Security analysis for 3g radio interface
Σκλια, Χρυσούλα Π.
SubjectΤηλεπικοινωνιακά συστήματα ; Ψηφιακή επικοινωνία ; Αρχιτεκτονική ηλεκτρονικών υπολογιστών ; Wireless communication systems -- Security systems ; Mobile communication systems
As the GSM technology evolved and mobile cellular technology has become very popular, security threats that exploited the main drawbacks of GSM have made their appearance. GSM was designed with a moderate level of security, where the subscriber is authenticated in the network. The Universal Mobile Telecommunication System (UMTS) in one of the Third Generation mobile cellular communication systems. UMTS in build on the success of the Second Generation GSM system, and also improves its security features. In the UMTS networks not only the user is authenticated to the network, but also the network is authenticated to the user. Despite the fact that some important security issues of GSM are addressed in UMTS, there are still some points of vulnerability. The TMSI and sometimes the IMSI is still transmitted over the network, making it possible to an attacker to collect various IMSIs and TMSIs using an IMSI catcher, and thus impersonate the user in the network. When this info is appropriately used by an adversary, denial of Service attacks may occur. Using the specific TMSIs an adversary can initiate a number of RRC Connections, which is the primary step for authenticating to the network. If the number of RRC Connections initiated is more than the limit that the network infrastructure can handle, this can cause a breakdown of the Node B and potentially the HLR, thus not being able to serve more calls. The object of study in this diploma thesis is the UMTS Network Security Architecture, specifically in the Radio Access Network (UTRAN). After analyzing the architecture of the UMTS Network and the UTRAN Security Architecture, we attempt to make an estimation of the max number of RRC connections that can be transmitted in the UTRAN Interface.