Wireless Communications Security (eBook)

Jyrki Penttinen has worked in mobile telecommunications with network operators and manufacturers since 1994. He has theoretical knowledge and operational experience of end-to-end architectures and functioning of major mobile communications systems, including GSM/GPRS/EDGE, UMTS/HSPA and LTE/LTE-A with their respective evolution paths. He has worked in research and operational activities in both radio and core network domains, including planning, optimization, measurements, system architectures and services. He joined Giesecke & Devrient Mobile Security team in 2014, currently focusing on the security solutions and future trends of the industry.

Title Page 5
Copyright Page 6
Contents 7
About the Author 14
Preface 15
Acknowledgements 17
Abbreviations 18
Chapter 1 Introduction 31
1.1 Introduction 31
1.2 Wireless Security 32
1.2.1 Background and Advances 32
1.2.2 Statistics 32
1.2.3 Wireless Threats 34
1.2.4 M2M Environment 39
1.3 Standardization 40
1.3.1 The Open Mobile Alliance (OMA) 40
1.3.2 The International Organization for Standardization (ISO) 42
1.3.3 The International Telecommunications Union (ITU) 44
1.3.4 The European Telecommunications Standards Institute (ETSI) 44
1.3.5 The Institute of Electrical and Electronics Engineers (IEEE) 45
1.3.6 The Internet Engineering Task Force (IETF) 46
1.3.7 The 3rd Generation Partnership Project (3GPP) 46
1.3.8 The 3rd Generation Partnership Project 2 (3GPP2) 55
1.3.9 The GlobalPlatform 55
1.3.10 The SIMalliance 56
1.3.11 The Smartcard Alliance 57
1.3.12 The GSM Association (GSMA) 57
1.3.13 The National Institute of Standards and Technology (NIST) 58
1.3.14 The National Highway Transportation and  Safety Administration (NHTSA) 58
1.3.15 Other Standardization and Industry Forums 58
1.3.16 The EMV Company (EMVCo) 59
1.3.17 The Personal Computer/Smartcard (PC/SC) 59
1.3.18 The Health Insurance Portability and Accountability Act (HIPAA) 59
1.3.19 The Common Criteria (CC) 59
1.3.20 The Evaluation Assurance Level (EAL) 60
1.3.21 The Federal Information Processing Standards (FIPS) 61
1.3.22 Biometric Standards 61
1.3.23 Other Related Entities 62
1.4 Wireless Security Principles 62
1.4.1 General 62
1.4.2 Regulation 63
1.4.3 Security Architectures 63
1.4.4 Algorithms and Security Principles 63
1.5 Focus and Contents of the Book 66
References 68
Chapter 2 Security of Wireless Systems 72
2.1 Overview 72
2.1.1 Overall Security Considerations in the Mobile Environment 72
2.1.2 Developing Security Threats 73
2.1.3 RF Interferences and Safety 75
2.2 Effects of Broadband Mobile Data 76
2.2.1 Background 76
2.2.2 The Role of Networks 77
2.2.3 The Role of Apps 80
2.2.4 UE Application Development 82
2.2.5 Developers 85
2.2.6 The Role of the SIM/UICC 86
2.2.7 Challenges of Legislation 87
2.2.8 Updating Standards 88
2.2.9 3GPP System Evolution 88
2.3 GSM 89
2.3.1 The SIM 90
2.3.2 Authentication and Authorization 92
2.3.3 Encryption of the Radio Interface 93
2.3.4 Encryption of IMSI 95
2.3.5 Other GSM Security Aspects 95
2.4 UMTS/HSPA 96
2.4.1 Principles of 3G Security 96
2.4.2 Key Utilization 98
2.4.3 3G Security Procedures 99
2.5 Long Term Evolution 101
2.5.1 Protection and Security Principles 101
2.5.2 X.509 Certificates and Public Key Infrastructure (PKI) 101
2.5.3 IPsec and Internet Key Exchange (IKE) for LTE Transport Security 102
2.5.4 Traffic Filtering 103
2.5.5 LTE Radio Interface Security 104
2.5.6 Authentication and Authorization 108
2.5.7 LTE/SAE Service Security – Case Examples 109
2.5.8 Multimedia Broadcast and Multicast Service (MBMS) and enhanced MBMS (eMBMS) 113
2.6 Security Aspects of Other Networks 121
2.6.1 CDMA (IS?95) 121
2.6.2 CDMA2000 123
2.6.3 Broadcast Systems 124
2.6.4 Satellite Systems 124
2.6.5 Terrestrial Trunked Radio (TETRA) 125
2.6.6 Wireless Local Area Network (WLAN) 126
2.7 Interoperability 132
2.7.1 Simultaneous Support for LTE/SAE and 2G/3G 132
2.7.2 VoLTE 135
2.7.3 CS Fallback 135
2.7.4 Inter-operator Security Aspects 136
2.7.5 Wi-Fi Networks and Offload 136
2.7.6 Femtocell Architecture 138
References 139
Chapter 3 Internet of Things 142
3.1 Overview 142
3.2 Foundation 143
3.2.1 Definitions 143
3.2.2 Security Considerations of IoT 145
3.2.3 The Role of IoT 145
3.2.4 IoT Environment 147
3.2.5 IoT Market 150
3.2.6 Connectivity 151
3.2.7 Regulation 152
3.2.8 Security Risks 153
3.2.9 Cloud 158
3.2.10 Cellular Connectivity 159
3.2.11 WLAN 163
3.2.12 Low-Range Systems 163
3.3 Development of IoT 170
3.3.1 GSMA Connected Living 170
3.3.2 The GlobalPlatform 171
3.3.3 Other Industry Forums 171
3.4 Technical Description of IoT 172
3.4.1 General 172
3.4.2 Secure Communication Channels and Interfaces 173
3.4.3 Provisioning and Key Derivation 174
3.4.4 Use Cases 174
References 178
Chapter 4 Smartcards and Secure Elements 180
4.1 Overview 180
4.2 Role of Smartcards and SEs 181
4.3 Contact Cards 183
4.3.1 ISO/IEC 7816?1 184
4.3.2 ISO/IEC 7816?2 185
4.3.3 ISO/IEC 7816?3 185
4.3.4 ISO/IEC 7816?4 187
4.3.5 ISO/IEC 7816?5 187
4.3.6 ISO/IEC 7816?6 187
4.3.7 ISO/IEC 7816?7 187
4.3.8 ISO/IEC 7816?8 187
4.3.9 ISO/IEC 7816?9 188
4.3.10 ISO/IEC 7816?10 188
4.3.11 ISO/IEC 7816?11 188
4.3.12 ISO/IEC 7816?12 188
4.3.13 ISO/IEC 7816?13 188
4.3.14 ISO/IEC 7816?15 188
4.4 The SIM/UICC 189
4.4.1 Terminology 189
4.4.2 Principle 189
4.4.3 Key Standards 190
4.4.4 Form Factors 191
4.5 Contents of the SIM 194
4.5.1 UICC Building Blocks 194
4.5.2 The SIM Application Toolkit (SAT) 197
4.5.3 Contents of the UICC 198
4.6 Embedded SEs 198
4.6.1 Principle 198
4.6.2 M2M Subscription Management 199
4.6.3 Personalization 202
4.6.4 M2M SIM Types 203
4.7 Other Card Types 204
4.7.1 Access Cards 204
4.7.2 External SD Cards 205
4.8 Contactless Cards 205
4.8.1 ISO/IEC Standards 205
4.8.2 NFC 206
4.9 Electromechanical Characteristics of Smartcards 208
4.9.1 HW Blocks 208
4.9.2 Memory 208
4.9.3 Environmental Classes 209
4.10 Smartcard SW 211
4.10.1 File Structure 211
4.10.2 Card Commands 213
4.10.3 Java Card 214
4.11 UICC Communications 214
4.11.1 Card Communications 214
4.11.2 Remote File Management 215
References 216
Chapter 5 Wireless Payment and Access Systems 218
5.1 Overview 218
5.2 Wireless Connectivity as a Base for Payment and Access 218
5.2.1 Barcodes 219
5.2.2 RFID 221
5.2.3 NFC 222
5.2.4 Secure Element 226
5.2.5 Tokenization 228
5.3 E-commerce 230
5.3.1 EMV 230
5.3.2 Google Wallet 230
5.3.3 Visa 231
5.3.4 American Express 231
5.3.5 Square 231
5.3.6 Other Bank Initiatives 231
5.3.7 Apple Pay 231
5.3.8 Samsung Pay 232
5.3.9 MCX 232
5.3.10 Comparison of Wallet Solutions 232
5.4 Transport 233
5.4.1 MiFare 234
5.4.2 CiPurse 234
5.4.3 Calypso 234
5.4.4 FeliCa 235
5.5 Other Secure Systems 235
5.5.1 Mobile ID 235
5.5.2 Personal Identity Verification 235
5.5.3 Access Systems 236
References 236
Chapter 6 Wireless Security Platforms and Functionality 238
6.1 Overview 238
6.2 Forming the Base 238
6.2.1 Secure Service Platforms 239
6.2.2 SEs 239
6.3 Remote Subscription Management 240
6.3.1 SIM as a Basis for OTA 240
6.3.2 TSM 242
6.3.3 TEE 243
6.3.4 HCE and the Cloud 246
6.3.5 Comparison 249
6.4 Tokenization 249
6.4.1 PAN Protection 249
6.4.2 HCE and Tokenization 251
6.5 Other Solutions 251
6.5.1 Identity Solutions 251
6.5.2 Multi-operator Environment 252
References 252
Chapter 7 Mobile Subscription Management 253
7.1 Overview 253
7.2 Subscription Management 253
7.2.1 Development 253
7.2.2 Benefits and Challenges of Subscription Management 255
7.3 OTA Platforms 256
7.3.1 General 256
7.3.2 Provisioning Procedure 257
7.3.3 SMS-based SIM OTA 257
7.3.4 HTTPS-based SIM OTA 260
7.3.5 Commercial Examples of SIM OTA Solutions 261
7.4 Evolved Subscription Management 262
7.4.1 GlobalPlatform 263
7.4.2 SIMalliance 263
7.4.3 OMA 263
7.4.4 GSMA 265
References 270
Chapter 8 Security Risks in the Wireless Environment 272
8.1 Overview 272
8.2 Wireless Attack Types 273
8.2.1 Cyber-attacks 273
8.2.2 Radio Jammers and RF Attacks 274
8.2.3 Attacks against SEs 275
8.2.4 IP Breaches 275
8.2.5 UICC Module 276
8.3 Security Flaws on Mobile Networks 277
8.3.1 Potential Security Weaknesses of GSM 277
8.3.2 Potential Security Weaknesses of 3G 284
8.4 Protection Methods 284
8.4.1 LTE Security 284
8.4.2 Network Attack Types in LTE/SAE 285
8.4.3 Preparation for the Attacks 286
8.5 Errors in Equipment Manufacturing 289
8.5.1 Equipment Ordering 289
8.5.2 Early Testing 290
8.6 Self-Organizing Network Techniques for Test and Measurement 294
8.6.1 Principle 294
8.6.2 Self-configuration 295
8.6.3 Self-optimizing 296
8.6.4 Self-healing 296
8.6.5 Technical Issues and Impact on Network Planning 296
8.6.6 Effects on Network Installation, Commissioning and Optimization 297
8.6.7 SON and Security 298
References 298
Chapter 9 Monitoring and Protection Techniques 300
9.1 Overview 300
9.2 Personal Devices 301
9.2.1 Wi-Fi Connectivity 301
9.2.2 Firewalls 301
9.3 IP Core Protection Techniques 302
9.3.1 General Principles 302
9.3.2 LTE Packet Core Protection 302
9.3.3 Protection against Roaming Threats 305
9.4 HW Fault and Performance Monitoring 306
9.4.1 Network Monitoring 307
9.4.2 Protection against DoS/DDoS 307
9.4.3 Memory Wearing 307
9.5 Security Analysis 308
9.5.1 Post-processing 308
9.5.2 Real-time Security Analysis 308
9.6 Virus Protection 309
9.7 Legal Interception 311
9.8 Personal Safety and Privacy 313
9.8.1 CMAS 313
9.8.2 Location Privacy 315
9.8.3 Bio-effects 316
References 317
Chapter 10 Future of Wireless Solutions and Security 318
10.1 Overview 318
10.2 IoT as a Driving Force 318
10.3 Evolution of 4G 319
10.4 Development of Devices 321
10.4.1 Security Aspects of Smartcards 321
10.4.2 Mobile Device Considerations 321
10.4.3 IoT Device Considerations 322
10.4.4 Sensor Networks and Big Data 323
10.5 5G Mobile Communications 324
10.5.1 Standardization 324
10.5.2 Concept 325
10.5.3 Industry and Investigation Initiatives 327
10.5.4 Role of 5G in IoT 327
References 327
Index 329
EULA 336