Cryptography Reference
In-Depth Information
Home
network
Roaming
Switching
and
routing
Interconnections
Other networks
(PSTN, Internet,
etc.)
4
7
*
5
8
0
6
9
#
Base
station
Figure 12.6.
Basic architecture of mobile telecommunications network
much in the same spirit as the guidelines for developing WLAN security that we
discussed in Section 12.2.2. It is widely rumoured that GSMwas not designed to go
further and provide
end-to-end security
(meaning security throughout the entire
path from source to destination) because governments were keen to maintain the
degree of intercept access that they have to the PSTN. This led to the following
specific security requirements:
Entity authenticationof the user
.Mobile operators need to have strong assurance
of the identity of users connecting with their services in order to reduce fraud.
This issue is much simpler to deal with in traditional telephone networks, since
a user needs to have physical access to the end of a telephone wire in order to
use the services.
Confidentiality on the radio path
. In simple terms, a mobile connection passes
'over the air' (the
radio path
) between the handset and a base station, after
which it is passed through a switching centre and enters the traditional PSTN
(see Figure 12.6). Thus in order to provide 'PSTN-equivalent security', the
main link for which GSM needs to provide additional security is the radio
path. Since this path is easily intercepted by anyone with a suitable receiver it
is necessary to provide confidentiality on this radio path.
Anonymity on the radio path
. GSM provides a degree of anonymity (confiden-
tiality of the identity of users) on the radio path in order to prevent an attacker
from linking the source of several intercepted calls. This is handled by using
