计算机工程与应用 ›› 2011, Vol. 47 ›› Issue (21): 90-94.

• 网络、通信、安全 • 上一篇    下一篇

UMTS系统空中接口接入协议的安全缺陷分析

王 盛,崔维嘉,郑娜娥   

  1. 解放军信息工程大学 信息工程学院,郑州 450002
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2011-07-21 发布日期:2011-07-21

Analysis of security flaw in access protocol of UMTS radio interface

WANG Sheng,CUI Weijia,ZHENG Na’e   

  1. PLA Information Engineering University,Zhengzhou 450002,China
  • Received:1900-01-01 Revised:1900-01-01 Online:2011-07-21 Published:2011-07-21

摘要: UMTS系统(Universal Mobile Telecommunication System,通用移动通信系统)采用了双向鉴权、信令完整性保护和数据加密等多种机制来保证用户通信的安全性。研究从挖掘协议安全缺陷出发,指出现有的UMTS系统通信协议中安全机制仍存在安全缺陷,以此为基础描述了一种能够有效通过系统的身份认证并阻止加密算法启动的中间人攻击方法,验证隐患的存在性。详细分析了导致现有安全缺陷的原因,给出了协议修改建议。

关键词: 通用移动通信系统(UMTS), 空中接口, 中间人攻击, 身份认证, 安全缺陷

Abstract: Mutual authentication,signaling integrity protection and encryption are used in the UMTS(Universal Mobile Telecommunication System) to promote the security level of users’ communication through radio interface,which makes traditional interception means used in the 2nd generation system ineffective.But by studying the protocol from 3GPP(3rd Generation Partner Project),the leaks of radio interface still exist.Based on analyzing the security fault in the protocol used in the radio interface of UMTS,a kind of Man-in-the-Middle attack which can be successfully verified in the mutual authentication and prevent the start of encryption algorithm is proposed.The feasibility of this kind of attack is analyzed.

Key words: Universal Mobile Telecommunication System(UMTS), radio interface, Man-in-the-Middle attack, authentication, security flaw