Cellular Phones and Encryption

4G LTE Encryption When cellular phones first came out, the concerns about data loss and theft was not all that high. This was mostly because these devices functioned mostly (if not entirely) as phones with perhaps a camera phone here and there. Nowadays, however, cellular phones are often smartphones and they are literally small computers in terms of the data that they carry and the abilities that they have.

Given that and the fact that tablets and other devices have entered the cellular signal fray, it is important to focus on the data security that these data devices have and whether that technology is being used in the way it could or should be and whether improvements are needed. While technology and encryption have come a long way, it is imperative that the envelope is pressed harder and harder every day so as to maintain (or create) privacy and safety for people making use of their technology.

Analysis The main focus of this brief report will be to describe at least three encryption options that exist when it comes to 4G LTE traffic. While 4G LTE is not going to be the latest and greatest when it comes to cellular traffic, it is the best thing going on right now and any solutions created for 4G LTE can probably be applied to more advanced technologies when they come to pass. As with most things, there are tradeoffs and shortcomings of all technologies.

In many to most cases, any gains and upsides to one technology or option are at least partially cancelled out by tradeoffs. Even so, the best overall solution in terms of speed, security and overall vulnerability is the way to go and this report shall explore a few of those options. One consideration when it comes to cellular technology and the importance of how our devices communicate was laid bare when the earthquake and tsunami rattled Japan simultaneously in recent years.

Indeed, people with cellular phones were unable to wield and use them in light of the physical infrastructures relating to cellular phone technology either being damaged or without power due to the storm. Some might wonder aloud what this has to do with encryption. The answer to that question would be the idea that devices should be able to communicate directly with each other even if the prevailing cellular networks are crippled or left in rubble.

After all, two laptops or workstations can talk to each other even if the wider Internet is not functional or accessible. Further, these two devices can communicate in a way that is encrypted and secured. The idea being put forward by many is that cellular phones and other devices should be able to do the same thing.

Just as 4G LTE devices can be standardized and properly equipped in the same way so that they can all access a 4G LTE network, the same thing should apply to the need for these 4G devices to communicate with each other. This concept is not new and is known as device-to-device communication, or D2D for short. Such a technology is fairly new in that it was just coming out in 2014.

Even so, the possibilities and benefits of such a system and framework being in place would be immeasurable when it comes to natural disasters like hurricanes, earthquakes, tsunamis and tornados. Simply being able to put out an "I'm OK" message is beyond words when it comes to the calm and benefit that is rendered (Alam, Yang, Rodriguez & Abd-Alhameed, 2014). The business world and any environment where encrypted data transmission is a must are also things that are easy to find within the 4G realm.

One of the stalwart companies that exists out there in terms of data security is RSA. The aforementioned problem with outages due to natural disasters is one of the shortcomings of LTE-A, which is short for LTE-Advance. Another problem that happens is its vulnerability to attacks and breaches by people with ill intentions. However, the solutions offered by RSA and others like them go a long way towards preventing those problems from becoming nightmares.

Indeed, RSA and others have proposed or implemented systems that are based on a "novel security scheme." One system that is on the proposed side of the ledger is known as Se4GE. This is short for security system for a 4G environment. This proposed system integrates the information security prowess of RSA and Diffie-Hellman.

It is an end-to-end system that uses a cipher-text transfer mechanism and it dynamically changes the encryption keys midstream so as to enforce a strong level of security when it comes to data transmission in a 4G LTE-A system. The system is strong enough that it employs two entirely different encryption/decryption techniques within the same system and for the same computers or smartphones.

Early tests that were summarized in 2014 reports on the subject showed that this new Se4GE system was stronger than conventional 4G LTE-A across the board (Huang et al., 2014). Two more 4G LTE encryption options are covered in an IEEE treatise that was published in mid-2015. Those two options are XOR and Phase Encryption. Indeed, those two methods were being actively compared and contrasted by IEEE. The study starts off by noting that some level of encryption is present in basically all data transmission mediums.

However, some methods are stronger than others and other method still have been compromised. With that in mind, it is obvious and apparent that stronger is better and that the best options should be on the table when it comes to the protection of 4G LTE traffic, both in general and in special situations. Encryption does the same thing regardless of what method is used in that it obscures the details of the data so that only the authorized and connected parties are privy to what the data says.

However, what can vary a lot is the layer at which the encryption and decryption happens. Conventional encryption performs a bitwise XOR operation. What happens is that a message bit and a key stream bit are used to generate a cipher text bit. Phase encryption takes things a bit further in that it is performed on modulated signals. These two systems and encryptions have been compared in terms of the security that they offer and the performance that is rendered while the same is under way.

One important finding that was rendered by this comparison is that phase encryption was notable resistant to traffic analysis attack when it is put forth within the physical layer (Huo & Gong, 2015). Finally, there is the work of Samoui and a few other authors as written and published in early. One of the more notorious and popular security protocols across all of the information security paradigm is known as IPSec.

A sub-concept within that realm is the use of "tunnels" that allow for data to be transmitted safely and securely while not allowing for the prying eyes of those that should not have access. There are many parts of information security that transcend computers and cellular or smartphones alike and this is one of those situations. Beyond that, the 4G LTE realm is right up there with 3 GPP and wireless local area networks (WLAN's) when it comes to vulnerabilities.

Of course, data transmitted along a wired network, all else equal, will tend to be safer than data that moves along a wireless network. However, the mobile revolution and the demands that come for the same lay bare the idea that people want their wireless and they want it secure. With that in mind, having the proper frameworks relating to authentication and encryption is not an option.

Just as 4G LTE has its own personal issues to deal with when it comes to encryption, the same would be true when it comes to interacting with devices and networks that use either or both of the 3 GPP and WLAN standards such as a normal Wi-Fi-enabled router. Not only must these disparate device types and mediums communicate with each other, they need to be able to do so in a secure way.

For example, a call that is made using a 4G LTE network needs to be secure but so does a phone call that emanates from a 4G cellular phone but that is done through a WLAN (Samoui et al., 2015). Anyhow, the "novel scheme" that has been proposed by Samoui and his colleagues is known as HIP-IKEv2. It is a blend of what is known as the Internet Key Exchange, or IKEv2, and the Host Identity Protocol, or HIP.

The confluence of these protocols is to be used in a way that delivers a better overall security shroud than what either protocol could do on its own. Even better, the protocol combinations can be used in a way that reduces the amount of authentication.