Sunday, March 14, 2010

security flaws


With extensively use of GSM system, some of its security flaws are being revealed gradually: the authentication process is a single directional process, which may be attacked by middleman; the encryption is not an end-to-end but a point-to-point process, so short messages transmit in the fixed network in the form of plain text, which could be easily accessed; the A5 algorithm used for encryption in GSM has been cracked, so it can't provide enough security any more; lacking of data integrity checking, and so on. As a result of these increasingly serious security issues, services carried by short message service perform an increasing lacking of enough security, which results in limitation of short message application in some fields those relate to confidential information, such as information system of police department, short message bank service of bank system.