加強GSM協定的安全

Abstract

GSM協定顯然不夠安全,在許多文章裡[10,15,38,42]都已經探討過了.它所 包含的缺點,有下列幾點: 1.位置隱私有漏洞:手機在第一次存取網路或 是換手(handover)的情況,如果舊的VLR無法正常運作時,新的VLR可以要求 手機送出IMSI,以便向HLR要求認證的資訊.在這兩種情況都會暴露手機真 正的位置,無法滿足位置隱私的要求. 2.手機無法對VLR做認證:在通信 協定裡,我們總是希望能認證對方的身分,以防對方是假冒的.在目前的 GSM,只做到VLR對手機的認證. 3.網路主機間不做認證:在GSM裡,假設通 信的通道是安全的,所以網路主機間是相互信賴的,但是網路發達的今天, 通道是非常不安全的,所以我們認為網路主機間做認證是需要的.除了這些 缺點之外,由於手機盜拷的情況蠻嚴重,而GSM的協定並沒有考慮到這種情 況,因此在我們的協定內也將改善這個弱點. 在這篇文章裡我們提出我 們的方法,針對GSM協定的缺失加以改進,包括手機對VLR做認證,HLR和VLR 以及VLR和VLR之間做認證,另外還有跨領域的認證,位置的隱藏,手機盜拷 的偵測以及位置的隱藏所引發計帳的問題,提出解決的方法.設計這個協定 是基於GSM系統,做最少的修改,不希望增加手機的硬體成本,儘量減少手機 的計算量以節省電源以及盡量少的傳輸次數,而能解決以上所敘述的問題. 除此之外,我們的協定是一層層增加它的功能,你可以視實際的情況需要, 來增強協定的安全性. In the GSM protocol, there are some weaknesses discussed in the literature[10,15,38,42]. These weaknesses are shown below: 1. There are some holes in location privacy. In GSM, when a mobile station accesses network resource in the first time, or in the handover situation if the new VLR cannot connect to theold VLR, it cannot get the authentication information of mobile station from the old one. The new VLR then asks the mobile station to send its IMSIfor getting its authentication information from HLR. Apparently, both casesexpose the current location of the mobile station so that it does not satisfythe requirement of location privacy. 2.Mobile stations donot authenticateVLR. In the communication protocol, we hope to get mutual authenticationto avoid forging one. In GSM, only VLR authenticates MS but MS does not authenticate VLR. 3.Network hosts donot authenticate each other. In GSM, it is assumed that the channel is secure, hence, hosts trust each other. Dueto the development of network, the channel becomes less secure. Furthermore, the third party can fake as some host to cheat others. Therefore we thinkthat authentication between hosts is necessary. In addition to the above weakness, GSM protocol doesnot detect cloning. So we are going propose our mechanism to prevent cloning. In this thesis, we propose schemes to improve security of GSM, such as authentication of MS to VLR, authentication between HLR and VLR, inter-domain authentication, location privacy and clone prevention. We design the protocols based on GSM and hope to resolve those weaknesses under three conditions with least modification: not to add the haredware cost, to minimize the amount of computation, and the amount of communication.