Journal of KIISE:Information Networking (한국정보과학회논문지:정보통신)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

An Enhanced Mechanism of Security Weakness in CDMA Service

CDMA 서비스의 보안취약성과 개선방안

  • Published : 2003.12.01
Download PDF
⟨ Previous Next ⟩

Abstract

Mobile Communication has a possibility of eavesdropping by nature of wireless channel. It is known that eavesdropping of CDMA system is impossible because the voice data spreads with the PN. First of all, we show that it is possible to eavesdrop the CDMA channel by analysis of the forward channel in case that we know the ESN and the MIN. We can monitor the forward traffic channel with easy since ESN and MIN are exposed during the call processing in CDMA service in Korea. In this paper, we will show security weakness and propose an enhanced mechanism for CDMA service. We consider the problem of security in the CDMA service. CDMA system has wireless channels to transmit voice or data. By this reason, CDMA communication has a possibility of being eavesdropped by someone. It is known that eavesdropping in CDMA system is impossible because the voice data spreads with the PN. However, we can eavesdrop the CDMA data in FCM protocol in case that we know the ESN and the MIN. In CDMA system, ESN and MIN are exposed to the wireless channel. In this paper, we analyze the flow of the voice and signal in the CDMA system and monitor the forward traffic channel by the FCM protocol. The FCM protocol is proposed to monitor the forward channel in CDMA system. We can show the possibility of monitoring in one-way channel of CDMA system by the FCM protocol. The test instrument based on the FCM protocol is proposed to monitor the CDMA forward channel. We will show the system architecture of the test instrument to monitor the forward channel in CDMA.

이동통신 서비스는 무선통신의 속성상 채널이 노출되어있다고 볼 수 있으므로 도청의 가능성을 갖는다. 현재 국내에서 서비스되고 있는 CDMA 방식의 이동통신 서비스는 각 가입자마다 통화로 설정 과정에서 고유한 PN을 이용하여 정보가 확산되므로 일반적인 경우 도청이 어렵다고 알려져 있다. 본 연구에서는 먼저, CDMA 시스템의 순방향 채널을 분석하여 가입자 단말기의 ESN 및 MIN가 알려지는 경우 도청이 가능함을 보였다. 현재 국내에서 서비스되고 있는 CDMA 시스템에서는 호처리 과정에서 ESN 및 MIN이 무선채널 상에서 노출되고 있으므로 비교적 간단한 방법으로 순방향 통화채널을 모니터 할 수 있다. 본 논문에서는 순방향 통화채널의 모니터링을 통하여 CDMA 서비스의 보안취약성과 개선방안을 제시하였다.

Keywords

References

  1. N. Asokan, 'Anonymity in a Mobile Computing Environment,' Proceedings of Workshop in Mobile Computing Systems and Applications, December 1994 https://doi.org/10.1109/MCSA.1994.513484
  2. J. Elliott, 'Hide yourself in Cyberspace,' Internet, May 1995
  3. G. H. Forman, J. Zahorjan, 'The Challenges of Mobile Computing,' IEEE Computer, April 1994 https://doi.org/10.1109/2.274999
  4. Paul Newson, Mark R. Heath, 'The Capacity of a Spread Spectrum CDMA System for Cellular Mobile Radio with Consideration of System Imperfections,' IEEE journal of selected areas in communications, vol. 12, No. 4, May. 1994 https://doi.org/10.1109/49.286674
  5. M. Bellare, S. Goldwasser, 'New Paradigms for digital Signatures and Message Authentication Based on Non-Interactive Zero Knowledge Proofs,' Proceedings of Crypto 89, 1989
  6. D. Chaum, 'Security Without Identification: Security Systems to Make Big Brother Obsolete,' Comm. of the ACM. October 1985 https://doi.org/10.1145/4372.4373
  7. C. Harrison, D. M. Chess, A. Kershenbaum, 'Mobile Agents: Are they a good idea?' IBM Research Report, March 28, 1995
  8. J. Ioannidis, 'Protocols for Mobile Internetworking,' PhD Thesis, University of Columbia, ftp://ftp.cs.columbia.edu/pub/ji/thesis.ps.gz
  9. Byoung-Hoon Kim and Byeong Gi Lee, 'PDSA: Parallel Distributed Sample Acquisition for Mary DS/CDMA Systems,' IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 49, No. 4, pp. 589-593, APRIL 2001 https://doi.org/10.1109/26.917763
  10. D. Chaum, 'The Dining Cryptographers Problem: Unconditional Sender and Recipient Untraceability,' Journal of Cryptology (1988) 1
  11. D. Samfat, R. Molva, 'A Method Providing Identity Privacy to Mobile Users during Authentication' https://doi.org/10.1109/MCSA.1994.513483
  12. F. Stoll, 'The Need for Decentralization and Privacy in Mobile Communications Networks,' In Network Security Observations, January 1995 https://doi.org/10.1016/0167-4048(95)00014-Y
  13. J. Dunlop, D. G. Smith, 'Telecommunications Engineering, 3rd Ed,' Chapman & Hall, 1994
  14. Sung-Shik Woo, Heung-Ryeol You, Tae-Gun Kim, 'The Position Location System Using IS-95 CDMA Networks,' IEEE, 2000 https://doi.org/10.1109/EURCOM.2000.874763
  15. Weiping Xu, Laurence B. Milstein, 'On the Use of Interference Suppression to Reduce Intermodulation Distortion in Multicarrier CDMA Systems,' IEEE TRANSACTIONS ON COMMUNICATIONS, VOL. 49, NO. 1, JANUARY 2001 https://doi.org/10.1109/26.898257
  16. A. Herzberg, H. Krawczyk, G. Tsudik, 'On Travelling Incognito,' Proceedings of the 1994 Workshop on Mobile Computing, 1994 https://doi.org/10.1109/MCSA.1994.513485
  17. Francisco Javier Gonzalez-Serrano, Juan Jose Murillo-Fuentes, 'Adaptive Nonlinear Compensation for CDMA Communication Systems,' IEEE TRANSACTIONS ON VEHICULAR TECHNOLOGY, VOL. 50, NO. 1, pp. 34-42, JANUARY 2001 https://doi.org/10.1109/25.917867
  18. A. K. Elhakeem, Haiying Zhu, Saud A. Al-Semari, 'Virtual Matched Filtering: A new Hybrid CDMA code acqusition Technique under Doppler and higher CDMA loads,' IEEE, 2000 https://doi.org/10.1109/EURCOM.2000.874775
  19. T. A. Freeburg, 'Enabling Technologies for Wireless In-Building Network Communications - Four Technical Challenges, Four Solutions,' IEEE Communications Magazine. April 1991 https://doi.org/10.1109/35.76559
  20. D. B. Johnson, 'Routing in Ad-Hoc Networks of Mobile Hosts,' Computer Science Department, Carnegie Mellon University
  21. Youngkook Kim, Saewoong Bahk, 'Multiaccess scheme to ensure security in CDMA-based wireless LANs,' Electronics Letters 27th May 1999, Vol. 35, No. 11 https://doi.org/10.1049/el:19990650
  22. B. Marsh, F. Douglis, R. Caceres, 'Systems Issues in Mobile Computing,' MITL Technical Report MITL-TR-50-93. February 1993
  23. A. Mukherjee, D. P. Siewiorek, 'Mobility: A Medium for computation, Communication, and Control,' School of Computer Science, Carnegie Mellon University https://doi.org/10.1109/MCSA.1994.512727
  24. R. Needham. 'Denial of Service: An Example,' Communications of the ACM, November 1994 https://doi.org/10.1145/188280.188294
  25. C. Park, K. Kurosawa, T. Okamoto, S. Tsujii. 'On Key Distribution and Authentication in Mobile Radio Networks,' Proceedings of EUROCRYPT '93, Springer-Verlag
  26. J. Scourias. 'Overview of the Global System for Mobile Communications,' University of Waterloo
  27. M. Spreitzer, M. Theimer. 'Scalable, Secure, Mobile Computing with Location Information,' Communications of the ACM, July 1993 https://doi.org/10.1145/159544.159558
  28. L. Tancevski, I. Andonovic, M. Tur, J. Budin, 'Massive Optical Lan's Using Wavelength Hopping/Time Spreading with Increased Security,' IEEE Photonics Technology Letters, Vol. 8, No. 7, July 1996 https://doi.org/10.1109/68.502276
  29. M. Tatebayashi, N. Matsuzaki. 'Key Distribution Protocol for Digital mobile Communication Systems,' Proceedings of CRYPTO'89, Springer-Verlag
  30. J. E. White. 'Telescript Technology: The Foundation for the Electronic Marketplace,' General Magic, Inc., Mountain View, CA. 1994
  31. M. Wooldridge, R. Jennings. 'Intelligent Agents: Theory and Practice,' Knowledge Engineering Review. October 1994 https://doi.org/10.1017/S0269888900008122