Short note: Privacy and Authentication in GSM.

This question appears in Mumbai University > Mobile communication and computing subject

Marks: 10 M

Year: May 2015

1 Answer

1.The data being transmitted via GSM is in digital form and hence is much easier to carry out digital transformation, data encryption, scrambling and other known methods of protection against unauthorized access to transmitted information. i.e. Privacy

2.We system needs to verify before connecting two terminals if the connection has been tapped or compromised and that the authorized user is at both the ends of connection i.e. Authentication.

3.Various security measures are implemented in GSM transmission like :

  • Provide access to the network only after user authenticity’s verification.

  • Encrypt the transmitted data.

  • Usage of temporary mobile user identity number (e.g. TMSI)

Three algorithms have been specified for security services in GSM networks.

o Algorithm A3

  • Authentication

o Algorithm A5

  • Encryption

o Algorithm A8

  • Generation of Cipher Key

Subscriber Identity Module (SIM):

• The SIM card as it is popularly called is a microcontroller embedded plastic card is an important element ensuring security in GSM system.

• The SIM card is placed inside the Mobile device in the compartment allocated for it. Every Network operator provides his own SIM card during registration of phone.

• It is the main identity of user on a Cellular network. Since it is portable, we can also use a single card on multiple devices.

• Network operators also provide SIM replacement in case of theft of device or damage. Security service (e.g. Police Cyber Cell) tracks stolen phones from SIM data.

• A SIM card contains ROM, RAM and a NVM (Non-volatile memory)

• ROM contains the program for A3 and A8 algorithms in it.

• RAM is used for processing and storing real-time data.

• NVM is used for storing individual user’s parameters and data. The various parameter’s and data in NVM are :

  • Ki
  1. The user’s authentication key
  • IMSI
  1. International Mobile Subscriber Identity which is made up of Country code, network code and user’s number.
  • TMSI
  1. Temporary Mobile Subscriber Identity which is generated after a user register’s in a new VLR.
  • LAI
  1. Location Area Identifier.
  • Personal Phone-book.

  • Received SMS

  • PIN

  1. Personal Identification Number which identifies user with respect to the SIM card.

Authentication Process:

• The mobile network sends a pseudorandom number RAND (as seen in the figure below) to the Mobile Station(MS i.e. the user’s Cell phone)

• Now at the MS, a 32-bit electronic signature known as SRES is derived using the RAND received from the network.

• At the same time, the mobile network also calculates the SRES using the same RAND that it provided to the MS.

• Now the SRES calculated at the MS is sent to the network and compared.

• If both are identical, then the authentication is complete.

enter image description here

Encryption Process:

• The encryption process is achieved by the use of A5 algorithm. The security of this algorithm lies in the fact that the key is never transmitted over the air.

• The A5 algorithm is realized inside the mobile phone.

• The SIM card initially calculates the encryption-key Kc based on the key Ki and the RAND number received during authentication process.

• Now the using the Kc and the current 22-bit TDMA frame number, the A5 algorithm generates a 114-bit number.

• It is then modulo-2 added to the information bits (i.e. data) of the normal burst. This is the encrypted data. It’s then transmitted.

• Similarly, on the network operator’s side, the same process as above is carried out and final 114-bit number is generated.

• If the encrypted data and the 114-bit number generated by the operator is modulo-2 added, we get original data.

enter image description here

Please log in to add an answer.

Continue reading...

The best way to discover useful content is by searching it.