Introduction of the Asymmetric Cryptography in GSM, GPRS, UMTS, and Its Public Key Infrastructure Integration

摘要

The logic ruling the user and network authentication as well as the data ciphering in the GSM architecture is characterized, regarding the transferring of the parameters employed in these processes, by transactions between three nodes of the system, that is the MS, actually the SIM, the visited MSC/VLR, and the AuC, which is attached to the HLR in most cases. The GPRS and the UMTS architecture carry the heritage of the GSM's philosophy regarding the useretwork authentication and the data ciphering. So, the corresponding three nodes (MS, VLR, and HLR) of these systems are involved as well in the authentication and data ciphering procedures. Moreover, the methods of the conventional cryptography have been adopted by all three systems. This paper describes in brief the subscriber authentication and data ciphering, as they are recommended by the Specifications for all three aforementioned systems. Based on what the specifications define, we pinpoint the vulnerable points of the systems, exposed to third party attacks, and propose asymmetric cryptography procedures for their coverage, consisting of the introduction of public-private key pairs for the transactions between the VLR-HLR, as well as the MS-VLR. On the other hand, the nature of the services constituting a Public Key Infrastructure (PKI) renders the telecommunication operators the main candidates for the development of PKIs fully or partially fledged. The private-public key pair, stored by the PLMN operator in the SIM, for the GSM/GPRS case, or in the USIM for the UMTS case and created to deal initially with internal system functions, can easily be extended, adopted and employed in secure e/m-transactions, if bound to a digital certificate, in the case the PLMN operator supports PKI services as well.