Full Text

1 Introduction

IMSI (International Mobile Subscriber Identity) catchers are devices constructed to execute a man in the middle attack of mobile phone network traffic. These towers can be used to intercept voice calls, texts, and data (such as web browsing)[8]. Federrath notes, "IMSI Catcher(s) [are] capable of signaling to the mobile phone that it should discontinue using encryption on the radio link." [7]. Due to this security flaw in the Global System for Mobile communication (GSM), phones that associate with an IMSI catcher may not be using encryption to secure data in transit if the tower did not tell the device to use an encryption method. This vulnerability results in the attacker possessing the capability to see all data to and from the device. This information allows for an attacker to associate an individual based on their unique individual mobile subscriber identity (IMSI) stored on the mobile device's SIM (Subscriber Identity Module) with a mobile device at a specific location (if telecommunication providers were subpoenaed for such information). A SIM is used to uniquely identify a user for subscription purposes and includes the user's IMSI [9].

2 GSM

GSM is a standard developed to describe cellular network protocols that a large market share of cell phones. The original specifications were developed by the European Telecommunication Standards Institute (ETSI)[23]. As of February 2015, there are approximately 3.6 billion mobile subscribers [11]. Historically, parts of the GSM protocol have been kept proprietary [24]. These "secret items" include encryption and authentication methods. Welte notes, "The specifications of the GSM proprietary On-air encryption A5/1 and A5/2 are only made available to GSM baseband chip makers who declare their confidentiality."[24]. In an effort to make GSM obtainable for...