Hey Guys tomorrow I have an exam of Wireless Communication,I am just reading a book of it and I just think about this technique which I am sharing here...
When 1G or AMPS network invited, it has so many vulnerabilities like eavesdropping and handset cloning because it was work on analog domain. But 2G network works on digital and uses different sort of encryption algorithm to protect the data.
Here I am going to give you some brief idea about the GSM architecture...
MS-Mobile Station
BTS-Base Transceiver Station
MSC-Mobile services Switching Center
ISDN-Integrated Services Digital Network
GSM network use some authentication process which allows to SIM (Subscriber Identity Module) to enter into the network, because mobile can detect all the signals of all operators but your cell phone can connect to the network of that appropriate service provider. SIM has some flash memory also in which it stores information (contacts and messages) and programming which contains a temporary cipher key for encryption, Temporary Subscriber Identity(TIMSI), International Mobile Subscriber Identity (IMSI), PIN (Personal Identification Number) and a PUK (PIN unblocking key).
Here SIM stores a 128-bit authentication key provided by the service provider, IMSI is a unique 15-digit number that has a three part.
3 digits of Mobile Country Code (MCC)
10 digits of Mobile Network Code(MNC)
2 digits of Mobile Subscriber Identity (MSIN)
Here interface of the handset to BTS is encrypted by A5 algorithm so we can not do any thing between this layer, but the interface of the BTS to BSC and BSC to MSC is usually does not encrypted, so if someone start sniffing on this link than its easy.
So this is the main hole in GSM network....
When 1G or AMPS network invited, it has so many vulnerabilities like eavesdropping and handset cloning because it was work on analog domain. But 2G network works on digital and uses different sort of encryption algorithm to protect the data.
Here I am going to give you some brief idea about the GSM architecture...
 |
VLR-Visited Location Register
HLR-Home Location Register
AuC-Authentication Center
EIR-Equipment Identity Register
BSC-Base Station Controller
PSTN-Public Switched Telephone Network
SIM-Subscriber Identity ModuleMS-Mobile Station
BTS-Base Transceiver Station
MSC-Mobile services Switching Center
ISDN-Integrated Services Digital Network
GSM network use some authentication process which allows to SIM (Subscriber Identity Module) to enter into the network, because mobile can detect all the signals of all operators but your cell phone can connect to the network of that appropriate service provider. SIM has some flash memory also in which it stores information (contacts and messages) and programming which contains a temporary cipher key for encryption, Temporary Subscriber Identity(TIMSI), International Mobile Subscriber Identity (IMSI), PIN (Personal Identification Number) and a PUK (PIN unblocking key).
Here SIM stores a 128-bit authentication key provided by the service provider, IMSI is a unique 15-digit number that has a three part.
3 digits of Mobile Country Code (MCC)
10 digits of Mobile Network Code(MNC)
2 digits of Mobile Subscriber Identity (MSIN)
Here interface of the handset to BTS is encrypted by A5 algorithm so we can not do any thing between this layer, but the interface of the BTS to BSC and BSC to MSC is usually does not encrypted, so if someone start sniffing on this link than its easy.
So this is the main hole in GSM network....
0 comments:
Post a Comment