On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks

Ulrike Meyer, Susanne Wetzel

Research output: Contribution to conferencePaperpeer-review

57 Scopus citations

Abstract

GSM suffers from various security weaknesses: Just recently, Barkan, Biham and Keller presented a cipher-text-only attack on the GSM encryption algorithm A5/2 which recovers the encryption key from a few dozen milliseconds of encrypted traffic within less than a second. Furthermore, it is well-known that it is possible to mount a man-in-the-middle attack in GSM during authentication which allows an attacker to make a victim mobile station authenticate itself to a fake base station which in turn forwards the authentication traffic to the real network, thus impersonating the victim mobile station to a real network and vice versa. In this paper we discuss the impact of GSM encryption attacks, that recover the encryption key, and the man-in-the-middle attack on the security of networks, which employ UMTS and GSM base stations simultaneously. We suggest to protect UMTS connections from GSM attacks by integrating an additional authentication and key agreement on intersystem handovers between GSM and UMTS.

Original languageEnglish
Pages2876-2883
Number of pages8
StatePublished - 2004
Event2004 IEEE 15th International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2004 - Barcelona, Spain
Duration: 5 Sep 20048 Sep 2004

Conference

Conference2004 IEEE 15th International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2004
Country/TerritorySpain
CityBarcelona
Period5/09/048/09/04

Keywords

  • Attack
  • GSM
  • Handover
  • Security
  • UMTS

Fingerprint

Dive into the research topics of 'On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks'. Together they form a unique fingerprint.

Cite this