Telecoms, Datacoms, Wireless, IoT


Encryption system for GSM comunications

30 September 2009 Telecoms, Datacoms, Wireless, IoT

A company called Secusmart has developed an advanced encryption and authentication system to provide secure cellphone communication.

According to André Stürmer, operations director of the TriVest Group, South African distributors of the German developed Secusmart chip: “The hard fact about cellphone security is that you should always assume you have unwanted listeners. In countries where more and more business is conducted over the mobile phone network, such as is the case in Africa, this is particularly relevant.”

GSM-based communications can be attacked in three different ways:

1. An attack on the transmission network.

2. An attack on the air interface.

3. An attack by ID spoofing.

During an attack on the transmission network, the speech data is transferred clearly, and can be intercepted through legal as well as illegal measures. Air interfaces can be actively and passively attacked. An active attack on the air interface is performed by an IMSI catcher. The IMSI catcher makes use of the lack of authentication between the network and the mobile phone and intercepts the data by placing the phone on its ‘private’ network. Additionally, the IMSI catcher disconnects the normal GSM encryption. Not only does the cost of around R2 million limit its use, but it is also difficult to deploy and the active interception means that the use of the IMSI catcher can be traced.

A passive attack of the air interface requires cracking the A5/1 encryption. The two possibilities are:

1. GSS ProA - GSM interceptor

* On-the-fly decryption of up to 100 speech connections.

* Simultaneous interception and content analysis.

* Cost is approximately R750 000.

2. Open-source projects

GSM cracking project/A5 busters

<i.* Hardware costs between R10 000 and R45 000.</i>

The threat by this type of attack is high, as the interception cannot be traced and the entry barrier is low.

The cheapest alternative is to duplicate the caller ID – this is known as ID spoofing. Sites such as www.spoofcard.com show how easy and cheap this type of attack can be. The invader communicates the false call number and the victim trusts the number, resulting in them divulging confidential information. This threat by caller ID spoofing is extremely high because it is possible with any telephone.

These points illustrate that secure mobile communication requires more than just encryption. For this reason, Secusmart’s solution ensures encryption and authentication. Certificate authentication protects against caller ID spoofing thanks to the public key infrastructure (PKI). The Secusmart solution is independent of the mobile phone and it requires no changes to the device. The usage is simple, does not impede normal phone usage, no loss of battery time and intuitive handling, with no degradation in speech quality.

The solution makes use of crypto hardware integrated in a microSD card, which encrypts voice calls end-to-end using a 128-bit AES encryption algorithm. Authentication is certificate-based, using an elliptic curve Diffie-Hellmann key exchange and with a key agreement within 3 seconds. The microSD card is a standard chip for mobile data storage with up to 2 GB Flash storage. Additionally, it contains a secure PKI smartcard controller (NXP SmartMX P5CC072) with TCOS 4.0 operating system. The design has a high-speed AES co-processor which consumes little battery power and securely stores key information.

For more information contact André Stürmer, Trivest, +27 (0)82 052 6824.





Share this article:
Share via emailShare via LinkedInPrint this page

Further reading:

Otto Wireless reveals RAD new product line
29 July 2020, Otto Wireless , Telecoms, Datacoms, Wireless, IoT
As a world leader in the telecommunications field with over 39 years of innovation, a significant worldwide presence in over 150 countries and an installed base of more than 16 million network elements, ...

Read more...
New benchmark in low-cost LTE to be released soon
29 July 2020, Otto Wireless , Telecoms, Datacoms, Wireless, IoT
SIMCom, represented locally by Otto Wireless Solutions, has expanded its family of SIM7600, LTE Cat. 1 devices, and is due to unveil a new flagship product, which is expected to take the 4G market by ...

Read more...
Multi-sensor IoT module
29 July 2020, Electrocomp , Telecoms, Datacoms, Wireless, IoT
TDK announced worldwide availability of the InvenSense SmartBug, a compact, wireless multi-sensor solution designed for a plethora of commercial and consumer IoT applications. The out-of-the-box solution ...

Read more...
Bluetooth SiP for wearables and medical devices
30 June 2020, RF Design , Telecoms, Datacoms, Wireless, IoT
Nordic Semiconductor announced that Tangshan, China-based Tangshan Hongjia Electronic Technology has selected Nordic’s nRF52840 Bluetooth 5.2/Bluetooth Low Energy (Bluetooth LE) advanced multiprotocol ...

Read more...
Adhesive mount combo antenna
30 June 2020, RF Design , Telecoms, Datacoms, Wireless, IoT
The Taoglas MA256.A is a 3-in-1 adhesive mount combination antenna for use in cases requiring worldwide 4G coverage and GPS/GLONASS/BeiDou/Galileo for positioning. The MA256 has been designed to be mounted ...

Read more...
Diodes for RF/microwave applications
30 June 2020, Hi-Q Electronics , Telecoms, Datacoms, Wireless, IoT
Skyworks’ broad portfolio of PIN, limiter, Schottky, and varactor diodes are ideal for WLAN, infrastructure, handset, Satcom (LNB/DBS-CATV), automotive, aerospace and defence, test and measurement, metering, ...

Read more...
Small form factor 5G/4G antenna
30 June 2020, RF Design , Telecoms, Datacoms, Wireless, IoT
The Taoglas Olympian II G45 is a low-profile, robust external 5G/4G antenna. The permanent mount antenna has a small form factor at only 48,5 mm tall and 50 mm in diameter. It is ideal for external use, ...

Read more...
Dual-core wireless MCU
30 June 2020, Altron Arrow , Telecoms, Datacoms, Wireless, IoT
The STM32WBx0 is a dual-core wireless MCU based on an Arm Cortex-M4 core running at 64 MHz (application processor) and an Arm Cortex-M0+ core at 32 MHz (network processor). The STM32WBx0 Value Line ...

Read more...
MIFARE DESFire EV3 IC
30 June 2020, EBV Electrolink , Telecoms, Datacoms, Wireless, IoT
NXP Semiconductors announced its new MIFARE DESFire EV3 IC that ushers in next-generation performance, advanced security and seamless integration of mobile services for a new era of security and connectivity ...

Read more...
Cellular chipset for global low-power IoT
30 June 2020, RF Design , Telecoms, Datacoms, Wireless, IoT
The UBX-R5 Series from u-blox is a global multi-band cellular chipset that supports LPWA, LTE-M and NB-IoT technologies. It is optimised for IoT applications such as smart metering, telematics, tracking, ...

Read more...