In general, the two common weakness in a mobile network are false usage of service and interception of voice and data. This post briefs you how secure is your mobile network & what plays major role in making it so.
Before i write, i will introduce to the terms that are needed to known
Ki, RAND, SRES, Kc
Ki
- Authentication/Secret Key
- It is stored in SIM and AuC
- It is based on IMSI
- 128 bit
RAND
- Random Number
- It is generated by AuC
- 128 bit
SRES
- Signed Response
- calculated at AuC and SIM
- generated from RAND and Ki using A3 algorithm
- 32 bit
Kc
- Cipher/Session Key
- generated from RAND and Ki using A8 algorithm
- 64 bit
RAND, SRES & Kc are known to be triplets
A3, A5 & A8 Security Algorithms
- A3
- authentication algorithm
- used to generate SRES
- operator specific
- stored in SIM and AuC of HLR
- A8
- key generation algorithm
- used to generate Kc
- operator specific
- stored in SIM and AuC of HLR
- A5
- ciphering/encryption algorithm
- stored in the mobile device itself
- common to all network providers
- defined for data encryption and decryption over air interface
- types - A5/0(no encryption), A5/1 & A5/2
AuC - Authentication Center
HLR - Home Location Register
MS - Mobile Station - Mobile phone + SIM
VLR - Visitor Location Register
BSS - Base Station Subsystem - BTS + BSC
BTS - Base Trans-receiver Station
BSC - Base Station Controller
MSC - Mobile Switching Center
Authentication
They say picture speaks it better, here this flowchart & illustration will describe how authentication procedure is done.
Sending SRES through air interface between MS to BSS is not encrypted. Encryption is not necessary too because Ki is never transmitted over the radio channel, two copies of the value are stored in SIM and AuC. Moreover if eavesdroppers attack using the SRES & RAND, they will get infinite combinations of RAND for a particular noted SRES.
Authentication is referred to as challenge-response process.
Authentication process takes place for the first time when a subscriber attempts to make a call or location update. Later, it may not be necessary as the data generated earlier is available for a certain time span.
Now what about the cipher key Kc that is generated through A8 algorithm ??
Confidentiality
Encryption and decryption of voice and data between the MS and the network is accomplished by the use of the A5 algorithm, Kc and the GSM hyper-frame number.
In order to discuss further, a little background is necessary.
GSM uses time division multiplexing i.e., each subscriber takes turns to use the common radio channel for sending and receiving information only during one of the eight available time slots. (a channel can be shared by 8 users). Each time slot lasts for only 4.6 milliseconds and is identified by a frame number. A GSM conversation uses two such frames, one BSS to MS and another from MS back to BSS. Each of these frames contains 114 bits of user information. So, every 4.6 milliseconds, MS receives 114 bits of information from BSS and transmits another 114 bits to BSS. It is these 228 bits that require encryption to protect them from getting attacked.
Using the RAND and Ki, the SIM produces Kc through A8 algorithm. This Kc together with the current frame number generates a key stream of 228 bits through A5 algorithm. These 228 bits are transferred on air interface implying increased confidentiality.
Notes:
Notes:
- A5 generates new 228 bits every 4.6 milliseconds
- COMP 128 is combined A3/A8 algorithm which is used.
We reviewed about the data and signalling confidentiality in the above discussion but what about the subscriber data confidentiality ? To ensure this, the Temporary Mobile Subscriber Identity (TMSI) is used. It is a temporary number that is MS after the authentication and encryption procedures have taken place. It is allocated after certain intervals to make it more secured.
Here i discussed about GSM security, for GPRS there is no much difference; you can read this link for reference.
--
Satya Sravan
No comments:
Post a Comment