Date of Award
Master of Science
Man in the middle attacks on 3G UMTS have been a known vulnerability since at least 2004. Many experts have presented solutions to resolve this issue. The first attempt to mitigate the issue in the form of mutual authentication fell short. It is now public knowledge that law enforcement and the FBI have used this man in the middle style attack to collect intelligence within the United States. It is imperative we openly acknowledge that while the man in the middle attack has immediate benefits, there are also inherent risks to maintaining a lower standard of security.
There has been no official documentation from these agencies on the protocol used to conduct these collections. This paper will outline the deficiency in GSM and UMTS, show how a man in the middle style attack would work and what is keeping the attack still possible after so many years.
Finally, there will be four points to consider for preliminary policy reform; constitutionality, oversight, vulnerability, and protection.
Jennifer Lynn Adesso
Adesso, Jennifer Lynn, "3G UMTS man in the middle attacks and policy reform considerations" (2015). Graduate Theses and Dissertations. 15128.