Embedded Files
Introduction
Introduction
Even if you are not talking on your cell phone, your phone is constantly sending and receiving information. It is talking to its cell phone tower over a pathway called a control channel. The reason for this chatter is so that the cell phone system knows which cell your phone is in, and so that your phone can change cells as you move around. Every so often, your phone and the tower will exchange a packet of data that lets both of them know that everything is OK.
Your phone also uses the control channel for call setup. When someone tries to call you, the tower sends your phone a message over the control channel that tells your phone to play its ringtone. The tower also gives your phone a pair of voice channel frequencies to use for the call.
The control channel also provides the pathway for SMS messages. When a friend sends you an SMS message, the message flows through the SMSC, then to the tower, and the tower sends the message to your phone as a little packet of data on the control channel. In the same way, when you send a message, your phone sends it to the tower on the control channel and it goes from the tower to the SMSC and from there to its destination.
The actual data format for the message includes things like the length of the message, a time stamp, the destination phone number, the format, etc.
Security
Security
GSM includes some protection through cryptography. The mobile phone and the provider (i.e. the base station which is part of the provider's network) authenticate each other relatively to a shared secret, which is known to the provider and stored in the user's SIM card.
GSM encryption is only for the radio link. How is data secured within the provider's network, and between the provider and the server which wants the SMS to be sent, is out of scope of the GSM specification. So anything goes. Anyway, if the attacker is the provider, you lose. Law enforcement agencies, when they want to eavesdrop on people, typically do so by asking nicely to the providers, who invariably comply.
Reference
Reference
http://security.stackexchange.com/questions/11493/how-hard-is-it-to-intercept-sms-two-factor-authentication
http://computer.howstuffworks.com/e-mail-messaging/sms.htm
Page updated
Google Sites
Report abuse