Professional Documents
Culture Documents
GSM SIM & Security
GSM SIM & Security
Sub scri ber informati on, such as the IMS I (I nte rnation al Mob ile
Sub sc ri ber Id enti ty) , is stor ed in the Subscri ber Identity Mod ule
(SIM).
The Subscri ber Iden tity Mod ul e ( SIM) can be use d to store u ser-
def in ed inf ormatio n such as p hon ebook entr ies .
2
IMEI
International Mobile Equipment Identity
7
MSISDN
MSISDN refers to the 15-digit number that is
used to refer to a particular mobile station.
The actual mobile no. starting from the country
code
The MSISDN is the subscriber's mobile number
which is linked to the IMSI in the HLR.
Once the Mobile Station's MSISDN has been
used to identify the IMSI, the HLR verifies the
subscription records to ensure that the call can
be delivered to the last known location of the
Mobile Station.
8
Security algorithms in GSM
3 algorithms specified in GSM
A3 for authentication (“secret”, open
interface)
A5 for encryption (standardized)
A8 for key generation for ciphering
(“secret”, open interface)
9
Ki, Kc, RAND, and SRES
10
Kc is the 64-bit ciphering key used as a
Session Key for encryption of the over-the-air
channel.
Kc is generated by the Mobile Station from
the random challenge presented by the GSM
network and the Ki from the SIM utilizing the
A8 algorithm.
11
How do Authentication and Key
generation work in a GSM
network?
Encryption in the GSM network utilizes a
Challenge/Response mechanism.
The Mobile Station (MS) signs into the network.
12
Authentication Procedure
1. The MSC/VLR transmits the RAND to the MS.
2. The MS computes the signature SRES using RAND
and the subscriber authentication key (Ki) through
the A3 algorithm.
3. The signature SRES is sent back to MSC/VLR,
which performs authentication, by checking whether,
the SRES from the MS and the SRES from the AUC
match.
If so, the subscriber is permitted to use the network.
If not, the subscriber is barred from network access.
13
14
Authentication can by operator’s choice
be performed during:
Each registration
Each call setup attempt
Location updating
Before supplementary service activation
and deactivation
15
Ciphering
The Mobile Station generates a Session Key
(Kc) utilizing the A8 algorithm, the Individual
Subscriber Authentication Key (Ki) assigned
to the Mobile Station, and the random
challenge received from the Base Transceiver
Station.
The Mobile Station sends the Session Key
(Kc) to the Base Transceiver Station.
16
The Mobile Services Switching Center sends
the Session Key (Kc) to the Base Transceiver
Station.
The Base Transceiver Station receives the
Session Key (Kc) from the Mobile Services
Switching Center.
The Base Transceiver Station receives the
Session Key (Kc) from the Mobile Station.
The Base Transceiver Station verifies the
Session Keys from the Mobile Station and the
Mobile Services switching Center.
17
Encryption
The A5 algorithm is initialized with the
Session Key (Kc) and the number of the
frame to be encrypted.
Over-the-air communication channel
between the Mobile Station and Base
Transceiver Station can now be encrypted
utilizing the A5 algorithm.
This process authenticates the GSM Mobile
Station (MS) to the GSM network.
18
GSM - authentication
mobile network SIM
RAND
Ki RAND RAND Ki
A3 A3
SIM
SRES* 32 bit SRES 32 bit
SRES
MSC SRES* =? SRES SRES
32 bit
20
A3's task is to generate the 32-bit Signed
Response (SRES) utilizing the 128-bit random
challenge (RAND) generated by the Home
Location Register (HLR) and the 128-bit
Individual Subscriber Authentication Key (Ki)
from the Mobile Station's Subscriber Identity
Module (SIM) or the Home Location Register
(HLR).
22
The same Session Key (Kc) is used as long as
the Mobile Services Switching Center (MSC) does
not authenticate the Mobile Station again. In
practice, the same Session Key (Kc) may be in
use for days.
23
What algorithm is utilized for key
generation in GSM networks?
The key generation algorithm used in the GSM system is
known as the A8 algorithm.
26
The "Temporary Mobile Subscriber Identity"
(TMSI) is the identity that is most commonly
sent between the mobile and the network.
TMSI is randomly assigned by the VLR to
every mobile in the area, the moment it is
switched on.
The number is local to a location area, and so
it has to be updated, each time the mobile
moves to a new geographical area.
27
The network can also change the TMSI of the
mobile at any time.
And it normally does so, in order to avoid the
subscriber from being identified, and tracked
by eavesdroppers on the radio interface. This
makes it difficult to trace which mobile is
which
A key use of the TMSI is in paging a mobile
28
Subscriber Identity Confidentiality
Subscriber identity confidentiality means that
the IMSI is not disclosed to unauthorized
individuals, entities or processes.
This function protects a subscriber’s identity
when the subscriber is using PLMN resources.
It also prevents tracing the mobile
subscriber’s location by listening to the
signaling exchanges on the radio path.
29
Subscriber Identity Confidentiality contd..,
Each time a mobile station requests a system
procedure (e.g. location updating, call
attempt), the MSC/VLR can allocate a new
TMSI to an IMSI.
The MSC/VLR transmits the TMSI to MS that
stores it on the SIM card.
Signaling between MSC/VLR and MS utilizes
only the TMSI from this point on.
IMSI is only used in cases when location
updating fails or when the MS has no
allocated TMSI.
30
SIM Fe at ures
Must be tamper-resistant
Is removable from the terminal
Contains all data specific to the end user which have to
reside in the Mobile Station:
IMSI: International Mobile Subscriber Identity