GSM and GPRS performance of IPSEC data communication

Cellular Internet services must grapple with the added security threats posed by the radio transmission, open to eavesdropping. Furthermore, the combination of always-on connectivity and an interface to the public Internet means high speed data services has to cope with the same security issues that can be found in the wired environment.Confidentiality of GSM/GPRS communications has been provided only in BSME/GGSN-ME by COMP128/GEA+algorithms, whose strength is often not believed adequate for corporate/governmental requirements. Furthermore, A5/1 and A5/2 algorithms have been recently attacked with real time ciphertext only cryptanalysis by Barkan, Biham and Keller. To provide an adequate level of security, it is often argued to employ IPSec over the GSM/GPRS framework. We provide experimental evidences that IPSec is a viable solution to provide the desired level of security. In particular, the overhead generated is tolerable where high sensitive/critical communications take place. We expect that our findings could help better understanding how securing a deployed GSM/GPRS network which corporate/governmental infrastructures can rely on and what performances can be expected by using IPsec over these media.