Authors:
Gianluigi Me
1
;
Giuseppe F. Italiano
1
and
Paolo Spagnoletti
2
Affiliations:
1
Dipartimento di Informatica, Sistemi e Produzione, Italy
;
2
CeRSI, LUISS “Guido Carli” University, Italy
Keyword(s):
Mobile application, Security.
Related
Ontology
Subjects/Areas/Topics:
GPRS and UMTS
;
Information and Systems Security
;
Network Security
;
Telecommunications
;
Wireless and Mobile Technologies
;
Wireless Information Networks and Systems
Abstract:
Cellular Internet services must grapple with the added security threats posed by the radio transmission, open to eavesdropping. Furthermore, the combination of always-on connectivity and an interface to the public Internet means high speed data services has to cope with the same security issues that can be found in the wired environment.Confidentiality of GSM/GPRS communications has been provided only in BS-ME/GGSN-ME by COMP128/GEA+ algorithms, whose strength is often not believed adequate for corporate/governmental requirements. Furthermore, A5/1 and A5/2 algorithms have been recently attacked with real time ciphertext only cryptanalysis by Barkan, Biham and Keller. To provide an adequate level of security, it is often argued to employ IPSec over the GSM/GPRS framework. We provide experimental evidences that IPSec is a viable solution to provide the desired level of security. In particular, the overhead generated is tolerable where high sensitive/critical communications take place.
We expect that our findings could help better understanding how securing a deployed GSM/GPRS network which corporate/governmental infrastructures can rely on and what performances can be expected by using IPsec over these media.
(More)