Transport Layer Security

Mobile Telecommunication

Current mobile telecommunications are installed with Transport Layer Security (TSL) service, which is a cryptographic protocol, meant to offer end-to-end communications security over networks and is broadly applied to internet communications as well as online transactions. Martin (2012) claim that the security services offered via the protocol are mutual entity authentication so that to set up the secure channel, and capable of establishing the identity of every communication entity. Secondly, the security service provided is the confidentiality of the radio path that promotes information transferred via the channel is accessible to the entities at either end of the channel, and not by any attacker who monitors the channel. Thirdly, the use of public known algorithms such as Universal Mobile Telecommunications Systems (UMTS) that is well studied and established and the algorithm deployed is very closely based on the standard algorithms whose modifications are publicly evaluated. Finally, the use of integrity of signaling data offered by the UMTS to protect the critical data usually provided by MAC, whose key is established during the UMTS authentication (AKE) protocol.

Martin (2012) explains that encryption algorithms applied to secure mobile telecommunications are referred to as MILENAGE that is based on a 128-bit block cipher. They include the KASUMI algorithm; based on a well-studied design known as MISTY, and deploys a block cipher as a stream cipher keystream generator. Snow 3G also secures UMTS and GSM devices. It has properties such as randomness, standardization, implementation and experimental to foster efficiency and performance in securing new generation mobile standards. ZUC a dedicated stream cipher algorithm has the potential to cope with previous threats that outmaneuvered past generations that fail to adopt flexibility in development and adjustment. Finally, the AES algorithm applied in its Counter Mode (CTR Mode) a systematic-key algorithm possessing a different key and block sizes. It enables a repeated and secure application of a block ciphers under one key.

Martin (2012) explains that encryption algorithms applied to secure mobile telecommunications are referred to as MILENAGE that is based on a 128-bit block cipher. They include the KASUMI algorithm; based on a well-studied design known as MISTY, and deploys a block cipher as a stream cipher keystream generator. Snow 3G also secures UMTS and GSM devices. It has properties such as randomness, standardization, implementation and experimental to foster efficiency and performance in securing new generation mobile standards. ZUC a dedicated stream cipher algorithm has the potential to cope with previous threats that outmaneuvered past generations that fail to adopt flexibility in development and adjustment. Finally, the AES algorithm applied in its Counter Mode (CTR Mode) a systematic-key algorithm possessing a different key and block sizes. It enables a repeated and secure application of a block ciphers under one key.

Users of GSM mobile phones are authenticated when they travel to location further from their service providers. Martin (2012) identifies that GSM facilitates authentication by offering the application of authentication triplets. This is a form of a procedure;

The user of the phone connects with a foreign mobile operator, who

After the foreign mobile operator received the batch of GSM authentication triplets from the mobile user’s local mobile operator, he or she generates a new batch of randomly generated numbers such as RAND (1), RAND(2)….RAND (n) and computes the matching values for RES and Kc applying the user’s mobile key Ki, forming a batch of triplets.

After the foreign mobile operator received the batch of GSM authentication triplets from the mobile user’s local mobile operator, he or she generates a new batch of randomly generated numbers such as RAND (1), RAND(2)….RAND (n) and computes the matching values for RES and Kc applying the user’s mobile key Ki, forming a batch of triplets.

It is where RES (i)-A3ki (RAND (i)) and Kc (i)- A8ki (RAND (i)), the local mobile operator sends this batch of triplets to a foreign mobile operator. The foreign mobile operator sends the challenge RAND (1) to a mobile user.

The foreign mobile operator checks the received RES (1) matches the values in the first triplet he receives from the local mobile operator. If it does, then the foreign mobile operator authenticates the mobile user.

According to Martin (2012), management of Key in mobile communications is quite straightforward, which is quite systematic and facilitated by the fact that mobile operators are entirely in control of all the keying material related to their users. Management of keys starts with generation, in most cases by SIM manufacturer on behalf of the mobile operator. Followed by the establishment of the keys on the SIM card before being issued to the user. Keys are stored in the hardware of the user’s SIM card, meant to provide a reasonable degree of tamper resistance. UMTS and GSM enforce a degree of key separation by ensuring that the long-term user keys are only and indirectly exposed to an attacker via its use to compute the short responses to the mobile operator’s challenges. Key change takes place when it is critical and takes place by acquiring a new SIM card, and during a renewing session, it destruct the previous key in the previous SIM card.

The article by Woods refers the debate over encryption that is regarded as a stand-alone computer security issues, that government is fighting to attain access to personal data for control of crime, fighting terrorism and regulating territorial border, while encryption is based on the fact that people have a right to expect privacy in their personal data.

The golden age of surveillance is regarded as the period where people are constantly sharing information concerning what they are up to, thinking through the application of several devices. It is a depiction that surveillance has shifted to the palms of an individual; where spyware can be used to remotely access other smart devices anywhere and at any time. The industry of spyware growing exponentially, the age has enabled the capacity to look into just anything, from what is being typed, the calls made, apps used, to an extent of acquiring ones data and voice.

A backdoor in computing according to Woods is a method of bypassing the usual method of authentication. Backdoors are normally inserted into the algorithm before it is distributed widely. They are in most cases concealed in part of the design of the algorithm. Therefore, in cryptography particularly, a backdoor would allow intruders or hackers to access the encrypted data without possessing the right credentials. The backdoor would either allow the hacker to present a skeleton key that will in most cases grant him or her access or allow him or her to guess the access key based on the context of the message. For that matter, it would present an intentional weakness in the application of cryptography.

Encryption substitute according to Woods is alternatives that the law enforcement can pursue to mandate encryption backdoors a well as privacy advocates take steps beyond encrypting their data to make sure of their privacy. For that matter both the law enforcement and privacy seekers can generate several insights, for instance, comprehensive reform has the capacity to make more sense than serial reforms, since it would allow for issue linkage and deal-making. Another substitute that law enforcement can rely on is the use of metadata as a source of intelligence that is just valuable or more valuable than decrypting encrypted information.

Woods main argument is encryption substitutes available for privacy-seekers beyond encryption such as placing one’s information in a jurisdiction that is beyond the reach of law enforcement. Yes, I do agree with his argument since reliance on substitute encryption can save the turf existing between law enforcement and the privacy-seekers. Law enforcement would not be skeptic concerning the method via which they acquire evidence and intelligence in their operations and national security, while the privacy-seekers are a skeptic on how they secure their privacy. The search for encrypted data can be acquired optionally not only on how to allow law enforcement to access data but on how to do so. Thus, Woods proposes the use of metadata that is much more valuable than decrypting encrypted data.

Woods main argument is encryption substitutes available for privacy-seekers beyond encryption such as placing one’s information in a jurisdiction that is beyond the reach of law enforcement. Yes, I do agree with his argument since reliance on substitute encryption can save the turf existing between law enforcement and the privacy-seekers. Law enforcement would not be skeptic concerning the method via which they acquire evidence and intelligence in their operations and national security, while the privacy-seekers are a skeptic on how they secure their privacy. The search for encrypted data can be acquired optionally not only on how to allow law enforcement to access data but on how to do so. Thus, Woods proposes the use of metadata that is much more valuable than decrypting encrypted data.

References List

• Martin, K.M., 2012. Everyday cryptography. Chapter 12: Cryptographic Application. The Australian Mathematical Society, 231(6). pp. 469- 552
• Woods. A. K. Encryption Substitutes. A Hoover Institution Essay. Aegis Paper Series No. 1705. pp. 1-16

Looking for further insights on The Role of Technology in Improving the Adoption Process? Click here.