ABSTRACT
With the increasing use of extensive IT and Telecommunication systems for sensitive
or safety-critical applications, the matter of IT and Telecommunication security is
becoming more important. For the computer system, and its related applications,
including data, to be trustworthy, it must be secured. This project covers all aspects of
Computer System security. This project equally understudied the security of data as it
affects mobile systems vis-à-vis Global System for Mobile Telecommunications
(GSM). The existing security algorithms in the GSM network were understudied and
critical flaws found in them that cannot guarantee the security and confidentiality of
user’s data during communication session. This poses a great threat in sensitive and
safety-critical environments such as financial institutions, Military, Educational, or
even in espionage establishments such as State Secret Services (SSS) and security
establishments. This Masters project finally proffered solution to these flaws found in
GSM security system by adopting a software-based approach. A computer-based
program was written in JAVA programming language to provide end-to-end data
(SMS only) encryption in two-way communication using compatible MIDP mobile
phones or other portable communication devices.
ix
TABLE OF CONTENTS
PAGE
Cover Page i
Title Page iii
Certification iv
Approval v
Acknowledgement vi
Dedication vii
Abstract viii
Table of Contents ix
List of Figures xii
List of Tables xiii
CHAPTER ONE: INTRODUCTION 1
1.0 Background to the study 1
1.1 Aims and Objectives of the Project 4
1.2 Justification for the Study 5
1.3 Scope of the Project 5
1.4 Limitations of the Project 6
1.5 Block Diagram overview of the Project Stages 7
1.6 Project Report Organisation 8
CHAPTER TWO: REVIEW OF RELATED LITERATURE 10
2.0 Computer and Cyber Security 10
2.0.1 Introduction 10
2.0.2 Computer and IT Security Domain 13
2.0.3 Security threats and Attacks 14
2.0.4 What is Computer and Cyber Security? 18
2.1 Types of Attacks 19
2.2 GSM Technology 29
2.2.1 GSM Properties 30
2.2.2 The Mobile Station 31
2.2.3 The Base Transceiver Station 31
2.2.4 The Base Station Controller 32
2.2.5 The Mobile Switching Centre 32
2.2.6 The Equipment Identity Register 33
2.2.7 Subsystems 33
2.2.8 GSM –Frequencies 34
2.2.9 FDMA and TDMA 36
x
2.3 GSM Security Architecture 37
2.3.1 GSM Security Model 39
2.3.2 A3, The MS Authentication Algorithm 41
2.3.3 A8, The Voice-Privacy Key Generation Algorithm 42
2.3.4 A5/1, The Strong Over-the-Air Voice-Privacy Algorithm 44
2.4 GSM attack scenarios 47
2.4.1 Brute-Force Attack against A5 47
2.4.2 Divide-and-Conquer Attack against A5 48
2.4.3 Accessing the Signalling Network 49
2.4.4 Retrieving the Key from the SIM 51
2.4.5 Retrieving the Key from the SIM over the Air 53
2.4.6 Retrieving the Key from the AuC 54
2.4.7 Cracking the A8 Algorithm 54
2.4.8 Altering of Data Messages 55
2.5 SMART Cards 55
2.5.1 Types of SMART Cards 56
2.5.2 SMART cards standards 57
2.5.3 Smart Card Applications for Mobile Networks 60
2.6 Cryptography 60
2.6.1 Java Cryptography 60
2.6.2 Digital Signature 61
2.6.3 Symmetric Algorithm 61
2.6.4 Asymmetric Algorithm compared with Symmetric 62
2.7 Java In-Built Security Technologies 62
2.7.1 The Basic Security in MIDP 63
2.7.2 SATSA-CRYPTO (JSR-117) 63
2.7.3 Bouncy Castle API 64
2.8 Mobile Messaging 64
2.8.1 Short Message Service (SMS) 64
2.8.2 Message Size 65
2.9 Conclusion 66
CHAPTER THREE: METHODOLOGY AND SYSTEM ANALYSIS 69
3.0 Methodology 69
3.0.0 Possible Causes of error during transmission of SMS from one
End to another 71
3.0.1 SMS Message Data Format 72
3.0.2 Why Use JAVA? 73
xi
3.1 JAVA Technologies used 74
3.1.1 J2ME 74
3.1.2 MIDP 74
3.1.3 JSR 76
3.1.4 MIDlet 76
3.1.5 CDLC 77
3.1.6 Bouncy Castle API 78
3.1.7 Obfuscation of Bouncy Castle JAR files using Proguard 79
3.1.8 Integrated Development Environment (IDE) for the Project 81
3.1.9 Application Deployment as JAR and JAD files 81
3.2 Structured Analysis & Design Method 82
3.2.1 TOP-Down Structured Design Approach 82
3.2.2 Bottom-Up Structured Design Approach 86
CHAPTER FOUR: SYSTEM DESIGN AND DEVELOPMENT 87
4.1 Introduction 87
4.2 System Specification 87
4.3 The SecureSMS MIDlet JAVA program flowcharts 90
4.3.1 The Program Source codes 101
4.3.2 The Program Input and Output Interface 101
4.3.3 The Project Block diagram 106
CHAPTER FIVE: SYSTEM IMPLEMENTATION 107
5.1 Software Implementation 107
5.1.2 Over the Air (OTA) 108
5.1.3 Bluetooth 108
5.1.4 IrDA 108
5.1.5 USB Cable 108
5.2 System Testing 109
5.2.1 The Test Plan 109
5.2.2 Testing on the JAVA™ Platform Micro Edition
SDK 3.0 Emulator of NETBEANS 6.8 IDE 109
5.2.3 Final Testing on compatible mobile phones 115
5.3 Performance Evaluation 117
CHAPTER SIX: SUMMARY & CONCLUSION 118
6.1 Introduction 118
6.2 Project Summary 118
6.3 Summary of Achievements 119
xii
6.4 Problems encountered and solutions 120
6.5 Recommendations 121
6.6 Suggestions for further improvements 121
6.7 Conclusion 122
References 123
Appendix A: Program Source codes 128
Appendix B: Acronyms used in the project 140
Appendix C: Average processing speed of cipher and digest algorithms 143
xiii
LIST OF FIGURES
FIGURES PAGE
1.1 The Block diagram of the Research and Project Stages 7
2.1 Domain of Computer and IT Security 13
2.2 Architecture of the GSM Network 31
2.3 FDMA in GSM 900 36
2.4 TDMA in GSM 900 36
2.5 Mobile Station Authentication 39
2.6 Frame encryption and decryption 40
2.7 User Authentication 41
2.8 Signed Response (SRES) calculation 42
2.9 Session Key (Kc) calculation 43
2.10 COMP128 calculation 43
2.11 Keystream Generation 44
2.12 An example LSFR with feedback polynomial of x6+x4+x 45
2.13 A5 LSFR Construction 45
2.14 SIM Card Smart card in a GSM Mobile phone 57
3.1 End-to-end encryption and decryption of SMS data 70
3.2 SMS Message Format 73
3.3 The JAVA Environment 74
3.4 EncryptedSMS MIDlet class illustration 83
3.5 Sending Message Sequence 84
3.6 Receiving Message Sequence 85
3.7 Incorrect Password 85
4.1 Program Flowchart or class diagram relating the project
classes or modules 89
4.2 Program Flowchart relating the methods in the entire program 90
4.3 Program Flowchart depicting relationship between the main class
and SendScreen class 95
4.4 Program Flowchart depicting relationship between the main class
and ReceiveScreen class 96
4.5 Program Flowchart depicting relationship between the main class
and the MessageCodec class 98
4.6 Program Flowchart depicting relationship between the main class
and ReportScreen class 99
4.7 Program Flowchart depicting relationship between the main class
and ErrorScreen class 100
xiv
4.8 Sending Message Sequence 101
4.9 Receiving Message Sequence 102
4.10 Incorrect Password 103
4.11 secureSMS MIDlet program source code in
NETBEANS 6.8 IDE 104
4.12 secureSMS MIDlet program project successfully built in
NETBEANS 6.8 IDE 105
4.13 The SMS Security Project Block diagram 106
5.1 secureSMS Project in NETBEANS 6.8 IDE Environment 110
5.2 secureSMS MIDlet program being executed by the default Sun
Wireless JAVA Emulator integrated in NETBEANS 6.8 IDE 111
5.3 The JAVA Emulator prompting the user to enter the phone number,
the secret/confidential message and add a security digest 112
5.4 secureSMS MIDlet program being executed by the Default Sun Wireless
JAVA Emulator. 112
5.5 The JAVA Emulator asking the recipient to enter the password/private key to
decode and read the encrypted message 113
5.6 The password entered to decode and read the secret message 113
5.7 secureSMS MIDlet program being executed by the Default JAVA™ Platform
Micro Edition SDK 3.0 Emulator Operation Report after successfully sending
a confidential message to recipient phone number 123456789 114
5.8 Screenshots of SecureSMS MIDlet being used to send a
Secure SMS to another phone 115
5.9 Screenshots of SecureSMS MIDlet being used to receive and decode
a secured message sent from another phone 116
xv
LIST OF TABLES
TABLES PAGE
Table 2.1 GSM 900 GSM 1800 35
Table C:1 Average Processing Speed of the cipher algorithms with
Bouncy Castle API 143
Table C:2 Average Processing Speed of the Message Digest algorithms
With Bouncy Castle API 144
1
CHAPTER ONE
INTRODUCTION
1.0 Background to the Study
The term security lacks meaning until one has defined what is to be secured and for
whom. Likewise, security is difficult to comprehend without a potential threat. Mobile
phones for third-generation mobile systems (3G) have several security stakeholders for
which the mobile platform must provide security services. Moreover, the potential threats
may differ from stakeholder to stakeholder.
The first class of security stakeholders, users, expects that mobile phones will offer secure
and reliable communication – that is, they assume their phones can be trusted to handle
sensitive tasks, such as e-commerce transactions. The main threats to this class of
stakeholders are malicious software, such as viruses and Trojans, or weak or misbehaving
security mechanisms. The second class of stakeholders, mobile network operators, relies
on phone network identification mechanisms (related to billing capability) and networkrelated
software.
Criminal-minded users or hostile software must not be allowed to circumvent these
mechanisms.
Operators thus require that the integrity of software can be guaranteed when the mobile
phone is in operation. They also want to be certain that users cannot break SIM lock
mechanisms.
A third class of security stakeholders, content providers, wants to be paid for the content
(music, pictures, videos and software) that users download. It also wants to know that
2
users cannot (mis)use their phones to illegally copy or distribute content. This is where
digital rights management (DRM) functions come into play. However, DRM mechanisms
alone cannot provide all necessary security. To provide a DRM solution that meets
content provider requirements, the mobile phone platform must contain security functions
that guarantee secure execution and code integrity.
Security is usually measured in terms of a set of basic aspects [1]:
– confidentiality,
– integrity,
– authentication and
– authorization.
– Non-repudiation
Confidentiality is ensuring that the data is hidden from those that are not supposed to see
it.
Confidentiality of data is achieved by cryptographically transforming original data, often
called, plaintext, into cipher text, which hides the content of plaintext. This operation is
realized as a parameterized transformation that keeps the controlling parameter secret.
The controlling parameter is often called a key. The transformation is called encryption.
With a key it is easy to perform the inverse transform or decryption. Without the key,
decryption would be difficult.
Integrity is about ensuring that data has not been replaced or modified without
authorization during transport or storage. This is achieved using cryptographic transforms
and a key. Additional information must also be added to the plaintext to verify its
integrity.
3
Authentication is the procedure by which a unit (the claimant) convinces another unit
(the verifier) of its (correct) identity. Authentication is different from authorization, which
is the process of giving a person or entity permission to do or have access to something.
Non-repudiation is ensuring that someone who sent a message does not deny that he is the
one that sent it by using security processes such as digital signature.
There are two major classes of cryptographic mechanisms: symmetric and asymmetric. In
symmetric mechanisms, the same key is used for encryption and decryption. Examples of
symmetric confidentiality mechanisms are
• block ciphers, such as DES and AES; and
• stream ciphers, such as the GSM A1, A2 and A3 algorithms.
Integrity is often protected using symmetric mechanisms. Integrity-protection algorithms
are also called message authentication codes (MAC). The most popular MAC is the
HMAC algorithm. Because the key in symmetric mechanisms can be used to decrypt
content, it must be kept secret from all but legitimate users of the encryption scheme.
Asymmetric mechanisms use separate pairs of keys for encryption transform and
decryption transform. The public key can be made publicly available, but the private key
must never be revealed. Asymmetric mechanisms are typically used for distributing keys
(for example, a symmetric key) or for digital signing purposes. A public key can be used
to encrypt a symmetric key, which in turn, can only be decrypted by the legitimate
4
receiver using the corresponding private key. A private key may also be used to digitally
sign data. The signature can be verified by anyone who knows the corresponding public
key. The RSA scheme is widely known example of an asymmetric cryptographic
algorithm.
A lot of research works have been done already in this regard; and it has been proved that
most if not all the existing algorithms being employed by GSM companies as security
measures have been broken. Equally the smart-card in GSM phones , SIM card can be
cloned and as such more research need to be done to protect sensitive and critical data
where GSM technologies are employed.
This Masters thesis focuses on ways through which sensitive user’s data can be further
protected (especially short message services (SMS)) against threat by malicious and
criminally-minded users. Equally, all other areas of Information and System security are
equally researched by the project.
1.1 Aims and Objectives of the Project
The aims and objectives for the project are as follows:
– To understudy how GSM works with respect to various security algorithms
inbuilt into it.
– To understudy all the existing GSM cryptographic algorithms and expose their
strengths and shortcomings
– To proffer solution to the shortcomings inherent in original encryption
algorithms found in GSM technologies by using software-based approach to
5
develop a MIDlet program in JAVA that can be used to further secure and
protect user’s sensitive and critical data (SMS only) using Bouncy Castle
JAVA cryptographic Application Programming Interface (API).
– To test run the security JAVA MIDlet software program in compatible Mobile
Information Device Profile (MIDP) phones or mobile devices engaged in endto-
end GSM data communication session.
1.2 Justification for the Study
Mobile phones are used on a daily basis by hundreds of millions of users, over radio
links. Unlike a fixed phone, which offers some level of physical security (i.e. physical
access is needed to the phone line for listening in), with a radio link, anyone with a
receiver is able to passively monitor the airwaves.
Mobile phones are equally used in several sensitive and mission critical environment e.g.
financial, military, educational e.t.c. where integrity and privacy of data need not be
compromised.
Therefore it is highly important that reasonable technological security measures are taken
to ensure the privacy of user’s phone calls and text messages (and data), as well to prevent
unauthorized use of the service being run by the mobile phone applications.
1.3 Scope of the Project
This study will cover:
– the data security in Global System Mobile Communication (GSM); all the existing
security algorithms will be analysed and their strengths and weaknesses
highlighted.
6
– Software will be used to solidify where weaknesses exist in the GSM data using a
MIDlet JAVA program developed in Bouncy Castle Java cryptographic API. Therefore,
a software program will be written in JAVA programming language to improve the
security features of GSM data where integrity of user’s data are critical and need not be
compromised. This Master’s project will focus on developing a software application that
will protect user’s Short Message Service (SMS) data only.
1.4 Limitations of the Project
1. This application can only be implemented on Java-enabled phone which
supports Mobile Information Device Profile (MIDP) 2.0.
2. Both the sender and recipient have to install the security software: secureSMS
software application in their mobile phones in order to implement the solution
and send and read encrypted and secure SMS.
3. The two people engaged in a two-way communication must switch on their
mobile phones to be able to send and receive the secure SMS data.
4. The application does not have a Record Management Store facility yet, so the
mobile phones cannot store the sent and received SMS data for future
reference.
5. The security application can only work in an environment where Global System
for Mobile Telecommunication (GSM) or Universal Mobile Telecommunications System
(UMTS) network is available and cannot work yet on CDMA (Code Division for
Multiple Access) network.
7
1.5 Block Diagram overview of the Project Stages
The block diagrams of the Research and Project stages are depicted below:
Fig 1.1. The Block diagram of the Research and Project Stages
STAGE 1
Research and analysis of
GSM technologies and GSM Data Security and existing GSM
Security algorithms
STAGE 2
Software development
– Development of a MIDlet JAVA computer program to further strengthen GSM
data (SMS only) using Bouncy Castle JAVA Cryptographic API in NetBeans IDE
STAGE 3
Implementation of 2 programs developed in JAVA
Test-running, Deployment and implementation of the programs
developed in STAGE 3 above
8
1.6 Project Report Organisation
This master thesis report is structured as follows:
Chapter 1, Background Information: This chapter gives general background
information on security in Computer System, Information System and Security of data in
GSM data and the problems inherent in them.
The chapter also captures the Aims and Objectives of the research project, the
Justification for embarking on the research project on Information and GSM data security
a well as the objectives and scope of the study.
Chapter 2, Literature Review: Various relevant literature and facts that pertain to the
subject study: GSM technologies and GSM data security are highlighted. Also
highlighted are the Java data security technologies that are employed in the project to
strengthen the deficiencies noted in existing GSM security.
Chapter 3, Methodology & System Analysis: To provide further security for data in
mobile devices in combination of existing encryption algorithms inbuilt in GSM mobile
devices during communication session (SMS), a MIDlet JAVA program is written
developed with BouncyCastle cryptographic Application Programming Interface (API).
This chapter highlights more of ins and outs of the JAVA technologies used in this
project.
Chapter 4, System Design and Development: This chapter handles the full program
design for the development of the security program to protect user’s GSM SMS data
9
using JAVA programming language and NETBEANS 6.8 Integrated Development
Environment.
Chapter 5, System Implementation: This chapter handles full testing, running,
deployment and implementation of the two programs written in Chapter 4 above to use to
strengthen the existing GSM algorithms and to provide simulation exercise for the
existing GSM security algorithms. The JAVA MIDlet secure SMS program is deployed
using Cable to PC as well as Over the Air (OTA) communication running on compatible
MIDP 2.0 Nokia phones such as Nokia 2700 Classic to implement the solution.
Chapter 6, Summary and Conclusion: A synopsis of the achieved goals of the
implementations is shown. Problems encountered in the project and the way out of them
are equally highlighted. Furthermore, recommendation for future work on the project is
given and finally this chapter gives a concluding remark on the project.
References cover all the cited works of other people used in this Master thesis.
Appendix A: Covers the program sources codes for the project
Appendix B: Covers used GSM and other acronyms and their full meaning.
DISCLAIMER: All project works, files and documents posted on this website, UniProjectTopics.com are the property/copyright of their respective owners. They are for research reference/guidance purposes only and some of the works may be crowd-sourced. Please don’t submit someone’s work as your own to avoid plagiarism and its consequences. Use it as a reference/citation/guidance purpose only and not copy the work word for word (verbatim). The paper should be used as a guide or framework for your own paper. The contents of this paper should be able to help you in generating new ideas and thoughts for your own study. UniProjectTopics.com is a repository of research works where works are uploaded for research guidance. Our aim of providing this work is to help you eradicate the stress of going from one school library to another in search of research materials. This is a legal service because all tertiary institutions permit their students to read previous works, projects, books, articles, journals or papers while developing their own works. This is where the need for literature review comes in. “What a good artist understands is that nothing comes from nowhere. All creative work builds on what came before. Nothing is completely original.” - Austin Kleon. The paid subscription on UniProjectTopics.com is a means by which the website is maintained to support Open Education. If you see your work posted here by any means, and you want it to be removed/credited, please contact us with the web address link to the work. We will reply to and honour every request. Please notice it may take up to 24 – 48 hours to process your request.