The widespread use of wireless cellular networks has made security an ever
increasing concern. GSM is the most popular wireless cellular standard, but
security is an issue. The most critical weakness in the GSM protocol is the use
of one-way entity authentication, i.e., only the mobile station is authenticated
by the network. This creates many security problems including vulnerability
against man-in-the-middle attacks. Several solutions have been proposed to
establish mutual entity authentication. However, none provide a
aw-free
bilateral authentication protocol. In this paper, we show that a recently
proposed solution is vulnerable to a "type attack". Then, we propose a novel
mutual entity authentication using the TESLA protocol. The proposed solution
not only provides secure bilateral authentication, but also decreases the call
setup time and the required connection bandwidth. An important feature of
the proposed protocol is that it is compatible with the GSM standard.