22 Mart 2013 Cuma

LTE Security


Based mobile networks supporting a rapidly growing number of computationally powerful devices  such as  smartphones and tablets is changing the mobile security landscape and will fundamentally 
change the way we perceive and deal with mobile security. Mobile networks are becoming more

pervasive, more widely used, and more deeply connected to other network.
 
Devices and the core network are most heavily targeted parts of the mobile network.



Basicaly we can separate the security as for subscriber authentication and attacking to mobile to core devices.

Authentication procedures use very complex algorithms, personally it is not a big threat for mobile operators. By the way, we are starting with authentication very briefly

Authentication
   
Operators like Verizon in USA are using 3GPP  SNOW 3G Specification for Confidentiality and Integrity Algorithms UEA2 & UIA2, 128-EEA1 & 128-EIA1.
  
SIM means Subscriber Identity Module (SIM). All wireless mobile technologies have different type of SIM cards. For example,USIM is using in 3G Sim cards with Milenage Authentication. Before 3G, we were using A3 and A8 authentication algorithms. 

A3/A8 had some weakness, that enable attackers to break the encryption key in less than one second, breaching customer’s identity and allowing billing fraud and  putting telecom operators in a serious legal situation.

The older SIM cards are not compatible and may not be used in LTE.

Security the keys used are128 bits in LTE.












  
Important: Mobile Phone has to support SNOW 3G algorithm.



















 Securing LTE Backhaul


 
Most attacks will be directed at the mobile core network, external sites, and subscriber data and devices, but they can also be more limited in scope and target a single eNB or a group of nearby eNBs (eNB identity spoofing and impersonation).Tampering, traffic hijacking, eavesdropping, DoS,compromised control data,unauthorized access,and loss of accountability of the control plane are the biggest threats to the core network.

To secure traffic,as an my personal opinions based on my researches an IPsec tunnel has to be established between the eNB,and the MME, SGW and O&M in the core network over the user,control and management plane, and terminated at a SEG (security gateways) that sits at the border of the trusted area.







REFERENCES
http://www.mcit.gov.sa/nr/rdonlyres/d762830c-fbe7-4b36-aafc-780cfbafc92c/0/paper36.pdf 
http://www.3gpp.org/ftp/Information/presentations/presentations_2011/2011_05_Bangalore/DZBangalore290511.pdf
http://support.verizonwireless.com/faqs/VZAccess/4g_sim_card.html
http://security.stackexchange.com/questions/21395/how-is-4g-lte-encrypted
http://www.etsi.org/index.php/services/security-algorithms/3gpp-algorithms
http://www.authentec.com/Products/EmbeddedSecurity/SemiconductorIP/3G4GLTECiphers.aspx
http://itmf.uga.edu/minutes/2011-03-03/verizon_presentation.pdf
http://www.embedded.com/electronics-products/electronic-product-reviews/ip-eda-products/4212398/Elliptic-launches-security-processing-engine-for-4G-wireless-markets
http://www.radio-electronics.com/info/cellulartelecomms/lte-long-term-evolution/lte-security-authentication.php
http://www.sciencedirect.com/science/article/pii/S0140366410003105
http://www.slideshare.net/aliirfan04/lte-security-overview
http://www.f5.com/pdf/white-papers/wireless-security-lte-networks-wp.pdf
http://internetandwebsecurity.blogspot.com/2010/10/radisys-introduces-carrier-grade-lte.html
http://www.tellabs.com/resources/papers/tlab_ipsec_wp.pdf

0 yorum :

Yorum Gönder