International Journal on Recent and Innovation Trends in Computing and Communication ISSN 2321 – 8169

Volume: 1 Issue: 1 53 – 54
___________________________________________________________________________

GSM SECURITY AND ENCRYPTION

NIDHI GOEL1, Dr. DEEPTI MEHROTRA2

1
Department of CS, 2Department of MCA
AMITY UNIVERSITY, NOIDA
[email protected], [email protected]

Abstract— the security mechanisms of GSM are implemented in three different system elements; the Subscriber
Identity Module (SIM), the GSM handset or MS, and the GSM network. The SIM contains the IMSI, the individual
subscriber authentication key (Ki), the ciphering key generating algorithm (A8), the authentication algorithm (A3), as
well as a Personal Identification Number (PIN). The GSM handset contains the ciphering algorithm (A5). The
encryption algorithms (A3, A5, and A8) are present in the GSM network as well. The Authentication Center (AUC),
part of the Operation and Maintenance Subsystem (OMS) of the GSM network, consists of a database of
identification and authentication information for subscribers. This information consists of the IMSI, the TMSI, the
Location Area Identity (LAI), and the individual subscriber authentication key (Ki) for each user. In order for the
authentication and security mechanisms to function, all three elements (SIM, handset, and GSM network) are
required. This distribution of security credentials and encryption algorithms provides an additional measure of
security both in ensuring the privacy of cellular telephone conversations and in the prevention of cellular telephone
fraud [4].

_____________________________________________________*****______________________________________________________

I. INTRODUCTION confidentiality. The subscriber is uniquely identified by the

International Mobile Subscriber Identity (IMSI). This
The motivations for security in cellular telecommunications information, along with the individual subscriber
systems are to secure conversations and signaling data from authentication key (Ki), constitutes sensitive identification
interception as well as to prevent cellular telephone fraud. credentials analogous to the Electronic Serial Number
With the older analog-based cellular telephone systems (ESN) in analog systems such as AMPS and TACS. The
such as the Advanced Mobile Phone System (AMPS) and design of the GSM authentication and encryption schemes
the Total Access Communication System (TACS), it is a is such that this sensitive information is never transmitted
relatively simple matter for the radio hobbyist to intercept over the radio channel. Rather, a challenge-response
cellular telephone conversations with a police scanner. A mechanism is used to perform authentication. The actual
well-publicized case involved a potentially embarrassing conversations are encrypted using a temporary, randomly
cellular telephone conversation with a member of the generated ciphering key (Kc). The MS identifies itself by
British royal family being recorded and released to the means of the Temporary Mobile Subscriber Identity
media. Another security consideration with cellular (TMSI), which is issued by the network and may be
telecommunications systems involves identification changed periodically (i.e. during hand-offs) for additional
credentials such as the Electronic Serial Number (ESN), security [2].
which are transmitted "in the clear”, in analog systems.
With more complicated equipment, it is possible to receive III. AUTHENTICATION
the ESN and use it to commit cellular telephone fraud by The GSM network authenticates the identity of the
"cloning" another cellular phone and placing calls with it. subscriber through the use of a challenge-response
Estimates for cellular mechanism. A 128-bit random number (RAND) is sent to
Frauds in the U.S. in 1993 are as high as $500 million [1]. the MS. The MS computes the 32-bit signed response
(SRES) based on the encryption of the random number
II. DESCRIPTION OF GSM SECURITY (RAND) with the authentication algorithm (A3) using the
individual subscriber authentication key
FEATURES (Ki). Upon receiving the signed response (SRES) from the
Security in GSM consists of the following aspects: subscriber, the GSM network repeats the calculation to
subscriber identity authentication, subscriber identity verify the identity of the subscriber [3]. Note that the
confidentiality, signaling data confidentiality, and user data individual subscriber authentication key (Ki) is never
53
IJRITCC | JAN 2013, Available @ http://www.ijritcc.org
___________________________________________________________________________
International Journal on Recent and Innovation Trends in Computing and Communication ISSN 2321 – 8169

Volume: 1 Issue: 1 53 – 54
___________________________________________________________________________

transmitted over the radio channel. It is present in the

subscriber's SIM, as well as the AUC, HLR, and VLR
databases as previously described. If the received SRES VII. REFERENCES
Agrees with the calculated value, the MS has been [1] Biala, J., "Mobilfunk und Intelligente Netze," Friedr.,
successfully authenticated and may continue. If the values Vieweg & Sohn Verlagsgesellschaft,1994.
do not match, the connection is terminated and an [2] Cooke, J.C.; Brewster, R.L., "Cyptographic Security
authentication failure indicated to the MS [2]. Techniques for Digital Mobile Telephones," Proceedings of
the IEEE International Conference on Selected Topics in
IV. SIGNALING AND DATA CONFIDENTIALITY Wireless communications, Vancouver, B.C., Canada, 1992.
The SIM contains the ciphering key generating algorithm [3] Williamson, J., "GSM Bids for Global Recognition in a
(A8) which is used to produce the 64-bit ciphering key Crowded Cellular World,"
(Kc). The ciphering key is computed by applying the same Telephony, vol. 333, no. 14, April 1992, pp. 36-40
random number (RAND) used in the authentication process [4] Siegmund H. Redl, Matthias Weber, Malcolm W.
to the ciphering key generating algorithm (A8) with the Oliphant. “An Introduction to GSM (Mobile
individual subscriber authentication key (Ki). As will be Communications Library)”, Artech house publisher.
shown in later sections, the [5] Jukka Lempiäinen, Matti Manninen. ”Radio Interface
Ciphering key (Kc) is used to encrypt and decrypt the data System Planning for GSM/GPRS/UMTS” Kluwer
between the MS and BS. An additional level of security is Academic Publisher (2001)
provided by having the means to change the ciphering key,
making the system more resistant to eavesdropping. The
ciphering key may be changed at regular intervals as
required by network design and security considerations.
Figure 6 below shows the calculation of the ciphering key
(Kc)[5].

V. SUBSCRIBER IDENTITY CONFIDENTIALITY

To ensure subscriber identity confidentiality, the
Temporary Mobile Subscriber Identity
(TMSI) is used. The TMSI is sent to the mobile station after
the authentication and encryption procedures have taken
place. The mobile station responds by confirming reception
of the TMSI. The TMSI is valid in the location area in
which it was issued. For communications outside the
location area, the Location Area Identification (LAI) is
necessary in addition to the TMSI [1].

VI. GSM ENCRYPTION ALGORITHMS

A partial source code implementation of the GSM A5
algorithm was leaked to the Internet in June, 1994. The
details of this implementation, as well as some documented
facts about A5, are summarized below:
• A5 is a stream cipher consisting of three clock-
controlled LFSRs of degree 19, 22, and 23.
• The clock control is a threshold function of the
middle bits of each of the three shift registers.
• The sum of the degrees of the three shift registers
is 64. The 64-bit session key is used to initialize the
contents of the shift registers.
• The 22-bit TDMA frame number is fed into the
shift registers [2].
54
IJRITCC | JAN 2013, Available @ http://www.ijritcc.org
___________________________________________________________________________