Abstract
In this study security of internet access over the Third Generation (3G) telecommunication systems is considered and Universal Mobile Telecommunications System (UMTS) is selected as the most popular system among 3G systems. The study then focuses on network access security mechanism of UMTS, called Authentication and Key Agreement (AKA). In addition, twenty types of important attacks and threats in UMTS system are presented and classified based on three major security factors; authentication, confidentiality, and data integrity. The evaluations finally show that the authentication factor is more interesting than other factors for hackers. Then, we describe four attacks named; man-inthe-middle, denial of service, identity catching, and redirection as the most significant attacks against authentication mechanism. Furthermore, we provide some solutions and methods to improve AKA mechanism and prevent these attacks in UMTS system.
Highlights
The Third Generation (3G) plan for cellular communications enables to provide global roaming, high transfer rates and modern value added services such as internet access, e/m-commerce, Global Positioning System (GPS), mobile payment and Multimedia Messaging Services (MMS) using audio and video
A MiM attack is defined as an attack in which the intruder is able to read and write messages communicated between two parties of network without either party being conscious of this fact
The focus was on authentication mechanism, called Authentication and Key Agreement (AKA) as important security mechanism in this system
Summary
The Third Generation (3G) plan for cellular communications enables to provide global roaming, high transfer rates and modern value added services such as internet access, e/m-commerce, Global Positioning System (GPS), mobile payment and Multimedia Messaging Services (MMS) using audio and video. The Second Generation (2G) mobile system (for instance GSM) was designed and presented such that it provides security similar to that of eavesdropping in fixed phones, and to protect against cloning of mobile identities. Cipher keys and authentication data are transmitted in clear between and within networks. Weak cryptographic (at present lots of successful attacks have been published on A5/1 and especially A5/2) and short cipher key size (64 bit). 3G defined the UMTS system to improve security of communication systems It provides a high level of security in comparison with GSM. It prepares significant improvements to overcome the vulnerabilities in the 1G and 2G systems These improvements include mutual authentication, freshness and liveliness assurance of AKA, sufficient and suitable Integrity Key (IK) and Cipher Key (CK) sizes (128 bits) and data integrity of signalling messages in radio interface.
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Network Security & Its Applications
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
