Scribd Logo
Upload

Welcome to Scribd!

  • MCC Expt 5 GSM A3

    Uploaded by

    Alka
    8 views6 pages
    This document describes experiment 5 on implementing the GSM A3 authentication algorithm. The experiment involves: 1. Explaining the GSM security services including access control, authentication, and confidentiality. 2. Describing the A3 authentication algorithm which generates a signed response (SRES) from a random challenge (RAND) and secret key (Ki). 3. Implementing the A3 algorithm in Python by performing XOR operations on halves of the RAND and Ki. 4. Testing the implementation by generating a RAND, comparing the calculated SRES to the actual SRES, and verifying a user's authentication.

    Original Description:

    Original Title

    MCC Expt 5 GSM A3.docx

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document describes experiment 5 on implementing the GSM A3 authentication algorithm. The experiment involves: 1. Explaining the GSM security services including access control, authentication, and confidentiality. 2. Describing the A3 authentication algorithm which generates a signed response (SRES) from a random challenge (RAND) and secret key (Ki). 3. Implementing the A3 algorithm in Python by performing XOR operations on halves of the RAND and Ki. 4. Testing the implementation by generating a RAND, comparing the calculated SRES to the actual SRES, and verifying a user's authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    8 views6 pages

    MCC Expt 5 GSM A3

    Uploaded by

    Alka
    This document describes experiment 5 on implementing the GSM A3 authentication algorithm. The experiment involves: 1. Explaining the GSM security services including access control, authentication, and confidentiality. 2. Describing the A3 authentication algorithm which generates a signed response (SRES) from a random challenge (RAND) and secret key (Ki). 3. Implementing the A3 algorithm in Python by performing XOR operations on halves of the RAND and Ki. 4. Testing the implementation by generating a RAND, comparing the calculated SRES to the actual SRES, and verifying a user's authentication.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 6

    Department of Computer Engineering Exp. No.

    Semester B.E. Semester VII – Computer Engineering


    Subject Mobile Application Development Technology Lab
    Subject Professor In-charge
    Assisting Teachers
    Laboratory M314A

    Student Name
    Roll Number 17102A0057
    Grade and Subject
    Teacher’s Signature

    Experiment Number 5

    Experiment Title Implementation of Authentication Algorithm in GSM -A3


    Security Algorithm
    Resources Required Hardware: Programming Language :
    Computer system Python/Java/C/C++
    Theory GSM offers several security services using confidential
    information stored in the AuC and in the individual SIM
    (which is plugged into an arbitrary MS). The SIM stores
    personal, secret data and is protected with a PIN against
    unauthorized use. (For example, the secret key Ki used for
    authentication and encryption procedures is stored in the
    SIM.) The security services offered by GSM are explained
    below:

    ● Access control and authentication: The first step includes


    the authentication of a valid user for the SIM. The user needs
    a secret PIN to access the SIM. The next step is the subscriber
    authentication. This step is based on a challenge-response
    scheme as presented in section

    ● Confidentiality: All user-related data is encrypted. After


    authentication, BTS and MS apply encryption to voice, data,
    and signaling. This confidentiality exists only between MS
    and BTS, but it does not exist end-to-end or within the whole
    fixed GSM/telephone network.
    Department of Computer Engineering Exp. No.5
    ● Anonymity: To provide user anonymity, all data is
    encrypted before transmission, and user identifiers (which
    would reveal an identity) are not used over the air. Instead,
    GSM transmits a temporary identifier (TMSI), which is newly
    assigned by the VLR after each location update. Additionally,
    the VLR can change the TMSI at any time.

    Authentication:

    Authentication Before a subscriber can use any service from


    the GSM network, he or she must be authenticated.
    Authentication is based on the SIM, which stores the
    individual authentication key Ki, the user identification IMSI,
    and the algorithm used for authentication A3. Authentication
    uses a challenge-response method: the access control AC
    generates a random number RAND as challenge, and the SIM
    within the MS answers with SRES (signed response).The AuC
    performs the basic generation of random values RAND,
    signed responses SRES, and cipher keys Kc for each IMSI,
    and then forwards this information to the HLR. The current
    VLR requests the appropriate values for RAND, SRES, and
    Kc from the HLR. For authentication, the VLR sends the
    random value RAND to the SIM. Both sides, network and
    subscriber module, perform the same operation with RAND
    and the key Ki, called A3. The MS sends back the SRES
    generated by the SIM; the VLR can now compare both values.
    If they are the same, the VLR accepts the subscriber,
    otherwise the subscriber is rejected.
    Department of Computer Engineering Exp. No.5

    A3 Algorithm Flow

    A3 Algorithm Generation of SRES


    Department of Computer Engineering Exp. No.5

    Program:
    import random

    def A3(rand, K):


    left_rand = rand[:64]
    right_rand = rand[64:]

    left_k = K[:64]
    right_k = K[64:]

    lhs_xor = []
    rhs_xor = []

    for i in range(64):
    lhs_xor.append(left_rand[i] ^ right_k[i])
    rhs_xor.append(right_rand[i] ^ left_k[i])

    result = []
    for i in range(64):
    result.append(lhs_xor[i] ^ rhs_xor[i])

    sres = []
    lhs_result = result[:32]
    rhs_result = result[32:]

    for i in range(32):
    sres.append(lhs_result[i] ^ rhs_result[i])

    sres = [str(x) for x in sres]


    sres = int("".join(sres), 2)

    return sres

    def A3_test():
    print("\nTesting A3 Algorithm")
    Department of Computer Engineering Exp. No.5
    global stored_Ki
    global rand

    user_Ki = [int(x) for x in list(bin(int(input("Enter User Ki:


    ")))[2:])]
    user_Ki = (128 - len(user_Ki)) * [0] + user_Ki

    actual_sres = A3(rand, stored_Ki)


    user_sres = A3(rand, user_Ki)

    print("Stored Ki =", int("".join([str(x) for x in stored_Ki]),


    2))

    if actual_sres == user_sres:
    print("Authentication Complete")
    print("SRES =", actual_sres)
    else:
    print("Authentication Failed")

    stored_Ki = 128
    stored_Ki = [int(x) for x in list(bin(stored_Ki)[2:])]
    stored_Ki = (128 - len(stored_Ki)) * [0] + stored_Ki

    rand = []
    for i in range(128):
    rand.append(random.choice([0, 1]))

    A3_test()
    Output

    Conclusion Implementation of A3 authentication algorithm for GSM


    architecture is successfully completed.
    Department of Computer Engineering Exp. No.5

    You might also like