Abstract
Recently, Ahmadian et al. (Security enhancements against UMTS-GSM interworking attacks, Elsevier, Amsterdam, 2010) presented and analyzed three different attacks that can be performed in UMTS-GSM interworking networks: (a) a real-time eavesdropping attack, (b) an offline eavesdropping attack, and (c) an impersonation attack. In this letter we question the feasibility of these attacks. In particular, we pinpoint and analyze that these attacks are based on some erroneous and misleading assumptions that the authors have made regarding the security functionality of the UMTS-GSM interworking networks. Based on this analysis, we deduce that these three attacks cannot be performed.
References
Ahmadian Z., Salimi S., Salahi A. (2010) Security enhancements against UMTS–GSM interworking attacks. Computer Networks 54(13): 2256–2270
3GPP TS 43.020 (v9.1.0). (2009). Third Generation Partnership Project; Technical Specification Group Services and system Aspects; Security related network functions (Release 9), Dec 2009.
Meyer, U., & Wetzel, S. (2004). A man-in-the-middle attack on UMTS. In Proceedings of ACM workshop on wireless security (WiSe 2004), Oct 2004.
3GPP TSG SA S3-050043. (2005). Review of recently published papers on GSM and UMTS security. Sophia Antipolis, France, Feb 2005.
3GPP SA3 Tdoc S3-040262. (2004). Analysis of the authenticated GSM command mechanism. Beijing, China, 10–14 May 2004.
3GPP SA3 Tdoc S3-030588. (2003). Further development of the Special RAND mechanism. Povoade Varzim, Portugal, 7–10 Oct 2003.
3GPP TSG SA S3-030463. (2003). Cipher key separation for A/Gb security enhancements, San Francisco, USA, 15–18 July 2003.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Ntantogian, C., Xenakis, C. Questioning the Feasibility of UMTS-GSM Interworking Attacks. Wireless Pers Commun 65, 157–163 (2012). https://doi.org/10.1007/s11277-011-0233-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11277-011-0233-7