Security in gsm
Different security services are provided by GSM for security issues. Confidential information is stored in AuC and in the individual SIM. SIM Contains personal, secret data and is protected with a PIN against unauthorized use.
GSM security services:
Different security services provided by GSM are:
- Access control and authentication: To access the SIM user needs a secret PIN (Personal Identification number). By this authentication of the user is done.
- Confidentiality: After authentication, BTS and MS apply encryption to voice, data, and signaling. This confidentiality exists only between MS and BTS, but it does not exist end-to-end or within the whole fixed GSM/telephone network.
- Anonymity: To provide user anonymity, all data is encrypted before transmission, and user identifiers are not used over the air. Instead, GSM transmits a temporary identifier (TMSI), which is newly assigned by the VLR after each location update. Additionally, the VLR can change the TMSI at any time.
- Three algorithms have been specified to provide security services in GSM. Algorithm A3 is used for authentication, A5 for encryption, and A8 for the generation of a cipher key.
- To access any of the service of GSM authentication is must.
- Authentication uses a challenge-response method:
- Access control AC generates a random number RAND as challenge and the SIM within the MS answers with SRES (signed response) as response.
- The AuC performs the basic generation of random values RAND, signed responses SRES and cipher keys Kc for each IMSI, and then forwards this information to the HLR.
- The current VLR requests the appropriate values for RAND, SRES, and Kc from the HLR.
- For authentication, the VLR sends the random value RAND to the SIM
- The MS sends back the SRES generated by the SIM; the VLR can now compare both values. If they are the same, the VLR accepts the subscriber, otherwise the subscriber is rejected.
Figure : Subscriber authentication