Abstract
Security of the mobile network
Fabian van den Broek
We looked at the security of the wireless connection between mobile phone and cell towers and suggested possible improvements.
The security was analysed on a design level, by looking at the protocols and encryption techniques, but also on an implementation level by looking at the security of the software that handles the mobile communication.
Furthermore, we examined systems that rely on the security of the mobile network, such as transaction codes transmitted using SMS.
The most important improvement we suggest, makes it impossible to track a user's location based on his permanent identity in the mobile network.
This improvement also allows GSM phones to verify whether they are communicating with an authentic cell tower, thereby fixing the biggest security flaw in GSM.
This improvement can be introduced by individual providers without the rest of the network needing any changes or even noticing the change.
We are currently working with the GSM Association (GSMA) to get this improvement into the mobile specifications.
