1.Describe the key security enhancements in UMTS that overcome GSM design weaknesses?
Ans:
1. Encryption algorithms used in GSM were not disclosed, aiming to achieve ‘security through obscurity’. Their shortcomings were discovered by reverse engineering an actual GSM phone. The design of algorithms was kept secret (it was disclosed only on a need-to-know basis, under and non-disclosure agreement, to GSM manufacturers). A secret authentication or encryption algorithm may be vulnerable since it does not benefit from the experience of the cryptanalytic community who may try to uncover flaws and errors in design.
In UMTS, the encryption A5/3 algorithm uses a KASUMI core. KASUMI algorithm is specified in a 3GPP technical specification and has …show more content…
7. How does authentication in LTE network work?
Ans:
Step 1: Authentication request by UE for Network Registration
UE sends attach request (IMSI, UE network capability, KSIasme=7) to MME
Step 2: Transfer of Authentication Vector from HSS to MME
MME sends Authentication Information Request message to HSS to request AV for the UE
HHS sends the Authentication Information Answer including AVs back to MME
Step 3: Mutual Authentication by UE and MME Reuest by MME for user …show more content…
Explain three different vulnerabilities present in the WEP protocol.
Ans:
1. Initialization Vector (IV) is too small and is plain text: IV is the 24 bit field sent as plain text portion of the message. It used by RC4 algorithm to initialize the algorithm, which is comparatively small field in terms of cryptography.
2. IV makes the key stream vulnerable: The 802.11 does not specify how the IVs are set or changed, so some Wireless adapter might generate same IV sequence which is hazardous as attacker can take advantage of this thus making WEP vulnerable
3. No cryptographic integrity protection: Even though WEP uses non-cryptographic CRC to check the integrity of packets. When CRC is used with stream cipher is dangerous.
10. How can the attacker authenticate with a WiFi AP running WEP without possessing the right credentials?
Ans: WEP uses shared key authentication involves the knowledge of shared WEP key by encrypting the challenge. Attacker monitoring the stream can guess the RC4 stream used for encryption by observing the challenge and encrypted message. Thus by monitoring a successful authentication attacker can easily forge an authentication. Advantage of using shared key is that it is user friendly but come with a
Ans:
1. Encryption algorithms used in GSM were not disclosed, aiming to achieve ‘security through obscurity’. Their shortcomings were discovered by reverse engineering an actual GSM phone. The design of algorithms was kept secret (it was disclosed only on a need-to-know basis, under and non-disclosure agreement, to GSM manufacturers). A secret authentication or encryption algorithm may be vulnerable since it does not benefit from the experience of the cryptanalytic community who may try to uncover flaws and errors in design.
In UMTS, the encryption A5/3 algorithm uses a KASUMI core. KASUMI algorithm is specified in a 3GPP technical specification and has …show more content…
7. How does authentication in LTE network work?
Ans:
Step 1: Authentication request by UE for Network Registration
UE sends attach request (IMSI, UE network capability, KSIasme=7) to MME
Step 2: Transfer of Authentication Vector from HSS to MME
MME sends Authentication Information Request message to HSS to request AV for the UE
HHS sends the Authentication Information Answer including AVs back to MME
Step 3: Mutual Authentication by UE and MME Reuest by MME for user …show more content…
Explain three different vulnerabilities present in the WEP protocol.
Ans:
1. Initialization Vector (IV) is too small and is plain text: IV is the 24 bit field sent as plain text portion of the message. It used by RC4 algorithm to initialize the algorithm, which is comparatively small field in terms of cryptography.
2. IV makes the key stream vulnerable: The 802.11 does not specify how the IVs are set or changed, so some Wireless adapter might generate same IV sequence which is hazardous as attacker can take advantage of this thus making WEP vulnerable
3. No cryptographic integrity protection: Even though WEP uses non-cryptographic CRC to check the integrity of packets. When CRC is used with stream cipher is dangerous.
10. How can the attacker authenticate with a WiFi AP running WEP without possessing the right credentials?
Ans: WEP uses shared key authentication involves the knowledge of shared WEP key by encrypting the challenge. Attacker monitoring the stream can guess the RC4 stream used for encryption by observing the challenge and encrypted message. Thus by monitoring a successful authentication attacker can easily forge an authentication. Advantage of using shared key is that it is user friendly but come with a