Secure End-to-End Communications in Mobile Networks

Abstract

Cellular communication has become an important part of our daily life. Besides using cell phones for voice communication, we are now able to access the Internet, conduct monetary transactions, send voice, video and text messages and new services continue to be added. The frequencies over which voice is transmitted are public, so voice encryption is necessary to avoid interception of the signal over the air. But once the signal reaches the operators Base Station (BS), it will be transmitted to the receiver over a wired or wireless mean. In either case, no protection is de ned. This does not seem a problem, but this is not true. Along the path across operator network, voice is at risk. It will only be encrypted again, with a di erent key, from the BS to the receiver if the receiver is herself a mobile user. Moreover, voice encryption is not mandatory. The choice whether or not to accept an unprotected communication is up to the network. When adopted, the same encryption algorithm is used for sending SMS messages between mobile telephones and base stations and for encrypting of calls. Unfortunately, vulnerabilities in this encryption systems were already revealed more than 10 years ago and more continue to be discovered. Currently the most popular communication technologies are the GSM and the UMTS. The UMTS is in use as a successor to GSM. Along with mobile phone services, It provides rapid data communication. The security algo- rithms in UMTS di ers from GSM in two important ways: encryption and mutual authentication. Although security standards have been improved, the end- to-end security is not provided... [edited by Author]