Measures of Central Tendency: Mean, Median and Mode
Authentication and Ciphering
1. CIPHERING
AND
AUTHENTICATION
IN GSM
Presented by : Mr. Che Sokunth
2. OBJECTIVES
Authentication
o To check whether the MS is authorized to access the network
oTo provide parameters that enable the MS to calculate a new ciphering
key
o To understand the Key Generation Algorithm
Ciphering
o To prevent user information and security over Um interface
o To understand the ciphering algorithm and involve parameter
PRESENTED BY: MR. SOKUNTH CHE
3. AUTHENTICATION
o When The Authentication procedure start?
The Subscriber data is changed in VLR or HLR
The MS first access to the network
The Kc is mismatch
The first time a subscriber initiated the service
MS originates a call.
MS is called.
MS is activated or deactivated.
Supplementary service is initiated.
PRESENTED BY: MR. SOKUNTH CHE
4. AUTHENTICATION OVERVIEW
oThe Authentication triplet: RAND, Kc and SERS
o When registering, each subscriber is assigned MSISDN and IMSI
o The SIM writer generate the IMSI and Ki
o The AuC use PRNG to generate the Random number RAND
oIn AuC. The RAND and Ki are used to generated SRES through
algorithm A3 and Kc through algorithm A8
PRESENTED BY: MR. SOKUNTH CHE
5. AUTHENTICATION PROCEDURE - 1
When a MS requests access to the network, the MSC/VLR will normally
require the MS to authenticate. The MSC will forward the IMSI to the HLR
and request authentication Triplets.
Request Access, IMSI Request
TMSI or IMSI Authentication Triplet
MS
MSC HLR
PRESENTED BY: MR. SOKUNTH CHE
6. AUTHENTICATION PROCEDURE - 2
When the HLR receives the IMSI and the authentication request, it first
checks its database to make sure the IMSI is valid and belongs to the
network. Once it has accomplished this, it will forward the IMSI and
authentication request to the Authentication Center (AuC).
Request Access, IMSI Request
TMSI or IMSI Authentication Triplet
MS MSC HLR
IMSI, Request Triplet
AuC
PRESENTED BY: MR. SOKUNTH CHE
7. AUTHENTICATION PROCEDURE - 3
The AuC will use the IMSI to look up the Ki associated with that IMSI.
The Ki is the individual subscriber authentication key. It is a 128-bit
number that is paired with an IMSI when the SIM card is created. The Ki
is only stored on the SIM card and at the AuC. The Auc will also generate
a 128-bit random number called the RAND.
IMSI
RAND
AuC
Ki
PRESENTED BY: MR. SOKUNTH CHE
8. AUTHENTICATION PROCEDURE - 4
The RAND and the Ki are inputted into the A3 encryption algorithm. The
output is the 32-bit Signed Response (SRES). The SRES is essentially
the "challenge" sent to the MS when authentication is requested.
AuC
RAND Ki
A3
SRES
PRESENTED BY: MR. SOKUNTH CHE
9. AUTHENTICATION PROCEDURE - 4
The RAND and Ki are input into the A8 encryption algorithm. The output
is the 64-bit Kc. The Kc is the ciphering key that is used in the A5
encryption algorithm to encipher and decipher the data that is being
transmitted on the Um interface.
AuC
RAND Ki RAND Ki
A3 A8
SRES Kc
PRESENTED BY: MR. SOKUNTH CHE
10. AUTHENTICATION PROCEDURE - 5
The RAND, SRES, and Kc are collectively known as the Triplets. The
AuC may generate many sets of Triplets and send them to the
requesting MSC/VLR. This is in order to reduce the signalling overhead
that would result if the MSC/VLR requested one set of triplets every time
it wanted to authenticate the. It should be noted that a set of triplets is
unique to one IMSI, it can not be used with any other IMSI.
AuC
RAND Ki RAND Ki
A3 A8
Triplet
RAND, SRES, Kc
RAND, SRES, Kc
RAND, SRES, Kc
SRES Kc
RAND, SRES, Kc
RAND, SRES, Kc
PRESENTED BY: MR. SOKUNTH CHE
11. AUTHENTICATION PROCEDURE - 6
Once the AuC has generated the triplets (or sets of triplets), it forwards
them to the HLR. The HLR subsequently sends them to the requesting
MSC/VLR.
IMSI Triplet
MSC HLR
IMSI Triplet
AuC
PRESENTED BY: MR. SOKUNTH CHE
12. AUTHENTICATION PROCEDURE - 7
The MSC stores the Kc and the SRES but forwards the RAND to the MS
and orders it to authenticate.
RAND RAND
MS MSC
SRER
Kc
PRESENTED BY: MR. SOKUNTH CHE
13. AUTHENTICATION PROCEDURE - 8
The MS has the Ki stored on the SIM card. The A3 and A8 algorithms
also reside on the SIM card. The RAND and Ki are inputted into the A3
and A8 encryption algorithms to generate the SRES and the Kc
respectively.
MS
RAND Ki RAND Ki
A3 A8
SRES Kc
PRESENTED BY: MR. SOKUNTH CHE
14. CIPHERING OVERVIEW
The information is ciphered on the Um interface. The implementation
of ciphering guarantees the information security and prevents user
information or conversation contents from unauthorized access by
using the same Kc
The A8 algorithm is used to generation the Kc base on the basic of
the capability of BTS and MS with the same Ki and RAND
The A5 algorithm is used to cipher and decipher the information
(Signaling, Speech and Data) between BTS and MS
NEs involved : MS, BTS, BSC, MSC/VLR, HLR and AUc
PRESENTED BY: MR. SOKUNTH CHE
15. KC AND ALGORITHMS SELECTION
oKc is computed on the MS and network side by using the A8 algorithm
(Ki and RAND)
oIn the call access procedure, the MS sends an Establish Indication
message to the BSC
• If ECSC set to No, Classmark 1 or Classmark 2 is sent, indicating that
MS support A5/1, A5/2 and A5/3 Ciphering Algorithm
• If ECSC set to Yes, Classmark 1, Classmark 2 and Classmark 3 is sent,
indicating that A5/1, A5/2, A5/3, A5/4, A5/5, A5/6, and A5/7 ciphering
algorithms.
PRESENTED BY: MR. SOKUNTH CHE
16. CIPHERING PROCEDURE
When the Authentication procedure is completed. The MSC send the Ciphering
Command message (Kc) that order MS should perform the Ciphering and which
Ciphering Algorithm should be used.
MS BSS MSC VLR HLR
1. Pre-send Triplet to VLR RAND
RAND
SDCCH
2. Authentication Request CKSN T3260 Start
SDCCH
2. Authentication Response
SRES
4. Starting Ciphering T3260 Stop
SDCCH/A5 Kc
5. Ciphering Mode Command
and Complete Kc
The ciphering procedure generally applies to location update, service access, and
inter-BSC handover
PRESENTED BY: MR. SOKUNTH CHE
17. CIPHERING PROCEDURE- COMPLETE
The BTS inputs the Kc and the data payload into the A5 encryption algorithm
resulting in an enciphered data stream. The MS also inputs the Kc and the
data payload into the A5 encryption algorithm resulting in an enciphered data
stream. It should be noted that the A5 algorithm is a function of the Mobile
Equipment (ME) and not the SIM card.
On receiving a valid Ciphering Mode message , MS load the Kc in the SIM card and
compare. If not, MS sends an RR Status Message – Protocol Error and no further
processing.
Data Data
MS A5 Ciphering Data A5
Kc Kc
PRESENTED BY: MR. SOKUNTH CHE
18. REFERENCE DOCUMENT
GBSS12.0 – Authentication and Ciphering
ETSI GSM TS 08.08
ETSI GSM TS 04.08
Telecomedu.blogspot.com
PRESENTED BY: MR. SOKUNTH CHE
The A5 ciphering algorithm generates a 114-bit encryption serial number a 114-bit decryption serial number based on the 64-bit Kc stored in the MS and the network3.3 Algorithm SelectionThe ciphering algorithms are selected on the basis of the capabilities of the network and MS.The process of selecting the ciphering algorithms is as follows:1. In the call access procedure, the MS sends an Establish Indication message to the BSC.- If the parameter ECSC in the system information is set to No, the MS reports Classmark 1 or Classmark 2, indicating whether the MS supports A5/1, A5/2, and A5/3 ciphering algorithms.- If the parameter ECSC in the system information is set to Yes, the MS reports Classmark 1, Classmark 2, and Classmark 3, indicating whether the MS supports A5/1, A5/2, A5/3, A5/4, A5/5, A5/6, and A5/7 ciphering algorithms.2. On receiving the Ciphering Mode Command message from the MSC, the BSC checks the classmarks reported by the MS. If the BSC does not receive Classmark 3, the BSC sends a Classmark Enquiry message to the MS, asking the MS to report Classmark 3. Classmark 3 defines whether an MS supports A5/4, A5/5, A5/6, and A5/7 ciphering algorithms.The selection of the ciphering algorithms follows the following principles:.. The ciphering algorithms to be adopted should be those allowed in the ciphering command delivered by the MSC, allowed in the BSC data configuration, and supported by the MS... The BSC selects the appropriate ciphering algorithms based on the priorities of the algorithms, and then sends an Encryption Mode Command message to the BTS.
If authentication is successful, the VLR will request the MSC to start ciphering procedures using the “Start Ciphering” message. This message contains information indicating whether ciphering is required. If authentication fails the HLR will be notified and an “Authentication Reject” message will be sent to the mobile.The MSC will start ciphering procedures by sending the “Ciphering Mode Command” This message contains the encryption information required by the BSS. The new mode is applied for reception on the network side after the message has been sent. In the CIPHER MODE COMMAND, the MSC specifies which of the ciphering algorithms may be used by the BSS. Upon receipt of the CIPHERING MODE COMMAND message indicating ciphering, the mobile station shall start transmission and reception in the indicated mode. Whenever the mobile station receives a valid CIPHERING MODE COMMAND message, it shall, if a SIM is present and considered valid by the ME and the ciphering key sequence number stored on the SIM indicates that a ciphering key is available, load the ciphering key stored on the SIM into the ME. The BSS then selects an appropriate algorithm, taking into account the MS ciphering capabilities. The CIPHER MODE COMPLETE message returned to the MSC indicates the chosen ciphering algorithm message to the BSS. Upon receipt of the CIPHERING MODE COMPLETE message the network starts transmission in the new mode. Whether the traffic or signaling information between the mobile and the BTS can be encrypted. Generally, A5 algorithms and KC(ciphering key) are used during the ciphering. For the encryption (MS or BTS) , the information is processed with KC via A5;for the decryption(BTS or MS),the received information is also processed with KC via A5.