscription fraud is on the rise1. In this
paper, we will limit our discussions to technical fraud only. With the advent of second-generation digital technology
platforms like TDMA/CDMA-IS-41, operators were able to enhance their network security by using improved
encryption algorithms and other means. The noise-like signature of a CDMA signal over the air interface makes
eavesdropping very difficult. This is due to the CDMA Long Code, a 42-bit PN (Pseudo-Random Noise of length
242-1) sequence, which is used to scramble voice and data transmissions. This paper discusses how CDMA 2000
1xRTT implements three major features of mobile security: authentication, data protection, and anonymity
33
34
2.3.4.2. ESN-MIN-MDN:
ESN (electronic serial number)
The ESN is the 32 bit electronic serial number of the mobile phone. The ESN is pre-programmed by the phone
manufacturer during factory setting. The ESN is unique to each mobile on the network and is used in conjunction with
the mobile number to identity the mobile on the network . MIN (mobile identification number)
The MIN is the 10 digit number which is assigned by the service providers to a mobile phone in the network . the MIN
is unique each mobile on the network and is used in conjunction with the ESN to identify the mobile on the network.
MDN (mobile directory number) The MDN is the 10 digit dilatable number assigned by the service provider to a
mobile phone on its network . the MDN may be the same as the MIN (it depend on how the service provider provisions
this pair on its network)
35
36
37
38