Documente Academic
Documente Profesional
Documente Cultură
An Approach for Implementing Security between Base Stations in Cellular Communication System
Nusrat Sharmin and Farhana Haider
AbstractAccording to Cellular Communication System cellular wireless networks are more vulnerable to unauthorized access and eavesdropping. The existing security algorithms ensure the security of voice signals between the mobile station and base station and authentication of users while the transmission of the voice signals in between base stations are not secured that means the traffic is transitted in plain text after base stations. This paper concentrates on the secured transmission of voice signals in cellular communication system. Vulnerabilities of the current GSM architecture are ensured and proposed a security mechanism using private and public key cryptography. A comparative analysis is given at the end of the paper by considering factors like cost, efficiency and performance in comparison with the existing security techniques Index TermsBTS, GSM, MS, RSA, Symmetric Key Cryptography.
1 INTRODUCTION
ellular communication is one of the most important feature of digital communication system. The special requirement of communication system is Security. GSM network was designed to be a secure mobile phone system with strong subscribers authentication and overthe air transmission encryption [1]. From mobile station to base station that means the air part of a GSM communication is encrypted. The signal is decrypted at the base station and then transmitted in clear text across the network [1], [2], [3], [4]. That means the intruder will be able to listen to voice signals if they can access the operators signaling network by using required powerful equipments [1]. Especially over the fixed network the security of GSM is not guaranteed [4]. Since, the voice signals are not encrypted when they are transmitted between BTSs. The proposed system encrypts voice signals to ensure the security between base stations. Crptography means the technique, method and science of keeping message secure. A cryptography Algorithm, also called a cipher, is the mathematical function used for encryption and decryption. The proposed system is based on two types of cryptography techniques that include: Symmetric Cryptography and Public Key Cryptography. Both techniques are ensures the encryption and decryption of voice signals for base stations. The main purpose for security in cellular communication systems are to secure conversations and signaling data from interception more specifically to prevent fraud. It is a relatively simple matter for the intruder to intercept cellular telephone conversations by using police scanner in the older analog-based cellular telephone systems such as the Advanced Mobile Phone (AMPS) and Total Access Communication System (TACS) [6]. Accessing signaling network is another technique of signal interception. No decryption skills are required to access the signaling network, since signal transmitted
between base stations are not encrypted. By using necessary equipments intruders only captures microwave links. Man-in-the-Middle attack is a most popular threat for network architecture which uses rouge BTS in conjunction with modified MS to eavesdrop, modify, delete, re-order, replay and spoof signaling and user data messages exchanged between the two parties [2]. To ensure the security of voice signals which is transmitted in plain text in operators network, strong encryption procedure is required. If the traffic on the operators back bone is encrypted, the network will be more secured to avoid signal interception. A stepwise procedure of developmet activities are used in this research of achieving the security of transmission between the base stations.
2 PREVIOUS WORKS
The fixed area network which is also known as core network of the traditional GSM architecture is not secured, this means the traffic is transmitted in plain text within the network [3]. So the intruder will be able to listen to everything that is transmitted including the actual phone call as well as the RAND, SRES and Kc if he can access the operators signaling network with appropriate equipment [1]. According to the previous researches voice signals are transmitted across the fixed area networks in clear, in the form of PCM or ADPCM speech which ensures the possibility of unauthorized access to GSM-to-GSM or GSM-toPSTN conversations that ensures End-to-End security for the GSM network, the resultant is, there are no securities for the speech over the core network. Speech must be encrypted before it enters the GSM network for ensuring an end-to-end security. But in case of randomizing the encryption process and the speech signal is encrypted be-
fore it comes to the encoding block then it will not perform in speech-like characterstics on which the GSM speech transcoding principles are based. Therefore the GSM handset would result in a significantly distorted received signal because of directly transmitting an encrypted speech signal which is unsuitable for the decryption process [4]. S. Islam and F. Ajmal have proposed a very practical and highly attractive solution about the security of the GSM system. GSM speech service is secured up to the core network. To achieve the encryption on the speech channel in GSM architecture is must based on GSM subscribers, not the network operator. Only the path between the mobile terminal and the base station known as radio link is encrypted whereas the fixed area network transmits data in clear-text. For ensuring end-to-end security the radio link confidentiality in GSM is not sufficient. It is strongly need to secure the communication for confidentiality of the traffic. An embedded hardware system (i.e TMS320C6713 DSK) along with a simulation code developed in CCS (Code Composerr Studio 3.1) to encrypt the speech signals is used for the proposed system that encrypts the speech before entering the GSM handset which ensures security and privacy [5]. A famous Cryptographic Algorithm that is A5 Algorithm which is known as also Stream Cipher algorithm is used in current architecture of cellular communication system. For voice ciphering in the radio access network it is used in GSM architecture. The existing versions of A5 algorithms are known as A5/0, A5/1, A5/2, A5/3 [1]. By using cryptography the proposed approach is developed for transmission of voice signals between base stations which ensures better security and confidentialty.
Voice Signals
Plain Text
process is known as digital envelop. The sending BTS which is consider as the first BTS is done the encryption of text that receives the voice signals generated by the caller Mobile Station (MS). The signal remains encrypted throughout the core network and the plain text decrypts by the receiving BTS that is the last BTS to send it to the receiver MS in typical manner.
22. If M == K then, D = T M. 23. Take the reverse from of D to get the actual plain text. Decision Module 2 1. 2. Take the encrypted signal T as input from the BTS. Check for receiving BTS; if yes performs decryption. Signal Decrypted.
3.
Encryption
Fig. 2. Decision Module for Encryption in BTS.
The Security Algorithm 1. Generate a seceret key for symmetric cryptography by using K = (n2*n3) + n4/n1 where n1, n2, n3 & n4 are four randomly chosen numbers. 2. Input a plain text P that is a combination of 01. 3. Take the reverse form of P. 4. T = P' K. 5. Take the key K. 6. Select p, q where p and q are both prime, p q. 7. Calculate n = p*q. 8. Calculate (n) = (p-1)(q-1). 9. Select an integer e when gcd ( (n, e)) = 1; 1< e < (n). 10. Calculate d when d e -1 (mod (n)). 11. Finally Public Key PU = {e, n} and 12. Private Key PR = {d, n}. 13. Create the binary representation of e. 14. Set the variable C to 1. 15. Repeat steps 15a and 15b for i = k, k-1, , 1, 0: 15a. Set C to the remainder of C2 when devided by n. 15b. If ei = 1, then set C to the remainder of C * K when devided by n. 16. Halt. Now C is the encrypted form of K. 17. If the BTS is the receiver and, decrypt it using the following steps: 18. Create the binary representation of d. 19. Set the variable M to 1. 20. Repeat steps 20a and 20b for i = k, k-1, ., 1, 0: 20a. Set M to the remainder of M2 when deivided by n. 20b. If di = 1, then set M to the remainder of C * M when divided by n. 21. Halt. Now M is the decrypted form of C.
Plain Text
Plain Text, M
Secret Key, K
Cipher Text, T
Generate 'e' so that gcd(( n), e)=1; 1< e < (n) and
d e1 mod((n))
PU = {e, n} PR = {d, n}
7 COMPARATIVE STUDY
Input No Check whether that is receiving BTS or not Yes
By considering some common factors a comparative study is given which representing the performance analysis between the three approaches namely The Proposed Approach, The Traditional Approach and The Approach by Saad & Fatima [5]. P1, P2 and P3 will use to address the three approaches respectively. Some specific factors considered are: Processing Steps, Equipment Used (E), Cost (C), Speed (S) & Security and Accuracy of data(S & A). A range of weights are assigned for step 2 to step 5. Comparisons among the mentioned works are shown logically by considering the weights for every step. On the basis of unique grade 10 weights are assigned. It contains greater than or equal to 80% score when P1 is better than P2 and it contains less if it is not better than 80% score. The results of the factors measured out of 10 as Table 3 according to the points. In case of equipment used that means an extra device is used by P3 and it may change the normal architecture because of using an extra hardware and also increase the costs which has ultimately a bad effect. So it is assigned a negative weight of 6 points and it scores 10% because of using extra device. An algorithm is used by P2 in MS but no extra device is needed. Therefore 0 point is assigned for it and scores 80%. Besides, P1 is software based mechanism and does not require any extra device. Hence it is easily adaptable resulting 0 point and 80% score by architecture By using the similar procedure described earlier other weights of the factors are assigned. TABLE 3 POINTS FOR COMPARING FACTORS
Decryption
Fig. 4. Decision Module for Decryption in BTS.
P3 6 8 5 4
P2 0 2 8 2
P1 0 4 3 8
[1 1 0 0 1 0 1 0 1 1 0 0 1 1 [1 0 1 0 1 0 1 0 1 0 1 0 1 1 [1 1 0 0 1 0 1 0 1 1 0 0 1 1 [0 1 1 1 1 1 1 0 1 1] 0 0 1 0 1 0 0 0 1 0 1 0 1 1] 0 0 1 1 0 1 0 1 0 1 1 0 0] 0 0 1 0 1 0 0 0 1 0 1 0 1 1]
[1 1 1 1 0 1 0 1] [1 1 0 1 0 0 0 0]
[1 0 1 1 1 1 0 1 1 1] [1 1 1 1 1 1 1 1 1 0]
[0 0 0 1 0 0 1 0] [1 1 1 1 0 1 0 0]
[1 1 1 1 0 1 0 1] [1 1 0 1 0 0 0 0]
P3 P2 P1
S & A
Table 4 is shown the comparison in performance in percentage TABLE 4 PERFORMANCE OF DIFFERENT RESEARCHES
8 CONCLUSION
To analysis about the GSM security structure, flaws in its network architecture and to propose a new encryption algorithm for security of base stations which secure the voice signal from BTS to BTS is the main purpose of the research paper. The proposed system scores 80% for the average performance. It is projected 7.875 in the range of 10 units for average performance, which shows better analytical result over the existing research works studied. We are working later to shorten the time delay which is currently a bit larger than the traditional system and ensure more strong authentication which involved additional functionaltiy for security.
REFERENCES
P3 P2 P1
[2] [1] Wamil, T. Magdalene and Muazu, B. Muhammad, GSM NETWORKS: A Review of Security Threats and Mitigation Measures, The Information Manager, Vol. 6, pp. 1-2, 2006. Interception GSM Traffic, http://www.blackhat.compresentationbh-dc-08SteveDHultonWhitepaperbh-dc-08-steve-dhulton-WP.pdf, February, 2008. A. D. Mohammed et al., Threats to Mobile Phone Users Privacy, Memorial University of Newfoundland, Canada, March 2009 N. Katugampala, S. Villette, and A. M. Kondoz,Secure voice over GSM and other low bit rate system, http://www.personal.ee.surrey.ac.ukPersonalN.Katugampalap ubsiee03.pdf, October 2011. I. Saad and A. Fatema, Developing and Implementing Encryption Algorithm for Addressing GSM Security Issues, Electro/Information Technology, 2009. Eit 09. IEEE Iternational Conference, 2009. E. Jorg et al., GSM Architecture, Protocols and Services, 3rd Edition, John Wiley & Sons LTD, 2009. N. Sharmin, F. Haider, Security between Base Stations in Cellular Communication System, International Conference on Inforamations, Electronics & Visions, 2012, doi : 10.1109/ICIEV.2012.6317512. (IEEE Conference)
S & A
[3]
[4]
The weight for Equipment (E), Cost (C), Speed (S), Security & Accuracy (S & A) are shown in Fig. 6. It is clearly shown on the projected graph on the fact that the traditional approach performs fair in all aspects while its performance degrades in case of Security and Accuracy. Again performance fall is observed in Equipment used and Cost in case of P3 which ensures slightly better security. On the other hand, our proposed approach ensures the highest security and accuracy among all the three techniques abserved but performs almost similar as P2 for the first two factors. Finally an overall comparative performance presented in Table 5 and also Fig. 7 shows the best result for the proposed method. TABLE 5 AVERAGE PERFORMANCE
[5]
[6] [7]
P3 4.375
P2 7
P1 7.875
Nusrat Sharmin graduated from Inertnational Islamic University Chittagong in B. Sc in Computer Science & Engineering. Currently working as an Oracle developer in a renowned company namely New Technology Systems and also researching on Security mechast st nisms of Cellular Communication System. 1 paper published in 1 IEEE/OSA/IAPR conference ICIEV2012. DOI: 10.1109/ICIEV.2012.6317512 Farhana Haider compeleted post graduation from University of Dhaka in Iformation System and completed graduation from International Islamic University Chittagong in B. Sc in Computer Science & Engineering. Currently servicing as an Assistant Professor in International Islamic University Chittagong under the Department of Computer Science & Engineering.
Performance
P1