Analysis of the SSL 3.0 protocol
WOEC'96 Proceedings of the 2nd conference on Proceedings of the Second USENIX Workshop on Electronic Commerce - Volume 2
An Extended Authentication and Key Agreement Protocol of UMTS
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
Attacks on public WLAN-based positioning systems
Proceedings of the 7th international conference on Mobile systems, applications, and services
Securing Mobile Phone Calls with Identity-Based Cryptography
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
Signaling-Oriented DoS Attacks in UMTS Networks
ISA '09 Proceedings of the 3rd International Conference and Workshops on Advances in Information Security and Assurance
On the detection of signaling DoS attacks on 3G/WiMax wireless networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
New attacks on UMTS network access
WTS'09 Proceedings of the 2009 conference on Wireless Telecommunications Symposium
Review: A review of DoS attack models for 3G cellular networks from a system-design perspective
Computer Communications
Network smart card performing U(SIM) functionalities in AAA protocol architectures
WISTP'08 Proceedings of the 2nd IFIP WG 11.2 international conference on Information security theory and practices: smart devices, convergence and next generation networks
A privacy protecting UMTS AKA protocol providing perfect forward secrecy
ICCSA'07 Proceedings of the 2007 international conference on Computational science and Its applications - Volume Part II
Security enhancements against UMTS-GSM interworking attacks
Computer Networks: The International Journal of Computer and Telecommunications Networking
DoS attacks exploiting signaling in UMTS and IMS
Computer Communications
Secure mobile communication via identity-based cryptography and server-aided computations
The Journal of Supercomputing
New authentication protocol providing user anonymity in open network
WINE'05 Proceedings of the First international conference on Internet and Network Economics
FMOODS'10/FORTE'10 Proceedings of the 12th IFIP WG 6.1 international conference and 30th IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Questioning the Feasibility of UMTS-GSM Interworking Attacks
Wireless Personal Communications: An International Journal
New privacy issues in mobile telephony: fix and verification
Proceedings of the 2012 ACM conference on Computer and communications security
Attacks and countermeasures in wireless cellular networks
Proceedings of the 2012 Information Security Curriculum Development Conference
A vulnerability in the UMTS and LTE authentication and key agreement protocols
MMM-ACNS'12 Proceedings of the 6th international conference on Mathematical Methods, Models and Architectures for Computer Network Security: computer network security
Breaking cell phone authentication: vulnerabilities in AKA, IMS and Android
WOOT'13 Proceedings of the 7th USENIX conference on Offensive Technologies
Enhancing security in mobile data networks through end user and core network cooperation
Proceedings of International Conference on Advances in Mobile Computing & Multimedia
SE-AKA: A secure and efficient group authentication and key agreement protocol for LTE networks
Computer Networks: The International Journal of Computer and Telecommunications Networking
Theoretical Analysis and Experimental Study: Monitoring Data Privacy in Smartphone Communications
International Journal of Interdisciplinary Telecommunications and Networking
| Hi-index | 0.00 |
In this paper we present a man-in-the-middle attack on the Universal Mobile Telecommunication Standard (UMTS), one of the newly emerging 3G mobile technologies. The attack allows an intruder to impersonate a valid GSM base station to a UMTS subscriber regardless of the fact that UMTS authentication and key agreement are used. As a result, an intruder can eavesdrop on all mobile-station-initiated traffic.Since the UMTS standard requires mutual authentication between the mobile station and the network, so far UMTS networks were considered to be secure against man-in-the-middle attacks. The network authentication defined in the UMTS standard depends on both the validity of the authentication token and the integrity protection of the subsequent security mode command.We show that both of these mechanisms are necessary in order to prevent a man-in-the middle attack. As a consequence we show that an attacker can mount an impersonation attack since GSM base stations do not support integrity protection. Possible victims to our attack are all mobile stations that support the UTRAN and the GSM air interface simultaneously. In particular, this is the case for most of the equipment used during the transition phase from 2G (GSM) to 3G (UMTS) technology.