Abstract
GSM suffers from various security weaknesses: Just recently, Barkan, Biham and Keller presented a cipher-text-only attack on the GSM encryption algorithm A5/2 which recovers the encryption key from a few dozen milliseconds of encrypted traffic within less than a second. Furthermore, it is well-known that it is possible to mount a man-in-the-middle attack in GSM during authentication which allows an attacker to make a victim mobile station authenticate itself to a fake base station which in turn forwards the authentication traffic to the real network, thus impersonating the victim mobile station to a real network and vice versa. In this paper we discuss the impact of GSM encryption attacks, that recover the encryption key, and the man-in-the-middle attack on the security of networks, which employ UMTS and GSM base stations simultaneously. We suggest to protect UMTS connections from GSM attacks by integrating an additional authentication and key agreement on intersystem handovers between GSM and UMTS.
Original language | English |
---|---|
Pages | 2876-2883 |
Number of pages | 8 |
State | Published - 2004 |
Event | 2004 IEEE 15th International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2004 - Barcelona, Spain Duration: 5 Sep 2004 → 8 Sep 2004 |
Conference
Conference | 2004 IEEE 15th International Symposium on Personal, Indoor and Mobile Radio Communications, PIMRC 2004 |
---|---|
Country/Territory | Spain |
City | Barcelona |
Period | 5/09/04 → 8/09/04 |
Keywords
- Attack
- GSM
- Handover
- Security
- UMTS