Shared Flashcard Set

Details

Security of Mobile Systems
Limitations of GSM security
12
Computer Science
Undergraduate 4
04/27/2012

Additional Computer Science Flashcards

 


 

Cards

Term
What does GSM provide security for?
Definition
Just access security
Term
What was the purpose of designing GSM?
Definition
To be as secure as wired networks
Term
When was lawful interception considered?
Definition
As an afterthought
Term
Where the limitations of GSM considered?
Definition
Negative
Term
Why was radio channel hijack still a problem?
Definition
Because it relies on encryption, but encryption isn't necessarily used
Term
Where is trust misplaced?
Definition
Terminal identity, it's an unsecured environment
Term
GSM is inflexible, what does this mean?
Definition
Hard to upgrade and improve security function over time
Term
Visibility...
Definition
There is none that security is being applied
Term
There's 4 problems with the crypto, what are they?
Definition
Lack of opennes in design of A5/1

Misplaced belief in the effectiveness of crypto

Key length is too short but hard to be updated

THe frames are XORed with the keystream
Term
Summarise the limitations of GSM Security (9)
Definition
There's only access security

Not addressing active attacks

Only as secure as fixed networks

Lawful interception was an afterthought

The encryption that was needed to guard against radio channel hijack isn't necessarily used

Trust in the terminal identity is misplaced

Inadequate flexibility to upgrade and improve security

Lack of visibility

Shit crypto
Term
Weaknesses of GSM
Definition
- Cryptography ended too quickly
- Shit crypto
- You can camp on a false BTS
- Network keys are sent in cleartext
Term
Attacks on GSM
Definition
- Eavesdropping
- Impersonation of user
- Impersonation of network
- Man in the middle
- Compromising auth vectors
Supporting users have an ad free experience!