Invincible

There's a huge gulf between the reality of today's 2G wireless systems and the 3G dream. Although standards, harmonization agreements and business plans are being hashed out to try to determine exactly what 3G is, there are several small steps that can be taken to improve the security and robustness of wireless systems. Collectively, they'll help make the 3G dream a reality.

One example is smart cards, also known as user-identity modules or subscriber-identity modules, which are mandatory in existing GSM systems. They're a simple computer system on a credit-card-size device that securely stores the user's identity and profile. The initial theory was that many users would own only a smart card, which they would insert into a rented phone to personalize.

But as handset prices plummeted over the past decade, this model has little benefit except when roaming in areas that don't support the services you have at home. The small size of today's handsets also has driven the market away from the full-size smart card toward the "smart chip," which is embedded in the phone and less likely to be moved.

Even so, embedded or not, the smart card still has much potential for future e-commerce applications. If it contained not only the user's wireless-subscription identity and parameters but also credit-card and banking information, it could be used for wireless purchases. Smart cards also give wireless-service providers a secure way to provide pre-programmed subscription information, including the security keys that shouldn't be viewable by people selling phones.

Proposed CDMA and TDMA standards would support smart cards and likely will make this technology ubiquitous in 3G systems. Systems for using wireless phones for purchases still are in their infancy, but smart cards and WAP browsers might eventually make "w-commerce" a reality while combining convenience and security.

HACKERS BEGONE! All wireless systems have suffered embarrassing security failures over the past few years. The North American standards were compromised by Bruce Schneier and, more recently, GSM standards by Biryukov and Shamir. None of these attacks has been as bad as some press reports suggested, but there's genuine concern that the security of wireless communications is far less than it should be. It's likely that government agencies already have developed more potent attacks, and it's entirely possible that within a few years, sophisticated criminals again will be able to break wireless' security systems.

To prevent such attacks, standards organizations worldwide are working on the next generation of security standards. For now, the winner appears to be 3GPP AKA, a method developed in Europe that TIA standards committees responsible for CDMA and TDMA also have adopted in principle. The standard 3GPP AKA is based on GSM security algorithms, although it's considerably stronger and has several major enhancements.

It's also likely that some of the techniques embedded in the current CAVE-based security used in CDMA and TDMA systems will be merged in. This approach could lead to a globally harmonized security system that might make worldwide roaming more accessible and more secure. Even if radio interfaces aren't harmonized, at least multimode phones would have to support only a single suite of security algorithms.

GSM security algorithms have the interesting characteristic of allowing the home system to run its choice of authentication algorithms. Unlike current CDMA and TDMA systems, GSM doesn't provide authentication keys to the system serving a roamer. Instead, the serving system picks a "question," actually a number, and sends it to the mobile. The mobile must respond with the correct "answer," which is another number calculated using the first number and secret keys in the smart card. This method, preserved by 3GPP AKA, doesn't require the serving system to execute the authentication algorithms, but encryption algorithms do need to be executed due to real-time constraints.

NO LOAD TOO BIG? Wired telephony generally is perceived as more robust than wireless, at least under normal conditions. When disasters strike, wireless might survive, but on days without earthquakes or hurricanes, it's more likely to be a wireless call that fails due to congestion. Although wireless initially was viewed as an adjunct, luxury service, it's now firmly in the mainstream, so demands for reliability are increasing.

Reliability doesn't mean that all calls are completed, but it also doesn't mean that the network capacity should plummet under heavy loads. It's acceptable for congestion to occur on Mother's Day, for example, but it's unacceptable for a network to collapse under the load or to spend so much time handling each call that most callers give up. Is there a graceful way to shed some of that load while still handling as many calls as possible?

Wireline systems use an obscure technique known as Automatic Code Gapping (ACG), which some proposals would include in future wireless-backbone-network standards. ACG allows a specified percentage of calls received from a number range or destined to a number range to be blocked, providing a controlled throttling of the network. In the case of a phone-in contest, for example, many people might be dialing a single phone number. Blocking a percentage of calls destined for the switch that holds the contest phone number protects that switch from collapse.

In a major disaster, switches might impose controls to give every call an even chance of getting through without threatening the network's ability to continue processing calls. It's better to get a fast-busy signal from your local switch rather than tying up a number of trunks throughout the network, only to get the same fast-busy signal from the destination switch.

One added complexity is LNP. Before LNP, with a few exceptions, every phone number in a block of 10,000 was served by the same switch. But with LNP, some of those numbers can be moved to other switches. It's important that a ported number doesn't trigger ACG and result in the blocking of calls to or from a switch that isn't responsible for the overload.

Increased network robustness must be a characteristic of 3G systems. The number of people using wireless will continue to increase, just as their quality-of-service expectations also will increase. Network-management techniques such as ACG might contribute, albeit invisibly, to the perception that wireless is reliable.

As wireless matures from 2G to 3G, it will confront many new challenges. Most of the focus currently is on the pizzazz of new technologies such as high-speed surfing using WAP browsers and not on the more mundane -- but equally important -- issues of network reliability and security. People might find WAP browsers cool and exciting, but they'll abandon them if their sessions keep disconnecting, if their throughput drops to a crawl or if their personal information shows up on a public Web site the next day.