Cryptography and network security (2nd ed.): principles and practice
Cryptography and network security (2nd ed.): principles and practice
Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations
Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations
The GSM System for Mobile Communications
The GSM System for Mobile Communications
Authentication and Billing Protocols for the Integration of WLAN and 3G Networks
Wireless Personal Communications: An International Journal
A PK-SIM card based end-to-end security framework for SMS
Computer Standards & Interfaces
Hi-index | 0.00 |
The logic ruling the user and network authentication as well as the data ciphering in the GSM architecture is characterized, regarding the transferring of the parameters employed in these processes, by transactions between three nodes of the system, that is the MS, actually the SIM, the visited MSC/VLR, and the AuC, which is attached to the HLR in most cases. The GPRS and the UMTS architecture carry the heritage of the GSM's philosophy regarding the user/network authentication and the data ciphering. So, the corresponding three nodes (MS, VLR, and HLR) of these systems are involved as well in the authentication and data ciphering procedures. Moreover, the methods of the conventional cryptography have been adopted by all three systems. This paper describes in brief the subscriber authentication and data ciphering, as they are recommended by the Specifications for all three aforementioned systems. Based on what the specifications define, we pinpoint the vulnerable points of the systems, exposed to third party attacks, and propose asymmetric cryptography procedures for their coverage, consisting of the introduction of public-private key pairs for the transactions between the VLR-HLR, as well as the MS-VLR. On the other hand, the nature of the services constituting a Public Key Infrastructure (PKI) renders the telecommunication operators the main candidates for the development of PKIs fully or partially fledged. The private-public key pair, stored by the PLMN operator in the SIM, for the GSM/GPRS case, or in the USIM for the UMTS case and created to deal initially with internal system functions, can easily be extended, adopted and employed in secure e/m-transactions, if bound to a digital certificate, in the case the PLMN operator supports PKI services as well.