1X Network
Results 1 to 5 of 5

Thread: 1X Network

  1. #1
    I'd rather be fishing DjM's Avatar
    Join Date
    Aug 2001
    Location
    The Great White North
    Posts
    1,867

    Question 1X Network

    I was wondering if anyone had any opinions (security wise) on the emerging 1X networks (similar to what is offered here).

    Has anyone checked out the security around this wireless network and does anyone have any concerns about it?

    Your comments are appreciated.

    Cheers:

    /edit

    More Info. Here
    DjM

  2. #2
    Member
    Join Date
    Jun 2003
    Posts
    57
    DjM,

    I Looked over the web site, and those cards operate on a GSM/GPRS cell phone network. They are Dual band and can hop between the 800 and 1900 Mhz frequency bands. SO just so you know as long as you have cellphone coverage the card will work and will "hand off" from tower to tower as you move if you are mobile. Will probably work great in any type of urban environment.

    As for security GSM uses a 128 bit RSA variant (Based off of 2 very very large prime numbers) So your data will be as secure as your cell phone conversations. the encryption is only used between the handset (Wan card or phone) and the GSM cell tower. After that it is carried on high capacity microwave, or fiber optic cable into the telephone network just like a call phone call. In ither words it is pretty secure. Way better than WEP, or even most VPN implementations.

    hope this helps.
    \"If you take a starving dog in off the street and make him prosperous he will not bite you, this is the principle difference between a dog and a man\" - Mark Twain

  3. #3
    Banned
    Join Date
    Mar 2004
    Posts
    28

    Security

    The security of the communications iss my concern in this area. The use of RSA and similar encryption would be a secure system to use, however these signals could be intercepted, and with enought time decrypted.

    Is it possible to use a larger frequency range for transmission?

  4. #4
    Member
    Join Date
    Jun 2003
    Posts
    57
    Angel,

    The signal is another level of security. GSM is broadcast on TDMA (Time Division Multiple Access) multiplexing scheme. you can't just pick it up with a scanner or record it without some fairly high tech gear and some training in Electrical (Radio Frequency) Engineering. You can't pick this stuff up at Radio Shack. (Bear with me, this is a very simplistic discription of a complex scheme.) The signal is digital, not analog, so you need a DSP (Digital SIgnal Processor) just to break it down into ones and zeros. Then you have to be able to identify which time slot the particular transmission of interest is contained in. Think of a cell phone conversation, there are 4-12 different conversations taking place on the same frequency digitized into different time slots. Then ther is the signalling, GSM doesn't transmit if no one is talking. If you have a Cingular, or AT&T digital phone (they are going to GSM) you may have experienced this. Sounds like the Phone goes dead until someone starts talking, that's because it is not actually receiving any transmission at that time. The entire thing is reused constantly to provide a great amount of efficiency. The signalling on the line indicates when packets for you are inbound and identifies the necessary info to track them and break your conversation back out.

    So without even dealing with the encryption, you have access to a wide band digital recorder and record the portion of the spectrum you are interested in. Then you need a specialized set up with a DSP just to break that down into a useable format. Then you have to be able to ID the packets you are interested in and lump those together. Remeber on a single chanel or frequency ther will be 4-12 actual calls simultaneously so you have to pick ut those that go together. The signalling channel is another frequency all together so requires another complete set up like the first, just to record them at the same time. Then you have to correlate the data from the 2 channels (Voice and Control) in order to reconstruct the session. Now take into account that the "Cell Tower" can change your freq at any time for any of a number of reasons, you can lose the rest of the conversation/transmission. If the "target" is mobile this will definitely happen. Also keep in mind that GSM defines a protocol, imagine if TCP were not defined somewhere. What does 01101110 really mean after all? Is it FTP, TCP, IP, PPP, BGP, Etc... you get my point. If you don't have access to the actual protocol good luck figuring it out.

    Remember that is a simple break down, now deal with the encryption! See my previous post regarding the encryption, and you can see that it is fairly secure. Now there are inteties out there (gov't) that can do a lot of this. But even they have trouble with the resources necessary to break the encryption. 128 bit cipher is no joke! Most of the implementations that have been broken or get broken are like network security issue. The fix is in the implementation not the science behind the encryption or the algorithm. GSM/GPRS has a very sound implementation. No one other than a Gov't entity very interested in what you are doing will go to all the trouble to get to your transmissions in this scheme. It takes expensive gear run by people with specialized training to break it out.

    In response to using more frequency space. These systems are dynamic and hop frequencies from tower to tower or even within the same tower based on many factors. they can even jump between the 2 noted freq bands 800 - and 1900 MHz. Consider how much cell phone traffic these bands are already handling, and realize that they have enough bandwidth leftover to also offer these data services. there will not be more bandwidth available until ther is profit in it for someone. RIght now and for thw next few years they are fine with what they already have.
    \"If you take a starving dog in off the street and make him prosperous he will not bite you, this is the principle difference between a dog and a man\" - Mark Twain

  5. #5
    Banned
    Join Date
    Mar 2004
    Posts
    28

    Hmm

    Gump

    what you say certainly has clarified the situation, but 128 bit encryption is not a viable option, do not have the formal training, but an interest in Cryptography, and am able to brute force most low level keys, and start at the higher end keys in terms of breaking, but still, i'll need a Cray to do anything.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides