3

GSM Security

3.1 Principles of GSM Security

The goal of security design for the GSM system was that it had to be as good as that of wireline systems. Additionally it was required that security mechanisms should not have a negative impact on the usability of the system.

These goals were clearly reached, and it can be argued that GSM has even better security than wireline systems. On the other hand, it is also clear that there is room for improvement in GSM security. This is, of course, generally true for any system that has been in wide use for a long time. Attack methods and equipment evolve over time, and there should be corresponding improvements in protection methods. Some enhancements in GSM security have been made over the years but the basic structures have remained.

It is always difficult to introduce radical changes into a system that is in wide use, and there is a key learning point in this: security design for a new system should provide adequate protection against contemporary attack techniques and include an additional security margin.

The most important security features in the GSM system are:

  • subscriber authentication;
  • encryption at the radio interface for confidentiality of communication;
  • use of temporary identities for identity confidentiality.

All these features were carried over to the third-generation security architecture and later to the EPS security architecture.

As GSM became more and more successful it also became a preferred target for fraudsters. ...

Get LTE Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.