Ciphering Indicator approaches and user awareness
One of the fundamental mobile phone security problems in GSM is the absence of base station authentication, which allows man-in-the-middle attacks. During such attacks, a third party activates a fake base station, which acts as a bypass to the network, thus switching off the encryption and intercept...
| Main Author: | |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Maejo University
2012-12-01
|
| Series: | Maejo International Journal of Science and Technology |
| Subjects: | |
| Online Access: | http://www.mijst.mju.ac.th/vol6/514-527.pdf |
| _version_ | 1819088917009268736 |
|---|---|
| author | Iosif Androulidakis |
| author_facet | Iosif Androulidakis |
| author_sort | Iosif Androulidakis |
| collection | DOAJ |
| description | One of the fundamental mobile phone security problems in GSM is the absence of base station authentication, which allows man-in-the-middle attacks. During such attacks, a third party activates a fake base station, which acts as a bypass to the network, thus switching off the encryption and intercepting the user’s communications. 3G mobile networks enforce mutual authentication but this can be circumvented if the 3G band is jammed by the attacker, forcing the phone to connect using GSM. GSM and newer standards provide a user alert indicating that the encryption has been switched off, which is called a Ciphering Indicator. In the present paper, different approaches followed by various manufacturers concerning the Ciphering Indicator are investigated. A total of 38 different mobile phones ranging from old to new and from simple to smart-phones that were produced by 13 different manufacturers were intercepted using a GSM testing device in order to document their reactions. Four approaches were identified with some manufacturers choosing not to implement the feature at all. It was also found that in the cases in which the feature was actually implemented, no universal indication was used and it was seldom documented in the phones’ manuals. User awareness regarding the Ciphering Indicator and security issues was also investigated via an empirical survey employing more than 7,000 users from 10 countries and was found to be significantly low. |
| first_indexed | 2024-12-21T21:59:39Z |
| format | Article |
| id | doaj.art-db7a077462354f94baa1aa0839548e87 |
| institution | Directory Open Access Journal |
| issn | 1905-7873 |
| language | English |
| last_indexed | 2024-12-21T21:59:39Z |
| publishDate | 2012-12-01 |
| publisher | Maejo University |
| record_format | Article |
| series | Maejo International Journal of Science and Technology |
| spelling | doaj.art-db7a077462354f94baa1aa0839548e872022-12-21T18:48:51ZengMaejo UniversityMaejo International Journal of Science and Technology1905-78732012-12-01603514527Ciphering Indicator approaches and user awarenessIosif AndroulidakisOne of the fundamental mobile phone security problems in GSM is the absence of base station authentication, which allows man-in-the-middle attacks. During such attacks, a third party activates a fake base station, which acts as a bypass to the network, thus switching off the encryption and intercepting the user’s communications. 3G mobile networks enforce mutual authentication but this can be circumvented if the 3G band is jammed by the attacker, forcing the phone to connect using GSM. GSM and newer standards provide a user alert indicating that the encryption has been switched off, which is called a Ciphering Indicator. In the present paper, different approaches followed by various manufacturers concerning the Ciphering Indicator are investigated. A total of 38 different mobile phones ranging from old to new and from simple to smart-phones that were produced by 13 different manufacturers were intercepted using a GSM testing device in order to document their reactions. Four approaches were identified with some manufacturers choosing not to implement the feature at all. It was also found that in the cases in which the feature was actually implemented, no universal indication was used and it was seldom documented in the phones’ manuals. User awareness regarding the Ciphering Indicator and security issues was also investigated via an empirical survey employing more than 7,000 users from 10 countries and was found to be significantly low.http://www.mijst.mju.ac.th/vol6/514-527.pdfCiphering Indicatorgraphical user interfacemobile phonefake base station |
| spellingShingle | Iosif Androulidakis Ciphering Indicator approaches and user awareness Maejo International Journal of Science and Technology Ciphering Indicator graphical user interface mobile phone fake base station |
| title | Ciphering Indicator approaches and user awareness |
| title_full | Ciphering Indicator approaches and user awareness |
| title_fullStr | Ciphering Indicator approaches and user awareness |
| title_full_unstemmed | Ciphering Indicator approaches and user awareness |
| title_short | Ciphering Indicator approaches and user awareness |
| title_sort | ciphering indicator approaches and user awareness |
| topic | Ciphering Indicator graphical user interface mobile phone fake base station |
| url | http://www.mijst.mju.ac.th/vol6/514-527.pdf |
| work_keys_str_mv | AT iosifandroulidakis cipheringindicatorapproachesanduserawareness |