Retrofitting mutual authentication to GSM using RAND hijacking
Mohammed Shafiul Alam Khan, Chris J Mitchell
TL;DR
This paper introduces a novel method to retrofit mutual authentication into GSM networks by modifying SIMs and authentication centers, enhancing security without altering existing infrastructure.
Contribution
It presents a new approach that enables mutual authentication in GSM without changing the existing mobile infrastructure, using RAND hijacking.
Findings
Addresses GSM vulnerabilities through a transparent modification.
Requires only updates to SIMs and authentication centers.
First proposal to add mutual authentication transparently.
Abstract
As has been widely discussed, the GSM mobile telephony system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. This paper proposes a novel modification to the relationship between a Subscriber Identity Module (SIM) and its home network which allows mutual authentication without changing any of the existing mobile infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. This enhancement, which could be deployed piecemeal in a completely transparent way, not only addresses a number of serious vulnerabilities in GSM but is also the first proposal for enhancing GSM authentication that possesses such transparency properties.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsAdvanced Authentication Protocols Security · User Authentication and Security Systems · IPv6, Mobility, Handover, Networks, Security