Use this URL to cite or link to this record in EThOS:
Title: Improving security and privacy in current mobile systems
Author: Khan, Mohammed
Awarding Body: Royal Holloway, University of London
Current Institution: Royal Holloway, University of London
Date of Award: 2017
Availability of Full Text:
Access from EThOS:
Access from Institution:
As has been widely discussed, the GSM system only offers unilateral authentication of the mobile phone to the network; this limitation permits a range of attacks. While adding support for mutual authentication would be highly beneficial, changing the way GSM serving networks operate is not practical. The 3G and 4G mobile systems rectify the GSM weakness by providing mutual authentication between phone and network, and significantly improve their security properties by comparison with 2G (GSM). However, significant shortcomings remain with respect to user privacy, most notably the decades-old privacy problem of disclosure of the permanent subscriber identity (IMSI), a problem arising in all generations of mobile networks and that makes IMSI catchers a real threat. Although a number of possible modifications to 2G, 3G and 4G protocols have been proposed designed to provide greater user privacy, they all require significant alterations to the existing deployed infrastructures, which are almost certainly impractical in practice. In this thesis we investigate whether it is possible to improve the security and privacy properties of the current mobile systems without changing the deployed infrastructure, i.e. the serving networks and mobile phones. We describe a novel modification to the relationship between a subscriber identity module (SIM) and its home network which allows mutual authentication without affecting the GSM infrastructure, including the phones; the only necessary changes are to the authentication centres and the SIMs. We further propose novel authentication schemes for 3G and 4G systems to defeat IMSI catchers. Our first scheme makes use of multiple IMSIs for an individual USIM to offer a degree of pseudonymity for a user. The second scheme prevents disclosure of the subscriber's IMSI by using a dynamic pseudo-IMSI that is only identifiable by the subscriber's home network. A major challenge in using pseudonymous IMSIs is possible loss of identity synchronisation between a USIM and its home network, an issue that has not been adequately addressed in earlier work. We present an approach for identity recovery to be used in the event of pseudo-IMSI desynchronisation. Both schemes require changes to the home network and the USIM, both owned by a single entity in the mobile systems, but not to the serving network, mobile phone or other internal network protocols, enabling simple, transparent and evolutionary migration. We provide analyses of the schemes, and verify their correctness and security properties using ProVerif.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID:  DOI: Not available