Security mechanisms employed Safaricom 3G Network

Project Name Page 1 of 8

1. EXECUTIVE SUMMARY........................................................3 2. ACCESS SECURITY.............................................................4 3. TEMPORARY IDENTITIES.....................................................7 4. TUNNELS AND VPN............................................................8

Project Name Page 2 of 8

1.

EXECUTIVE SUMMARY

In the basic Global System for Mobile Communication (GSM), security is concentrated on radio path security (i.e., the access network part). In Universal Mobile Telecommunication System (UMTS) networks, security is a larger topic. The UMTS(3G) integrates the telecommunication and data communication worlds and, once again, this creates threats to security. In the Internet Protocol (IP) world, security has been an issue for many years and numerous security threats have been identified and defence mechanisms developed. This document aims to highlight some of the security mechanisms that have been put in place to safe guard information (voice or data) conveyed on the Safaricom 3G network: from the access network to the corporate. These include: Cryptography Encryption IPSec VPN GRE tunnels

Project Name Page 3 of 8

2.

ACCESS SECURITY

The confidentiality of voice calls is protected in the Radio Access Network (RAN), as is the confidentiality of transmitted user data. This means that the user has control over the choice of parties with whom he or she wants to communicate. The most important security features for access security of the UMTS (3G) are: Mutual authentication of the user and the network. Use of temporary identities. RAN encryption. Protection of signalling integrity inside the UMTS Terrestrial Access Network (UTRAN).

The cornerstone of the authentication mechanism is a master key K that is shared between the SIM of the user and the home network database. This is a permanent secret with a length of 128 bits. The key K is never made visible between the two locations (e.g., the user has no knowledge of his or her master key). At the same time as mutual authentication, keys for encryption and integrity checking are derived. These are temporary keys with the same length (128 bits). New keys are derived from the permanent key K during every authentication event. It is a basic principle in cryptography to limit the use of a permanent key to a minimum, and instead derive temporary keys from it for protection of bulk data.

Project Name Page 4 of 8

Figure 1 Authentication data request and authentication data response

1. Identification occurs when the identity of the user (i.e., permanent identity IMSI or temporary identity TMSI) has been transmitted to the Visitor Location Register (VLR) or Serving GPRS Support Node (SGSN). Then, the VLR or SGSN sends an authentication data request to the Authentication Centre (AuC) in the home network. 2. The AuC contains the master keys of users, and, based on knowledge of the International Mobile Subscriber Identity (IMSI), the AuC is able to generate authentication vectors for the user. The generation process involves the execution of several cryptographic algorithms. The vectors generated are sent back to the VLR/SGSN in the authentication data response. This process is depicted in Figure 1.

Project Name Page 5 of 8

Figure 2 User authentication request and user authentication response

1. The SN (VLR or SGSN) sends a user authentication request to the terminal. This message contains two parameters from the authentication vector, called RAND and AUTN. 2. The SIM contains the master key K, and using it with the parameters RAND and AUTN as inputs the SIM carries out a computation that resembles the generation of authentication vectors in the AuC. 3. This process also involves the execution of several algorithms, as is the case for corresponding AuC computation. As a result of the computation, the USIM is able to verify whether the parameter AUTN was indeed generated in the AuC and, if it was, the computed parameter RES (authentication response)is sent back to the VLR/SGSN in the user authentication response. 4. Now the VLR/SGSN is able to compare the user response RES with the expected response XRES which is part of the authentication vector. If they match, authentication ends positively, as depicted in figure 2.

Project Name Page 6 of 8

3.

TEMPORARY IDENTITIES

The permanent identity of the user in the UMTS is the IMSI, as it is for the GSM. However, the identification of the user in the UTRAN (3G access network) is in almost all cases done by temporary identities: Temporary Mobile Subscriber Identity (TMSI) in the CS domain or Packet TMSI (P-TMSI) in the PS domain. This implies that confidentiality of user identity is almost always protected against passive eavesdroppers.

Project Name Page 7 of 8

4.

TUNNELS AND VPN

The basic tool used for the protection of network domain traffic is the IP Security (IPSec) protocol suite. It provides confidentiality and integrity of communication in the IP layer. Communicating parties can also authenticate each other using IPsec. Tunnels are created to all corporates via separate APNs.

Project Name Page 8 of 8