Upload
surya6556
View
221
Download
0
Embed Size (px)
Citation preview
8/9/2019 Authentication Seminar Ligin
1/28
GSMSecurity, Authentication And Encryption
Prepared by
Ligin Mathew
8/9/2019 Authentication Seminar Ligin
2/28
Components of a GSM Network
Subscriber Equipment (MS)
The Switching System (SS)
The Base Station System (BSS)The Operation and Support System (OSS)
7/17/20102
8/9/2019 Authentication Seminar Ligin
3/28
Subscriber Equipment
Mobile Station (MS)
- The mobile telephone.
7/17/20103
Switching System
Mobile Services Switching Center.
Home Location Register (HLR)
Visitor Location Register (VLR)
Authentication Center (AUC)
Equipment Identity Register (EIR)
8/9/2019 Authentication Seminar Ligin
4/28
Base Station System (BSS)
Base Station Controller (BSC
Base Transceiver Station (BTS)
7/17/20104
Operation and Support System (OSS)
Message Center (MXE)
Mobile Service Node (MSN)
Gateway Mobile Services Switching Center (GMSC)
GSM Interworking Unit (GIWU)
8/9/2019 Authentication Seminar Ligin
5/28
Encryption Algorithm used in GSM
GSM networks utilize encryptionalgorithm for three purposes:
Authentication
Encryption
Key generation
7/17/20105
8/9/2019 Authentication Seminar Ligin
6/28
Authentication
A3Al rit i f r Aut ti ti
A3 l rit i i l t i t I r
A3's t sk is t r t t 32- it i R sponse( R ) utili ing t e 128- it r ndom challenge (RAND)generated by the Home Location Register (HLR) and the128-bit Indi idual ubscriber Authentication Key (Ki)from the Mobile Station's Subscriber Identity Module(SIM) or the Home Location Register (HLR).
7/17/20106
8/9/2019 Authentication Seminar Ligin
7/28
Encryption
In GSM, encryption refers to the process of creating authentication and ciphering cryptovariables using a special key and an
encryption algorithm.
7/17/20107
8/9/2019 Authentication Seminar Ligin
8/28
Encryption
Stream cipher known as the A5 algorithm isused.
Multiple versions of the A5 algorithm existwhich implement various levels of encryption.
A5 algorithm is implemented in the MobileStation.
The stream cipher is initialized with the Session Key (Kc) and thenumber of each frame. The same Kc is used throughout thecall, but the 22-bit frame number changes during the call,
thus generating a unique keystream for every frame. Thesame Session Key (Kc) is used as long as the Mobile ServicesSwitching Center (MSC) does not authenticate the MobileStation again. In practice, the same Session Key (Kc) may bein use for days.
7/17/20108
8/9/2019 Authentication Seminar Ligin
9/28
Key Generation
Key generation algorithm used in the GSMsystem is known as the A8 algorithm.
A8 algorithm is implemented in the SIM Card
Most GSM network operators utilize the aversion of the COMP128 algorithm as theimplementation of the A8 algorithm.
7/17/20109
8/9/2019 Authentication Seminar Ligin
10/28
Authentication Procedures
7/17/201010
Whenever a MS requests access to anetwork, the network must authenticate
the MS. Authentication verifies theidentity and validity of the SIM card tothe network and ensures that thesubscriber is authorized access to the
network.
8/9/2019 Authentication Seminar Ligin
11/28
Authentication Procedures
7/17/201011Step 1
8/9/2019 Authentication Seminar Ligin
12/28
Authentication Procedures
7/17/201012Step 2
8/9/2019 Authentication Seminar Ligin
13/28
Authentication Procedures
7/17/201013Step 3
8/9/2019 Authentication Seminar Ligin
14/28
Authentication Procedures
7/17/201014Step 4
8/9/2019 Authentication Seminar Ligin
15/28
Authentication Procedures
7/17/201015Step 5
8/9/2019 Authentication Seminar Ligin
16/28
Authentication Procedures
7/17/201016Step 6
8/9/2019 Authentication Seminar Ligin
17/28
Authentication Procedures
7/17/201017Step 7
8/9/2019 Authentication Seminar Ligin
18/28
Authentication Procedures
7/17/201018Step 8
8/9/2019 Authentication Seminar Ligin
19/28
Authentication Procedures
7/17/201019Step 9
8/9/2019 Authentication Seminar Ligin
20/28
Ciphering Procedure
7/17/201020
Ciphering refers to the process of changing plaintext data into encrypted
data using a special key and a specialencryption algorithm. Transmissionsbetween the MS and the BTS on the Umlink, are enciphered.
8/9/2019 Authentication Seminar Ligin
21/28
Ciphering Procedure
7/17/201021Step 1
8/9/2019 Authentication Seminar Ligin
22/28
Ciphering Procedure
7/17/201022Step 2
8/9/2019 Authentication Seminar Ligin
23/28
Ciphering Procedure
7/17/201023Step 3
8/9/2019 Authentication Seminar Ligin
24/28
IMSI
The IMSI (International Mobile Subscriber Identity) is aunique 15-digit code used to identify an individual user ona GSM network.
The IMSI consists of three components:
Mobile Country Code (MCC) Mobile Network Code (MNC)
Mobile Subscriber Identity Number (MSIN)
eg :IMSI: 404 95 1234567890MCC 404 India
MNC 95 Bharti Airtel Ltd. Kerala Circle
MSIN 1234567890
The IMSI is stored in the Subscriber Identity Module (SIM).
7/17/201024
8/9/2019 Authentication Seminar Ligin
25/28
TMSI or TIMSI
The TIMSI (Temporary IMSI) is a pseudo-random numbergenerated from the IMSI (International Mobile SubscriberIdentity) number.
The TIMSI is utilized in order to remove the need to transmitthe IMSI over-the-air. This helps to keep the IMSI moresecure.
To track a GSM user via the IMSI/TIMSI, an eavesdroppermust intercept the GSM network communication where theTIMSI is initially negotiated.
In addition, because the TIMSI is periodically renegotiated,the eavesdropper must intercept each additional TIMSI re-negotiation session.
7/17/201025
8/9/2019 Authentication Seminar Ligin
26/28
Ki, Kc, RAND, SRES
Ki is the 128-bit Individual Subscriber Authentication Keyutilized as a secret key shared between the Mobile Station andthe Home Location egister of the subscriber's home network.
RAND is 128-bit random challenge generated by the HomeLocation egister.
SRES is the 32-bit Signed esponse generated by the MobileStation and the Mobile Services Switching Center.
Kc is the 64-bit ciphering key used as a Session Key forencryption of the over-the-air channel. Kc is generated by the
Mobile Station from the random challenge presented by theGSM network and the Ki from the SIM utilizing the A8algorithm.
7/17/201026
8/9/2019 Authentication Seminar Ligin
27/28
7/17/201027
Thank You
8/9/2019 Authentication Seminar Ligin
28/28
7/17/201028