{"title":"掉队者被吃掉:GSM移动银行应用的安全问题","authors":"Michael Paik","doi":"10.1145/1734583.1734597","DOIUrl":null,"url":null,"abstract":"The first GSM standard was published in 1989 [10], fully two decades ago. Since then, cryptanalysis has weakened or broken significant parts of the original specification. Yet many of these compromised pieces remain in common use, particularly throughout the developing world.\n This state of affairs presents a significant risk given the recent proliferation of high visibility and high value targets within the branchless banking space in the developing world such as M-PESA, GCASH, mChek, and Zap, each of which makes use of SIM Toolkit (STK) security measures, but in an obfuscated manner.\n This paper will present an overview of recent developments in GSM security and outline the need for increased cooperation and standardization in the face of rapidly eroding security measures currently in place for 2G GSM.","PeriodicalId":88972,"journal":{"name":"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications","volume":"279 1","pages":"54-59"},"PeriodicalIF":0.0000,"publicationDate":"2010-02-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"41","resultStr":"{\"title\":\"Stragglers of the herd get eaten: security concerns for GSM mobile banking applications\",\"authors\":\"Michael Paik\",\"doi\":\"10.1145/1734583.1734597\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The first GSM standard was published in 1989 [10], fully two decades ago. Since then, cryptanalysis has weakened or broken significant parts of the original specification. Yet many of these compromised pieces remain in common use, particularly throughout the developing world.\\n This state of affairs presents a significant risk given the recent proliferation of high visibility and high value targets within the branchless banking space in the developing world such as M-PESA, GCASH, mChek, and Zap, each of which makes use of SIM Toolkit (STK) security measures, but in an obfuscated manner.\\n This paper will present an overview of recent developments in GSM security and outline the need for increased cooperation and standardization in the face of rapidly eroding security measures currently in place for 2G GSM.\",\"PeriodicalId\":88972,\"journal\":{\"name\":\"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications\",\"volume\":\"279 1\",\"pages\":\"54-59\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2010-02-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"41\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/1734583.1734597\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings. IEEE Workshop on Mobile Computing Systems and Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1734583.1734597","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Stragglers of the herd get eaten: security concerns for GSM mobile banking applications
The first GSM standard was published in 1989 [10], fully two decades ago. Since then, cryptanalysis has weakened or broken significant parts of the original specification. Yet many of these compromised pieces remain in common use, particularly throughout the developing world.
This state of affairs presents a significant risk given the recent proliferation of high visibility and high value targets within the branchless banking space in the developing world such as M-PESA, GCASH, mChek, and Zap, each of which makes use of SIM Toolkit (STK) security measures, but in an obfuscated manner.
This paper will present an overview of recent developments in GSM security and outline the need for increased cooperation and standardization in the face of rapidly eroding security measures currently in place for 2G GSM.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
