Network security of Mobile Communication

Source: Internet
Author: User

I. Network Security of the first generation of mobile communication

The first-generation mobile communication system provides network security protection by assigning each mobile phone a unique electronic serial number (ESN) and a network-encoded mobile ID number (MIN. When the user (MS) needs to access the network, the phone will automatically send their ESN and MIN to the network. If the ESN and MIN of the mobile phone match the ESN and MIN of the network, the network can be connected. Then, the ESN and MIN of the network can be used to become a legal user at no cost.

Ii. Network Security of the second generation of mobile communication (GSM)

1. authentication process of GSM.

(1) When MS requests a service, it first sends a request to the access Location Register (VLR) of the mobile exchange center to access the network.

(2) If MS is not registered in VLR, when he requests the service, VLR will go to the authentication center (AUC) to which MS belongs) request authentication triplet (random number RAND expected response SRES session key Kc ).

(3) AUC will then issue an authentication triple to VLR.

(4) When VLR has an authentication triplet, a random number (RAND) is sent to MS ).

(5) After MS receives the RAND, it performs encryption operations with the shared key Ki and the authentication algorithm A3 solidified in the SIM card on the mobile phone to obtain a response result, SRES, and send it back to MSC/VLR. At the same time, VLR performs the same operation and obtains a corresponding SRES.

(6) VLR compares the received SRES with the SRES calculated in VLR. If they are the same, authentication is successful and the MS requested service can continue; otherwise, then the MS service is denied.

2. GSM encryption process.

(1) When the network passes the authentication for MS, MS will continue to encrypt the key Ki and the authentication algorithm A8, which are fixed in the SIM card of the mobile phone with the RAND, obtain a session key (Kc ).

At the same time, VLR performs the same operation and obtains the same Kc.

(2) When both parties need to talk, the same Kc decryption can be used after the wireless port is encrypted with Kc. This not only ensures the security of each call, but also completes the Authentication Encryption.

Iii. Network Security of the third-generation mobile communication (UMTS)

1. UMTS authentication process.

(1) MS first sends a service request to VLR in the network. If MS is not registered in HLR/VLR, VLR requests authentication to the AUC of MS (random RAND, expected response XRES, encryption key CK, integrity key IK and authentication token AUTN ).

(2) AUC finds Ki, SQN, AMF, and other parameters of MS in the database table based on the IMSI Number of MS, and generates several random numbers (RAND, calculate XRES, CK, IK, and AUTN and send them to VLR.

(3) VLR/SGSN sends an authentication operation and sends a random number RAND China Union Network Communication Co., Ltd. Henan branch and the authentication token AUTN to the mobile phone.

(4) the mobile phone system obtains its own AUTN using the f1 Algorithm Based on Ki, RAND, and then verifies whether the two autns are equal.

(5) the mobile phone system obtains the response number RES through the f2 Algorithm Based on Ki, RAND, and obtained the encryption key CK through the f3 algorithm, and obtained the integrity key IK through the f4 algorithm, and transmit the calculated response number RES to VLR/SGSN.

(6) Compare VLR/SGSN with its XRES Based on the RES of MS.

2. UMTS encryption process.

(1) When the two-way authentication between the network and MS passes, the mobile phone already has CK and IK, and the network side obtains the encryption key CK through the same f3 Algorithm Based on Ki, RAND, the f4 algorithm obtains the integrity key IK.

(2) When both parties need to call, the wireless port uses the encryption key (CK) for encryption and the encryption key (IK) for Integrity protection, the same encryption key (CK) can be used for decryption, And the Encrypted Key (IK) can be used to verify information integrity.

Iv. Comparison of security between the second generation and the third generation mobile communication

1. security risks in the GSM system.

(1) authentication is one-way. Only the network authenticates MS and has security vulnerabilities.

(2) encryption is not end-to-end. It is only encrypted in the wireless channel (that is, between MS and BTS ). There is no encryption in the fixed network (transmitted in plain text), giving attackers the opportunity.

(4) the encryption key used in GSM is 64-bit in length and can be cracked within a short period of time.

2. The security mechanism introduced by UMTS network.

Two-way authentication is implemented, and integrity protection of access link signaling data is provided. The length of the key is increased to bits, and data encryption of the 3GPP access link is extended to the Wireless Access Controller (RNC ).

V. Future of mobile communication system security

The security risks of 3G mobile networks have aroused concern in the fourth generation of mobile communication systems (4G. The 4G mobile network is based on a multi-layer cellular structure. It provides multimedia services by many service providers and network operators through multiple wireless interfaces. It can also receive and obtain terminal calls.

It can establish the most effective communication path between multiple running networks (platforms) or multiple wireless interfaces, and locate and track them in real time.

During the entire mobile communication process, the 4G mobile network maintains a good seamless connection capability, ensuring the high quality and high speed of data transmission;

Various specialized access systems work in the optimal way, and k maliciously meets the communication needs of different MS. When a multi-mode terminal is connected to the system, the network automatically allocates bandwidth and provides the optimal route to achieve the optimal communication effect.

Therefore, the author believes that it is of great significance to implement network security in the 4G mobile network system as soon as possible. It will be the best path to the future wireless and mobile communication systems.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.