Cryptography for Mobile Telecommunications

We will now examine a very different usage of cryptography—one that most people use virtually daily. The operating environment is what sets it apart from the other two programs we have already explored. Companies that offer mobile communications services have decided on specific operating criteria to ensure the compatibility of their services.

They therefore form together a kind of closed environment, although one is dispersed among a large number of various companies. We’ll explore how this affected some of the choices made while developing cryptography systems.

Mobile telecommunications background

There is an inherent level of physical security provided by a wired computer network. The same can be said for a wired telecommunications network. Thus, in a similar way to the development of WLANs, the advent of mobile telecommunications brought a range of new threats that did not exist for traditional wired telecommunications networks.

These problems were not recognized by the designers of the first mobile phone systems. Those systems used analog signals and did not have suitable protection. Mobile handsets sent their serial numbers clearly, leaving them highly susceptible to cloning. An attacker could then use a cloned phone at the expense of the genuine user. Eavesdropping on calls was also straightforward.

This situation was unacceptable for everyone involved. It raised privacy concerns for mobile phone customers and raised the considerable inconvenience of dealing with the aftermath of a phone cloning incident. More significantly, mobile telecommunications operators faced the loss of revenue and reputation through incidents of fraud.

The shift from analog to digital communications allowed the use of cryptographic techniques to provide security. In doing so, the development of the Global System for Mobile Communication (GSM) standard by the European Telecommunications Standards Institute (ETSI) brought security to mobile telecommunications.

We will look in some detail at the cryptographic aspects of GSM security. Third-generation, or 3G, mobile phones are characterized by higher data transmission rates and a much richer range of services. We will briefly discuss the enhanced security of GSM’s successor for 3G phones, the Universal Mobile Telecommunications System (UMTS).

A further step change in data rates is required for fourth-generation 4G mobile communications. We will note the main developments in the cryptographic support for UMTS’s successor for 4G, which is Long Term Evolution (LTE).

The basic architecture of a mobile telecommunications network is shown below. The network is divided into many geographic cells, each of which is controlled by a base station. A mobile phone first connects with its nearest base station, which directs communications either to the home network of the mobile phone user or to other networks to transfer call data.