¶ … General Packet Radio Services (GPRS) is a service used in the provision of packet radio access for the GSM (for Global System for Mobile Communications) users [1].In regard to the wireless component, the GPRS technology makes a reservation of the radio resources only in instances when there are instances of data to be sent over its infrastructure. This therefore ensures that the radio resources are optimized. The fixed part of the GPRS infrastructure employs Internet Protocol (IP) technology as is usually connected to the general public internet. By taking advantage of these resources, the GPRS infrastructure manages to provide a variety of applications and services that are packet-oriented to the mobile end-users and therefore making a reality the concept of mobile internet services. For the successful implementation of these services as well as other news immerging services and applications over the GPRS infrastructure, security is paramount [2].This is due to the fact that the wireless component of the GPRS infrastructure is inherently insecure and the concept of radio transmission is naturally more susceptible to cases of fraud and eavesdropping when employed as compared to the wireless transmission. Additionally, the reality of user mobility as well as the possibility of universal access to the GPRS network infrastructure means that there are higher levels of security risks as compared to the ones that the fixed networks are prone to. In order to realize the security objectives, the GPRS infrastructure employs as special security architecture that aims at the protection of the network resources against unauthorized access while also ensuring the privacy of the users. The GPRS security architecture is however based on the security measures that are used in the GSM systems. This is due to the fact that GPRS is a system that is based on the GSM infrastructure. On the basis of this consideration, a large number of extant literature on mobile security in the realm of second-generation (2G) mobile networks makes a due references to GSM technology [2].These literature are considered to apply to GPRS systems too. GPRS systems differ from the GSM ones in certain services as well as operational points, factors which required totally different security analysis. This is mainly because the GPRS system is based on IP technology, an open as well as widely deployed technology that is inherently exposed to various vulnerability points. At the same time, intruders to the existing GPRS services and applications may take advantages of the vulnerability within the IP system in breaching the confidentiality, integrity, availability of the system in order to compromise the services as well as defraud the system users. GPRS systems are therefore exposed to intruders at a greater level that the GSM systems.
In this paper, we present an elaborate discussion of Ciphering in GPRS systems as well as encryption in 3G data networks. The paper also contains a proposal of an algorithm about Ciphering and Encryption, and how to use the AES algorithm with GPRS networks using 256 bits key, and why should use Encryption to send data using 3G Packet data Networks.
The status of GPRS
Within its simplest form General Packet Radio Service (GPRS) is noted to lie between the Global System for Mobile Communication (GSM) and the third generation (3G) mobile networks. The development of the GPRS systems has seen a rapid growth and has seen it being the most popular technology in the wireless communication arena. In this chapter, we present a brief history of GPRS while also pointing out the security issues that affects GPRS network infrastructure.
Figure 1. The status of GPRS-GPRS lies between 3G and GSM network.
Background
A review of the background of the mobile wireless communications reveals that the general lack of reliable security mechanisms can be attributed to the rapid pace of development in the GPRS technology arena. The unfortunate fact that wireless technology spreads quite fact has meant that these breaches have become numerous with the general attraction of several hackers. In this section, were investigate the primitive leaks in the GPRS security.
The very first single cell mobile service began sometime in the 1940s [4] with an evolution to the first and second generation mobile telephone services in the later years.
GPRS is therefore very powerful system that is in actual sense an improvement of the GSM technology. GPRS is based on the original GSM architecture. The knowledge of GSM architecture is therefore necessary for the understanding of the GPRS architecture.
In the early years of 1980s, the application of cellular telephone systems were seeing a rapid growth in the U.S., Japan and Europe. Every nations developed its own standard and system a fact which...
This resulted in the underdevelopment of wireless communication as a result of the uncoordinated nature of the international telecommunication system.
As a consequence, the Conference of European Posts and Telegraphs (CEPT) organized a study group which was mandated with the creation of the pan-European public mobile system. This study group was called Groupe Special Mobile (GSM) and its was mandated in 1982 [5]. However in 1989, GMS got transferred to ETSI (European Telecommunication Standards Institute) and then became considered to be the internationally accepted standard for digital cellular telephony.
The GSM criterion system was initially implemented in 1991 upon which it was named the Global System for Mobile Communication (GSM). It shared an exact abbreviation as the work group -Groupe Special Mobile. Later on GSM networks grew all over the world from the developing countries to their developed counterparts.
Security issues in GPRS networks
Just like the GSM system, the GPRS system has several security problems. These security problems are indicated to be existence even with standard encryption being applied. The weaknesses in the GPRS infrastructure are attributed to the basic GMS infrastructure upon which it rides [6][1].In order to fully comprehend the security issues affecting the GPRS infrastructure, it is paramount that we explore the underlying security mechanisms which are employed in the operation of the GPRS systems.
The GPRS Security Architecture
In order to realize its security objectives, the GPRS system employs a standard set of security mechanism that makes part of the GPRS security architecture. The main elements of the GPRS security mechanism were originally designed for the GSM system but they have been appropriately modified in order to adapt the GPRS network as well as packet-oriented traffic [1][7]. The aims of the GPRS security architecture are to protect the GPRS network infrastructure against any sort of unauthorized access as well as to protect the users' privacy. The following components are what makes the GPRS security architecture;
1. The subscriber Identity Module (SIM);
2. The subscriber identity confidentiality;
3. The subscriber identity authentication;
4. User data as well as signaling confidentiality between the M. SGSN and the MS as well as the
5. GPRS backbone security.
The subscriber Identity Module-SIM
The SIM card marks the subscription of a given mobile user to a given network, Each and every SIM-card is related to a specific user and is unique. The SIM card has a microprocessor, persistent EPROM memory, ROM, volatile RAM as well as an I/O interface.
General Packet Radio Service (GPRS) is therefore a means of linking the internet and corporate intranet having a transmission speed of 172 kbps via the GSM framework [8]. The main aim of using GPRS is to enable subscribers to use mobile communication anywhere. GPRS technology is a solution to the need of remote working at extreme speeds, enabling companies to access Local Area Network by providing their staff Virtual Private Networks (VPN) over GPRS. Some of the services carried out may need heightened levels of security, such as financial transactions and matters of national security. In addition, GPRS faces new and immense threats since it uses IP technology and is linked to the internet. Practical securities given by GPRS are similar to those employed by GSM. Privacy, integrity and verification are among the most important services that devices and networks should offer to their users. Due to risks associated with the internet, GPRS network has placed some safety measures such as authentication and ciphering to safeguard its subscribers' data by barring unauthorized access and data privacy similar to those used by GSM network. Users of this system are recognized through a cryptographic safety mechanism that uses A3, A5 and A8 security algorithms. The only algorithm made by the GSM and is used by GPRS is A5, also known as GPRS-A5.
The A3 algorithm is used for verification procedure, the A8 algorithm is mainly employed encryption key generation, and finally the GEA3 algorithm is utilized in data confidentiality. Both A3 and as algorithms are founded on the RIJNDAEL block cipher while GEA3 algorithm on the other hand is founded on the KASUMI block cipher [9] . The functioning of the proposed RIJNDAEL block cipher realization is slightly slower than other former designs in terms of output but the implementation is compact so as to incorporate better in the user Identification Card (SIM). The GEA3 algorithm is incorporated in the mobile equipment and is used for…
