Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Symbolic Analysis for Security of Roaming Protocols in Mobile Networks

[Extended Abstract]

  • Conference paper
Security and Privacy in Communication Networks (SecureComm 2011)

Abstract

Both GSM (2G) and UMTS (3G) wireless standards are deployed worldwide. Like the 4G standard now appearing, these standards provide for mobile devices with differing capabilities to roam between providers or technologies. This poses serious challenges in ensuring authentication and other security properties. Automated analysis of security properties is needed to cope with the large number of possible scenarios. While some attacks exploit weaknesses in cryptographic functions, many attacks exploit flaws or other features of the protocol design. The latter attacks can be found using symbolic (Dolev-Yao) models. This paper demonstrates the use of a fully automatic tool to exhaustively analyze symbolic models of GSM, UMTS, and the respective roaming protocols. The results include the demonstration of known attacks as well as the confirmation of expected properties.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Abadi, M., Blanchet, B., Fournet, C.: Just Fast Keying in the Pi Calculus. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 340–354. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  2. Blanchet, B., Chaudhuri, A.: Automated formal analysis of a protocol for secure file sharing on untrusted storage. In: IEEE Symp. on Sec. and Priv. (2008)

    Google Scholar 

  3. Bodei, C., Buchholtz, M., Degano, P., Nielson, F., Nielson, H.R.: Automatic validation of protocol narration. In: IEEE CSFW, pp. 126–140 (2003)

    Google Scholar 

  4. Bouassida, M.S., Chridi, N., Chrisment, I., Festor, O., Vigneron, L.: Automated verification of a key management architecture for hierarchical group protocols. Annals of Telecommunications (2007)

    Google Scholar 

  5. Chang, R., Shmatikov, V.: Formal analysis of authentication in Bluetooth device pairing. In: FCS-ARSPA (2007)

    Google Scholar 

  6. Dunkelman, O., Keller, N., Shamir, A.: A Practical-Time Related-Key Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 393–410. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  7. Escobar, S., Meadows, C., Meseguer, J.: State Space Reduction in the Maude-NRL Protocol Analyzer. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 548–562. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  8. Fox, D.: Der IMSI catcher. In: DuD Datenschutz und Datensicherheit (2002)

    Google Scholar 

  9. Golić, J.D.: Cryptanalysis of Alleged A5 Stream Cipher. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 239–255. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  10. Jakobsson, M., Wetzel, S.: Security Weaknesses in Bluetooth. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 176–191. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  11. Mitchell, C.J., Knudsen, L.R.: An analysis of the 3GPP-MAC scheme. In: WCC (2001)

    Google Scholar 

  12. Lim, S.-H., Bang, K.-S., Yi, O., Lim, J.: A Secure Handover Protocol Design in Wireless Networks with Formal Verification. In: Boavida, F., Monteiro, E., Mascolo, S., Koucheryavy, Y. (eds.) WWIC 2007. LNCS, vol. 4517, pp. 67–78. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  13. Meyer, U.: Secure Roaming and Handover Procedures in Wireless Access Networks. PhD thesis, Darmstadt University of Technology, Germany (2005)

    Google Scholar 

  14. Meyer, U., Wetzel, S.: A man-in-the-middle attack on UMTS. In: ACM WiSec, pp. 90–97 (2004)

    Google Scholar 

  15. Meyer, U., Wetzel, S.: On the impact of GSM encryption and man-in-the-middle attacks on the security of interoperating GSM/UMTS networks. In: IEEE Symposium on Personal, Indoor and Mobile Radio Communications (2004)

    Google Scholar 

  16. Niemi, V., Nynberg, K.: UMTS Security. Wiley (2003)

    Google Scholar 

  17. Taha, A., Abdel-Hamid, A., Tahar, S.: Formal analysis of the handover schemes in mobile WiMAX networks. In: Conf. on Wireless and Optical Comm. Net. (2009)

    Google Scholar 

  18. Taha, A., Abdel-Hamid, A., Tahar, S.: Formal verification of IEEE 802.16 security sublayer using Scyther tool. In: IFIP N2S 2009, pp. 1–6 (2009)

    Google Scholar 

  19. 3GPP The mobile broadband standard, http://www.3gpp.org/specifications

Download references

Author information

Authors and Affiliations

  1. Stevens Institute of Technology, Hoboken, NJ, 07030, USA

    Chunyu Tang, David A. Naumann & Susanne Wetzel

Authors
  1. Chunyu Tang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David A. Naumann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Susanne Wetzel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. City University London, 10 Northampton Square, EC1V 0HB, London, UK

    Muttukrishnan Rajarajan

  2. Royal Holloway University of London, TW20 0EX, Egham Hill, UK

    Fred Piper

  3. College of William and Mary, P.O. Box 8795, 23187, Williamsburg, VA, USA

    Haining Wang

  4. Pennsylvania State University, 338J IST Buillding, 16802, University Park, PA, USA

    George Kesidis

Rights and permissions

Reprints and permissions

Copyright information

© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering

About this paper

Cite this paper

Tang, C., Naumann, D.A., Wetzel, S. (2012). Symbolic Analysis for Security of Roaming Protocols in Mobile Networks. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds) Security and Privacy in Communication Networks. SecureComm 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 96. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31909-9_29

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31909-9_29

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31908-2

  • Online ISBN: 978-3-642-31909-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation