Security on Wireless Communications

Security on Wireless Communications

INTRODUCTION
Mobile satellite communications have been implemented for many systems, including maritime, aeronautical, and land systems. A main characteristic of mobile satellite communication systems is that they provide wireless access to traditional wireline networks for a large number of access services, such as telephone calls. But wireless transmission is vulnerable to relatively easy interception, such as fraudulent call attempts and intrusion or listening-in by third parties. Thus, we action must be taken to prevent various kinds of intrusion. For example, sensitive data must be protected against disclosure to an unauthorized person. Fraudulent modification of messages, repeating old messages, or one user masquerading as another must also be prevented. Data are particularly vulnerable when transferred in networks, especially in mobile communication networks. For this reason, a feasible solution for implementation of secure mobile communication systems is needed. A simple but effective method for secure digital communications is the use of encryption methods. Two types of encryption methods are available: private-key cryptosystems, such as DES and FEAL-32, and public-key cryptosystems, such as RSA. In public-key cryptosystems the degree of computational complexity increases with the level of security. As a result, public-key cryptosystem cannot be used in low-cost and low-power mobile (portable) communication systems, because no existing protocol provides acceptable call-setup time performance. Private-key cryptosystems are simpler and faster than public-key cryptosystem as far as computational complexity is concerned. But private-key cryptosystems require a tremendous amount of effort for key management and distribution. Private-key cryptosystems require that parties (portable) to the conversation share knowledge of a secret key and that unauthorized users not have access to this key. Key agreement is the process by which the parties agree upon the proper key. In this peport, we propose a new service for digital mobile communication systems. This service enables two or more users to hold a secure electronic conference. Two requirements must be considered: privacy and authentication. Privacy involves ensuring an eavesdropper cannot intercept conversations during a conference or information about conferees' locations. Authentication involves ensuring that service is not obtained fraudulently in order to avoid charges for usage. We thus have the following four security goals for the mobile communication system: 1. Privacy of conversation content during the conference. 2. Privacy of information about conferees' locations during the conference. 3. Prevention of fraud by ensuring that the portable units are authentic. 4. Prevention of replaying attacks, so that intruders are not able to obtain sensitive data by replaying a previously intercepted message. Since the portable units must operate over long periods of time on small, low-power batteries, low complexity implementation of the encryption function is critical. Private-key cryptosystems meet such criteria. As mentioned above, private-key cryptosystems require a session key agreed upon by the conferees in the conference.