Security Analysis of the Terrestrial Trunked Radio (TETRA) Authentication Protocol
Journal article, Peer reviewed
Accepted version
Permanent lenke
http://hdl.handle.net/11250/2391806Utgivelsesdato
2013Metadata
Vis full innførselSamlinger
Originalversjon
Norsk Informasjonssikkerhetskonferanse (NISK) 2013;2(1):88-99Sammendrag
We present a security analysis of the widely-deployed Terrestrial Trunked Radio (TETRA) authentication protocol, where we find that the TETRA authentication protocol suffers from flaws that allow an attacker to defeat basic authentication properties that are normally required in secure operations. In order to launch an attack, an adversary only needs to control the radio link communication ( e.g., by impersonating as a base station). This attack can be used to reduce the users' availability of the network access, which may cause serious consequences in an emergency scenario: a targeted mobile station may falsely show that it is connected to the network while, in fact, the mobile station is unable to receive network communications. Based on this analysis, we propose a strengthened authentication protocol for the TETRA system, and formally verify security properties for our protocol proposal using the automated tool Scyther.