Thursday, January 5, 2012

GPRS Security Feature, Threats and Solution

Background Information
Example of a 3G/GPRS Modem
GPRS stands for General packet radio service. It is a data network architecture which is designed to integrate with GSM networks and offer mobile clients or subscribers a "always on" packet swithced data services to corporate networks and the internet. GPRS is standardized by European Telecommunications Standards Institute (ETSI). GPRS usage is charged based on the volume of the data.

GPRS Services
  1. SMS and Broadcasting
  2. MMS
  3. Internet access is "always on"
  4. Internet applications for smart phones and devices are through the Wireless Application Protocol (WAP)
Supported Protocols
  1. Internet Protocol (IP)
  2. Point-to-point protocol (PPP)
  3. TCP/IP
GSM uses GPRS for data transmissions like for example browsing the web.
GPRS Core Network Architecture Overview















GPRS Security
  • Integrity
    • Assures that data cannot be altered in an unauthorized or malicious manner
  • Confidentiality
    • Protection of data from disclosure to third parties
  • Authentication
    • Provides assurance that a party in a data communication is who or what they claim to be
  • Authorization
    • Ensures that a party may only perform the actions that they're allowed to perform
  • Availability
    • Data services are usable by the appropriate parties in the manner intended
 Solutions
  • Traffic rate limiting
  • GTP rate limiting
  • Hardware-accelerated stateful packet filtering
  • GTP stateful packet filtering 
Network Security & Solution Diagram
This security solution uses a tunnel hub concept to separate traffic for different corporate networks and internet.




References
http://www.it.iitb.ac.in/~kavita/GSM_Security_Papers/GPRS_Security_Threats_and_Solutions.pdf
http://en.wikipedia.org/wiki/General_Packet_Radio_Service
Posted by at No comments:

GSM Security Feature, Threats and Solution

The GSM logo 
Background Information
GSM stands for Global System for Mobile Communications. It is a standard used to describe technologies for second generation or 2G networks. Using the words we learned from school, this GSM is a circuit switched network and is mainly used for full duplex voice telephony.




Technology Used In GSM
  1. Gaussian Minimum Shift Keying (MGSK)
  2. Phase Shift Keying (PSK)
  3. Time Division Multiple Access (TDMA)
  4. Frequency Division Duplex (FDD)

Security Feature
GSM has only a moderate level of service security. It was being designed in a way that it had to authenticate the subscriber with the use of a pre-shared key. It also has a challenge-response. The link between the subscriber and the base station can be encrypted. On the whole, GSM offers confidentiality and authentication, but with limited authorization capabilities.

Cryptographic algorithms are used for security purposes in GSM. For ensuring over-the-air voice privacy, the A5/1 and A5/2 stream ciphers are used.

Threats
The A5/2 is weaker and therefore is easier to find loopholes in it. It can be broken with a ciphertext-only attack. Though the A5/1 is stronger, it also can be broken with a rainbow table attack. 

Solution
GSM uses USIM (Subscriber Identity Module) to prevent connections to fake base stations and downgrade attacks. Users will be protected in the medium term.

References
Posted by at 1 comment:
Subscribe to: Posts (Atom)