Enhanced privacy and authentication for the global system for mobile communications

Wireless Networks - 1999
Chii‐Hwa Lee1, Min‐Shiang Hwang2, Wei‐Pang Yang1
1Department of Computer and Information Science, National Chiao Tung University, Hsinchu, Taiwan
2Department of Information Management, Chao Yang University of Technology, WuFeng, Taiwan, ROC

Tóm tắt

The Global System for Mobile Communications (GSM) is widely recognized as the modern digital mobile network architecture. Increasing market demands point toward the relevancy of security‐related issues in communications. The security requirements of mobile communications for the mobile users include: (1) the authentication of the mobile user and Visitor Location Register/Home Location Register; (2) the data confidentiality between mobile station and Visitor Location Register, and the data confidentiality between Visitor Location Register and Visitor Location Register/Home Location Register (VLR/HLR); (3) the location privacy of mobile user. However, GSM does not provide enough security functions to meet these requirements. We propose three improved methods to enhance the security, to reduce the storage space, to eliminate the sensitive information stored in VLR, and consequently to improve the performance of the system. Proposed methods include an improved authentication protocol for the mobile station, a data confidentiality protocol, and a location privacy protocol. The merit of the proposed methods is to improve but not to alter the existing architecture of the system. Furthermore, this study also performs computational and capacity analyses to evaluate the original GSM system and proposed approaches on a comparative basis.

Từ khóa


Tài liệu tham khảo

A. Aziz and W. Diffie, Privacy and authentication for Wireless Local Area Networks, IEEE Personal Communications (First Quarter 1994) 25–31.

J. Beheim, Security first in Europe's mobile communication, Telecom Report International 17(1) (1994) 31–34.

M.J. Beller, L.F. Chang and Y. Yacobi, Privacy and authentication on a portable communications system, IEEE Journal on Selected Areas in Communications 11 (August 1993) 821–829.

V. Bharghavan, Secure wireless LANS, in: ACM Conference on Computer and Communications Security (November 1994) pp. 10–17.

D. Brown, Techniques for privacy and authentication in personal communication systems, IEEE Personal Communications (August 1995) 6–10.

U. Carlsen, Optimal privacy and authentication on a portable communications system, ACM Operation System Review (July 1994) 16–23.

C. D'echaux and R. Scheller, What are GSM and DCS, Electrical Communication (2nd Quarter 1993) 118–127.

D.E.R. Denning, Cryptography and Data Security (Addison-Wesley, Reading, MA, 1982).

W. Diffie and M.E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory 22 (1976) 644–654.

European Telecommunications Standards Institute, GSM 03.20: Security Related Network Functions (June 1993).

European Telecommunications Standards Institute, GSM 02.09: Security Aspects (June 1993).

Y. Frankel et al., Security issues in a CDPD wireless network, IEEE Personal Communications (August 1995) 16–27.

R. Hagen, Security requirements and their realization in mobile networks, in: Proc. 14th International Switching Symposium '92, Vol. 1 (October 1992) pp. 127–131.

S.R. Hall and D.P. Maher, Closing in on wireless privacy, AT&T Technology 8(3) (1993) 22–25.

L. Harn and H.Y. Lin, Modification to enhance the security of the GSM protocol, in: Proc. of the 5th National Conference on Information Security, ROC (May 1995) pp. 74–76.

M.S. Hwang and W.P. Yang, Conference key distribution schemes for secure digital mobile communications, IEEE Journal on Selected Areas in Communications 13(2) (February 1995) 416–420.

M.S. Hwang and C.H. Lee, Authenticated key-exchange in mobile radio network, European Transactions on Telecommunications 8(3) (May/June 1997) 265–269.

T. Hwang, Scheme for secure digital mobile communications based on symmetric key cryptography, Information Processing Letters (1993) 35–37.

C.H. Lee, M.S. Hwang and W.P. Yang, Phone card application and authentication in wireless communications, in: Mobile Communications – Technology, Tools, Applications, Authentication and Security (Chapman and Hall, London, 1996) pp. 323–329.

Y.B. Lin, Introduction to Mobile Network Management, National Chiao Tung University Series in Telecommunications, Taiwan, ROC (1997).

B. Mallinder, An overview of the GSM system, in: Proc. Digital Cellular Radio Conf. (October 1988).

R. Molva, D. Samfat and G. Tsudik, Authentication of mobile users, IEEE Network (March/April 1994) 26–34.

M. Mouly and M.B. Pautet, The GSM System for Mobile Communications (1992).

I. Nurkic, Difficulties in Achieving Security in Mobile Communications, in: Mobile Communications – Technology, Tools, Applications, Authentication and Security (Chapman and Hall, London, 1996) pp. 277–284.

M. Rahnema, Overview of the GSM system and protocol architectures, IEEE Communication Magazine 31(4) (April 1993).

S.P. Shieh, C.T. Lin and J.T. Hseuh, Secure communication in global systems for mobile telecommunications, in: Proc. 1st Workshop on Mobile Computing, ROC (1995) pp. 136–142.

J.K. Wey, H.C. Chang, L.F. Sun and W.P. Yang, Clone terminator: An authentication service for advanced mobile phone system, in: Proceedings of 45th IEEE Vehicle Technology Conference, Chicago (1995) pp. 175–179.

J.E.Wilkes, Privacy and authentication needs of PCS, IEEE Personal Communications (August 1995) 11–15.

E. Zuk, GSM security features, Telecommunication Journal of Australia 43(2) (1993) 26–31.

Thông tin
Thông tin xuất bản

Wireless Networks

Thông tin tác giả