Retrofitting Mutual Authentication to GSM Using RAND Hijacking

Mohammed Khan; Christopher J Mitchell

doi:10.1007/978-3-319-46598-2_2

Retrofitting Mutual Authentication to GSM Using RAND Hijacking

Mohammed Khan, Christopher J Mitchell

Department of Information Security

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

163 Downloads (Pure)

Abstract

As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal explicitly designed to enhance GSM authentication that could be deployed without modifying any of the existing network infrastructure.

Original language	English
Title of host publication	Security and Trust Management
Subtitle of host publication	12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings
Editors	Gilles Barthe, Evangelos Markatos, Pierangela Samarati
Publisher	Springer-Verlag
Pages	17-31
Number of pages	15
ISBN (Electronic)	978-3-319-46598-2
ISBN (Print)	978-3-319-46597-5
DOIs	https://doi.org/10.1007/978-3-319-46598-2_2
Publication status	Published - 17 Sept 2016

Publication series

Name	Lecture Notes in Computer Science
Publisher	Springer-Verlag
Volume	9871
ISSN (Print)	0302-9743

Access to Document

10.1007/978-3-319-46598-2_2

Accepted ManuscriptAccepted author manuscript, 240 KB

Cite this

Khan, M., & Mitchell, C. J. (2016). Retrofitting Mutual Authentication to GSM Using RAND Hijacking. In G. Barthe, E. Markatos, & P. Samarati (Eds.), Security and Trust Management: 12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings (pp. 17-31). (Lecture Notes in Computer Science; Vol. 9871). Springer-Verlag. https://doi.org/10.1007/978-3-319-46598-2_2

Khan, Mohammed ; Mitchell, Christopher J. / Retrofitting Mutual Authentication to GSM Using RAND Hijacking. Security and Trust Management: 12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings. editor / Gilles Barthe ; Evangelos Markatos ; Pierangela Samarati. Springer-Verlag, 2016. pp. 17-31 (Lecture Notes in Computer Science).

@inproceedings{003aa6dfc1224f0787858ae6541f96b2,

title = "Retrofitting Mutual Authentication to GSM Using RAND Hijacking",

abstract = "As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal explicitly designed to enhance GSM authentication that could be deployed without modifying any of the existing network infrastructure.",

author = "Mohammed Khan and Mitchell, {Christopher J}",

year = "2016",

month = sep,

day = "17",

doi = "10.1007/978-3-319-46598-2_2",

language = "English",

isbn = "978-3-319-46597-5",

series = "Lecture Notes in Computer Science",

publisher = "Springer-Verlag",

pages = "17--31",

editor = "Gilles Barthe and Evangelos Markatos and Pierangela Samarati",

booktitle = "Security and Trust Management",

}

Khan, M & Mitchell, CJ 2016, Retrofitting Mutual Authentication to GSM Using RAND Hijacking. in G Barthe, E Markatos & P Samarati (eds), Security and Trust Management: 12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings. Lecture Notes in Computer Science, vol. 9871, Springer-Verlag, pp. 17-31. https://doi.org/10.1007/978-3-319-46598-2_2

Retrofitting Mutual Authentication to GSM Using RAND Hijacking. / Khan, Mohammed; Mitchell, Christopher J.
Security and Trust Management: 12th International Workshop, STM 2016, Heraklion, Crete, Greece, September 26-27, 2016, Proceedings. ed. / Gilles Barthe; Evangelos Markatos; Pierangela Samarati. Springer-Verlag, 2016. p. 17-31 (Lecture Notes in Computer Science; Vol. 9871).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

TY - GEN

T1 - Retrofitting Mutual Authentication to GSM Using RAND Hijacking

AU - Khan, Mohammed

AU - Mitchell, Christopher J

PY - 2016/9/17

Y1 - 2016/9/17

N2 - As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal explicitly designed to enhance GSM authentication that could be deployed without modifying any of the existing network infrastructure.

AB - As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal explicitly designed to enhance GSM authentication that could be deployed without modifying any of the existing network infrastructure.

UR - http://arxiv.org/abs/1607.00729

UR - http://www.chrismitchell.net/Papers/rmatgu2.pdf

U2 - 10.1007/978-3-319-46598-2_2

DO - 10.1007/978-3-319-46598-2_2

M3 - Conference contribution

SN - 978-3-319-46597-5

T3 - Lecture Notes in Computer Science

SP - 17

EP - 31

BT - Security and Trust Management

A2 - Barthe, Gilles

A2 - Markatos, Evangelos

A2 - Samarati, Pierangela

PB - Springer-Verlag

ER -

Retrofitting Mutual Authentication to GSM Using RAND Hijacking

Abstract

Publication series

Access to Document

Other files and links

Cite this