Professional Documents
Culture Documents
SEP - GSM Authentication & Ciphering - Telecommunication Systems
SEP - GSM Authentication & Ciphering - Telecommunication Systems
Systems
Topic: GSM authentication & ciphering
Semester: 7th
Session: 2019-23
Submitted By:
Muhammad Talha Saleem Roll No: BS-IT(E)-19-37
GSM
GSM (Global System for Mobile Communications) is the most
widely used standard for mobile communications worldwide. One of
the key security features of GSM is the use of authentication and
ciphering to protect the communication between a mobile device
and the network.
Authentication
Authentication is the process of verifying the identity of the mobile
device, ensuring that only authorised devices are able to access the
network. This is done using a shared secret key, known as the Ki,
which is stored in both the SIM card and the network. When the
mobile device attempts to access the network, it sends a challenge
to the network, which the network then uses the Ki to encrypt and
send back to the mobile device. The mobile device then uses the Ki
to decrypt the challenge and send the result back to the network,
which verifies the identity of the mobile device.
Steps included in the authentication process:
● MS Request access to the network and send IMSI to MSC
● MSC forwards that IMSI to HLR and requests Authentication
Triplets
● HLR forwards that IMSI to AUC and requests Authentication
Triplets
● The AUC will use the IMSI to lookup the Ki associated with
that IMSI
● The AUC generates a Random number (RAND)
● Then Rand and Ki are inputted into A3 Algorithm, The output
is a Signed Response (SRES)
● Then Rand and Ki are inputted into A8 Algorithm, The output
is Ciphering Key (Kc)
Note: RAND, SRES, and Kcare Authentication Triplets
● 8AUC forward Authentication triplets to HLR
● 9HLR send them to MSC, MSC store SRES and Kc.
● 10 MSC forward only RAND number to MS
● MS has the Ki stored in SIM Card and gets RAND from MSC
● Then Rand and Ki are inputted into A3 Algorithm, The output
is a Signed Response (SRES)
● Then Rand and Ki are inputted into A8 Algorithm, The output
is Ciphering Key (Kc)
Note: RAND, SRES and Kcare the same as AUC generate