The document discusses security features in GSM cellular networks. It describes how older analog cellular systems had security vulnerabilities like the ability to intercept calls and clone phones. GSM introduced digital encryption to protect calls and authentication to verify subscribers' identities securely. The document outlines GSM's use of encryption algorithms, authentication protocols, and temporary IDs to secure communications and prevent fraud while maintaining users' privacy.
The global system for mobile communications (GSM) is a set of recommendations and specifications for a digital cellular telephone network (known as a Public Land Mobile Network, or PLMN). These recommendations ensure the compatibility of equipment from different GSM manufacturers, and interconnectivity between different administrations, including operations across international boundaries
The GSM network is comprised of the following components:
Network Elements
The GSM network incorporates a number of network elements to support mobile equipment. They are listed and described in the GSM network elements section of this chapter.
GSM subsystems
In addition, the network includes subsystems that are not formally recognized as network elements but are necessary for network operation. These are described in the GSM subsystems (non-network elements) section of this chapter.
Standardized Interfaces
GSM specifies standards for interfaces between network elements, which ensure the connectivity of GSM equipment from different manufacturers. These are listed in the Standardized interfaces section of this chapter.
Network Protocols
For most of the network communications on these interfaces, internationally recognized communications protocols have been used
These are identified in the Network protocols section of this chapter.
GSM Frequencies
The frequency allocations for GSM 900, Extended GSM and Digital Communications Systems are identified in the GSM frequencies section of this chapter.
The GSM network is comprised of the following components:
Network Elements
The GSM network incorporates a number of network elements to support mobile equipment. They are listed and described in the GSM network elements section of this chapter.
GSM subsystems
In addition, the network includes subsystems that are not formally recognized as network elements but are necessary for network operation. These are described in the GSM subsystems (non-network elements) section of this chapter.
Standardized Interfaces
GSM specifies standards for interfaces between network elements, which ensure the connectivity of GSM equipment from different manufacturers. These are listed in the Standardized interfaces section of this chapter.
Network Protocols
For most of the network communications on these interfaces, internationally recognized communications protocols have been used
These are identified in the Network protocols section of this chapter.
GSM Frequencies
The frequency allocations for GSM 900, Extended GSM and Digital Communications Systems are identified in the GSM frequencies section of this chapter.
GSM networks are digital and can cater for high system capacities. They are consistent with the world wide digitization of the telephone network, and are an extension of the Integrated Services Digital Network (ISDN), using a digital radio interface between the cellular network and the mobile subscriber equipment
The GSM system provides a greater subscriber capacity than analogue systems. GSM allows 25 kHz. Per user, that is, eight conversations per 200kHz. Channel pair (a pair comprising one transmit channel and one receive channel). Digital channel coding and the modulation used makes the signal resistant to interference from the cells where the same frequencies are re-used (co-channel interference); a Carrier to Interference Ratio (C/I) level of 9 dB is achieved, as opposed to the 18 dB typical with analogue cellular. This allows increased geographic reuse by permitting a reduction in the number of cells in the reuse pattern. Since this number is directly controlled by the amount of interference, the radio transmission design can deliver acceptable performance.
The global system for mobile communications (GSM) is a set of recommendations and specifications for a digital cellular telephone network (known as a Public Land Mobile Network, or PLMN). These recommendations ensure the compatibility of equipment from different GSM manufacturers, and interconnectivity between different administrations, including operations across international boundaries
The GSM network is comprised of the following components:
Network Elements
The GSM network incorporates a number of network elements to support mobile equipment. They are listed and described in the GSM network elements section of this chapter.
GSM subsystems
In addition, the network includes subsystems that are not formally recognized as network elements but are necessary for network operation. These are described in the GSM subsystems (non-network elements) section of this chapter.
Standardized Interfaces
GSM specifies standards for interfaces between network elements, which ensure the connectivity of GSM equipment from different manufacturers. These are listed in the Standardized interfaces section of this chapter.
Network Protocols
For most of the network communications on these interfaces, internationally recognized communications protocols have been used
These are identified in the Network protocols section of this chapter.
GSM Frequencies
The frequency allocations for GSM 900, Extended GSM and Digital Communications Systems are identified in the GSM frequencies section of this chapter.
The GSM network is comprised of the following components:
Network Elements
The GSM network incorporates a number of network elements to support mobile equipment. They are listed and described in the GSM network elements section of this chapter.
GSM subsystems
In addition, the network includes subsystems that are not formally recognized as network elements but are necessary for network operation. These are described in the GSM subsystems (non-network elements) section of this chapter.
Standardized Interfaces
GSM specifies standards for interfaces between network elements, which ensure the connectivity of GSM equipment from different manufacturers. These are listed in the Standardized interfaces section of this chapter.
Network Protocols
For most of the network communications on these interfaces, internationally recognized communications protocols have been used
These are identified in the Network protocols section of this chapter.
GSM Frequencies
The frequency allocations for GSM 900, Extended GSM and Digital Communications Systems are identified in the GSM frequencies section of this chapter.
GSM networks are digital and can cater for high system capacities. They are consistent with the world wide digitization of the telephone network, and are an extension of the Integrated Services Digital Network (ISDN), using a digital radio interface between the cellular network and the mobile subscriber equipment
The GSM system provides a greater subscriber capacity than analogue systems. GSM allows 25 kHz. Per user, that is, eight conversations per 200kHz. Channel pair (a pair comprising one transmit channel and one receive channel). Digital channel coding and the modulation used makes the signal resistant to interference from the cells where the same frequencies are re-used (co-channel interference); a Carrier to Interference Ratio (C/I) level of 9 dB is achieved, as opposed to the 18 dB typical with analogue cellular. This allows increased geographic reuse by permitting a reduction in the number of cells in the reuse pattern. Since this number is directly controlled by the amount of interference, the radio transmission design can deliver acceptable performance.
Introduction to GSM - an Overview of Global System for Mobile Communicationiptvmagazine
This slideshow explains the basic components, technologies used, and operation of Global System for Mobile Communication - GSM - systems. You will discover the evolution of GSM; 1st generation analog systems, 2nd generation GSM systems (digital voice), 3rd generation multimedia, and 4th generation wideband ultra broadband systems.
You will learn the key system components and basic services that GSM systems can provide. Discover the types of GSM devices which include mobile telephones, wireless PCMCIA cards, embedded radio modules, and external radio modems. The different types of services are described including voice services, data services, and messaging services.
Learn about the physical and logical radio channel structures of the GSM system along with the basic frame and slot structures. The operation of the GSM radio channels are explained including channel coding, modulation types, speech coding, RF power control, and mobile assisted handover. GSM radio channel have 8 time slots per frame and that some of these are used for signaling (control channels) and others are used for user traffic (voice and data).
LTE is designed with strong cryptographic techniques, mutual authentication between LTE network elements with security mechanisms built into its architecture.
With the emergence of the open, all IP based, distributed architecture of LTE, attackers can target mobile devices and networks with spam, eavesdropping, malware, IP-spoofing, data and service theft, DDoS attacks and numerous other variants of cyber-attacks and crimes.
Introduction to GSM - an Overview of Global System for Mobile Communicationiptvmagazine
This slideshow explains the basic components, technologies used, and operation of Global System for Mobile Communication - GSM - systems. You will discover the evolution of GSM; 1st generation analog systems, 2nd generation GSM systems (digital voice), 3rd generation multimedia, and 4th generation wideband ultra broadband systems.
You will learn the key system components and basic services that GSM systems can provide. Discover the types of GSM devices which include mobile telephones, wireless PCMCIA cards, embedded radio modules, and external radio modems. The different types of services are described including voice services, data services, and messaging services.
Learn about the physical and logical radio channel structures of the GSM system along with the basic frame and slot structures. The operation of the GSM radio channels are explained including channel coding, modulation types, speech coding, RF power control, and mobile assisted handover. GSM radio channel have 8 time slots per frame and that some of these are used for signaling (control channels) and others are used for user traffic (voice and data).
LTE is designed with strong cryptographic techniques, mutual authentication between LTE network elements with security mechanisms built into its architecture.
With the emergence of the open, all IP based, distributed architecture of LTE, attackers can target mobile devices and networks with spam, eavesdropping, malware, IP-spoofing, data and service theft, DDoS attacks and numerous other variants of cyber-attacks and crimes.
5 g business potential ieee 5g summit_110717_aMaria Boura
5G is not just another generation of mobile communications technology. 5G can be seen as "the network of networks" and it is going to have a profound impact on all human activities, the economy and the society. In fact, 5G can be seen as the digitalization catalyst for industries, as a variety of use cases will be either enhanced or created by the use of 5G. Immersive gaming, autonomous driving, remote robotic surgery and augmented reality support in maintenance and repair situations are just some of the use cases that will mostly benefit from the introduction of 5G. But what is the business potential of 5G? Ericsson, together with Arthur D. Little recently made a unique study in order to understand the industrial digitalization revenues for ICT players in 8 key industries. We have shared these findings with the IEEE 5G Summit's audience (Thessaloniki, July 11, 2017).
Smart Cities, IoT, SDN, 5G Networks, Cloud Computing… Managing Complexity wit...Bristol Is Open
Service & Content Providers’ Perspective of Smart Cities -How to enrich citizen experience using a pervasive urban SDN connectivity environment, Ramon Casellas
The Long Term Evolution (LTE) is the latest step in an advancing series of mobile telecommunications systems. In this paper, authors show interest on the security features and the cryptographic algorithms used to ensure confidentiality and integrity of the transmitted data. A closer look is taken upon EPS confidentiality and integrity algorithms. The authors also defined AKA, AS and NAS security and key derivations during normal Attach process and Handover also.
The leadership in the new digital age carved by the fourth industrial revolu...Osaka University
The Fourth Industrial Revolution = ICT+OT+AI
Startups: Innovation Driver
Innovations = Invention + Business Model
Successful Startups = Tech Insights + Business Insights + Leadership
Autonomous Organization
Unique Innovation Engines in Each Region
Billions of connected devices and things. Billions of people. 5G will provide connectivity for all of these things and people as well as businesses and industry, bringing benefit to society. Operating machinery in hazardous environments from a remote control will be enabled through near-zero latency communication links that enable real-time video. Billions of video-enabled devices will be able to share bandwidth-hungry content. These are just a few applications that illustrate what 5G will be designed for.
CDMA Transmitter and Receiver Implementation Using FPGAIOSR Journals
Abstract: Code Division Multiple Access (CDMA) is a spread spectrum technique that uses neither frequency channels nor time slots. With CDMA, the narrow band message (typically digitized voice data) is multiplied by a large bandwidth signal that is a pseudo random noise code (PN code). All users in a CDMA system use the same frequency band and transmit simultaneously. The transmitted signal is recovered by correlating the received signal with the PN code used by the transmitter. The DS - CDMA is expected to be the major medium access technology in the future mobile systems owing to its potential capacity enhancement and the robustness against noise. The CDMA is uniquely featured by its spectrum-spreading randomization process employing a pseudo-noise (PN) sequence, thus is often called the spread spectrum multiple access (SSMA). As different CDMA users take different PN sequences, each CDMA receiver can discriminate and detect its own signal, by regarding the signals transmitted by other users as noise- like interferences. In this project direct sequence principle based CDMA transmitter and receiver is implemented in VHDL for FPGA. Modelsim 6.2(MXE) tool will be used for functional and logic verification at each block. The Xilinx synthesis technology (XST) of Xilinx ISE 9.2i tool will be used for synthesis of transmitter and receiver on FPGA Spartan 3E. Keywords: CDMA, DSSS, BPSK, GOLD code.
Enterprise Excellence is Inclusive Excellence.pdfKaiNexus
Enterprise excellence and inclusive excellence are closely linked, and real-world challenges have shown that both are essential to the success of any organization. To achieve enterprise excellence, organizations must focus on improving their operations and processes while creating an inclusive environment that engages everyone. In this interactive session, the facilitator will highlight commonly established business practices and how they limit our ability to engage everyone every day. More importantly, though, participants will likely gain increased awareness of what we can do differently to maximize enterprise excellence through deliberate inclusion.
What is Enterprise Excellence?
Enterprise Excellence is a holistic approach that's aimed at achieving world-class performance across all aspects of the organization.
What might I learn?
A way to engage all in creating Inclusive Excellence. Lessons from the US military and their parallels to the story of Harry Potter. How belt systems and CI teams can destroy inclusive practices. How leadership language invites people to the party. There are three things leaders can do to engage everyone every day: maximizing psychological safety to create environments where folks learn, contribute, and challenge the status quo.
Who might benefit? Anyone and everyone leading folks from the shop floor to top floor.
Dr. William Harvey is a seasoned Operations Leader with extensive experience in chemical processing, manufacturing, and operations management. At Michelman, he currently oversees multiple sites, leading teams in strategic planning and coaching/practicing continuous improvement. William is set to start his eighth year of teaching at the University of Cincinnati where he teaches marketing, finance, and management. William holds various certifications in change management, quality, leadership, operational excellence, team building, and DiSC, among others.
Improving profitability for small businessBen Wann
In this comprehensive presentation, we will explore strategies and practical tips for enhancing profitability in small businesses. Tailored to meet the unique challenges faced by small enterprises, this session covers various aspects that directly impact the bottom line. Attendees will learn how to optimize operational efficiency, manage expenses, and increase revenue through innovative marketing and customer engagement techniques.
LA HUG - Video Testimonials with Chynna Morgan - June 2024Lital Barkan
Have you ever heard that user-generated content or video testimonials can take your brand to the next level? We will explore how you can effectively use video testimonials to leverage and boost your sales, content strategy, and increase your CRM data.🤯
We will dig deeper into:
1. How to capture video testimonials that convert from your audience 🎥
2. How to leverage your testimonials to boost your sales 💲
3. How you can capture more CRM data to understand your audience better through video testimonials. 📊
RMD24 | Retail media: hoe zet je dit in als je geen AH of Unilever bent? Heid...BBPMedia1
Grote partijen zijn al een tijdje onderweg met retail media. Ondertussen worden in dit domein ook de kansen zichtbaar voor andere spelers in de markt. Maar met die kansen ontstaan ook vragen: Zelf retail media worden of erop adverteren? In welke fase van de funnel past het en hoe integreer je het in een mediaplan? Wat is nu precies het verschil met marketplaces en Programmatic ads? In dit half uur beslechten we de dilemma's en krijg je antwoorden op wanneer het voor jou tijd is om de volgende stap te zetten.
Unveiling the Secrets How Does Generative AI Work.pdfSam H
At its core, generative artificial intelligence relies on the concept of generative models, which serve as engines that churn out entirely new data resembling their training data. It is like a sculptor who has studied so many forms found in nature and then uses this knowledge to create sculptures from his imagination that have never been seen before anywhere else. If taken to cyberspace, gans work almost the same way.
Implicitly or explicitly all competing businesses employ a strategy to select a mix
of marketing resources. Formulating such competitive strategies fundamentally
involves recognizing relationships between elements of the marketing mix (e.g.,
price and product quality), as well as assessing competitive and market conditions
(i.e., industry structure in the language of economics).
3.0 Project 2_ Developing My Brand Identity Kit.pptxtanyjahb
A personal brand exploration presentation summarizes an individual's unique qualities and goals, covering strengths, values, passions, and target audience. It helps individuals understand what makes them stand out, their desired image, and how they aim to achieve it.
Kseniya Leshchenko: Shared development support service model as the way to ma...Lviv Startup Club
Kseniya Leshchenko: Shared development support service model as the way to make small projects with small budgets profitable for the company (UA)
Kyiv PMDay 2024 Summer
Website – www.pmday.org
Youtube – https://www.youtube.com/startuplviv
FB – https://www.facebook.com/pmdayconference
Affordable Stationery Printing Services in Jaipur | Navpack n PrintNavpack & Print
Looking for professional printing services in Jaipur? Navpack n Print offers high-quality and affordable stationery printing for all your business needs. Stand out with custom stationery designs and fast turnaround times. Contact us today for a quote!
"𝑩𝑬𝑮𝑼𝑵 𝑾𝑰𝑻𝑯 𝑻𝑱 𝑰𝑺 𝑯𝑨𝑳𝑭 𝑫𝑶𝑵𝑬"
𝐓𝐉 𝐂𝐨𝐦𝐬 (𝐓𝐉 𝐂𝐨𝐦𝐦𝐮𝐧𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬) is a professional event agency that includes experts in the event-organizing market in Vietnam, Korea, and ASEAN countries. We provide unlimited types of events from Music concerts, Fan meetings, and Culture festivals to Corporate events, Internal company events, Golf tournaments, MICE events, and Exhibitions.
𝐓𝐉 𝐂𝐨𝐦𝐬 provides unlimited package services including such as Event organizing, Event planning, Event production, Manpower, PR marketing, Design 2D/3D, VIP protocols, Interpreter agency, etc.
Sports events - Golf competitions/billiards competitions/company sports events: dynamic and challenging
⭐ 𝐅𝐞𝐚𝐭𝐮𝐫𝐞𝐝 𝐩𝐫𝐨𝐣𝐞𝐜𝐭𝐬:
➢ 2024 BAEKHYUN [Lonsdaleite] IN HO CHI MINH
➢ SUPER JUNIOR-L.S.S. THE SHOW : Th3ee Guys in HO CHI MINH
➢FreenBecky 1st Fan Meeting in Vietnam
➢CHILDREN ART EXHIBITION 2024: BEYOND BARRIERS
➢ WOW K-Music Festival 2023
➢ Winner [CROSS] Tour in HCM
➢ Super Show 9 in HCM with Super Junior
➢ HCMC - Gyeongsangbuk-do Culture and Tourism Festival
➢ Korean Vietnam Partnership - Fair with LG
➢ Korean President visits Samsung Electronics R&D Center
➢ Vietnam Food Expo with Lotte Wellfood
"𝐄𝐯𝐞𝐫𝐲 𝐞𝐯𝐞𝐧𝐭 𝐢𝐬 𝐚 𝐬𝐭𝐨𝐫𝐲, 𝐚 𝐬𝐩𝐞𝐜𝐢𝐚𝐥 𝐣𝐨𝐮𝐫𝐧𝐞𝐲. 𝐖𝐞 𝐚𝐥𝐰𝐚𝐲𝐬 𝐛𝐞𝐥𝐢𝐞𝐯𝐞 𝐭𝐡𝐚𝐭 𝐬𝐡𝐨𝐫𝐭𝐥𝐲 𝐲𝐨𝐮 𝐰𝐢𝐥𝐥 𝐛𝐞 𝐚 𝐩𝐚𝐫𝐭 𝐨𝐟 𝐨𝐮𝐫 𝐬𝐭𝐨𝐫𝐢𝐞𝐬."
Memorandum Of Association Constitution of Company.pptseri bangash
www.seribangash.com
A Memorandum of Association (MOA) is a legal document that outlines the fundamental principles and objectives upon which a company operates. It serves as the company's charter or constitution and defines the scope of its activities. Here's a detailed note on the MOA:
Contents of Memorandum of Association:
Name Clause: This clause states the name of the company, which should end with words like "Limited" or "Ltd." for a public limited company and "Private Limited" or "Pvt. Ltd." for a private limited company.
https://seribangash.com/article-of-association-is-legal-doc-of-company/
Registered Office Clause: It specifies the location where the company's registered office is situated. This office is where all official communications and notices are sent.
Objective Clause: This clause delineates the main objectives for which the company is formed. It's important to define these objectives clearly, as the company cannot undertake activities beyond those mentioned in this clause.
www.seribangash.com
Liability Clause: It outlines the extent of liability of the company's members. In the case of companies limited by shares, the liability of members is limited to the amount unpaid on their shares. For companies limited by guarantee, members' liability is limited to the amount they undertake to contribute if the company is wound up.
https://seribangash.com/promotors-is-person-conceived-formation-company/
Capital Clause: This clause specifies the authorized capital of the company, i.e., the maximum amount of share capital the company is authorized to issue. It also mentions the division of this capital into shares and their respective nominal value.
Association Clause: It simply states that the subscribers wish to form a company and agree to become members of it, in accordance with the terms of the MOA.
Importance of Memorandum of Association:
Legal Requirement: The MOA is a legal requirement for the formation of a company. It must be filed with the Registrar of Companies during the incorporation process.
Constitutional Document: It serves as the company's constitutional document, defining its scope, powers, and limitations.
Protection of Members: It protects the interests of the company's members by clearly defining the objectives and limiting their liability.
External Communication: It provides clarity to external parties, such as investors, creditors, and regulatory authorities, regarding the company's objectives and powers.
https://seribangash.com/difference-public-and-private-company-law/
Binding Authority: The company and its members are bound by the provisions of the MOA. Any action taken beyond its scope may be considered ultra vires (beyond the powers) of the company and therefore void.
Amendment of MOA:
While the MOA lays down the company's fundamental principles, it is not entirely immutable. It can be amended, but only under specific circumstances and in compliance with legal procedures. Amendments typically require shareholder
Premium MEAN Stack Development Solutions for Modern BusinessesSynapseIndia
Stay ahead of the curve with our premium MEAN Stack Development Solutions. Our expert developers utilize MongoDB, Express.js, AngularJS, and Node.js to create modern and responsive web applications. Trust us for cutting-edge solutions that drive your business growth and success.
Know more: https://www.synapseindia.com/technology/mean-stack-development-company.html
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s DholeraAvirahi City Dholera
The Tata Group, a titan of Indian industry, is making waves with its advanced talks with Taiwanese chipmakers Powerchip Semiconductor Manufacturing Corporation (PSMC) and UMC Group. The goal? Establishing a cutting-edge semiconductor fabrication unit (fab) in Dholera, Gujarat. This isn’t just any project; it’s a potential game changer for India’s chipmaking aspirations and a boon for investors seeking promising residential projects in dholera sir.
Visit : https://www.avirahi.com/blog/tata-group-dials-taiwan-for-its-chipmaking-ambition-in-gujarats-dholera/
Tata Group Dials Taiwan for Its Chipmaking Ambition in Gujarat’s Dholera
Gsm security and encryption
1. 101seminartopics.com
GSM SECURITY AND
ENCRYPTION
INTRODUCTION
The motivations for security in cellular telecommunications systems are to secure
conversations and signaling data from interception as well as to prevent cellular
telephone fraud.
With the older analog-based cellular telephone systems such as the Advanced
Mobile Phone
System (AMPS) and the Total Access Communication System (TACS), it is a
relatively simple
matter for the radio hobbyist to intercept cellular telephone conversations with a
police scanner. A
well-publicized case involved a potentially embarrassing cellular telephone
conversation with a
member of the British royal family being recorded and released to the media.
Another security
consideration with cellular telecommunications systems involves identification
credentials such as
the Electronic Serial Number (ESN), which are transmitted "in the clear" in analog
systems. With
more complicated equipment, it is possible to receive the ESN and use it to
commit cellular
telephone fraud by "cloning" another cellular phone and placing calls with it.
Estimates for cellular
2. fraud in the U.S. in 1993 are as high as $500 million. The procedure wherein the
Mobile Station
(MS) registers its location with the system is also vulnerable to interception and
permits the
subscriber’s location to be monitored even when a call is not in progress, as
evidenced by the
recent highly-publicized police pursuit of a famous U.S. athlete.
101seminartopics.com
The security and authentication mechanisms incorporated in GSM make it the
most secure
mobile communication standard currently available, particularly in comparison to
the analog
systems described above. Part of the enhanced security of GSM is due to the fact
that it is a digital
system utilizing a speech coding algorithm, Gaussian Minimum Shift Keying
(GMSK) digital
modulation, slow frequency hopping, and Time Division Multiple Access (TDMA)
time slot
architecture. To intercept and reconstruct this signal would require more highly
specialized and
expensive equipment than a police scanner to perform the reception,
synchronization, and
decoding of the signal. In addition, the authentication and encryption capabilities
discussed in this
paper ensure the security of GSM cellular telephone conversations and subscriber
identification
3. credentials against even the determined eavesdropper. 101seminartopics.com
OVERVIEW OF GSM
GSM (group special mobile or general system for mobile communications) is the
PanEuropean standard for digital cellular communications. The Group Special
Mobile was established
in 1982 within the European Conference of Post and Telecommunication
Administrations (CEPT).
A Further important step in the history of GSM as a standard for a digital mobile
cellular
communications was the signing of a GSM Memorandum of Understanding (MoU)
in 1987 in
which 18 nations committed themselves to implement cellular networks based on
the GSM
specifications. In 1991 the first GSM based networks commenced operations.
GSM provides
enhanced features over older analog-based systems, which are summarized
below:
Total Mobility: The subscriber has the advantage of a Pan-European system
allowing him to
communicate from everywhere and to be called in any area served by a GSM
cellular network
using the same assigned telephone number, even outside his home location. The
calling party
does not need to be informed about the called person's location because the
GSM networks are
4. responsible for the location tasks. With his personal chipcard he can use a
telephone in a rental
car, for example, even outside his home location. This mobility feature is
preferred by many
business people who constantly need to be in touch with their headquarters.
High Capacity and Optimal Spectrum Allocation: The former analog-based cellular
networks had to combat capacity problems, particularly in metropolitan areas.
Through a more
efficient utilization of the assigned frequency bandwidth and smaller cell sizes,
the GSM
System is capable of serving a greater number of subscribers. The optimal use of
the available
spectrum is achieved through the application Frequency Division Multiple Access
(FDMA),
Time Division Multiple Access (TDMA), efficient half-rate and full-rate speech
coding, and
the Gaussian Minimum Shift Keying (GMSK) modulation scheme.
Security: The security methods standardized for the GSM System make it the
most secure
cellular telecommunications standard currently available. Although the
confidentiality of a call
and anonymity of the GSM subscriber is only guaranteed on the radio channel,
this is a major
step in achieving end-to- end security. The subscriber’s anonymity is ensured
through the use
5. of temporary identification numbers. The confidentiality of the communication
itself on the
radio link is performed by the application of encryption algorithms and frequency
hopping
which could only be realized using digital systems and signaling.
Services: The list of services available to GSM subscribers typically includes the
following:
voice communication, facsimile, voice mail, short message transmission, data
transmission and
supplemental services such as call forwarding. 101seminartopics.com
GSM RADIO CHANNEL
The GSM standard specifies the frequency bands of 890 to 915 MHz for the uplink
band,
and 935 to 960 MHz for the downlink band, with each band divided up into 200
kHz channels.
Other features of the radio channel interface include adaptive time alignment,
GMSK modulation,
discontinuous transmission and reception, and slow frequency hopping. Adaptive
time alignment
enables the MS to correct its transmit timeslot for propagation delay. GMSK
modulation provides
the spectral efficiency and low out-of-band interference required in the GSM
system.
Discontinuous transmission and reception refers to the MS powering down during
idle periods and
6. serves the dual purpose of reducing co-channel interference and extending the
portable unit's
battery life. Slow frequency hopping is an additional feature of the GSM radio
channel interface
which helps to counter the effects of Rayleigh fading and co-channel interference.
TDMA Frame Structures, Channel Types, and Burst Types
The 200 kHz channels in each band are further subdivided into 577 ms timeslots,
with 8
timeslots comprising a TDMA frame of 4.6 ms. Either 26 or 51 TDMA frames are
grouped into
multiframes (120 or 235 ms), depending on whether the channel is for traffic or
control data.
Either 51 or 26 of the multiframes (again depending on the channel type) make
up one superframe
(6.12 s). A hyperframe is composed of 2048 superframes, for a total duration of 3
hours, 28
minutes, 53 seconds, and 760 ms. The TDMA frame structure has an associated
22-bit sequence
number which uniquely identifies a TDMA frame within a given hyperframe.
Figure 1 illustrates
the various TDMA frame structures.
Figure 1 TDMA Frame Structures
The various logical channels which are mapped onto the TDMA frame structure
may be
7. grouped into traffic channels (TCHs) used to carry voice or user data, and control
channels (CCHs)
used to carry signaling and synchronization data. Control channels are further
divided into
broadcast control channels, common control channels, and dedicated control
channels. 101seminartopics.com
Each timeslot within a TDMA frame contains modulated data referred to as a
"burst".
There are five burst types (normal, frequency correction, synchronization,
dummy, and access
bursts), with the normal burst being discussed in detail here. The bit rate of the
radio channel is
270.833 kbit/sec, which corresponds to a timeslot duration of 156.25 bits. The
normal burst is
composed of a 3-bit start sequence, 116 bits of payload, a 26-bit training
sequence used to help
counter the effects of multipath interference, a 3-bit stop sequence required by
the channel coder,
and a guard period (8.25 bit durations) which is a "cushion" to allow for different
arrival times of
bursts in adjacent timeslots from geographically disperse MSs. Two bits from the
116-bit payload
are used by the Fast Associated Control Channel (FACCH) to signal that a given
burst has been
borrowed, leaving a total of 114 bits of payload. Figure 2 illustrates the structure
of the normal
8. burst.
Figure 2 Normal Burst Structure
Speech Coding, Channel Coding, and Interleaving
The speech coding algorithm used in GSM is based on a rectangular pulse excited
linear
predictive coder with long-term prediction (RPE-LTP). The speech coder produces
samples at 20
ms intervals at a 13 kbps bit rate, producing 260 bits per sample or frame. These
260 bits are
divided into 182 class 1 and 78 class 2 bits based on a subjective evaluation of
their sensitivity to
bit errors, with the class 1 bits being the most sensitive. Channel coding involves
the addition of
parity check bits and half-rate convolutional coding of the 260-bit output of the
speech coder. The
output of the channel coder is a 456-bit frame, which is divided into eight 57-bit
components and
interleaved over eight consecutive 114-bit TDMA frames. Each TDMA frame
correspondingly
consists of two sets of 57 bits from two separate 456-bit channel coder frames.
The result of
channel coding and interleaving is to counter the effects of fading channel
interference and other
sources of bit errors.
Overview of Cryptography
9. This section provides a brief overview of cryptography, with an emphasis on the
features that
appear in the GSM system.
Symmetric Algorithms
Symmetric algorithms are algorithms in which the encryption and decryption use
the same
key. For example, if the plaintext is denoted by the variable P, the ciphertext by C,
the encryption 101seminartopics.com
with key x by the function Ex( ), and the decryption with key x by Dx( ), then the
symmetric
algorithms are functionally described as follows:
C=Ex(P)
P=Dx(C)
P=Dx(Ex(P))
For a good encryption algorithm, the security of the data rests with the security of
the key,
which introduces the problem of key management for symmetric algorithms. The
most widelyknown example of a symmetric algorithm is the Data Encryption
Standard (DES). Symmetric
encryption algorithms may be further divided into block ciphers and stream
ciphers.
Block Ciphers
As the name suggests, block ciphers encrypt or decrypt data in blocks or groups of
bits.
10. DES uses a 56-bit key and processes data in 64- bit blocks, producing 64-bits of
encrypted data for
64-bits of input, and vice-versa. Block algorithms are further characterized by
their mode of
operation, such as electronic code book (ECB), cipher block chaining (CBC) and
cipher feedback
(CFB). CBC and CFB are examples of modes of operation where the encryption of
successive
blocks is dependent on the output of one or more previous encryptions. These
modes are desirable
because they break up the one-to-one correspondence between ciphertext blocks
and plaintext
blocks (as in ECB mode). Block ciphers may even be implemented as a component
of a stream
cipher.
Stream Ciphers
Stream ciphers operate on a bit-by-bit basis, producing a single encrypted bit for a
single
plaintext bit. Stream ciphers are commonly implemented as the exclusive-or
(XOR) of the data
stream with the keystream. The security of a stream cipher is determined by the
properties of the
keystream. A completely random keystream would effectively implement an
unbreakable one-time
pad encryption, and a deterministic keystream with a short period would provide
very little
11. security.
Linear Feedback Shift Registers (LFSRs) are a key component of many stream
ciphers.
LFSRs are implemented as a shift register where the vacant bit created by the
shifting is a function
of the previous states. With the correct choice of feedback taps, LFSRs can
function as pseudorandom number generators. The statistical properties of LFSRs,
such as the autocorrelation
function and power spectral density, make them useful for other applications
such as pseudo-noise
(PN) sequence generators in direct sequence spread spectrum communications,
and for distance
measurement in systems such as the Global Positioning System (GPS). LFSRs have
the additional
advantage of being easily implemented in hardware.
The maximal length sequence (or m-sequence) is equal to 2n-1 where n is the
degree of the shift
register. An example of a maximal length LFSR is shown below in Figure 3. This
LFSR will
generate the periodic m-sequence consisting of the following states (1111, 0111,
1011, 0101, 1010,
1101, 0110, 0011, 1001, 0100, 0010, 0001, 1000, 1100, 1110).
101seminartopics.com
Figure 3 Four-Stage Linear Feedback Shift Register
In order to form an m-sequence, the feedback taps of an LFSR must correspond to
a
12. primitive polynomial modulo 2 of degree n. A number of stream cipher designs
consist of multiple
LFSRs with various interconnections and clocking schemes. The GSM A5
algorithm, used to
encrypt voice and signaling data in GSM is a stream cipher based on three clock-
controlled
LFSRs.
Public Key Algorithms
Public key algorithms are characterized by two keys, a public and private key,
which
perform complementary functions. Public and private keys exist in pairs and
ideally have the
property that the private key may not be deduced from the public key, which
allows the public key
to be openly distributed. Data encrypted with a given public key may only be
decrypted with the
corresponding private key, and vice versa. This is functionally expressed as
follows:
C=Epub(P), P=Dpriv(C)
C=Epriv(P), P=Dpub(C)
Public key cryptography simplifies the problem of key management in that two
parties may
exchange encrypted data without having exchanged any sensitive key
information. Digital
13. Signatures also make use of public key cryptography, and commonly consist of
the output of a
one-way hash function for a message (discussed in Section 3.3) with a private key.
This enables
security features such as authentication and non- repudiation. The most common
example of a
public key algorithm is RSA, named after its inventors Rivest, Shamir, and
Adleman. The security
features of GSM, however, do not make use of any type of public key
cryptography.
One-Way Hash Functions
Generally, one-way hash functions produce a fixed-length output given an
arbitrary input.
Secure one-way hash functions are designed such that it is computationally
unfeasible to determine
the input given the hash value, or to determine two unique inputs that hash to
the same value.
Examples of one-way hash functions include MD5 developed by Ron Rivest, which
produces a
128-bit hash value, and the Secure Hash Algorithm (SHA) developed by the
National Institutes of
Standards and Technology (NIST), which produces a 160-bit output.
A typical application of a one-way hash function is to compute a "message digest"
which
enables the receiver to verify the authenticity of the data by duplicating the
computation and 101seminartopics.com
14. comparing the results. A hash function output encrypted with a public key
algorithm forms the
basis for digital signatures, such as NIST's Digital Signature Algorithm (DSA).
A key-dependent one-way hash function requires a key to compute and verify the
hash
value. This is useful for authentication purposes, where a sender and receiver may
use a keydependent hash function in a challenge-response scheme. A key-
dependent one-way hash function
may be implemented by simply appending the key to the message and computing
the hash value.
Another approach is to use a block cipher in cipher feedback (CFB) mode, with the
output being
the last encrypted block (recall that in CFB mode a given block's output is
dependent on the output
of previous blocks). The A3 and A8 algorithms of GSM are key- dependent one-
way hash
functions. The GSM A3 and A8 algorithms are similar in functionality and are
commonly
implemented as a single algorithm called COMP128.
DESCRIPTION OF GSM SECURITY FEATURES
The security aspects of GSM are detailed in GSM Recommendations 02.09,
"Security
Aspects," 02.17, "Subscriber Identity Modules," 03.20, "Security Related Network
Functions," and
03.21, "Security Related Algorithms". Security in GSM consists of the following
aspects:
15. subscriber identity authentication, subscriber identity confidentiality, signaling
data confidentiality,
and user data confidentiality. The subscriber is uniquely identified by the
International Mobile
Subscriber Identity (IMSI). This information, along with the individual subscriber
authentication
key (Ki), constitutes sensitive identification credentials analogous to the Electronic
Serial Number
(ESN) in analog systems such as AMPS and TACS. The design of the GSM
authentication and
encryption schemes is such that this sensitive information is never transmitted
over the radio
channel. Rather, a challenge-response mechanism is used to perform
authentication. The actual
conversations are encrypted using a temporary, randomly generated ciphering
key (Kc). The MS
identifies itself by means of the Temporary Mobile Subscriber Identity (TMSI),
which is issued by
the network and may be changed periodically (i.e. during hand-offs) for additional
security.
The security mechanisms of GSM are implemented in three different system
elements; the
Subscriber Identity Module (SIM), the GSM handset or MS, and the GSM network.
The SIM
contains the IMSI, the individual subscriber authentication key (Ki), the ciphering
key generating
16. algorithm (A8), the authentication algorithm (A3), as well as a Personal
Identification Number
(PIN). The GSM handset contains the ciphering algorithm (A5). The encryption
algorithms (A3,
A5, A8) are present in the GSM network as well. The Authentication Center (AUC),
part of the
Operation and Maintenance Subsystem (OMS) of the GSM network, consists of a
database of
identification and authentication information for subscribers. This information
consists of the
IMSI, the TMSI, the Location Area Identity (LAI), and the individual subscriber
authentication
key (Ki) for each user. In order for the authentication and security mechanisms to
function, all
three elements (SIM, handset, and GSM network) are required. This distribution
of security
credentials and encryption algorithms provides an additional measure of security
both in ensuring
the privacy of cellular telephone conversations and in the prevention of cellular
telephone fraud.
Figure 4 demonstrates the distribution of security information among the three
system
elements, the SIM, the MS, and the GSM network. Within the GSM network, the
security 101seminartopics.com
information is further distributed among the authentication center (AUC), the
home location
17. register (HLR) and the visitor location register (VLR). The AUC is responsible for
generating the
sets of RAND, SRES, and Kc which are stored in the HLR and VLR for subsequent
use in the
authentication and encryption processes.
Figure 4 Distribution of Security Features in the GSM Network
Authentication
The GSM network authenticates the identity of the subscriber through the use of
a
challenge-response mechanism. A 128-bit random number (RAND) is sent to the
MS. The MS
computes the 32-bit signed response (SRES) based on the encryption of the
random number
(RAND) with the authentication algorithm (A3) using the individual subscriber
authentication key
(Ki). Upon receiving the signed response (SRES) from the subscriber, the GSM
network repeats
the calculation to verify the identity of the subscriber. Note that the individual
subscriber
authentication key (Ki) is never transmitted over the radio channel. It is present in
the subscriber's
SIM, as well as the AUC, HLR, and VLR databases as previously described. If the
received SRES
agrees with the calculated value, the MS has been successfully authenticated and
may continue. If
18. the values do not match, the connection is terminated and an authentication
failure indicated to the
MS. Figure 5 shown below illustrates the authentication mechanism.
Figure 5 GSM Authentication Mechanism101seminartopics.com
The calculation of the signed response is processed within the SIM. This provides
enhanced security, because the confidential subscriber information such as the
IMSI or the
individual subscriber authentication key (Ki) is never released from the SIM during
the
authentication process.
Signaling and Data Confidentiality
The SIM contains the ciphering key generating algorithm (A8) which is used to
produce
the 64-bit ciphering key (Kc). The ciphering key is computed by applying the same
random
number (RAND) used in the authentication process to the ciphering key
generating algorithm (A8)
with the individual subscriber authentication key (Ki). As will be shown in later
sections, the
ciphering key (Kc) is used to encrypt and decrypt the data between the MS and
BS. An additional
level of security is provided by having the means to change the ciphering key,
making the system
more resistant to eavesdropping. The ciphering key may be changed at regular
intervals as required
19. by network design and security considerations. Figure 6 below shows the
calculation of the
ciphering key (Kc).
Figure 6 Ciphering Key Generation Mechanism
In a similar manner to the authentication process, the computation of the
ciphering key
(Kc) takes place internally within the SIM. Therefore sensitive information such as
the individual
subscriber authentication key (Ki) is never revealed by the SIM.
Encrypted voice and data communications between the MS and the network is
accomplished through use of the ciphering algorithm A5. Encrypted
communication is initiated by
a ciphering mode request command from the GSM network. Upon receipt of this
command, the
mobile station begins encryption and decryption of data using the ciphering
algorithm (A5) and the
ciphering key (Kc). Figure 7 below demonstrates the encryption mechanism.
101seminartopics.com
Figure 7 Ciphering Mode Initiation Mechanism
Subscriber Identity Confidentiality
To ensure subscriber identity confidentiality, the Temporary Mobile Subscriber
Identity
(TMSI) is used. The TMSI is sent to the mobile station after the authentication and
encryption
20. procedures have taken place. The mobile station responds by confirming
reception of the TMSI.
The TMSI is valid in the location area in which it was issued. For communications
outside the
location area, the Location Area Identification (LAI) is necessary in addition to the
TMSI. The
TMSI allocation/reallocation process is shown in Figure 8 below.
Figure 8 TMSK Reallocation Mechanism101seminartopics.com
DISCUSSION
This section evaluates and expands on the information presented in previous
sections.
Additional considerations such as export controls on crypography are discussed as
well.
GSM Encryption Algorithms
A partial source code implementation of the GSM A5 algorithm was leaked to the
Internet in
June, 1994. More recently there have been rumors that this implementation was
an early design
and bears little resemblance to the A5 algorithm currently deployed.
Nevertheless, insight into the
underlying design theory can be gained by analyzing the available information.
The details of this
implementation, as well as some documented facts about A5, are summarized
below:
21. A5 is a stream cipher consisting of three clockcontrolled LFSRs of degree 19, 22,
-
and 23.
The clock control is a threshold function of the middle bits of each of the three
shift
registers.
The sum of the degrees of the three shift registers is 64The 64-bit session key
.
is used to
initialize the contents of the shift registers.
The 22bit TDMA frame number is fed into the shift registers.
-
Two 114bit keystreams are produced for each TDMA frame, which are XOR-ed
-
with the
uplink and downlink traffic channels.
It is rumored that the A5 algorithm has an "effective" key length of 40 bits.
Key Length
This section focuses on key length as a figure of merit of an encryption algorithm.
Assuming a brute-force search of every possible key is the most efficient method
of cracking an
encrypted message (a big assumption), Table 1 shown below summarizes how
long it would take
to decrypt a message with a given key length, assuming a cracking machine
capable of one million
encryptions per second.
Table 1 Brute-force key search times for various key sizes
Key length in bits 32 40 56 64 128
22. Time required to test all possible
keys
1.19
hours
12.7
days
2,291
years
584,542
years
10.8 x 10^24
years
The time required for a 128-bit key is extremely large; as a basis for comparison
the age of
the Universe is believed to be 1.6x10^10 years. An example of an algorithm with a
128-bit key is
the International Data Encryption Algorithm (IDEA). The key length may
alternately be examined
by determining the number of hypothetical cracking machines required to decrypt
a message in a
given period of time.
Table 2 Number of machines required to search a key space in a given time
Key length in bits 1 day 1 week 1 year 101seminartopics.com
23. 40 13 2 -
56 836,788 119,132 2,291
64 2.14x10^8 3.04x10^6 584,542
128 3.9x10^27 5.6x10^26 10.8x10^24
A machine capable of testing one million keys per second is possible by today’s
standards.
In considering the strength of an encryption algorithm, the value of the
information being protected
should be taken into account. It is generally accepted that DES with its 56-bit key
will have
reached the end of its useful lifetime by the turn of the century for protecting
data such as banking
transactions. Assuming that the A5 algorithm has an effective key length of 40 bits
(instead of 64),
it currently provides adequate protection for information with a short lifetime. A
common
observation is that the "tactical lifetime" of cellular telephone conversations is on
the order of
weeks.
Export Restrictions on Encryption Technology
The goal of the GSM recommendations is to provide a pan- European standard for
digital
cellular telecommunications. A consequence of this is that export restrictions and
other legal
24. restrictions on encryption have come into play. This is a hotly debated, highly
political issue which
involves the privacy rights of the individual, the ability of law enforcement
agencies to conduct
surveillance, and the business interests of corporations manufacturing cellular
hardware for export.
The technical details of the encryption algorithms used in GSM are closely held
secrets.
The algorithms were developed in Britain, and cellular telephone manufacturers
desiring to
implement the encryption technology must agree to non-disclosure and obtain
special licenses
from the British government. Law enforcement and Intelligence agencies from the
U.S., Britain,
France, the Netherlands, and other nations are very concerned about the export
of encryption
technology because of the potential for military application by hostile nations. An
additional
concern is that the widespread use of encryption technology for cellular
telephone communications
will interfere with the ability of law enforcement agencies to conduct surveillance
on terrorists or
organized criminal activity.
A disagreement between cellular telephone manufacturers and the British
government
25. centering around export permits for the encryption technology in GSM was
settled by a
compromise in 1993. Western European nations and a few other specialized
markets such as Hong
Kong would be allowed to have the GSM encryption technology, in particular the
A5/1 algorithm.
A weaker version of the algorithm (A5/2) was approved for export to most other
countries,
including central and eastern European nations. Under the agreement, designated
countries such as
Russia would not be allowed to receive any functional encryption technology in
their GSM
systems. Future developments will likely lead to some relaxation of the export
restrictions,
allowing countries who currently have no GSM cryptographic technology to
receive the A5/2
algorithm. 101seminartopics.com
ACRONYMS
A3
Authentication Algorithm
A5
Ciphering Algorithm
A8
Ciphering Key Generating Algorithm
26. AMPS
Advanced Mobile Phone System
AUC
Authentication Center
BS
Base Station
CBC
Cipher Block Chaining
CEPT
European Conference of Post and Telecommunication Administrations
CFB
Cipher Feedback
CKSN
Ciphering Key Sequence Number
DES
Data Encryption Standard
DSA
Digital Signature Algorithm
ECB
Electronic Code Book
ETSI
European Telecommunications Standards Institute
27. GMSK
Gaussian Minimum Shift Keying
GSM
Group Special Mobile
HLR
Home Location Register
IMSI
International Mobile Subscriber Identity
Kc
Ciphering Key
Ki
Individual Subscriber Authentication Key
LAI
Location Area Identity
LFSR
Linear Feedback Shift Register
MoU
Memorandum of Understanding 101seminartopics.com
MS
Mobile Station
MSC
Mobile Switching Center
28. NIST
National Institute of Standards and Technology1
OMS
Operation and Maintenance Subsystem
RAND
Random Number
RSA
Rivest, Shamir, Adleman
SHA
Secure Hash Algorithm
SRES
Signed Response
TACS
Total Access Communications System
TMSI
Temporary Mobile Subscriber Identity
VLR
Visitor Location Register 101seminartopics.com
CONCLUSION
The security mechanisms specified in the GSM standard make it the most
secure cellular telecommunications system available. The use of authentication,
29. encryption, and temporary identification numbers ensures the privacy and
anonymity
of the system's users, as well as safeguarding the system against fraudulent use.
Even GSM systems with the A5/2 encryption algorithm, or even with no
encryption
are inherently more secure than analog systems due to their use of speech
coding,
digital modulation, and TDMA channel access. 101seminartopics.com
REFERENCES
1. Van der Arend, P. J. C., "Security Aspects and the Implementation in the GSM
System,"
Proceedings of the Digital Cellular Radio Conference, Hagen, Westphalia,
Germany,
October, 1988.
2. Biala, J., "Mobilfunk und Intelligente Netze," Friedr., Vieweg & Sohn
Verlagsgesellschaft,
1994.
3. Cooke, J.C.; Brewster, R.L., "Cyptographic Security Techniques for Digital Mobile
Telephones," Proceedings of the IEEE International Conference on Selected Topics
in
Wireless Communications, Vancouver, B.C., Canada, 1992.
4. European Telecommunications Standards Institute, Recommendation GSM
02.09,
"Security Aspects".
30. 5. European Telecommunications Standards Institute, Recommendation GSM
02.17,
"Subscriber Identity Module".
6. European Telecommunications Standards Institute, Recommendation GSM
03.20,
"Security Related Network Functions".
7. Hodges, M.R.L., "The GSM Radio Interface," British Telecom Technology
Journal, Vol. 8,
No. 1, January 1990, pp. 31-43.
8. Hudson, R.L., "Snooping versus Secrecy," Wall Street Journal, February 11,
1994, p. R14
9. Schneier, B., "Applied Cryptography," J. Wiley & Sons, 1994.
10. Williamson, J., "GSM Bids for Global Recognition in a Crowded Cellular World,"
Telephony, vol. 333, no. 14, April 1992, pp. 36-40. 101seminartopics.com