Cutting-Edge Security

What tools can wireless systems use to find the middle ground: security that is "good enough" without burdening customers with outrageous cost or educational requirements?

Security is a 2-edged sword - the sharper it is, the more likely you are to hurt your-self with it. With military-strength security your business is safe, but potential customers will find your system too expensive and too difficult to use.

Security systems can be categorized as private (symmetric) key encryption or as public (asymmetric) key encryption. Private-key encryption systems use a single key to lock and unlock messages meaning that both parties in communications have to have possession of the same key.

Private-key encryption is like a locked bank-deposit wallet, with both the sender and the receiver having the same key. In wireless communications, keys are held by the wireless device and by the network (e.g. the authentication center). Anybody who has access to both the communications and the key can authenticate or decrypt the communications.

Public-key encryption solves the key-distribution problem by allowing a public key to be known by everyone, with a private key known only by the entity that needs to decrypt the communications. The down side of public-key encryption is that it is significantly more complex, resulting in complicated and slower equipment.

Public-key encryption is like having a large number of padlocks that can be opened by one key. The bank gives out deposit wallets with already-opened padlocks. This gives anyone who has a lock the ability to make a deposit, but means that nobody can open the deposit wallet except the holder of the key - not even the depositor. Even if the opened padlocks are stolen, they cannot be used to open deposit bags; they merely can be used to make unauthorized deposits.

In a wireless public-key environment, wireless devices and networks would broadcast their public key, allowing any party to encrypt messages for the desired destination. Once communications had been encrypted, only the wireless device could decrypt it, making communications secure from eavesdropping.

Wireless systems have largely made do with private-key encryption for the basic needs of authentication, voice encryption and protection of signaling data. This is based on the greater simplicity of private-key systems and the belief that key distribution is a manageable problem.

Authentication: Encryption Divided by Two Perhaps the most important aspect of wireless security is authentication, which is only required to be half of an encryption system. Although validation is used to determine whether a wireless device has responded correctly to the question "Who are you?" by determining whether the identifiers transmitted by a wireless device (e.g. MIN and ESN) are valid, authentication requires a wireless device to answer the more important question: "Are you who you say you are?" A clone is a wireless device that provides a valid identity that has been obtained fraudulently. Clones are able to validate, but unable to authenticate unless they have somehow obtained the private key of a wireless device.

Authentication is based on encryption without the ability to decrypt. It uses a challenge/response transaction. A challenge (a random number) is sent from the base station to a wireless device, which encrypts it using the same algorithm as the network to produce the response. The recipient performs the same operation and merely compares the received response from the wireless device with its own generated response.

GSM authentication allows the authentication algorithm to be unique for every home system, although normally the standard A3 algorithm is used. The home provides a triplet composed of a random number (the challenge), an expected response, and an encryption key. The serving system simply has to transmit the challenge, wait for the response and ensure it matches before using the encryption key and a standard algorithm (A8) to protect voice conversations. Changing the algorithm would require reprogramming the home system, plus distributing new smart cards to every user.

The downside of this system is that it requires a new triplet for every call. Although several can be delivered within one intersystem message, there is a temptation for carriers to re-use triplets. As soon as this is done, however, the door is opened for GSM cloning.

The cellular authentication and voice encryption (CAVE) security system used in ANSI-41 networks supporting analog, TDMA and CDMA systems is much more complex. The wireless device's private key is shared only by the wireless device and the home system, but the serving system is sent SSD, a secondary key (i.e. one that is derived from the primary key), rather than just a list of challenge/response pairs. This enables the serving system to securely authenticate the wireless device any number of times without the overhead of further communications with the home system. This flexibility and efficiency does, however, require the same algorithm (CAVE) be used by all systems. If a major loss of keys occurred it would be possible to update the valid wireless devices with a new SSD over the radio interface, but a serious breach of the CAVE algorithm would not be easily rectified.

3G Security: Private or Public? Public-key encryption as the basic security mechanism for wireless always has been waiting in the wings. When 3G security systems became an issue, the GSM community (3GPP standardization) quickly adopted an enhanced private-key algorithm (AKA), but 3GPP2 again considered public-key encryption. After intense debate, this option was rejected, and the AKA private-key system also was adopted.

AKA involves the exchange of quintuplets instead of triplets. As well as the challenge, response and encryption key, the quintuplet also contains an integrity key and an authentication token used to allow a truly paranoid wireless device to validate the network.

AKA also will allow local authentication, similar to the secondary key used in CAVE systems, to reduce network traffic. However, local authentication and encryption of voice and data will require that a standard algorithm be used.

Although public-key encryption promises some advantages and will be essential for e-commerce, for the less-demanding requirements of authentication and voice encryption, private-key encryption still is seen as providing adequate bang for a modest buck.