GSM-Security: A Survey and Evaluation of the Current Situation

Abstract: The Global System for Mobile Communications (GSM) is the most widely used cellular technology in the world. Approximately 800 million people around the world are using GSM for different purposes, but mostly for voice communication and SMS. For GSM, like many other widely used systems, security is crucial. The security involves mechanisms used to protect the different shareholders, like subscribers and service providers. The aspects of security that this report covers are mainly anonymity, authentication and confidentiality. The important aspects of the system that need protection are described, along with the implementation of mechanisms used for the protection. It appears that many of the very valuable aspects of GSM can be attacked. The anonymity of a GSM user is compromised resulting in the attacker being able to observe the time, rate, length, sources or destinations of e g calls. Even tracking a subscriber’s movements becomes possible. However, a passive attack is not sufficient to perform these attacks. The attacker needs to mount an active attack using equipment offering base station functionality. Authentication is a crucial aspect of a wireless communication system due to the nature of the medium used, i e the radio link that is available to every one and not only the legitimate entities. Even the authentication mechanisms are attacked. It is possible to clone a subscription either by having physical access to the smart card or over the air interface. Cloning a subscription over the air requires base station functionality. The most obvious threat against communication systems is eavesdropping on conversations. The privacy of GSM conversations is protected using some version of the A5 algorithm. There are several impressive cryptanalytical attacks against these algorithms, that break the encryption and make it possible to eavesdrop in real-time. Most of these algorithms require, however, extensive computation power and unrealistic quantities of known plaintext, which make it difficult to use them in practice. Difficulties using cryptanalytical attacks to break the confidentiality of GSM calls does not mean that conversations are well protected. Loopholes in the protocols used in GSM make it possible for an outsider, with access to sufficient equipment, to eavesdrop on conversations in real-time. In the presence of these threats and vulnerabilities it is justified to wonder whether GSM provides sufficient security for users with very valuable information to communicate. These users may be military organisations, senior management personnel in large companies etc. GSM’s current security model does note provide sufficient protection for these entities. An additional layer of security should be added to the current security model.