信息网络安全 ›› 2017, Vol. 17 ›› Issue (9): 69-72.doi: 10.3969/j.issn.1671-1122.2017.09.016

• • 上一篇    下一篇

移动通信网2G/3G/4G互操作风险分析与防护方案

粟栗(), 邵京, 杜海涛   

  1. 中国移动通信集团公司研究院,北京 100032
  • 收稿日期:2017-08-01 出版日期:2017-09-20 发布日期:2020-05-12
  • 作者简介:

    作者简介: 粟栗(1981—),男,湖北,高级工程师,博士,主要研究方向为网络与信息安全;邵京(1991—),女,江西,工程师,硕士,主要研究方向为移动通信安全;杜海涛(1978—),男,河南,高级工程师,博士,主要研究方向为网络与信息安全。

Risk Analysis of Mutual Operation of 2G/3G/4G Mobile Communication Network and Protection Scheme

Li SU(), Jing SHAO, Haitao DU   

  1. China Mobile Research Institute, Beijing 100032, China
  • Received:2017-08-01 Online:2017-09-20 Published:2020-05-12

摘要:

文章分析了移动通信网络中2G/3G/4G互操作机制,阐述了互操作造成的伪基站安全风险;分析并指出风险的本质是单向鉴权机制。文章提出了GSM SR-AKA算法,通过认证增强的方式解决伪基站攻击。文中算法无需修改GSM鉴权算法的流程或参数格式,即可通过网络侧、智能卡的配合实现双向鉴权认证。同时,该算法无需对旧SIM卡进行替换即可兼容,具有良好的可实施性。

关键词: 移动通信, 互操作, 伪基站

Abstract:

This paper described the mutual operation mechanism among 2G/3G/4G in mobile communication network, and analyzed the security risks of pseudo base station caused by mutual operation. Further analysis showed that the risk was caused by the one-way authentication mechanism. This paper proposed the GSM SR-AKA algorithm, which could prevent against the pseudo base station attack. This algorithm can achieve two-way authentication by the network side and smart card without changing the GSM authentication procedure or the parameter’s format. Furthermore, the old SIM card is compatible with the new algorithm, making the scheme easy to implement.

Key words: mobile communication, mutual operation, pseudo base station

中图分类号: