Security - Telenor
Security - Telenor
Security - Telenor
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
16<br />
6 Use of Encryption in<br />
Telecommunications Area<br />
Traditionally the use of encryption technology in<br />
the telecommunications area has been seen along<br />
the following lines:<br />
1. Protection of network management information.<br />
Operator initiated encryption of dedicated<br />
connections in order to secure important<br />
connections vital to the operation and maintenance<br />
of the network itself. This approach may<br />
work well within one domain controlled by one<br />
operator, but may face problems in multiple<br />
domain solutions implementing the Open Networks<br />
Provision policy.<br />
2. End-to-end encryption by dedicated users<br />
with high security requirements. Users that<br />
exchange confidential information over public<br />
networks using secure phones or crypto-faxes.<br />
Such solutions normally depend on expensive<br />
and proprietary equipment. Due to the complexity<br />
of key management, the solutions do not<br />
always scale well and there are no standards for<br />
such connections.<br />
3. Encryption of vulnerable links. Modern<br />
mobile networks like GSM, DECT, UMTS and<br />
satellite-based networks involve a radio link<br />
especially vulnerable to eavesdropping (as well<br />
as other security threats). In order to protect user<br />
data and signalling information in such systems,<br />
encryption techniques have been introduced on<br />
the radio link between the mobile terminal and<br />
access points to the fixed network. 1)<br />
4. Entity authentication. Mobile communications<br />
lacks the conventional access point to the<br />
network and there is a strong need for authentication<br />
of users involved in a call. It may also<br />
be necessary for the user to authenticate the network.<br />
In most systems such authentication is<br />
based on a “challenge and response protocol” in<br />
which an entity authenticates itself by proving<br />
knowledge or possession of a unique secret key.<br />
The challenge and key are then input to some<br />
cryptographic algorithm which outputs the correct<br />
response. 2)<br />
7 The Data Encryption<br />
Standard (DES)<br />
For many years the US Data Encryption Standard<br />
(DES) [3] has been the de-facto standard<br />
for commercial encryption. DES was proposed<br />
in 1975 and approved in 1977 as a Federal Standard<br />
for protection of sensitive, but unclassified<br />
information. DES was designed and proposed by<br />
IBM, endorsed by the National Bureau of Standards<br />
(NBS, now NIST) and later approved by<br />
ANSI as US standard. Around 1985 there was<br />
work within ISO to establish DES as an international<br />
crypto standard, but this project was<br />
halted due to political problems. DES is widely<br />
used by banks for protection of electronic funds<br />
transfer.<br />
DES is a symmetric block cipher, which encrypts<br />
a 64-bits data block under the control of<br />
a 56-bits key. From the very first moment there<br />
was strong criticism against the key length of<br />
DES and it was argued that the key space could<br />
be searched by strong opponents using dedicated<br />
hardware devices. In July 1998, using custom<br />
designed chips and a personal computer, the<br />
Electronic Foundation built “DES Cracker” [11].<br />
Costing less than USD 250,000 and taking less<br />
than a year to build, DES Cracker broke a DESencoded<br />
message in fifty-six hours. There was<br />
nothing terribly novel about the decryption<br />
machine except that it was built. From Table 1 in<br />
Section 3 we see that this result fits nicely with<br />
the predictions from 1996.<br />
The immediate response to the shortcomings<br />
of the DES key length has been to implement<br />
Triple-DES systems, in which the DES algorithm<br />
is used in three consecutive steps using<br />
two or three different keys. The long-term solution<br />
will be to develop a replacement algorithm(s),<br />
see section on AES below.<br />
Even if DES is approaching the end of its life<br />
cycle, it has been an example of a carefully designed<br />
algorithm, which have resisted open analysis<br />
over many years. Today we know that it<br />
was designed to withstand attacks that were not<br />
publicly known back in the seventies [12]. Even<br />
new attacks have appeared over the years, but<br />
they had little impact on the practical strength<br />
provided by DES.<br />
1) Due to interoperability requirements, this encryption has to be based on standardised algorithms<br />
known both to the mobile station and the network.<br />
2) This authentication is often a protocol between the subscriber’s SIM module and the operator and<br />
may be based on an operator-controlled algorithm. In this case it is not necessary to have one standardised<br />
algorithm.<br />
Telektronikk 3.2000