GSM uses authentication and encryption to provide security. Authentication involves generating a signed response (SRES) to a random challenge (RAND) using an authentication key (Ki) and algorithm (A3). Encryption uses a session key (Kc) generated from Ki and RAND by algorithm A8. The stream cipher A5 encrypts voice data using Kc and a frame number. GSM security protects conversations, signaling data, and prevents fraud through these methods of authentication, encryption, and temporary subscriber identities.

1. GSM SECURITY AND
ENCRYPTION
presenting By
---------
12#####
Under the Guidance of
------------------------

2. ABSTRACTThe motivations for security in cellular telecommunications
systems are to secure conversations and signaling data from
interception as well as to prevent Cellular telephone fraud.
With the older analog—based cellular telephone systems
such as the Advanced Mobile Phone System (AMPS)and the
Total Access Communication System(TACS),it is a relatively
simple matter for the radio hobbyist to intercept cellular
telephone Conversions with police scanner.

3. INTRODUCTION
•GSM(Global system for mobile communication) is one of
the most popular mobile.Communication standards.GSM is
a second generation(2G) communication standard.
There are many multiplexing techniques and the various
standards that fall under.The GSM communication system.

4. GSM SERVICES:
 The list of services available to GSM
subscribers typically includes the following: voice
communication.
 voice mail, short message transmission, data
transmission .
 call forwarding.

5. GSM ARCHITECTURE

6. GSM Architecture contains three sub system
Radio sub system (RSS)
Network sub system(NSS)
Operation sub system(OSS)

7. COMPONENTS OF RSS:
-> MT’S(Mobile Devices)
-> BTS’S(Base Transceivers
Stations)
-> BSC’S(Base Station Controllers)
COMPONENTS OF NSS:
-> MSC’S(Mobile Services
Switching Centre)
-> HLR’S(Home Location Register)
-> VLR’S(Visitor Location Register)
COMPONENTS OF OSS:
-> OMC(Operation and Maintenance
Centre)

8. GSM SECURITY FEATURES
 Key management is independent of equipment
 Subscribers can change handsets without compromising security
 Subscriber identity protection
 not easy to identify the user of the system intercepting a user data
 Detection of compromised equipment
 Detection mechanism whether a mobile device was compromised or
not
 Subscriber authentication
 The operator knows for billing purposes who is using the system

9. Detection of Compromised
Equipment
 International Mobile Equipment Identifier (IMEI)
 Identifier allowing to identify mobiles
 IMEI is independent of SIM
 Used to identify stolen or compromised equipment
 Equipment Identity Register (EIR)
 Black list – stolen or non-type mobiles
 White list - valid mobiles
 Gray list – local tracking mobiles
 Central Equipment Identity Register (CEIR)
 Approved mobile type (type approval authorities)
 Consolidated black list (posted by operators)

10. Key Management Scheme
 Ki – Subscriber Authentication Key
 Shared 128 bit key used for authentication of subscriber by the
operator
 Key Storage
 Subscriber’s SIM (owned by operator, i.e. trusted)
 Operator’s Home Locator Register (HLR) of the subscriber’s home
network
 SIM can be used with different equipment

11. Subscriber Identity Protection
 TMSI – Temporary Mobile Subscriber Identity
 Goals
 TMSI is used instead of IMSI as an a temporary subscriber identifier
 TMSI prevents an eavesdropper from identifying of subscriber
 Usage
 TMSI is assigned when IMSI is transmitted to AuC on the first phone
switch on
 Every time a location update (new MSC) occur the networks assigns
a new TMSI
 TMSI is used by the MS to report to the network or during a call
initialization
 Network uses TMSI to communicate with MS
 On MS switch off TMSI is stored on SIM card to be reused next time
 The Visitor Location Register (VLR) performs assignment,
administration and update of the TMSI

12. GSM SECURITY METHODS
Below methods are used for security
 Authentication
 Encryption

13. Authentication and Encryption Scheme
13
A3
Mobile Station Radio Link GSM Operator
A8
A5
A3
A8
A5
Ki Ki
Challenge RAND
KcKc
mi Encrypted Data mi
SIM
Signed response (SRES)
SRESSRES
Fn Fn
Authentication: are SRES
values equal?

14. SECURITY THROUGH AUTHENTICATION

15. Authentication
 AuC – Authentication Center
 Provides parameters for authentication and encryption
functions (RAND, SRES, Kc)
 HLR – Home Location Register
 Provides MSC (Mobile Switching Center) with triples
(RAND, SRES, Kc)
 Handles MS location
 VLR – Visitor Location Register
 Stores generated triples by the HLR when a subscriber is
not in his home network
 One operator doesn’t have access to subscriber keys of
the another operator.
15

16. A3 – MS Authentication Algorithm
 Goal
 Generation of SRES response to MSC’s random
challenge RAND
16
A3
RAND (128 bit)
Ki (128 bit)
SRES (32 bit)

17. A8 – Voice Privacy Key Generation
Algorithm
 Goal
 Generation of session key Ks
 A8 specification was never made public
17
A8
RAND (128 bit)
Ki (128 bit)
KC (64 bit)

18. Logical Implementation
of A3 and A8
 COMP128 is used for both A3 and A8 in most GSM
networks.
 COMP128 is a keyed hash function
18
COMP128
RAND (128 bit)
Ki (128 bit)
128 bit output
SRES 32 bit and Kc 54 bit

19. SECURITY TROUGH ENCRYPTION

20. A5 – Encryption Algorithm
 A5 is a stream cipher
 Implemented very efficiently on hardware
 Design was never made public
 Leaked to Ross Anderson and Bruce Schneier
 Variants
 A5/1 – the strong version
 A5/2 – the weak version
 A5/3
 GSM Association Security Group and 3GPP design
 Based on Kasumi algorithm used in 3G mobile systems
20

21. A5 Encryption
21
Mobile Stations Base Station
Subsystem
Exchange
System
Network
Management
Subscriber and terminal
equipment databases
BSC MSC
VLR
HLR
EIR
AUC
OMC
BTS
BTS
BTS
A5 Encryption

22. Logical A5 Implementation
22
A5
Kc (64 bit)Fn (22 bit)
114 bit
XOR
Data (114 bit)
A5
Kc (64 bit)Fn (22 bit)
114 bit
XOR
Ciphertext (114 bit) Data (114 bit)
Mobile Station BTS
Real A5 output is 228 bit for both directions

23. EXPLANATION
 A5 is a stream cipher consisting of three clock-controlled
LFSRs of degree 19, 22, and 23.
 The clock control is a threshold function of the middle bits
of each of the three shift registers.
 The sum of the degrees of the three shift registers is 64.
The 64-bit session key is used to initialize the contents of
the shift registers.
 The 22-bit TDMA frame number is fed into the shift
registers.
 Two 114-bit key streams are produced for each TDMA
frame, which are XOR-e d with the uplink and downlink
traffic channels.
 It is rumored that the A5 algorithm has an "effective" key
length of 40 bits.

24. CONCLUSION
 The security mechanisms specified in the GSM
standard make it the most secure cellular
telecommunications system available. The use of
authentication, encryption, and temporary
identification numbers ensures the privacy and
anonymity of the system's users, as well as
safeguarding the system against fraudulent use.

25. REFERENCES
 Van der Arend, P. J. C., "Security Aspects and the
Implementation in the GSM System," Proceedings of the
Digital Cellular Radio Conference, Hagen, Westphalia,
Germany, October, 1988.
 Biala, J., "Mobilfunk und Intelligente Netze," Friedr.,
Vieweg & Sohn Verlagsgesellschaft, 1994.
 Cooke, J.C.; Brewster, R.L., "Cyptographic Security
Techniques for Digital Mobile Telephones," Proceedings of
the IEEE International Conference on Selected Topics in
Wireless Communications, Vancouver, B.C., Canada, 1992.