Project

General

Profile

Make authentication of the BSC (more) secure

Mentor Holger Freyther
Skills C
Length 5 days

Goal

The nat authenticates a BSC by sending a token in clear text. A challenge and response mechanism should be used instead, e.g. the MILENAGE implementation of libosmocom could be used to implement challenge and response. The code can be found inside the BSC and NAT implementation.

Thoughts

This does not protect against someone hijacking the TCP connection after the initial connection setup.

Add picture from clipboard (Maximum size: 48.8 MB)