tailieunhanh - GSM and UMTS (P15)

Security was perceived by some in the first days of GSM as an unnecessary expense. Certainly, initially, all involved considered protection of user data from eavesdropping as more important than authentication of the user, though some questioned whether the perceived complexity of introducing encryption over the radio interface was justified. However, as fraud losses from cloning of analogue phones rocketed in the US and the UK, as the Dutch PTT withdrew all its NMT phones so a form of authentication could be added, and as the Germans introduced simple authentication on its C-Netz system, it became apparent that authentication of. | GSM and UMTS The Creation of Global Mobile Communication Edited by Friedhelm Hillebrand Copyright 2001 John Wiley Sons Ltd ISBNs 0-470-84322-5 Hardback 0-470-845546 Electronic Chapter 15 Security Michael Walker and Tim Wright1 Introduction Security was perceived by some in the first days of GSM as an unnecessary expense. Certainly initially all involved considered protection of user data from eavesdropping as more important than authentication of the user though some questioned whether the perceived complexity of introducing encryption over the radio interface was justified. However as fraud losses from cloning of analogue phones rocketed in the US and the UK as the Dutch PTT withdrew all its NMT phones so a form of authentication could be added and as the Germans introduced simple authentication on its C-Netz system it became apparent that authentication of user identity was also very important. In recent times the security of GSM has been attacked as too weak. These criticisms are often made without knowledge of the design goals of GSM security nor the regulatory context in which the designers had to work. This section aims to show that GSM security met its design goals in a simple and elegant way and has provided more than adequate security for most of its users. Indeed GSM offers more access network security than fixed phones in most countries taking the phone to the local exchange link as the access network for fixed line systems . GSM has never been subject to the commercial cloning that was visited upon analogue NMT AMPS and TACS systems. Moreover GSM represented the first time ever that encryption functionality had been provided in a consumer device and played its part in the liberalisation of policy on encryption that today s security designers enjoy. Origins of GSM Security The security of GSM was developed by the Security Experts Group SEG which was formed by CEPT in 1984. There was a lot of concern in CEPT regarding protection of .