Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

Friday 24 February 2012

'Mapped Security' Concept in LTE


When a UE registers on a network in 2G/3G or LTE, it has to perform Authentication. The Authentication Vectors are located in the USIM for the device and in Authentication Center (AuC) in the network. Once the Authentication is performed successfully, then the Keys for Ciphering and Integrity are derived and used during the call.

As I showed in my earlier post here, It is possible that the same AuC is used for 2G/3G and LTE networks. In this case if the UE has recently performed Authentication in one network then unless the keys are old, there is no need to perform the Authentication again in the other radio access technology (RAT). The Security keys (Ciphering and Integrity key) would be derived based on the keys in the previous RAT. 3GPP TS 33.102 and 3GPP TS 33.401 gives the details on how to derive the key from the previous RAT while in the new RAT using this mapped security concept.

Wednesday 23 November 2011

Secure Wi-Fi for Large Scale Events and Arenas

Interesting presentation from Logica on Secure WiFi. The resolution of this presentation is low for security reasons as well, I guess.
To download this presentation and other presentation from the recent event, click here.

Thursday 4 August 2011

Detailed presentation on Femtocell Security from Black Hat 2011

Femtocells: a Poisonous Needle in the Operator's Hay Stack
View more presentations from Zahid Ghadialy
Presentation available to download from here.
Detailed write-up on: Exploiting the Ubiquisys/SFR femtocell webserver here.
My earlier blogpost 'Femto Hacking in UMTS and LTE' here.

Monday 25 July 2011

Femto Hacking in UMTS and LTE

Couple of weeks back, The Hacker’s Choice (THC) made available some documents about how the Vodafone's (UK) Femtocell (a.k.a. SureSignal) is unsecure and can be hacked. Everyone seemed to jump on this bandwagon with some news articles even sounding like the whole Vodafone network has been hacked and hackers may be sending messages and making calls via your phone number.

In the end it came to light that the problem was fixed over a year back when Vodafone was made aware of this problem. THC is still arguing that there is an architecture fault and the Femto can be compromised.

As a result I decided to think about what could happen if the Femtocell is hacked.

Lets take case of UMTS Femtocell. A simple network architecture with femtocell (oficially known as Home NodeB) is as follows:

As you can see, the signalling over the air interface is encrypted and integrity protected. If a hacker is able to get into the Femto and able to listen to all the packets using some tool like WireShark, he would be able to get hold of the Ciphering and Integrity Keys as they come in cleartext in the RANAP Security Mode Command message.

It wouldnt be difficult to have a device that can listen to the conversations once provided with this keys. In fact if the hacker is able to listen to the messages, there is no reason he cannot stick his own messages at the right interval (when a voice call is ongoing) to send SMS and would appear that the message actually went from the phone number. Note that this message would be inserted in the Home NodeB and would be a NAS message. The end user would generally never find out that a message has been sent on behalf of his phone.

One thing that should be remembered though is that the phone would have to be in the range of the Femtocell and connected successfully to the network (via the Femto). One question someone may have is that can I not reverse engineer the key so that I can clone the SIM card. Fortunately for us, this is not easily possible. There are multiple levels of protection and generally it would be difficult to get the algorithms for generating the key. Also it should be noted that the authentication algorithms are confidential and only the operators know the algorithm.


Now lets look at the LTE Femtocell (a.k.a. Home eNodeB) as shown below:

One of the differences you may notice is that the signalling from Femto to the Core Network over S1 is encrypted and Integrity Protected. In case of the LTE Femto, there are multiple keys and only the required key (Kenb) is provided to the Femto. See the key hierarchy below:

Source: RedYoda

This would sound like an ideal protection from the end user perspective but some of the problems still remain. If the hacker can get hold of the Kenb which is sent in cleartext over the S1 interface via Initial Context Setup Request message then he could easily use it to listen to the packets. Since there is no voice support as of yet in LTE, it would only be the packets that the hacker can listen to.

As you may notice, there is now an Integrity and Ciphering on the S1 interface for the UE messages, the hacker cannot get hold of the Kasme or the master keys K, CK and IK. This means that he cannot insert rouge messages that would for example send unsolicited SMS on behalf of the user as he would be able to do in case of UMTS.

There is a small caveat though. There are multiple Ciphering and Integrity algorithms defined in the standard. No ciphering is defined as eea0 algorithm. In Release-8 of LTE, there was no possibility to have Integrity switched off as there was no eia0 algorithm defined. In Release-9 though, the new eia0 has been defined which means that the network can set the Integrity to NULL. I am sure that the network would not want to do so as it makes absolutely no sense but the hacker can force it to do so.

When the Network requests the UE to send the capability information, the hacker can force it to say that it only supports eia0 and eea0 which would mean that the integrity and ciphering in the call would be off. To be honest, this is quite a difficult thing to do in real time and also the network would not accept a UE that does not support other Integrity and Ciphering algorithms.


3GPP has already forseen these kind of threats that could be affecting the networks in the future when they roll out the Femtocells. As a result they have produced 3GPP TR 33.820 that lists all the possible threats and the best practices that can help to minimise the chances of the network being compromised. If that document is too big and technical, you can go though this presentation as it summarises some of the problems.

Feel free to comment or correct any mistakes that you think I have made.

Saturday 11 June 2011

Smart Meters Data and Privacy

I have in the past discussed about Smart Grids and Smart meters in this post and have mentioned some of the privacy concerns. Each electrical device has its signature which could be exploited by some rogue elements to find out if there are any people in the household or itss empty. If its empty they could take advantage by breaking in the house, etc.

Last week I heard a presentation by Onzo in a Cambridge Wireless event about Smart meters (embedded below). This was the most detailed presentation I saw that explained how this data from the smart meters

If you browse the slides you will notice that the device signatures can be used to pinpoint the type of device and in most cases also the make and model of the device. It can even point out if a device is malfunctioning or about to breakdown. The customers can get a detailed summary of the main appliances in the house and how much electricity they consume and this would be without any physical intervention in the electrical circuit in the place.

I am sure that are many positive uses of this data and can be used by various governmental agencies to learn more about people behaviour, use it for monitoring crimes (think CSI) and many other advanced services that may not yet be imaginable but the privacy concerns and worries will remain.

The presentation below starts from slide 21 that shows the data part but feel free to view the previous slides.


Finally, I would like to mention that most of the information I have seen about Smart meters actually only include Electric meters. I find it difficult to foresee how we would have smart meters for Gas, Water and Sewage and how the data can be exploited in a positive way.

Wednesday 8 June 2011

3GPP LTE Security Aspects

Regular readers may have realised that Security is one of my favourite topics. Having worked on Security extensively in UMTS and now in LTE, I am always keen to have a complete understanding of the Security aspects of UMTS / LTE.Here is a presentation from a 3GPP workshop held in Bangalore in May 2011.
3GPP LTESecurity Aspects
View more presentations from Zahid Ghadialy
This and other Security related presentations are available on 3G4G website.

Wednesday 4 May 2011

New Security Algorithms in Release-11


I did mention in my earlier blog post about the new algorithm for 3GPP LTE-A Security. The good news is that this would be out hopefully in time for the Release-11.

The following from 3GPP Docs:


The current 3GPP specifications for LTE/SAE security support a flexible algorithm negotiation mechanism. There could be sixteen algorithms at most to support LTE/SAE confidentiality and integrity protection. In current phase, 3GPP defines that there are two algorithms used in EPS security, i.e. SNOW 3G and AES. The remaining values have been reserved for future use. So it is technically feasible for supporting new algorithm for LTE/SAE ciphering and integrity protection.

Different nations will have different policies for algorithm usage of communication system. The current defined EPS algorithm may not be used in some nations according to strict policies which depend on nation’s security laws. Meanwhile, operators shall implement their networks depending on national communication policies. To introduce a new algorithm for EPS security will give operators more alternatives to decide in order to obey national requirements.


Picture: Zu Chongzi
Picture Source: Wikipedia


Some work has been done to adapt LTE security to national requirements about cryptography of LTE/SAE system, i.e. designing a new algorithm of EPS security, which is named ZUC (i.e. Zu Chongzhi, a famous Chinese scientist name in history). Certainly the new algorithm should be fundamentally different from SNOW 3G and AES, so that an attack on one algorithm is very unlikely to translate into an attack on the other.

The objective of this work item is to standardise a new algorithm in EPS. This will include the following tasks:
To develop new algorithms for confidentiality and integrity protection for E-UTRAN
To enable operators to quickly start to support the new algorithm
Not to introduce any obstacle for R8 roaming UE

The following issues should at least be handled in the WI:
Agree requirement specification with ETSI SAGE for development of new algorithms
Delivery of algorithm specification, test data and design and evaluation reports

The algorithm is provided for 3GPP usage on royalty-free basis.

The algorithm shall undergo a sequential three-stage evaluation process involving first ETSI SAGE, then selected teams of cryptanalysts from academia and finally the general public.


The documents related to the EEA3 and EIA3 algorithm could be downloaded from here.

If you are new to LTE Security, the following can be used as starting point: http://www.3g4g.co.uk/Lte/LTE_Security_WP_0907_Agilent.pdf

Tuesday 1 February 2011

6th ETSI Security Workshop

6th ETSI Security workshop was held last month. There were some very interesting areas of discussion including Wireless/Mobile Security, Smart Grids Security, etc.
All presentations are available to download from here.

Tuesday 3 August 2010

Double whammy for GSM Security

Via PC World:

A researcher at the Def Con security conference in Las Vegas demonstrated that he could impersonate a GSM cell tower and intercept mobile phone calls using only $1500 worth of equipment. The cost-effective solution brings mobile phone snooping to the masses, and raises some concerns for mobile phone security.

How does the GSM snooping work?

Chris Paget was able to patch together an IMSI (International Mobile Identity Subscriber) catcher device for about $1500. The IMSI catcher can be configured to impersonate a tower from a specific carrier. To GSM-based cell phones in the immediate area--the spoofed cell tower appears to be the strongest signal, so the devices connect to it, enabling the fake tower to intercept outbound calls from the cell phone.

What happens to the calls?

Calls are intercepted, but can be routed to the intended recipient so the attacker can listen in on, and/or record the conversation. To the real carrier, the cell phone appears to no longer be connected to the network, so inbound calls go directly to voicemail. Paget did clarify, though, that it's possible for an attacker to impersonate the intercepted device to the wireless network, enabling inbound calls to be intercepted as well.

But, aren't my calls encrypted?

Generally speaking, yes. However, the hacked IMSI catcher can simply turn the encryption off. According to Paget, the GSM standard specifies that users should be warned when encryption is disabled, but that is not the case for most cell phones. Paget explained "Even though the GSM spec requires it, this is a deliberate choice on the cell phone makers."

What wireless provider networks are affected?

Good news for Sprint and Verizon customers--those networks use CDMA technology rather than GSM, so cell phones on the Sprint or Verizon networks would not connect to a spoofed GSM tower. However, AT&T and T-Mobile--as well as most major carriers outside of the United States--rely on GSM.

Does 3G protect me from this hack?

This IMSI catcher hack will not work on 3G, but Paget explained that the 3G network could be knocked offline with a noise generator and an amplifier--equipment that Paget acquired for less than $1000. With the 3G network out of the way, most cell phones will revert to 2G to find a viable signal to connect to.

Another one from CNET:

A researcher released software at the Black Hat conference on Thursday designed to let people test whether their calls on mobile phones can be eavesdropped on.

The public availability of the software - dubbed Airprobe -- means that anyone with the right hardware can snoop on other peoples' calls unless the target telecom provider has deployed a patch that was standardized about two years ago by the GSMA, the trade association representing GSM (Global System for Mobile Communications) providers, including AT&T and T-Mobile in the U.S.

Most telecom providers have not patched their systems, said cryptography expert Karsten Nohl.

"This talk will be a reminder to this industry to please implement these security measures because now customers can test whether they've patched the system or not," he told CNET in an interview shortly before his presentation. "Now you can listen in on a strangers' phone calls with very little effort."

An earlier incarnation of Airprobe was incomplete so Nohl and others worked to make it usable, he said.

Airprobe offers the ability to record and decode GSM calls. When combined with a set of cryptographic tools called Kraken, which were released last week, "even encrypted calls and text messages can be decoded," he said.

To test phones for interception capability you need: the Airprobe software and a computer; a programmable radio for the computer, which costs about $1,000; access to cryptographic rainbow tables that provide the codes for cracking GSM crypto (another Nohl project); and the Kraken tool for cracking the A5/1 crypto used in GSM, Nohl said.

More information about the tool and the privacy issues is on the Security Research Labs Web site.


Monday 15 February 2010

New Technologies for Mobile Phone Theft prevention

Design Out Crime: Mobile Phone solutions from Design Council on Vimeo.


Three prototype solutions for preventing mobile phone theft have been unveiled.

The i-migo, the 'tie' solution and TouchSafe have been developed to counter crimes such as mobile phone identity fraud, which rose by over 70 per cent in 2009.

TouchSafe uses Near Field Communications (NFC) technology similar to that used by the Oyster Card and requires the handset's owner to carry a small card with them that they touch on the phone every time they make a purchase.

The 'tie' solution makes an association between a handset and theSIM chip so that other SIMs cannot be used on the handset should the mobile phone be stolen.

And the i-migo is a small device carried by the mobile phone's owner that sounds an alert and locks the handset should it be taken outside of a set range. Additionally, it automates the back-up of any data stored on the device.

The prototypes were inspired by a Home Office initiative to develop new ways of preventing mobile phone theft and will be shown off atMobile World Congress in Barcelona next week.

Home Office Minister Alan Campbell said: "As new technology creates new opportunities for the user it can also provide criminals with opportunities as well.

"I believe the solutions developed by this challenge have the potential to be as successful as previous innovations like Chip and Pin, which reduced fraud on lost or stolen cards to an all-time low, and would encourage industry to continue working with us and take them up," Campbell continued.

Monday 25 January 2010

LTE/EPS Security Starting point


Recently a colleague wanted to know from where should he start reading about LTE/SAE security. The obvious answer was 3GPP TS 33.401 which is the specification and provides complete details. It seems that some people get scared when they start looking at the specs and in that case it is preferable to have a book chapter or something similar that could provide useful information.

Agilent, the T&M manufacturers released a book last year on LTE and the chapter on the Security is freely available on the web which I have also stored on the 3G4G website. It is a good starting point and provides basic details that technically minded people may find useful.

You can have a look at the Security chapter here.

Tuesday 3 November 2009

Wavesecure: Helping track lost phones


Siliconindia organized Mobile Applications Conference (MAC) on October 31, where 25 mobile companies exhibited their applications and presented their business plans in NIMHANS (National Institute of Mental Health and Neuro Sciences) convention center, Bangalore, in front of around 400 people and entrepreneurs. Industry leaders within the mobile space also put some light on where the industry is headed and how entrepreneurs and developers can take advantage.

TenCube, whose anchor product, WaveSecure, is the market leading mobile security suite recognized by customers and analysts, won the best mobile application award. TenCube was the unanimous choice of judges as well as the audience. It got 71 votes followed by Eterno Infotech and Divium, which got 37 and 36 votes respectively. Originally developed for police and military use in Singapore, WaveSecure has become Nokia's preferred mobile security product, chosen to be bundled into millions of premium Nokia devices. It is also the preferred security service selected by leading operators like Telenor and SingTel for their subscribers.

Very interesting FAQ's for those interested.

See Demo below:

Thursday 27 August 2009

Security of Mobiles and Networks to be tested soon


Security researcher Karsten Nohl has issued a hacking challenge that could expose T-Mobile and AT&T cell phone users -- including Gphone and iPhone patrons -- to eavesdropping hacks within six months.

Nohl, a computer science Ph.D/ candidate from the University of Virginia, is calling for the global community of hackers to crack the encryption used on GSM phones. He plans to compile this work into a code book that can be used to decipher encrypted conversations and data that gets transmitted to and from GSM phones.

Nohl’s motive: he wants to compel the telecoms to address a security weakness that has been known for years. He estimates it will take 80 volunteer programmers six months to crunch the data to break the GSM encryption; 160 volunteers could cut that time to six weeks.“It looks like in a matter of months criminals world-wide will be able to intercept mobile phone conversations,” says Simon Bransfield-Garth, CEO of mobile security firm Cellcrypt. “The immediate impact is not just businesses and corporations, but potentially all of us who use mobile phones.”

The Chaos Computer Club has told the FT that in the couple of months it will be releasing code capable of cracking GSM with just a laptop and an antenna.

In comments made to the German edition of the Financial Times, the hacking group claims that governments, and criminals, are already using the technique which can break the encryption used to protect 2G GSM calls in near-real time using existing systems. The group says a public exposure of the technique will take place in the next month or two and allow anyone equipped with a laptop and an antenna to listen in to GSM phone calls.

GSM uses a range of algorithms for key generation, authentication, and encrypting connections. This latest crack is focused on the last element which relies on a range of algorithms known as A5 and numbered from zero to three. A5/0 indicates that no encryption is used, such as in countries still under ITAR* restrictions, A5/1 is the European standard that seems to be the target of this latest breach, A5/2 is used in the USA and generally considered weaker than A5/1, while A5/3 is the strongest of the lot and mandated by the 3G GSM standard.

GSM has been cracked before, the early algorithms used were weak and kept secret (and thus not exposed to public scrutiny), a situation made worse by network operators padding the keys with zeros to reduce the cost of SIM cards. This made a weak algorithm that relied on obscurity even weaker. But since then, the standard has proved surprisingly secure, and even today specialist equipment will take half an hour to break a call, so real-time listening to GSM calls has been restricted to James-Bond types with unlimited budgets.

But the Chaos Computer Club reckons they've found a way to share those super-spy eavesdropping capabilities with anyone, which should have implications for celebrities using mobile phones, but will probably have a more immediate impact on low-level drug dealers who've long relied on the security of GSM for their business.

All encryption breaks eventually, as computing power rises, and systems like GSM are designed with a specific lifetime during which the encryption is expected to remain secure. Changing the encryption is possible, but A5 is managed by the handset rather than the SIM and network operators have to support legacy handsets for long periods even if the latest models could be equipped with better encryption.

But the rest us will probably just hold tight until everyone is using 3G networks, at least in developed countries, where A5/3 is used and should remain secure for another decade or two.

Wednesday 8 July 2009

Wireless Cellular Security

Arvind, an old colleague recently spoke in ACM, Bangalore on the topic of Security. Here is his presentation:







There are lots of interesting Questions and Answers. One interesting one is:

Does number portability mean that data within an AuC is compromised?

Not really. Number portability does not mean sensitive data from old AuC are transferred to the new AuC. The new operator will issue a new USIM which will have a new IMSI. Number portability only means that MSISDN is kept the same for others to call the mobile. The translation between MSISDN and IMSI is done at a national level register. Such a translation will identify the Home PLMN and the HLR that’s needs to be contacted for an incoming call.
That’s the theory and that’s how it should be done. It will be interesting to know how operators in India do this.

You can read all Q&A's here.

I wrote a tutorial on UMTS security many years back. Its available here.

Friday 10 April 2009

HSPA based Laptop Enabler/Disabler

Ericsson (NASDAQ:ERIC) today unveiled its most advanced mobile broadband module, uniquely designed with innovative features to provide a richer and cost-effective internet experience for all. The next-generation module marks the latest milestone for Ericsson, furthering the company's vision of an all-connected world.

Ericsson's F3607gw mobile-broadband module for HSPA/GPRS/EDGE networks, to be released in June, will provide enhanced functionality and convenience through its innovative features, reduced power consumption, prolonged battery life and an increased level of integration, reducing the number of necessary components and therefore cost. The new module will also provide built-in mobile broadband support for Microsoft Windows 7.

Mats Norin, Vice President of Ericsson Mobile Broadband Modules, says: "The combination of leading technology and innovative design in the next-generation module is key to delivering a superior user experience at an affordable price. This module release confirms Ericsson's commitment to making the benefits of connectivity available to everyone."

An important facet of the F3607gw is the unique wake-on wireless feature. By remaining connected while a notebook or netbook is in sleep mode, the module's wake-on wireless feature enables users to remotely wake up the device. This innovative technology will allow a new set of applications to be built into the computer to further enhance security and instant-on functionalities, such as the ability to disable the computer in case of theft, or instant distribution of important messages and security updates.

Operators can also combine the wake-on wireless feature and embedded GPS functionality to create a range of differentiating services for consumers and the enterprise market, including remote manageability, security updates, asset protection and tracking and geo-fencing. The module can also be used for content push services, such as podcasts, public warnings, traffic updates and database updates.

Specifically, the wake-on wireless feature supports security solutions based on Intel's Anti-Theft PC Protection Technology. An anti-theft management service in the network can send a message via SMS to the mobile-broadband module inside the notebook, which securely transfers the message to Intel's Anti-Theft function inside the processor platform. This takes appropriate actions, such as completely locking the computer and making it unusable. When the notebook is located and recovered, an unlock message can be sent to the notebook that makes the data accessible again.

Thursday 5 February 2009

100% secure Zumba Lumba Phone to be available soon

Its a really catchy name and I may just buy it because of the name ;)

Rather than being developed by one of the world's large, well known handset manufacturers, the Zumba is being developed by IA Technologies, based in Hereford in the UK, using the brand name, Zumba Lumba.
It is being touted as potentially revolutionising the industry, due to what its makers claim is the world’s most accurate voice recognition system.

The Zumbafone could be available by the end of this year, according to reports.

The innovation is a circular pad that can be placed over the ear and detaches from a small handset that contains a circular dial pad and screen. Simply removing the earpiece pad from the handset activates a connection to the internet. You then simply say the name of a contact to dial a number or send a text. When you receive a text it can them be read out to you.

No contact information is stored on the handset itself, with all data being held ‘in the cloud’, which the makers say makes the phone 100 per cent secure. As it is fully tied to voice recognition, the claim is that if lost, the phone cannot be used by anyone else.

The phone is aimed as a low cost, or secondary phone, so eschews features such as high resolution screen and camera.

Low cost, simple and a refreshing new way to communicate

Unlike any other mobile phone or phone service

Designed and developed to become a real and exciting alternative

An everyday phone, or simply a back-up phone, Zumba strips away the complexity and expense of heavily featured handsets and introduces a fresh new way of making calls. Zumba does away with the need to remember phone numbers - you simply say your contact’s name and Zumba will connect you.

Because the Zumbafone is so exceptionally light and small it can be worn. As you can see from the pictures, it has a detachable keypad and screen which means you can wear it by slipping it over your ear.

Zumba has already been in development for three years and is in the final stages of development this year. We are looking forward to bringing our service to market and making its many benefits available to all.


You can watch Youtube video of ZumbaLumba:



Thursday 29 January 2009

LTE Femtocells Killer App: Wireless HDD

Just read this article:

Security appears to be all washed up, as USB sticks with sensitive data are being left regularly in pockets when workers take their clothes to be cleaned at laundrettes.

According to a survey from Credant Technologies, who claims that 9,000 USB sticks have been forgotten and left in pockets of clothes taken to dry cleaners. These figures were obtained from phone interviews with 500 dry cleaners across the UK, who found an average of two USB keys per year. Extrapolating this to the 4,500 dry cleaners in the UK leads to the 9,000 figure.

Data sticks are most frequently found in city centres and commuter areas with one proprietor in the City of London finding 80 memory sticks in 2008 alone.

Back in the LTE world summit last year, one of the things I mentioned was, that once LTE Femtocells are available we may be able to create innovative and groundbreaking applications to run on it. I was aware of some people suggesting that the broadband providers may throttle the backhaul traffic on the Femto but I was assured by one person from Sweden (or Finland ... cant recall for sure) that in the Nordics there is already upto 100Mbps speeds available and most of the people use P2P networks thereby consistently loading the ISP's. He did not think that there will be a problem.

One of the applications I suggested was a wireless Hard Disk Drive (HDD) or maybe a better term would be mobile USB (MUSB). The following slides are extracted from my presentation as I am being a bit lazy (and busy) to put them here.




As always, I am happy to receive feedback, comments, criticisms, etc, etc.

Thursday 24 April 2008

Security Upgrade from Release 7

For those familiar with the 3G Security (Ciphering + Integrity) architecture will know this well that there is only one Integrity algorithm (UIA1) defined and it is mandatory. On the other hand there are two ciphering algorithms (UEA0 and UEA1) defined. UEA0 in reality means no Ciphering ;). UIA1 and UEA1 are both based on Kasumi algorithm. UEA1 is f8 and UIA1 is f9 algorithms of Kasumi. (Please feel free to correct my terminology if you think its wrong).

From Release 7 there are some additional provisions made for increasing the security.

First lets talk about GSM. Initially only a5_1 and a5_2 algorithms were defined for GSM. They have not been compromised till date and are still secure. Still some new algorithms have been defined to make sure there is a backup if they are ever compromised. a5_3, a5_5 and a5_8 have been defined for GSM/GPRS and GEA3 defined for EDGE.

For UMTS, UEA2 and UIA2 have been defined. They are based on 'Snow 3G' algorithm. Kasumi is a 'blockcipher' algorithm whereas Snow 3G is 'streamcipher'. The interesting thing as far as I understand is that even though this is defined and mandatory for UEs and N/w from Rel7, it wont be used but will only serve as backup. More on this topic can be learnt here.

More detailed information on UIA2 and UEA2 is available here.

There are some enhancements coming in the SIM as well. At present all the Keys are 128bits but there should be a provision that in future, 256 bits can be used.

There are some extensive overhauling of IMS security as well but I havent managed to get a good understanding of that yet.

All the reports from the 3rd ETSI Security Workshop held on Jan 15-16 2008 are available here.