A More Secure Authentication Protocol for GSM

  • سال انتشار: 1384
  • محل انتشار: یازدهمین کنفرانس سالانه انجمن کامپیوتر ایران
  • کد COI اختصاصی: ACCSI11_230
  • زبان مقاله: انگلیسی
  • تعداد مشاهده: 1861
دانلود فایل این مقاله

نویسندگان

Mehdi Karimiyan Mohammadabadi

Electrical Engineering Department Iran University of Science and Technology

Hadi Shahriar Shahhoseini

Electrical Engineering Department Iran University of Science and Technology

چکیده

GSM (Global System for Mobile Communication, or just Global System Mobile) is the most widespread protocol in the world for digital cellular communications. GSM supports a complete set of security protocols that avoid many of the exposures to eavesdropping and subscriber fraud that plagued first generation analog cellular technologies. However, in new years, GSM has some lacks for security. Authentication protocol and encryption algorithms employed by standard GSM are weak. In authentication protocol, which verifies the identities of insiders and outsiders and then establishes a common secret key between them, the weakness should be reduced. In this paper for GSM where users roam among multiple service areas, based on basic architecture of GSM, a new authentication protocol that improves the security level of GSM, is proposed. The protocol is called More Secure Authentication Protocol for GSM (MSAPG) while the original one is called Standard Authentication Protocol for GSM (SAPG). MSAPG is more secure than SAPG since in MSAPG the mobile station and the GSM network authenticate each other, users employ a personal code to initiate service, a time stamp is used to counter replay attacks, clock synchronization between mobile station and the network is more sophisticated than in standard GSM, different temporary identifiers are used for each individual call, the GSM data encryption function ( 5 A ) is supplemented with a one-way hash function, message confidentiality and user ID confidentiality are better, random number generation is controlled, roaming support is done simpler.

کلیدواژه ها

Security, Authentication, GSM, Confidentiality

مقالات مرتبط جدید

اطلاعات بیشتر در مورد COI

COI مخفف عبارت CIVILICA Object Identifier به معنی شناسه سیویلیکا برای اسناد است. COI کدی است که مطابق محل انتشار، به مقالات کنفرانسها و ژورنالهای داخل کشور به هنگام نمایه سازی بر روی پایگاه استنادی سیویلیکا اختصاص می یابد.

کد COI به مفهوم کد ملی اسناد نمایه شده در سیویلیکا است و کدی یکتا و ثابت است و به همین دلیل همواره قابلیت استناد و پیگیری دارد.