Short Message Service (sms) security solution for mobile devices

 12
BSC
BTS
MSC
HLR
VLR
AuC
SIM
ME
TMSI Reallocation 
Confirmation
Decrypt 
Request
TMSI Reallocation Request
Encrypt 
Request
Decrypt 
Confirmation
Encrypt 
Confirmation
Figure 5. TMSI Reallocation 
After the authentication and encryption process is complete, the TMSI is 
sent to the MS. The MS responds by confirming reception of the TMSI. The TMSI 
is valid in the location area in which it was issued. To support roaming of 
subscribers to other networks, the Location Area Identification (LAI) is used in 
addition to the TMSI to determine the location and identity of the subscriber.
6. SIM 
Security 
Although the Subscriber Identity Module (SIM) physically resides with the 
Mobile Equipment (ME), it is regarded as an important part of the GSM 
infrastructure because it is the piece of hardware that represents the subscriber. 
As described in the previous sections, the SIM houses many of the security 
components for the GSM Network. All authentication operations take place within 
the SIM and none of the keys or ciphers leaves the SIM. The SIM may also be 
protected with a Personal Identification Number (PIN). SMS messages are also 
stored in the SIM. Generally, the SIM is considered a piece of tamper-proof 
hardware. Although hacks against smart cards are available, extraction of 

 13
information directly from the card is generally difficult and it requires physical 
access to the card and specialized equipment. It is easier to make a clone of the 
card by making use of information on the key generating algorithm. The following 
Section describes this vulnerability in greater detail. 

Download 1,13 Mb.

Do'stlaringiz bilan baham: