2G GSM Security : Understanding Authentication, Key Agreement and Ciphering Algorithms

Wireless security is designed to protect the integrity and confidentiality of mobile communications in a world where data security is critical. This guide delves into the various components of GSM security, such as authentication protocols, key agreement processes, message flow management and the ciphering algorithms used to safeguard user data. By understanding these mechanisms, you can appreciate how GSM (2G) maintains secure communications for millions of users worldwide, defending against potential threats like eavesdropping and unauthorized access.

gsm security

The gsm security mechanism is covered with following:
•  Authentication (used for billing purposes)
•  Confidentiality
•  Anonymity ( used to identify users)
•   PIN Lock,EIR,personalization etc.

Authentication process helps 2G network authenticate the right user. This process is based on exchanged secret key Ki which is known to AuC (Authentication Center) and SIM card. there is no provision to read the key Ki from the SIM. This authentication procedure in gsm security mechanism is triggered due to following:

1. on the first access to the network; 2. accessing the network for the purpose of making or receiving a call; 3. location update process and the change of subscriber-related information stored in either HLR or VLR.

Anonymity: Here IMSI is associated with a unique user (SIM), after the initial registration, a TMSI is assigned to the subscriber. The TMSI is stored along with the IMSI in the network HLR.

GSM Authentication and Key Agreement

gsm authentication

A3 and A8 keys are not published to the public. Triplets ( RAND, SRES, Kc) needed to enable security are generated in the gsm mobile's home Authentication Center(AuC) .

The second important concept in gsm security is identity confidentiality. This protects user from any intrusion. This is provided to the gsm subscriber using TMSI (temporary mobile subscriber identity). TMSI can be provided to the gsm mobile either during location update procedure (LAU) or during TMSI reallocation procedure.

In gsm, message and/or data ciphering is carried using A5 algorithm using the key Kc. PIN lock is the feature by which user can protect usage of the SIM card by any unauthorized person. With personalization user can make Mobile Equipment work only with his SIM card. Hence ME can be protected.

Message Flow during Authentication

GSM authetication message flow

Mobile tracker feature developed by samsung makes it possible to track the mobile when SIM is inserted in any other mobile phone. As soon as SIM is placed, mobile equipment sends 3 messages to three pre-configured numbers. This helps track the stolen mobile with SIM.

Once the user is authenticated, the RAND (delivered from the network) together with the Ki (from the SIM) is sent through the A8 ciphering key generating algorithm, to produce a ciphering key (Kc- 64-bits long).

The A8 algorithm is also stored in the SIM card.

The Kc (generated by A8 algorithm) is then used by the A5 ciphering algorithm to encipher or decipher the data.

The A5 algorithm is implemented in the hardware of the mobile phone, as it has to encrypt and decrypt data during transmission and reception of information, which must be fast enough.

The A5 algorithm takes the 64-bit long Kc key and a 22-bit long representation of the TDMA frame number and produces two 114-bit long encryption words, BLOCK1, BLOCK2, for use on the uplink and downlink, respectively.

The encryption words are EXORed with the 114 data bits in each burst.

Ciphering Algorithms

Currently there are three algorithms defined - A5/1, A5/2, and A5/3. A5/1 and A5/2 were the original algorithms defined by the GSM standard and are based on simple clock controlled (linear feedback shift register ) LFSRs.

A5/2 was a deliberate weakening of the algorithm for certain export regions, where A5/1 is used in countries such as the USA, UK and Australia. A5/3 was added in 2002 and is based on the open Kasumi algorithm defined by 3GPP.


GSM encryption process

Issues in security implementations in GSM

•  Encryption terminates at base station and rest of the gsm network entities are not covered.
•  Length of Kc (cipher key) is 64 bits only which is inadequate.
•  GSM mobile can not authenticate the network (BTS) but reverse is possible.
•  Integrity protection is not implemented.
•  ciphering algorithms are not available for public and was managed only by GSMA.

Conclusion

GSM security plays a vital role in protecting mobile communications by employing a multi-layered approach that includes authentication, key agreement and advanced ciphering algorithms. These security features work together to ensure that user identities are verified, data remains confidential and communication channels are protected from potential breaches. With a solid understanding of these security mechanisms, you can gain insights into how GSM has established itself as a reliable and secure standard for mobile communication across the globe.

Similar posts on 2G GSM Technology

Wireless System Security Related Links