سال انتشار: ۱۳۸۴
محل انتشار: یازدهمین کنفرانس سالانه انجمن کامپیوتر ایران
تعداد صفحات: ۵
Mehdi Karimiyan Mohammadabadi – Electrical Engineering Department Iran University of Science and Technology
Hadi Shahriar Shahhoseini – Electrical Engineering Department Iran University of Science and Technology
GSM (Global System for Mobile Communication, or just Global System Mobile) is the most widespread protocol in the world for digital cellular communications. GSM supports a complete set of security protocols that avoid many of the exposures to eavesdropping and subscriber fraud that plagued first generation analog cellular technologies. However, in new years, GSM has some lacks for security. Authentication protocol and encryption algorithms employed by standard GSM are weak. In authentication protocol, which verifies the identities of insiders and outsiders and then establishes a common secret key between them, the weakness should be reduced. In this paper for GSM where users roam among multiple service areas, based on basic architecture of GSM, a new authentication protocol that improves the security level of GSM, is proposed. The protocol is called More Secure Authentication Protocol for GSM (MSAPG) while the original one is called Standard Authentication Protocol for GSM (SAPG). MSAPG is more secure than SAPG since in MSAPG the mobile station and the GSM network authenticate each other, users employ a personal code to initiate service, a time stamp is used to counter replay attacks, clock synchronization between mobile station and the network is more sophisticated than in standard GSM, different temporary identifiers are used for each individual call, the GSM data encryption function ( 5 A ) is supplemented with a one-way hash function, message confidentiality and user ID confidentiality are better, random number generation is controlled, roaming support is done simpler.