Enhanced privacy and authentication for the global system for mobile communications

Abstract

The Global System for Mobile Communications (GSM) is widely recognized as the modern digital mobile network architecture. Increasing market demands point toward the relevancy of security-related issues in communications. The security requirements of mobile communications for the mobile users include: (1) the authentication of the mobile user and Visitor Location Register/Home Location Register; (2) the data confidentiality between mobile station and Visitor Location Register, and the data confidentiality between Visitor Location Register and Visitor Location Register/Home Location Register (VLR/HLR); (3) the location privacy of mobile user. However, GSM does not provide enough security functions to meet these requirements. We propose three improved methods to enhance the security, to reduce the storage space, to eliminate the sensitive information stored in VLR, and consequently to improve the performance of the system. Proposed methods include an improved authentication protocol for the mobile station, a data confidentiality protocol, and a location privacy protocol. The merit of the proposed methods is to improve but not to alter the existing architecture of the system. Furthermore, this study also performs computational and capacity analyses to evaluate the original GSM system and proposed approaches on a comparative basis.