Using GSMUMTS for Single SignOn

1
Using GSM/UMTS forSingle Sign-On
28th October 2003 SympoTIC 2003 Andreas
Pashalidis and Chris J. Mitchell
2
Agenda

• Introduction to SSO.
• Review of GSM security.
• How to SSO using GSM.
• Some Attacks.
• Conclusions.

3
Agenda

• Introduction to SSO.
• Review of GSM security.
• How to SSO using GSM.
• Some Attacks.
• Conclusions.

4
Why do we need SSO ?

• Current Situation
• Network users interact with multiple service
  providers.

5
Why do we need SSO ?

• Problems
• Usability, security, privacy

6
What is SSO ?

• A mechanism that allows users to authenticate
  themselves to multiple service providers, using
  only one identity.

7
SSO How ?

• Establish trust relationships, common security
  infrastructure (e.g. PKI), sign contractual
  agreements

8
SSO some examples

• Kerberos
• TTP Kerberos server
• 1) Authenticates user (password), issues
  ticket.
• 2) User shows ticket to service provider.
• Microsoft Passport
• TTP www.passport.com
• 1) Authenticates user (password), installs
  encrypted cookie.
• 2) Service Provider reads the cookie.
• Liberty Alliance
• TTP Identity Provider
• 1) Authenticates user, issues assertion (XML).
• 2) Assertion is shown to service provider.

9
Agenda

• Introduction to SSO.
• Review of GSM security.
• How to SSO using GSM.
• Some Attacks.
• Conclusions.

10
Review of GSM Security
11
Review of GSM Security
12
Review of GSM Security
13
Review of GSM Security
14
Review of GSM Security
15
Review of GSM Security
16
Review of GSM Security
17
Review of GSM Security
18
Review of GSM Security
19
Review of GSM Security
If the visited network can decrypt, then the SIM
is authentic (IMSI matches Ki)
Encrypted under Kc
20
Agenda

• Introduction to SSO.
• Review of GSM security.
• How to SSO using GSM.
• Some Attacks.
• Conclusions.

21
Architecture - before
22
Architecture after (1)
23
Architecture after (2)
24
Architecture
25
Architecture
Service providers form trust relationships with
the home network.
26
Architecture
Singe Sign-On using SIM (IMSI) !
27
SSO Protocol
28
SSO Protocol
29
SSO Protocol
30
SSO Protocol
31
SSO Protocol
32
SSO Protocol
33
SSO Protocol
34
SSO Protocol
35
SSO Protocol
36
Agenda

• Introduction to SSO.
• Review of GSM security.
• How to SSO using GSM.
• Some Attacks.
• Conclusions.

37
Replay Attack
Attacker could capture this message and replay it
later in order to impersonate the user identified
by the IMSI.
38
Replay Attack
At the time of replay another RAND will be
selected by the service provider and the protocol
will fail.
fresh !
X
old !
39
Reflection Attack
The service provider SP A is malicious. It
wants to impersonate the user to SP B.
40
Reflection Attack
41
Reflection Attack
42
Reflection Attack
43
Reflection Attack
44
Reflection Attack
45
Reflection Attack
46
Reflection Attack
X
47
Other Attacks

• SIM theft / cloning
• SIM PIN is optional!
• Need two-factor user authentication.
• Home network server is SPoF
• Vulnerable to DoS attack.
• It is assumed that it is well-protected.
• Attacks on the SP-home network link
• Link must be integrity-protected and encrypted.
• SSL/TLS, VPN, IPSec, etc

48
Agenda

• Introduction to SSO.
• Review of GSM security.
• How to SSO using GSM.
• Some Attacks.
• Conclusions.

49
Advantages

• no user interaction is required.
• protocol can be repeated many times.
• simple single logoff.
• no sensitive information is sent.
• no major computational overheads.
• no changes in deployed GSM infrastructure.
• fraud management extends to SSO.
• can easily be extended to enable LBS.

50
Disadvantages

• works only for GSM subscribers.
• global identifier (IMSI).
• might incur costs for service providers.

51
Extension for UMTS
52
Thanks!Questions?