| At present, Mobile Communications has been deep into all aspects of people's daily life, and is playing an increasingly important role. As time flies, people gradually realize the importance of information and pay more and more attention to information security. Nowadays GSM network is the largest mobile network in the world, there is no doubt the trend will continue for a long time in the future. Although, GSM network is becoming a more and more stable and secure system, there are something inherent wrong in the architecture of this system. Those have brought about many security issues. Studying and solving these security problems to ensure subscribers'information security is by every stand a must. Safeguard the interests of mobile users is of great practical significance.The purpose of this paper is to research and analysis the security mechanisms and security issues of GSM system. Based on that, we take a further step to research the corresponding security solutions to those security problems to resist attacks against the GSM network. At first, this paper proceeds to introduce the constituent entities of the GSM communication system. Furthermore, this paper describes the security framework of GSM network, entities related with security and their roles in the GSM network security. On the base of those works, the paper analyzes the main attacks against GSM network, their implementation methods and principles, so that to bring out the corresponding solutions to fight against those attacks.As a consequence, we can see the most serious problems in GSM system consist in:one way authentication mechanism, weakness in subscribers'identity protection and insecurity in GSM's SS7 signaling network. Based on this, the paper first proposes a brand new two-way authentication mechanism. And then, this paper proposes a new method based on public key mechanism to enhance the user's identity security. Besides of that, the paper also researches a method to fuse those two methods together to improve the security posture of GSM network.The two-way authentication method in the paper has the function of mutual authentication between VLR database and MS and encryption of communications between VLR and HLR database. Besides of that, the methods protect against attacker from getting private information using fake VLR. As the message passed between VLR and HLR database is encrypted, it is very hard for the attackers to get the content of the message. The method to protect IMSI's security realizes by encrypting the IMSI using HLR's public key. As a result, there is no possibility for the attacker to get the IMSI. The attackers have the problem in aiming the objects which essentially eliminates possibility of man-in-the middle attack. |
PDF Full Text Request