Cellular Cryptography

🎓
The following presentation is part of my Honors Option for NSSA 245

Presentation Transcript

Today, I will give a short fire talk on Cellular Cryptography.

I will address three topics: the design of mobile networks, the authentication and authorization pathway, and transport-layer security.

Roaming is one of the central design constraints for mobile phones. A phone needs to move seamlessly between cell towers. It also needs to be able to run on different networks with minimal issues. They also designed the system to have independent connection mechanisms and core networks. That means you can access using LTE™, WiMAX®, or any other network mechanisms with a packet core. Lastly, they need to ensure that your traffic meets your expectations and that you pay for it. Not all cellular traffic has the same importance, and since people are billed by their usage, they must ensure that they are correctly billed.

Logos are copyright and trademark of their respective owners

Cross-border roaming brings incredible complexity to the system. As a user, I expect my phone to work seamlessly wherever I go. If I go to South America on Claro or Saudi Arabia on STC, the network needs to talk to my home network and connect me properly.

I will now go into the structure of the cellular network.

CORRECTION: This should have said "User Equipment" not "User Endpoint"

A SIM card is a chip that stores sensitive information about your phone. Even if you have not used a SIM card, you may have seen the chip from credit cards or a TPM. It acts as the TPM for your cellular phone and stores cryptographic primitives. It also includes data about you and your home network so that the connection process can occur properly. It is a duplicate of data stored by your home carrier on the HSS.

CORRECTION: This should have said "User Equipment" not "User Endpoint"
CORRECTION: This should have said "User Equipment" not "User Endpoint"

User Equipment is what people typically think of as a "cellular device." It may be a phone, laptop, car, vending machine, or many other things. It takes the data from the sim card to send network requests over a radio.

The mobility management is per region and part of the packet core. It is owned by the serving network. That means if I am roaming in South America on Claro, it is owned by Claro. It handles the entrance of packets into the packet core.

Networks carefully place the MMEs to cover a similar audience. They want to minimize the number of times that you switch MMEs. Typically all of a metropolitan area will be served by one MME region. If there are specific corridors with a lot of interchange between them (such as Calgary and Edmonton) they may also be under the same MME region, as long as it does not put too much load onto the MME. For connection, the MME mostly acts as a proxy.

The home subscriber server is also part of the packet core but is owned by the home carrier. So, if I am traveling to South America on Claro, it would still be owned by AT&T, my carrier at home. It holds data about customers, plans, and SIM cards. It is responsible for the authentication, quality of service, billing, and everything relevant to the user.

Now, I will address the Authentication and Authorization of a cellular connection.

Authentication and Authorization are critical parts of the mobile connection process.

Authentication asks the question of who you are. It addresses who a SIM card is assigned to, if the device is legitimate, and if the network it is connecting to is legitimate.

Authorization, by contrast, asks the question of what your rules are. It identifies if you are allowed to roam, if you can access carrier and private resources, and what your Quality of Service expectations are.

The Authentication and Authorization process uses a challenge/response approach. This is fairly standard for authentication schemes. In it, the UE uses data from the SIM card to initate a connection over its radio to an MME. That MME acts as a proxy and forwards the data to the HSS. The HSS replies with some authorization data, a challenge, and an expected response. The MME takes the expected response out and forwards the challenge to the UE.

CORRECTION: This should say "MME is a relay"

The keys are all derived from each other, with some data at each step. Deriving keys means that it is easy to link one key to one below, but it is difficult to reverse. This approach helps achieve the principle of least privilege. If a key is compromised, you want to minimize the scope that can be abused.

During the key derivation process, the MME acts as a relay.

The root key K is stored on the SIM. This derives a Cipher Key and Integrity Key which are on the Home Subscriber Server.

Those keys are used to derive an ASME key which is per Serving Network and Sequence. The Sequence is used by a specific serving network to protect traffic delivery within its network. If you are moving around within a serving Network, the eNB key is used to encrypt traffic between the radio/base station and the user equipment.

It is structured this way to minimize computation. Here we have a sample mobile network. The blue network is one serving network and the pink is another serving network. The blue network has two MMEs, A and B.

As you move between eNodeB, only the eNB key has to be recalculated. All of the others stay the same.

Then when you change MME regions, it has to recalculate the ASME key. However, the above keys stay the same.

Then when you switch serving networks, say driving across a border, it has to reset the sequence and the new SN has to establish a relationship with the HSS. However, the K, CK, and IK remain the same.

There are many ways that this process can go wrong. One common type of attack is that the synchronization fails. If the difference between the expected and actual is very big, that may be an indicator of transmission issues. The primary failure from an authentication perspective is if the challenge-response fails. That means that the expected response calculated from the HSS does not match what the UE calculates.

Over time the process has gotten stronger. In 2G the phone was authenticated by the phone but the phone did not authenticate the network. 3G changed that, but the keys were shared between SNs. 4G made the keys specific to the serving network, and 5G included the home network in the authentication process.

What this means is that there is an attack where you can downgrade connections. If you broadcast a super loud 2G connection and block the spectrum for 3G, 4G, and 5G, the phone will connect to an unauthenticated network. The security implications are one reason why carriers and OEMs are trying to eliminate 2G.

Now that we have looked at Authentication and Authorization, we can look at the components of a specific network.

When your data hits the radio and base station, it goes to one of two planes. The control plane consists of the MME and HSS, and is used for billing, authentication, and quality of service. The other plane is the data plane. Data is sent to a Serving Gateway, at which point it is enters the IP network. This gateway is owned by the serving network. The SGW is a proxy to the Packet Gateway, which is owned by the home network. It will then enter the internet, or carrier/private services.

While not a perfect comparison, it acts kind of like a VPN where you can access internal resources and change your location by proxying data around. No matter where you are, your data will be sent to your home network's PGW. Therefore, as you roam between eNodeBs, MMEs, and SNs, any connections you have established will remain active.

There are two strata that the UE must communicate with during radio communication. The Access Stratum, or AS, is Layer 2 and is for between the User Equipment and Base Station. The Non-Access Stratum, or NAS, is Layer 3 and is used between the UE and MME.

The Access Stratum uses Radio Resource Control for signaling. That means that it helps with:

  • Establishing and releasing connections
  • System information broadcast
  • Radio reconfiguration
  • Paging
  • And more

Some of it is unencrypted and some of it is encrypted. The Packet Data Convergence Protocol is the protocol that sends data both to the control plane and data plane.

AS communication includes 128 bits of encryption key. It also includes count, bearer, and direction headers to help with ordering received packets.

The Non-Access Stratum always integrity-checked. Once the algorithm is established, all communication is encrypted. The keys it uses are derived from the HSS. One benefit of this system is that the IMEI is always secret.

There is some degree of flexibility in the actual encryption algorithm. This is negotiated between the MME and the UE. While the implementations are standardized, algorithms can be changed without requiring a complete reimplementation of the protocol.

That is a super high-level overview of cellular cryptography! If you would like to learn more about the Packet Core, you can watch my previous cellular presentation on the RITSEC YouTube channel.