GSM security is provided for gsm network subscribers to communicate securely without any intrusion. The security here is covered for the air interface part and not for the fixed network part. The air interface is considered to be weakest for the hackers. Security for SS7 part was not provided as SS7 was used for few of the institutions.
The gsm security mechanism is covered with following:
• Authentication (used for billing purposes)
• Anonymity ( used to identify users)
• PIN Lock,EIR,personalization etc.
Authentication process helps gsm network authenticate the right user.
This process is based on exchanged secret key Ki which is known to AuC (Authentication Center) and SIM card.
there is no provision to read the key Ki from the SIM.
This authentication procedure in gsm security mechanism is triggered due to following:
1. on the first access to the network; 2. accessing the network for the purpose of making or receiving a call; 3. location update process and the change of subscriber-related information stored in either HLR or VLR.
Anonymity: Here IMSI is associated with a unique user (SIM), after the initial registration, a TMSI is assigned to the subscriber. The TMSI is stored along with the IMSI in the network HLR.
GSM Authentication and Key Agreement
A3 and A8 keys are not published to the public. Triplets ( RAND, SRES, Kc) needed to enable security are generated in the gsm mobile's home Authentication Center(AuC) .
The second important concept in gsm security is identity confidentiality. This protects user from any intrusion. This is provided to the gsm subscriber using TMSI (temporary mobile subscriber identity). TMSI can be provided to the gsm mobile either during location update procedure (LAU) or during TMSI reallocation procedure.
In gsm, message and/or data ciphering is carried using A5 algorithm using the key Kc. PIN lock is the feature by which user can protect usage of the SIM card by any unauthorized person. With personalization user can make Mobile Equipment work only with his SIM card. Hence ME can be protected.
Message Flow during Authentication
Mobile tracker feature developed by samsung makes it possible to track the mobile when SIM is inserted in any other mobile phone. As soon as SIM is placed, mobile equipment sends 3 messages to three pre-configured numbers. This helps track the stolen mobile with SIM.
Once the user is authenticated, the RAND (delivered from the network) together with the Ki (from the SIM) is sent through the A8 ciphering key generating algorithm, to produce a ciphering key (Kc- 64-bits long).
The A8 algorithm is also stored in the SIM card.
The Kc (generated by A8 algorithm) is then used by the A5 ciphering algorithm to encipher or decipher the data.
The A5 algorithm is implemented in the hardware of the mobile phone, as it has to encrypt and decrypt data during transmission and reception of information, which must be fast enough.
The A5 algorithm takes the 64-bit long Kc key and a 22-bit long representation of the TDMA frame number and produces two 114-bit long encryption words, BLOCK1, BLOCK2, for use on the uplink and downlink, respectively.
The encryption words are EXORed with the 114 data bits in each burst.
Currently there are three algorithms defined - A5/1, A5/2, and A5/3. A5/1 and A5/2 were the original algorithms defined by the GSM standard and are based on simple clock controlled (linear feedback shift register ) LFSRs.
A5/2 was a deliberate weakening of the algorithm for certain export regions, where A5/1 is used in countries such as the USA, UK and Australia. A5/3 was added in 2002 and is based on the open Kasumi algorithm defined by 3GPP.
GSM security issues
• Security in fixed part not implemented
• Encryption terminates at base station and rest of the gsm network entities are not covered.
• Length of Kc (cipher key) is 64 bits only which is inadequate.
• GSM mobile can not authenticate the network (BTS) but reverse is possible.
• Integrity protection is not implemented.
• ciphering algorithms are not available for public and was managed only by GSMA.