Term
41. List some components of a GSM network (9) |
|
Definition
• MS – Mobile station • BTS – Base Transceiver Stations • BSC – Base Station Controller • OMC – Operations and Maintenance Centre • MSC – Mobile Switching Centre • VLR – Visitors Location Register • HLR – Home Location Register • EIR – Equipment Identity Register • AUC – Authentication Centre |
|
|
Term
42. List some components of a UMTS network (11) |
|
Definition
• CN – Core Network • AN (UTRAN) – UMTS Terrestrial Radio Access Network • UE – User Equipment • BS are referred to as Node-B • RNC – Radio Network Controller • SGSN – Serving GPRS Support Node • GGSN – Gateway GPRS Support Node • SMS-GMSC – SMS Gateway Mobile Switching Centre • UICC – Universal Integrated Circuit Card • PSTN - Public Switching Telephone Network • MGW – Media Gateway - - Session Initiation Protocol |
|
|
Term
43. What are 5 security limitations of GSM |
|
Definition
• Only provides for access security – communications and signalling in fixed network portion are not protected • Does not address active attacks, whereby network elements may be impersonated • Lawful interception is an afterthought • Inflexibility to upgrade and improve security functions over time • No confirmation that encryption is on |
|
|
Term
44. What are 5 attacks on GSM |
|
Definition
• Eavesdropping • Impersonation of user • Impersonation of network • Man in the middle • Compromising authentication vectors in the network |
|
|
Term
45. 4 specific GSM security issues |
|
Definition
• Encryption terminated too soon • Clear transmission of cipher keys and authentication values within and between networks • Confidence in strength of algorithms • Use of false base stations |
|
|
Term
46. What is de-registration spoofing |
|
Definition
• The network can’t authenticate the messages it receives over the radio interface • The intruder spoofs a de-registration request (IMSI detach) to the network • The network deregisters the user from the visited location area and instructs the HLR to do the same. • The user subsequently cannot be reached for mobile terminated services. |
|
|
Term
|
Definition
International Mobile Subscriber Identity |
|
|
Term
48. What is location update spoofing: |
|
Definition
When an attacker spoofs a location update request from a different area than that which the user is currently roaming. |
|
|
Term
49. What is passive identity caching and how is it countered? |
|
Definition
If the network requests the users identity in plaintext, a modified MS can capture this information. Temporary identities (TMSI - Temporary Mobile Subscriber Identieis) makes this inefficient |
|
|
Term
Compromised cipher key works by |
|
Definition
User is enticed to camp on the false BTS / Ms. when a call is set-up the false BTS / MS forces the use of a compromised cipher key on the mobile user |
|
|
Term
51. Eavesdropping on user data by forcing the use of a compromised cipher key |
|
Definition
• An attack that requires a modified BTS/MS and the possession by the intruder of a compromised authentication vector and thus exploits the weakness that the user has no control the cipher key. • The target user is enticed to camp on the false BTS/MS. When the target user or the intruder set-up a service, the false BTS/MS forces the use of a compromised cipher key on the mobile user while it builds up a connection with the genuine network using its own subscription.
Countered by having a unique sequence number for each cipher key |
|
|
Term
52. Hijacking outgoing calls in networks with encryption disabled |
|
Definition
• This attack requires a modified BTS/MS. While the target user camps on the false base station, the intruder pages the target user for an incoming call. • The user then initiates the call set-up procedure, which the intruder allows to occur between the serving network and the target user, modifying the signaling elements such that for the serving network it appears as if the target user wants to set-up a mobile originated call. • The network does not enable encryption. After authentication the intruder cuts the connection with the target user, and subsequently uses the connection with the network to make fraudulent calls on the target user’s subscription. |
|
|
Term
53. Hijacking outgoing calls in networks with encryption enabled |
|
Definition
• This attack requires a modified BTS/MS. In addition to the previous attack this time the intruder has to attempt to suppress encryption by modification of the message in which the MS informs the network of its ciphering capabilities. |
|
|
Term
54. Hijacking incoming calls in networks with encryption disabled |
|
Definition
• This attack requires a modified BTS/MS. While the target user camps on the false base station, an associate of the intruder makes a call to the target user’s number. • The intruder acts as a relay between the network and the target user until authentication and call set-up has been performed between target user and serving network. The network does not enable encryption. • After authentication and call set-up the intruder releases the target user, and subsequently uses the connection to answer the call made by his associate. The target user will have to pay for the roaming leg. |
|
|
Term
55. Hijacking incoming calls in networks with encryption enabled |
|
Definition
• This attack requires a modified BTS/MS. In addition to the previous attack this time the intruder has to suppress encryption. |
|
|
Term
56. What are 8 principles of 3G Security |
|
Definition
• Mutual Authentication • Data integrity – signalling messages between MS and RNC are protected by integrity code • Network to Network Security – usually by using IPSec or similar • Security not limited to base stations includes as well RNCs • Temporary TMSI to secure International Mobile Subscriber Number (UMSI) • Visibility and Configurability • Exporting encryption algorithms • Lawful interception |
|
|
Term
57. What is the 3G Security model |
|
Definition
• Network access security – provide secure access to 3G services and protection for the (radio) access link • Network domain security – secures provider domain nodes to exchange signalling data, and defends the wireline network • User domain security – secures access to mobile stations • Application domain security – enables applications in the user and provider domains to exchange messages • Visibility and configurability of security – lets a user know which security features are active and which should be in use. |
|
|
Term
How does Authentication and Key Agreement work? |
|
Definition
• Mutual authentication • Establishes cipher and integrity keys • Maximum compatibility with GSM • Based on challenge-response protocol |
|
|
Term
59. What are the AKA pre-requisites |
|
Definition
• Auc and USIM share secret key, authentication functions and key generation functions • Auc must have random number generator • Auc has scheme to generate fresh sequence numbers • USIM checks sequence numbers |
|
|
Term
61. Interception terminology |
|
Definition
• Network based • Subject based • Target identity • Interception Area • Location Dependent interception |
|
|
Term
Why is there a lack of confidence in cryptographic algorithm? (5) |
|
Definition
- Lack of openness in design of A5/1 - Misplaced belief by regulator in the effectiveness of controls on the export or even the use of cryptography - Key length too short, but implementation faults made increasing key length difficult - Frames XORed with Key stream - Need to replace A5/1 but poor design support made replacement difficult |
|
|
Term
4 DOS attacks countered by 3G |
|
Definition
- De-reg spoofing - Location update spoofing - camping on a false BS - camping on a false BTS / MS |
|
|
Term
2 Type of attack for identity catching |
|
Definition
|
|
Term
Impersonation of the network attacks (3) |
|
Definition
- Suppressing Suppressing encryption between target user and intruder - Supressing encryption between target user and true network - Forcing use of a compromised key |
|
|
Term
What does 3G offer to prevent location spoofing attacks? |
|
Definition
Integrity protection of critical signalling messages protects against this attack. Data authentication and replay inhibition of the location update request allows the serving network to verify the location update request is legit |
|
|
Term
What does camping on a false BTS exploit? |
|
Definition
Weakness that a user can be enticed to camp om a false base station |
|
|
Term
What happens once a target user camps on the radio channels of a false base station? |
|
Definition
Target user is out of reach of the paging signals of the serving network |
|
|
Term
How does the 3g security architecture counteract this attack? (target user camps on the radio channels of a false base station) |
|
Definition
It doesn't. But the DOS only persists for as long as the attacker is active. |
|
|
Term
What does a modified BTS/MS exploit? |
|
Definition
user can be enticed to camp on a false base station |
|
|
Term
What is active identity caching? |
|
Definition
Intruder entices target user to camp on its false BTS and requests target user to send its permanent user ID in cleartext |
|
|
Term
What 3G measure stops ID caching? |
|
Definition
Identity confidentiality mechanism counteracts the attack by using an encryption key shared by a group of users to protect the user ID |
|
|
Term
How is encryption suppressed between target user and intruder? |
|
Definition
Target user is enticed to camp on the false BTS. When the intruder or target user initiates a service, the intruder does not enable encryption by spoofing the cipher mode command. |
|
|
Term
What 3G measure prevents suppressing encryption between the target user and intruder |
|
Definition
Mandatory cipher mode command with message authentication and replay inhibition to verify that encryption has not been supressed by the attacker |
|
|
Term
How is encryption suppressed between target user and true network |
|
Definition
User is enticed to camp on a false BTS / MS. The false BTS / MS modifies the ciphering capabilities of the MS to make it appear to the network that a geninue incompatibility exists between network and mobile station |
|
|
Term
3G counters suppression between target user and true network by doing what? |
|
Definition
Message authentication and replay inhibition allows the network to verify that encryption has not been suppressed by an attacker |
|
|
Term
Compromised cipher key works by |
|
Definition
Target user is enticed to camp on the false BTS / MS. When a call is setup the false BTS / MS forces use of a compromised cipher key on the mobile user |
|
|
Term
3G helps vs Compromised cipher key by |
|
Definition
The presence of a sequence number in the challenge which allows the USM to verify the freshness of the cipher key to help guard against forced re-use of a compromised authentication vector |
|
|
Term
How does eavesdropping on user data by suppressing encryption between the target user and the intruder |
|
Definition
The target user is enticed to camp on the false BTS. When the target user or intruder initiates a call, the network does not enable encryption by spoofing the cipher mode command. |
|
|
Term
Eavesdropping on user data by suppressing encryption between the target user and the intruder is helped by 3g because |
|
Definition
A mandatory cipher mode command with message authentication and replay inhibition allows the mobile to verify that encryption has not been suppressed by an attacker |
|
|
Term
3G counters suppression of encryption between target user and true network by |
|
Definition
Message authentication and replay inhibition of the mobile's cipher capabilities allows the network to verify that enc has not been suppressed by the attacker |
|
|
Term
How does user impersonation with compromised authentication vector work |
|
Definition
Intruder uses the data to impersonate the target user towards the network and the other party |
|
|
Term
How does 3G counter user impersonation with compromised authentication vector |
|
Definition
Presense of a sequence number in the challenge which means that authentication vectors cannot be re-used to authentication USIMs |
|
|
Term
How does user impersonation through eavesdropped auth response work |
|
Definition
Intruder eavesdrops on the authentication response sent by the user and reuses that when the same challenge is sent later on |
|
|
Term
User impersonation through eavesdropped auth response works by |
|
Definition
Intruder eavsdrops on the authentication response sent by the user and reuses that when the same challenge is sent later on. Subsequently cipher has to be avoided by any of the mechanisms described above. The intruder uses the eavesdropped response data to impersonate the target user towards the network and the other party |
|
|
Term
3G gets rid of user impersonation through eavesdropped auth response |
|
Definition
The presence of a sequence number in the challenge means that auth vectors cannot be re-used to auth USIMs |
|
|
Term
|
Definition
- Mutual Authentication - Data integrity - Network to Network security - Security not limited to base stations includes as well RNCs - Temporary TMSI to secure International Mobile Subscribers (UMSI) - Visibility and Configurability - At least one encryption algorithm exported on a world-wide basis (KASUMI) - Lawful interception |
|
|
Term
3 Generation Partnership Project Security overview (5) |
|
Definition
- Defeat false base station attacks - Key lengths increased to allow for stronger crypto algorithms - Mechanisms to support security within and between networks - Security is based within the switch rather than the base station - Integrity mechanisms for terminal identity (IMEI) - To ensure that info generated about a user is adequately protected against misuse - Ensure that the resources and services provided by networks are adequately protected against misuse |
|
|
Term
3GPP Security objectives (5) |
|
Definition
- To ensure security features are standardised and available - To ensure security features are standardised and available - To ensure that the level of protection afforded is better than contemporary fixed networks - To ensure security features & mechanisms can be extended and enhanced as necessary |
|
|
Term
What is the most boring subject in CNET338? |
|
Definition
|
|
Term
Why worry about security? |
|
Definition
(As a 3rd year Computer and Information security, I'm glad you asked...)
- There is no physical protection - Broadcast comms - Eavesdropping is easy - Injecting bogus messages into the network is easy - Replaying previously recording messages is easy - Illegitimate access to network and its services is easy - Denial of service is easy by jamming |
|
|
Term
The lack of inherent protection presents a problem. Physical connections between devices are replaced by what? |
|
Definition
|
|
Term
The fact that communications are broadcast presents another two problems, what are these? |
|
Definition
Transmissions can be overheard by anyone in range
Anyone can generate transmissions |
|
|
Term
What is computer security? (This one's a tough one) |
|
Definition
Confidentiality Integrity Availability |
|
|