Security in GSM

GSM offers several security services using confidential information stored in the AuC and in the individual SIM.The SIM stores personal,secret data and is protected with a PIN.The security services offered by the GSM are explained below:---

¨Access control and authentication: The first step indicates authentication of a valid user for the SIM.The user needs a secret PIN to access the SIM.

¨Confidentiality: ----

All users related data is encrypted.after authentication, BTS and MS apply encryption to voice, data, and signaling. This exists between MS and BTS.

¨Anonymity: ---

To provide user anonymity, all data is encrypted before transmission, and user identifiers are not used over the air. Instead GSM transmits a temporary identifier (TMSI), which is newly assigned by the VLR after each location update.

Three algorithms have been assigned to provide security services in GSM

Algorithm3 is used for authentication, A5 for encryption, and A8 for the generation of the cipher key.

AUTHENTICATION:--------

Authentication is based on the SIM ,which stores the individual authentication key Ki,

The user identification IMSI ,and the algorithm used for authentication A3. Authentication uses a challenge-response method : the access control generate a random number RAND as challenge , and the SIM within the MS answer with SRES as response. The AuC performs basic generation of random values RAND , signed responses SRES , and cipher keys Kc for each IMSI and then forwards information to the HLR ,the current VLR request the appropriate values for RANSD ,SRES ,and Kc from the HLR. For authentication the VLR sends the random value RAND to the SIM . Both sides , network and subscriber module , perform the same operation with RAND and the key Ki, called A3. The MS sends back the SRES generated by the SIM ; the VLR can now compare both values .If they are the same ,the VLR accepts the subscriber, otherwise the subscriber is rejected.



ENCRYPTION :--

To maintain privacy , all message containing user related information are encrypted in GSM over all interface . After authentication ,MS and BSS can start using encryption by applying the cipher key Kc. Kc is generated using the individual key Ki and a random value by applying algorithm A8. The key Kc is not transmitted over the air interface. MS and BTS can now encrypt and decrypt data using the algorithm A5 and cipher key Kc.


DATA ENCRYPTION