Defeating_IMSI_Catchers-CCS_2015

《Defeating_IMSI_Catchers-CCS_2015》由会员上传分享，免费在线阅读，更多相关内容在学术论文-天天文库。

1、DefeatingIMSICatchersFabianvandenBroekRoelVerdultJoerideRuiterInstituteforComputingandInstituteforComputingandSchoolofComputerScienceInformationSciencesInformationSciencesUniversityofBirmingham,RadboudUniversityNijmegen,RadboudUniversityNijmegen,UnitedKingdomTheNetherl

2、ands.TheNetherlands.j.deruiter@cs.bham.ac.ukf.vandenbroek@cs.ru.nlrverdult@cs.ru.nlABSTRACT1.INTRODUCTIONIMSIcatchingisaproblemonallgenerationsofmobileIncellulartechnologiesitisunavoidablethatthemobiletelecommunicationnetworks,i.e.,2G(GSM,GPRS),3Gtelecommunicationprovi

3、ders(whichwewillrefertoassim-(HDSPA,EDGE,UMTS)and4G(LTE,LTE+).Currently,plyprovidersfortherestofthispaper)needtoknowthe1theSIMcardofamobilephonehastorevealitsidentityapproximatelocationoftheirusers,inordertobeabletooveraninsecureplaintexttransmission,beforeencryptionro

4、uteincomingtraffictothemastcurrentlynearesttotheisenabled.Thisidentifier(theIMSI)canbeintercepteduser.Thiscanleadtoserious(location)privacyissuesforbyadversariesthatmountapassiveoractiveattack.Suchtheusers,astheirapproximatelocationiscontinuouslymon-identityexposureattack

5、sarecommonlyreferredtoas‘IMSIitored.However,ifweacceptthisissue,forinstancebecausecatching’.SincetheIMSIisuniquelyidentifying,unautho-wetrusttheproviders,thentherearestillmanyotherpri-rizedexposurecanleadtovariouslocationprivacyattacks.vacyissuesrelatedtomobiletelephon

6、y,suchasappsshar-Weproposeasolution,whichessentiallyreplacestheIM-ingprivatedata[2]oreavesdroppingphoneconversationsSIswithchangingpseudonymsthatareonlyidentifiableby[3].Oneofthefirstpracticalprivacyattacksagainstmo-thehomenetworkoftheSIM’sownnetworkprovider.Con-bilephon

7、eswastheso-calledIMSIcatchingattack,andthissequently,thesepseudonymsareunlinkablebyintermedi-attackpersistsevenintoday’smobilenetworkstandards.atenetworkprovidersandmaliciousadversaries,andthere-Thistermreferstotheuniqueidentifierpresentinevery2foremitigatebothpassivean

8、dactiveattacks,whichwealsoSIMcard,calledtheIMSIforInternationalMobileSub-formallyverifiedusingProVerif.Oursolutionisco