Has privacy in cellular smart phones become a myth?

Ritwikdeshpande
Nov 8 · 6 min read

With the advent of the 21st Century it is observed that 63% percent of the total world population has shifted to using cellular(mobile) phones. Around 42% of them are smartphones with the number increasing exponentially every year. However have we once thought how vulnerable we are becoming by blindly accepting this new Technology and do we really know how private or safe our data in our phones is?. Are we at the edge of a big conspiracy where our every move is being traced? Curious ,scared?, lets try to find out the truth in this blog where we discuss few of our daily used applications on our smart phones and how Cryptography has played a major role in reshaping this whole Technology.

Cellular Communication.

The first ever protocol developed for Cellular Communication from phone to the local transmission tower is known as Global System for Mobile.

GSM is the granddaddy of all digital cellular protocols, and it remains one of the most popular protocols in the world. One thing that makes GSM special is its call encryption capability: the protocol is designed to encrypt all calls in between the handset(mobile phone)and the local tower.

The authentication and encryption process is as follows:

The interaction above serves two purposes: first, both the phone and Authentication Centre derive a pair of values that will be used for authentication(SRES) and key agreement(session key Kc). Derivation is performed using two functions (A3 and A8) that accept the long-term secret K (embedded in the SIM card of the phone). A3 algorithm generates a response(SRES) for SIM Card Authentication for the phone to authenticate itself , and the A8 algorithm is used for the secret key generation for end to end encryption of data(voice calls and messages) that uses the A5 encryption algorithm.

So as a matter of fact ourcalls and texts are indeed encrypted so what’s the issue with the GSM Security Protocols?

  1. Lack of tower authentication. GSM phones authenticate to the tower, but the tower doesn’t authenticate back. This means that anyone can create a ‘fake’ tower that your phone will connect to(the phone itself does not verify whether a valid connection). The major problem here is that in GSM, the tower gets to pick the encryption algorithm!. That means your attacker can simply turn encryption off (by setting encryption ‘algorithm’ A5/0) and simply route the clear text data itself. Thus the attacker can simply present himself as a valid tower — and see which phones connect to him(by sending their IMSI(International Mobile Subscriber Identity) values) and accordingly exploit the user’s data.
  2. Bad key derivation and encryption algorithms. The GSM ciphers are quite vulnerable to strong known plain text attacks. The original A3/A8 algorithms,are both implemented using single function called COMP128 . Unfortunately COMP128 turns out to be seriously broken — to the point where you can clone a user’s SIM key in as few as 8 queries. Also once these functions or algorithms are leaked they become a serious threat to the confidentiality of data. A5/1(the encryption algorithm) was leaked(turned out to be a symmetric key cipher) around the same time as COMP128 and rapidly succumbed to a series of increasing powerful attacks using high performance machines.

So after discovering these vulnerabilities the world has shifted to a faster more secure communication protocol known as 3G/4G(LTE) protocol.

The 3G/4G Protocols follow the LTE(long-term-evolution) standards that provide substantial improvement of security over the original GSM. These can be summed up as follows:

  1. Mutual authentication. The 3G protocols use a new Authentication and Key Agreement(AKA) protocol, which adds mutual authentication to the tower connection. To validate that the phone is speaking to a legitimate tower, the carrier(authentication centre) now computes a MAC that the phone can verify before initiating a connection. This prevents many of the uglier protocol attacks that plagued GSM.
  2. Better authentication algorithms. The session keys and authentication tags are still computed using proprietary algorithms — now called f1-f5, f5* — but the algorithms are much stronger. Since their design is carrier(Authentication Centre)-specific it’s not easy to say exactly how they work. It is also believed according to 3GPP that it may use standard block cipher like AES.
  3. Better encryption. Call encryption in 3G uses a proprietary block cipher called KASUMI. KASUMI is based off of a Mitsubishi proposal called MISTY1, which was heavy customized to make it faster in cellular hardware.

Thus 3G/4G used may seem very secure and will work for now but there are still some shortcomings that need to be addressed soon to preserve our privacy.

The biggest source of concern for 3G(LTE) is that you may not be using it. Most phones are programmed to gracefully ‘fail over’ to GSM when a 3G/4G connection seems unavailable. Active attackers exploit this feature to implement a rollback attack — jamming 3G/4G connections, and thus re-activating all of the GSM attacks described above.

A more subtle concern is the weakness of the KASUMI cipher. Unfortunately KASUMI seems much weaker than the original MISTY1 algorithm — so much weaker that in 2010 Dunkelman, Keller and Shamir were able to implement a related-key attack that recovered a full 128 bit call key in just under two hours!

Also new security threats have been discovered with the AKA authentication protocol which poses a serious threat as discussed in GSM.

Private Data usage by External Smart Phone Apps and Websites

The main feature of the smart phones is its ability to connect to the world wide web and thus access various websites through the inbuilt web browser on our phones. So lets talk about the various web applications that we use,ever wondered how secure are these websites where we freely enter our private data.

Each time we enter our personal details in a website we should check whether is has a valid ssl certificate as shown:

Along with the external web one should be vary of the several applications installed on the phone. Although Google Play has ensured that all apps submit a Privacy Security Policy record insuring that they don’t misuse the user data,it’s very easy for malicious developers to submit a false record. Also not all the apps don’t ensure safety of data while communicating through the internet , apps like WhatsApp, Telegram use end-to-end encryption ,however some apps even Facebook and Instagram have yet to add this feature. So we should remain alert while compromising our data to these applications.

Another serious threat is posed by Wi-Fi interference . In an era where we’re all constantly connecting to public Wi-Fi networks, that means our info often isn’t as secure as we might assume. Nearly a quarter of devices have connected to open and potentially insecure Wi-Fi networks, and 4% of devices have encountered a man-in-the-middle attack — in which someone maliciously intercepts communication between two parties — within the most recent month. Thus to prevent such an attack we should set up a Virtual Private Network(VPN ) on our Smart Phones and enable it whenever connecting to unknown external WiFi networks. A VPN account encrypts our data(network details) and prevents the network administrator from knowing our browsing details and other activities.

Conclusion.

The internet and smart phones are a huge boon towards the modern world with endless useful and life changing applications. However we should be smart and alert while using them and have full knowledge of whatever we are doing. Our private information is very precious and we should work very hard to protect it. Hence it is recommended that we encrypt our data in our smart phones as shown to protect ourselves from any type of attack.

References.

blog.cryptographyengineering.com

https://eprint.iacr.org/2018/1175.pdf

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade