350 likes | 469 Views
Cell Phone Security. Linden Tibbets Coen 150 5/28/2004. Introduction. Changed structure of our lives and the way we do business Hundreds of models and services Potential for major annoyance. Endless Uses. Store contact information Make task or to-do lists
E N D
Cell Phone Security Linden Tibbets Coen 150 5/28/2004
Introduction • Changed structure of our lives and the way we do business • Hundreds of models and services • Potential for major annoyance
Endless Uses • Store contact information • Make task or to-do lists • Keep track of appointments and set reminders • Use the built-in calculator for simple math • Send or receive e-mail • Get news, entertainment, and stock quotes from the Internet • Browse regular Internet sites • Play simple games • Integrate other devices such as PDAs, MP3 players, and GPS receivers • Use credit cards to buy products and services • Download ring tones, games, and other programs for the specific phone
Are They Secure? • Vast amounts of personal information • Personal Phone Book • Address • Credit Card Number • Email Password • Account Information
Concept Began in 1947 • Researchers improve traffic of primitive car phones by reusing freq. in smaller areas called ‘cells’ • Federal Communications Commission (FCC) hinders cell phone progress • Only enough channels for 23 conversations per cell • Not practical
The Cell Phone Boom • 1967 FCC expands available frequencies • 1973 Dr. Martin Cooper at Motorola makes first cell phone call to his rival Joel Engel at Bell Labs • 1983 First cell phone network in US (Chicago) • 1987 Over a million users • 2004 If you don’t have a cell phone your in the minority
Inside the Cell Phone • Inner workings not much different than a personal computer • RAM • CPU • Input • Output • Power Source
The Cellular Approach • At first only one tower per city (around 25 channels) • Now a provider has 832 freq. in each city • One cell uses 1/7 of these • Share freq. Between cells • Cell Phones are two way devices so they use two separate channels
Frequency Breakdown • Provider has 395 total voice channels (more when it goes digital) • 42 control channels for system signals • 395 x 2(in/out) + 42 = 832 Frequencies
Definitions • Electronic Serial Number (ESN) - a unique 32-bit number programmed into the phone when it is manufactured • Mobile Identification Number (MIN) - a 10-digit number derived from your phone's number • System Identification Code (SID) - a unique 5-digit number that is assigned to each carrier by the FCC
When you first power up the phone, it listens for an SID on the control channel. The control channel is a special frequency that the phone and base station use to talk to one another about things like call set-up and channel changing. If the phone cannot find any control channels to listen to, it knows it is out of range and displays a "no service" message.
When it receives the SID, the phone compares it to the SID programmed into the phone. If the SIDs match, the phone knows that the cell it is communicating with is part of its home system. • Along with the SID, the phone also transmits a registration request, and the MTSO (Mobile Telephone Switching Office) keeps track of your phone's location in a database -- this way, the MTSO knows which cell you are in when it wants to ring your phone.
The MTSO gets the call, and it tries to find you. It looks in its database to see which cell you are in. • The MTSO picks a frequency pair that your phone will use in that cell to take the call. • The MTSO communicates with your phone over the control channel to tell it which frequencies to use, and once your phone and the tower switch on those frequencies, the call is connected.
As you move toward the edge of your cell, your cell's base station notes that your signal strength is diminishing. Meanwhile, the base station in the cell you are moving toward (which is listening and measuring signal strength on all frequencies, not just its own one-seventh) sees your phone's signal strength increasing. The two base stations coordinate with each other through the MTSO, and at some point, your phone gets a signal on a control channel telling it to change frequencies. This hand off switches your phone to the new cell.
Analog to Digital • Early phones were purely analog ‘radios’ • To increase security and channel use efficiency converted all calls to digital, encrypted and spread over the frequencies • Three methods to do this: FDMA, TDMA, CDMA
FDMA • Frequency division multiple access • Much like analog control except now calls are digital • Insecure since a call is set to specific frequencies.
TDMA • Frequency division multiple access • Splits calls up into different time slots. • Allocates only a certain amount of time on any given freq. • Introduces data encryption • Basis for GSM (Global System for Mobile Communications). Used everywhere except USA.
CDMA • Code division multiple access • Uses unique code in phone to encrypt the data then break it up into packets that are sent on a broad range of freq. • Further scrambles information
Physical Problems • Small and easily lost • Most phones have a password lock but they are easy to get around and nobody uses them • Easy target for stealing personal information
Common Wireless Problems • Analog and FDMA phones easy to listen in on • Needed $200 scanner and some technical skills • Overcome by CDMA and TDMA • Still possible to crack yet much harder • Cell network is much the same as a WLAN • Lack security physical wires provide, anybody can pick up the signal
Common Wireless Security contd. • The level of protection is limited • Slow data rates • Availability • High error rates due to the mobility of user • Limited computational power • Limited battery power
Encryption Problems • The limitations of the cell phone and its network disable the encryption and authentication process • Number of bits in the key must be low • Number of handshakes or checks the authentication scheme allowed is low as well • Despite these limitations cell phones remain more secure than most wireless networks due to the fast pace changes and the scrambling of data over multiple frequencies
Should We Still Worry • In order to listen in to a modern cell phone conversation an organization must be well funded and posses considerable technical skill • Even grabbing a credit card number would not enable you to turn a profit • Yet there remain problems with everyday cell phone usage
Cloning • Early days quite simple • Figure out the ESN, MIN, SID • Program other phones with these numbers and all calls would be billed to one user’s account • Harder to do today • Still costs cellular providers over 500 million dollars a year
Cloning in the Digital Age • Most phones carry all of the critical info on a SIMM card much like a smart card • Group of Berkeley researchers claimed to have cracked this encryption in 10 hours by sending a large number of challenges to the authorization module in the phone, compromising the security behind the GSM standard
Cloning in the Digital Age contd. • Claim the A5 cipher that keeps conversations private was made intentionally weaker by replacing the leading 10 bits of a 64-bit key with zeros • Blame the NSA for forcing the weakness in order to monitor cell phone traffic
SMS Attacks • Many phones use SMS messaging service • Can send and receive messages to phones or the internet • Programs created to bomb a specific phone with thousands of messages (DOS attack) • Jams the phone’s service • Uses up the user’s predetermined text limit
They Know Where You Are • Providers can pinpoint your location to within 100 feet if your phone is on • The constant check for signal strength creates the side effect of tracking locations and movement • A huge market for more invasive advertising • Track the consumer’s location • Send tailored ads to a cell phone based on the location of the user • Consider how bad it is on the Internet and this doesn’t seem so far fetched
Turn It Off in the Airplane • Signals have been proven to disrupt the workings of sensitive equipment • A single phone in a plane causes no problems, but a whole cabin full of phone users really could change the readings in some equipment • Other reports of cellular traffic having an effect on the payment systems at pay-at-the-pump gas stations
Jamming • Simple device used to send a signal on all available freq. in an area causing a cell phone to show no service bars • Already in use to protect the President from cellular phone bomb calls (similar to the bomb in Spain) while he is traveling • Illegal in the USA • Restaurants and Movie theaters lobbying for such devices to keep their places of business cell phone free
Conclusion • Just like secure computer networks, cell phones must make use of current data encryption schemes, authentication methods and physical security • In order for the cell phone to become a more useful tool in everyday lives it must first secure its current features and gain the trust of the millions of users who still watch what they say or do over the phone