Security & Encryption in GSM, GPRS & CDMA

Security and Encryption in GSM, GPRS, CDMA System
Abstract
In any mobile system, it is important to send or receive or any kind of data in security situation, it is important to reach
to the services in any time, it is also important to not any one to use other accounts. All these threats require good
security in the mobile system.
This project will discuss security issue. Security is complex subject, so the project tries to view this feature in easy way
without review all details, because that the main goal is to explain what is the security in mobile systems (GSM ,GPRS
and CDMA)?
There are security mechanism in mobile system which will be explained in this project and these mechanism applied by
vary algorithms and functions. As seen to GSM system,
The GSM was designed to be a secure mobile phone system with strong subscriber authentication and over-the-air
transmission encryption. The security model and algorithms were developed in secrecy and were never published.
Eventually some of the algorithms and specifications have leaked out. The algorithms have been studied since and
critical errors have been found. Thus, after closer look at the GSM standard, one can see that the security model is not
all that good. An attacker can go through the security model or even around it, and attack other parts of a GSM
network, instead of the actual phone call.
The security was improved in the CDMA system to avoid the weaknesses in the GSM system, the improvement
appeared clearly in authentication, confidentiality and integrity procedure.
The GSM,GPRS and CDMA architectures must be explained before studying security. Chapter one explain the
important 3G elements and their functional.
In chapter two, the project explain the main security aspects as the security architecture, security requirement and
security services authentication, confidentiality and integrity.
The Authentication and Key Agreement (AKA) which means the authentication procedures, data encryption (data
confidentiality) and data integrity will be explained more in chapter three. These services make by algorithms and
functions varies from generation to other, due to that are complex and some of that still secrecy, it is not explained in
detail.
To study AKA procedures more deeply we will present in chapter four program that simulates the AKA and algorithms
used in GSM.
Security and Encryption in GSM, GPRS, CDMA System 1

GSM
(Global System for Mobile communications)
1.1.1-Introduction [1]
In the early 1980s many countries in Europe witnessed a rapid expansion of analog cellular telephone system however,
each country developed its own system, and interoperability across borders became limiting factor.
In 1982, the conference of European post and telecommunications (CEPT), an association of telephone and telegraph
operators in Europe, established a working group to develop a new public land mobile system to span the continent.
Because their working language was French, the group was called the group special mobile (GSM).
1.1.2-GSM Properties [15]
• cellular radio network
• digital transmission up to 9600 bit/s
• roaming (mobilität among different network providers, international)
• Good transmission quality (error recognition and correction)
• scalable (große Teilnehmerzahlen möglich)
• worldwide 900 million subscribers
• Europe : over 300 million subscribers
• security mechanisms provided (authentication, authorisation, encryption)
• good usage of resources (frequency- and time-multiplex)
• integration with ISDN and analogue telephone network
• standard (ETSI, European Telecommunications Standards Institute)

Fig 1.1 architecture of The GSM network [1]
1.1.3.1The Mobile Station [2]
The Mobile Station (MS) is the user equipment in GSM. The MS is what the user can see of the GSM system. The
station consists of two entities, the Mobile Equipment (the phone itself), and the Subscriber Identity Module (SIM), in
form of a smart card contained inside the phone.
1.1.3.2 The Base Transceiver Station [2]
The Base Transceiver Station (BTS) is the entity corresponding to one site communicating with the
Mobile Stations. Usually, the BTS will have an antenna with several TRXs (radio transceivers) that each communicate
on one radio frequency. The link-level signaling on the radio-channels is interpreted in the BTS, whereas most of the
higher-level signaling is forwarded to the BSC and MSC. Speech and data-transmissions from the MS is recoded in the
BTS from the special encoding used on the radio interface to the standard 64 kbit/s encoding used in
telecommunication networks. Like the radio-interface, the Abis interface between the BTS and the BSC is highly
standardized, allowing BTSs and BSCs from different manufacturers in one network.

1.1.3.3The Base Station Controller [2]
Each Base Station Controller (BSC) controls the magnitude of several hundred BTSs. The BSC takes care of a number
of different procedures regarding call setup, location update and handover for each MS.
1.1.3.4 The Mobile Switching Centre [2]
The Mobile Switching Centre is a normal ISDN-switch with extended functionality to handle
mobile subscribers. The basic function of the MSC is to switch speech and data connections
between BSCs, other MSCs, other GSM-networks and external non-mobile-networks. The MSC
also handles a number of functions associated with mobile subscribers, among others
registration, location updating and handover. There will normally exist only a few BSCs per
MSC, due to the large number of BTSs connected to the BSC. The MSC and BSCs are connected
via the highly standardized A-interface [GSM0808]. However, due to the lack of standardization
on Operation and Mangement protocols, network providers usually choose BSCs, MSCs and
Location Registers from one manufacturer.
1.1.3.6 The Base Station Controller [2]
Each Base Station Controller (BSC) controls the magnitude of several hundred BTSs. The BSC takes care of a number
of different procedures regarding call setup, location update and handover for each MS.
1.1.3.7 The Equipment Identity Register [2]
The Equipment Identity Register (EIR) is an optional register. Its purpose is to register IMEIs of
mobile stations in use. By implementing the EIR the network provider can blacklist stolen or
malfunctioning MS, so that their use is not allowed by the network.
1.1.4- Subsystems [15]

• BSS: GSM net several BSS, 1 BSC/BSS
• BTS: radio equipments. Forms a radio cell.
• BSC
• Reserves frequencies (frequency/ch. assignment)
• Handles handovers

• Radio Sub System (RSS)

- RSS = MS + BSS
- BSS = BTS+ BSC
• Network Sub System (NSS)
- NSS = MSC+ HLR + VLR + GMSC
- Operation Sub System
• OSS = EIR + AuC
1.1.5 GSM –Frequencies [15]
GSM-900:
• Uplink: 890,2 MHz – 915 MHz (25 MHz)
• Downlink: 935,2 MHz – 960 MHz (25 MHz)
• Uplink-Downlink distance: 45 MHz
Frequency Division Multiple Access [15]
• Channels are 200 kHz wide.
• 124 pairs of channels
Time Division Multiple Access
• 8 connections each channel
• Theoretical 124*8 = 992 channel to use.
GSM-1800:
• Uplink: 1725,2 - 1780,4 MHz
• Downlink: 1820,2 - 1875,4 MHz
• Uplink-Downlink distance: 95 MHz
• 384 pairs of channels

1.1.6 GSM 900 and GSM 1800 [15]
GSM 900 GSM 1800

Frequency band 890-915 MHz 1710-1785 MHz
935-960 MHz 1805-1880 MHz
Border spacing 25 MHz 75 MHz
Duplex spacing 45 MHz 95 MHz
Carrier spacing 200 kHz 200 kHz
Carriers 124 374
Timeslots per carrier 8 8
Multiple access TDMA/FDMA TDMA/FDMA
Typical cell range <300m – 35 km <100m – 15 km
Handset Power 0.8 & 8 W 0.25 & 1 W
Table 1.1 GSM 900 and GSM 1800

GSM link [15]
• Full rate-Channel (Speech)
13 kBit/s
• Half rate-Channel (Speech)
6,5 kBit/s
• GSM-Data-Channel
9,6 kBit/s
1.1.7 FDMA and TDMA

Fig
1.2
FDMA in GSM 900
Fig 1.3 TDMA in GSM 900
GPRS
General Packet Radio Service
1.2.1 GPRS Introduction [4]

The basics of GPRS are rapidly explained; its history, standards and applications are presented, but the frantic
concision of the paragraphs seems to betray
An impersonal approach to the material.
Data communication needs:
1.2.3.1 Circuit switching [4]
Is a mode in which a connection (or circuit) is established from the point of origin of a data transfer to the destination.
Network resources are dedicated for the duration of the call until the user breaks the connection. Using these resources,
data can be transmitted or receive either continuously or in bursts, depending on the application. Since resources
remain dedicated for the entire duration of a data call, the number of subscribers that the network can support is limited.

1.2.3.2 Packet switching [4]

Is a mode in which resources are assigned to a user only when data needs to be sent or receives. Data is sent in packets,
which are routed across the network along with other user traffic. This technique allows multiple users to share the
same resources, thus increasing capacity on the network and managing resources quite effectively. However, the
technique does place some limitations on data throughput. Experience has shown that most data communication
application network (such as a LAN, WAN, the Internet, or a corporate Intranet), but that does not mean they are
sending and receiving data at all times. Furthermore, data transfer needs generally are not symmetrical
1.2.4 Properties [15]

• Packet mode service (end-to-end)
• Data rates up to 171,2 kbit/s (theoretical), effectively up to 115 Kbit/s
• Effektive und flexible Verwaltung der Luftschnittstelle
• Adaptive channel coding
• Standardized interworking with IP- and X.25 networks
• dynamic resource sharin with the „classic“ GSM voice services
• advantage: billing per volume, not per connection time
1.2.5 Data services in GPRS [7]

• GPRS (General Packet Radio Service)
• Packet switching
using free slots only if data packets ready to send
(e.g., 115 kbit/s using 8 slots temporarily) Standardization 1998, introduced 2000
• GPRS network elements GSN (GPRS Support Nodes)
• GGSN (Gateway GSN)
• Interlocking unit between GPRS and PDN (Packet Data Network)
• SGSN (Serving GSN)
• supports the MS (location, billing, security)
• GR (GPRS Register)
• User addresses

Fig 1.4 of the GPRS network
1.2.6.1 SGSN - Serving GPRS Support

Node
• SGSN responsible for delivery of data packets from and To mobiles
• One per service area (i.e. per BSC)
• Roles:
– Packet routing and transfer
– attach/detach and location management
– Logical link management
– Authentication and charging
• Location register stores location information (e.g., Current cell, current VLR) and user profiles (IMSI,
Address) for all GPRS users registered with this SGSN

1.2.6.2 GGSN - Gateway GPRS Support

Node
• Interface between GPRS backbone and external packet Data networks (IP/X.25/etc.)
• Converts GPRS packets coming from SGSN into packet Data protocol format
• Sends packets out on corresponding packet data Network
• Incoming data packets’ addresses (e.g. IP) converted to GSM address of destination user
• Re-addressed packets sent to responsible SGSN– GGSN stores current SGSN address of station in
Location Register
• Also some authentication and charging
1.2.7 SPEED [4]

Theoretical maximum speeds of up to 171.2 kilobits per second (kbps) are achievable with GPRS using all eight
timeslots at the same time. This is about three times as fast as the data transmission speeds possible over today's fixed
telecommunication networks and ten times as fast as current Circuit Switched Data services on GSM networks.
1.2.8GPRS – Interoperation [8]

• GGSN is interface to external packet data Networks for several SGSNs
• SGSN may route its packets over several Different GGSNs to reach different packet data Networks
• All GSNs are connected via IP-based GPRS Backbone network
• Within backbone, GSNs encapsulate the PDN Packets and tunnel them using GPRS Tunneling Protocol (GTP)
1.2.9.1GPRS – Backbone networks [15]

• Two kinds GPRS backbone:
– Intra-PLMN backbone networks connect GSNs of same PLMN for private IP-based Networks of GPRS network
provider
– Inter-PLMN backbone networks connect GSNs of different PLMNs
• Roaming agreement between two GPRS Network providers necessary from inter-
PLMN backbone

1.2.9.2 GPRS – Intra- and Inter-PLMN Backbones

• Two intra-PLMN backbone networks of different PLMNs connected with an inter-PLMN backbone.
• Gateways between PLMNs and the External inter-PLMN backbone are called Border gateways.
• Border gateways perform security Functions to protect private intra-PLMN Backbones against
unauthorized users And attacks
1.2.10 GPRS – Interfaces [15]

• Gn/Gp: between two GSNs , allow GSNs to exchange user profiles when a mobile Station
moves from one SGSN area to another
• Gf: between SGSN and EIR , Allow SGSNs to query IMEI of a mobile station trying To
register with the
network
• Gi: between PLMN and external public or private PDNs (e.g. Internet/corporate intranet)
• Gr: between HLR and SGSN , HLR stores user profile, current SGSN address and The
PDP address (es) for each GPRS user in PLMN.SGSN informs HLR about current location of
the Station. When station registers with new SGSN, HLR sends User profile to new SGSN
• Gc: between HLR and GGSN , used by GGSN to query user's location and profile in Order to
update its
location register
• Gs: between SGSN and MSC/VLR, MSC/VLR may be extended with functions and Register
entries. allow
efficient coordination between packet switched And circuit switched services E.g. combined GPRS and non
GPRS location Updates , combined attachment procedures– Paging requests of circuit switched GSM calls
can be Performed via SGSN
• Gd: between SGSN and SMS gateway MSC , SMS messages can be exchanged via GPRS
1.2.11 NEW APPLICATIONS, BETTER APPLICATIONS [4]

GPRS facilitates several new applications that have not previously been available over GSM networks due to the
limitations in speed of Circuit Switched Data (9.6 kbps) and message length of the Short Message Service (160
characters). GPRS will fully enable the Internet applications you are used to on your desktop from web browsing to

chat over the mobile network. Other new applications for GPRS, profied later, including file transfer and home
automation-the ability to remotely access and control in-house appliances and machines. A wide range of corporate and
consumer applications are enabled by no voice mobile services such as SMS and GPRS. This section will introduce
those that are particularly suited to GPRS.
Applications [4]
1-Chat
2- Textual and visual information
3- Still images
4- Moving images
5- web browsing
6-Audio
7-Internet email
1.2.13 SERVICE ACCESS [15]
To use GPRS, users specifically need:
• A mobile phone or terminal that supports GPRS (existing GSM phones do NOT support GPRS)
• A subscription to a mobile telephone network that supports GPRS
• Use of GPRS must be enabled for that user. Automatic access to the GPRS may be allowed by
some mobile network operators, others will require a specific opt-in
• Knowledge of how to send and/or receive GPRS information using their specific model of
mobile phone, including software and hardware configuration (this creates a customer service
requirement)
• A destination to send or receive information through GPRS. Whereas with SMS this was often
another mobile phone, in the case of GPRS, it is likely to be an Internet address since GPRS is designed
to make the Internet fully available to mobile users for the first time. From day one, GPRS users can
access any web page or other Internet applications-providing an immediate critical mass of uses.
• Having looked at the key user features of GPRS, lets look at the key features from s network
operator perspective.

CDMA
(Code division multiple access)
1.3.1 Background history [4]
Code Division Multiple Access (CDMA) is a radically new concept in wireless communications. It has gained
widespread international acceptance by cellular radio system operators as an upgrade that will dramatically increase
both their system capacity and the service quality. It has likewise been chosen for deployment by the majority of the
winners of the United States Personal Communications System spectrum auctions. It may seem, however, mysterious
for those who aren't familiar with it. This site is provided in an effort to dispel some of the mystery and to disseminate
at least a basic level of knowledge about the technology. CDMA is a form of spread-spectrum, a family of digital
communication techniques that ,have been used in military applications for many vears. The core principle of spread
spectrum is the use of noise-like carrier waves, and, as the name implies, bandwidths much wider than that required for
simple point-to-point communication at the same data rate. Originally there were two motivations: either to resist
enemy efforts to jam the communications (anti-jam, or AJ), or to hide the fact that communication was even taking
place, sometimes called low probability of intercept (LPI). It has a history that goes back to the early days of World
War 11. The use of
CDMA for civilian mobile radio applications is novel. It was proposed theoretically in the late 1940's, but the practical
application in the civilian marketplace did not take place until 40 years later. Commercial applications became possible
because of two evolutionary developments. One was the availability of very low cost, high density digital integrated
circuits, which reduce the size, weight, and cost of the subscriber stations to an acceptably low level. The other was the
realization that optimal multiple access communication requires that all user stations regulate their transmitter powers
to the lowest that will achieve adequate signal quality.
1.3.2 overview of Division Multiple Access [4]
It is easier to understand CDMA if it is compared with other multiple access technologies . The following sections
describe tlle fundamental differences between a frequency division Multiple Access Analog technology (TDMA), a
Time Division multiple Access Digital technology (TDMA)

1.3.2.1. Frequency' Division Multiple Access

Each Frequency Division Multiple Access (FDMA) subscriber is using the same medium (air) for communicating, but
they are assigned a specific frequency channel. While they are using the frequency channel, no one else in that cell or
neighboring cell can use the frequency channel.
FDMA Cocktail Party (analogy)
Two users have continuous access to the room. But, no one else can use the room
1.3.2.2 Time Division. Multiple Access

Time Division Multiple Access (TDMA) subscribers share a common frequency channel, but use
the channel only for a short time. They are each given a time slot and allowed to transmit during that time slot only.
When all of the available time slots in a given mquency are used the next user must be assigned to a time slot on
another frequency.
TDMA Cocktail Par(j! (analogy)
Subscribers have access to the same room, but only a pair of them can use the room for a short time. Then they must
leave and another couple enters. Throughout the evening, the subscribers rotate usage of the room.
1.3.2.3 Code Division Multiple Access [4]
Code Division Multiple Access subscribers share a common channel (frequency). All users are on the same frequency
at the same time, they are divided however by codes. CDMA Cocktail Par v (analogy)
All subscribers are in the same room together. They can be all talking at the same time. They can be grouped together
or standing across the room from each other. Unlike the other two multiple access systems, they do not have to leave
the room!
1.3.3 Types Of CDMA [4]
Three are two types of CDMA:

1.3.3.1 Frequency-Hopping:

Each user's narrowband signal hops among discrete frequency, and the receiver follows in sequence Frequency-
Hopping Spread Spectrum (FHSS) CDMA is not currently used in wireless system, although by the military
Frequency Hopping CDMA
FIG 1.5 Frequency-Hopping Spread Spectrum
1.3.3.2 Direct sequence :

Narrowband input from a user is coded (“spread”) by user-unique broadband code .then transmitted broadband signal is
receiver, receiver knows, applies user’s code ,recovers users’ data direct sequence spread spectrum (DSSS) CDMA IS
the method used in IS 95 commercial systems
1.3.4 CDMA2000: Delivering on 3G [15]

CDMA2000 represents a family of ITU-approved. IMT-2000 (3G) standard and network capacity to meet growing
demand for wireless services and high-speed data services. CDMA2000 1X was the world's first 3G technology
commercially deployed (October2000). CDMA2000 represents a family of technologies that includes CDMA2000 1X
and CDMA2000 1X EV.
A:- CDMA2000 1X
The world's first 3G (CDMA2000 1X) commercial system CDMA2000 1X can double the voice capacity of cdmaOne
networks and delivers peak packet data speeds of 307 kbps in mobile environment. There is only one 1.25-MHZ carrier
b: CDMA2000 1X EV
CDMA2000 1X EV includes:
CDMA2000 1X EV-DO
CDMA2000 1X EV-DO delivers peak data speeds of 2.4Mbps and supports applications such as MP3 transfers and
video conferencing.
CDMA2000 1X EV-DV
Hugh-speed packet multimedia services at speeds of up to 3.09 Mbps. 1XEV-DO and 1XEV-DV are both backward
compatible with CDMA2000 1X and cdmaOne (IS-95a & IS-95B).
C: CDMA2000 3X
US (CDMA2000) version: 3X chip rate and more Even faster data:2MB burstingThe Figure Blew IIIustrate that

Fig 1.6 Evolution of CDMA
1.3.5 Architecture of CDMA 1X network [4]
It has focused on the components that are added to the CDMA system
Fig1.7 CDMA network architecture
1.3.6. PDSN (Packet Data Service Node) [4]

• Establishes, maintains and terminates point-to-point protocol (999) session with the MS.
• Establishes, maintains and terminates the logical link to the radio network across the radio-
packet (R-9) interface.
• Initiates authentication , authorization and accounting (AAA) for the MS to the packet data
network (internet) via the AAA server .
• Receives service parameters for the MS from the AAA.
• Routes packet data between the RAN and the internet (like NAS in the internet).
• Collects usage data that is related to the AAA server.
• Supports both simple and mobile IP.
• For mobile IP the FA (foreign agent ) should be implemented on the PDSN (also a HA (home
agent) is needed).
• One BSC can interconnect to a few PDSNs for load balancing.
1.3.7.1 Advantages of CDMA2000 [4]
1.3.7.2 Coverage:
Forward and reverse link power control helps a CDMA network dynamically expand the coverage area . the coding and
interleaving techniques used in CDMA provide the ability to cover a larger area for the same amount of available
power used in the system . under line of sight condition CDMA has a 1.7 to 3 times more coverage than time division
multiple access(TDMA)
1.3.7.3 Capacity:
Third generation cellular systems are designed to provide enhanced voice capacity and the support of high data rate
packet data services . these data services are typically characterized by asymmetric traffic requirement subjected to the
adverse effect of the mobile channel . such condition require that use of advances techniques such as fast feedback
channel information adaptive modulation and coding incremental redundancy multiuse diversity ,efficient handoff
algorithm , adaptive data rate control ,etc.
1.3.7.4 CDMA universal frequency Reuse:

CDMA has a frequency reuse of one .Each base transfer station (BTS) in the network uses the same frequency
eliminating the need for frequency planning.

1.3.7.5 Soft handoff:

Capacity of a system is reduced when more power is required to communicate with a mobile . the soft handoff and
power control in CDMA reduces the power requirement of a call allowing more users in the system.
1.3.7.6 Throughput higher data:

Toda’s commercial CDMA support a peak data rate enables peak rates of up to 5 Mbps there are another advantages of
CDMA system as frequency band flexibility increased battery life synchronization, power control, and internet protocol
(IP) networks, improved service multiplexing and quality of service (QOS) management and flexible channel structure
in support of multiple services with various QOS and variable transmission rate..Etc
1.3.7.7 Applications:
CDMA offering a world of opportunities for multimedia services, satellite communication, military communication,
wireless local loop (WLL) and so on.
1.3.8.1 Benefits
Backward-compatibility with cdma one deployments:
-protect operator investment in exiting cdma one networks.
-provides simple and cost-effective migration to 3G service voice improvement
1.3.8.2 Voice improvement:

-voice quality improvement
-voice capacity improvement ( 1 X offers one and a half to times the capacity of cdma one 1X EV-DV offers even
grater capacity increase ).
1.3.8.3 High speed data services support:

-higher data rate (114 kbps to 2 Mbps and beyond )
-low latency data support
1.3.8.4 Multimedia services support :

- Simultaneous voice / data support for mult-serviece

- Quality of service (QOS) support for multimedia applications
1.3.8.5 Special Applications:

Hot spot coverage (spot beams) and follow- ME service (Smart Antennas ).
Access reliability and extended battery life.


GSM SECURITY
2.1.1 Introduction [7]
The security methods standardized for the GSM System make it the most secure cellular telecommunications standard
currently available. Although the confidentiality of a call and anonymity of the GSM subscriber is only guaranteed on
the radio channel, this is a major step in achieving end-to- end security. The subscriber's anonymity is ensured through
the use of temporary identification numbers. The confidentiality of the communication itself on the radio link is
performed by the application of encryption algorithms and frequency hopping which could only be realized using
digital systems and signaling.
2.1.2 Overview of GSM Security Services [7]

Smartcard-based authentication of the user
• Identification of the through worldwide unique name IMSI
• Algorithm A3 for authentication is not public, Confidentiality on the radio link:
• Algorithms: up to 7 A5 variants
• unique, permanent subscriber key Ki and dynamically generated communication keys Kc
Anonymity:
• use of temporary identities
2.1.3GSM Security Requirements [9]
2.1.3.1Network provider‘s view

• correct Billing: authenticity of the user
• no misuse of the service, correct billing of content-usage
• efficiency: no more bandwidth needed for security, no long delays (user acceptance), cost-
efficient
2.1.3.2User‘s view
• confidentiality of communication (voice and data)
• privacy, no profiles of the movements of the users

• connection with authentic base station

• correct billing
2.1.3.3Content provider‘s view
• correct billing
•
2.1.4 Architecture security for GSM [9]
The security aspects of GSM are detailed in GSM Recommendations "Security Aspects, "Subscriber Identity Modules,
"security Related Network Functions." and "Security Related Algorithms". Security in GSM consists of the following
aspects: subscriber identity authentication, subscriber identity confidentiality, signaling data confidentiality, and user
data confidentiality. The subscriber is uniquely identified by the International Mobile Subscriber Identity (IMSI). This
information, along with the individual subscriber authentication key (Ki), constitutes sensitive identification credentials
analogous to the Electronic Serial Number (ESN) in analogue systems such as AMPS and TACS. The design of the
GSM authentication and encryption schemes is such that this sensitive information is never transmitted over the radio
channel. Rather, a challenge-response mechanism is used to perform authentication. The actual conversations are
encrypted using a temporary. randomly generated ciphering key (KC).
The MS identifies itself by means of the Temporary Mobile Subscriber Identity (TMSI). which is issued by the network
a d may be changed periodically (i.e. during hand-offs) for additional security. The security mechanisms of GSM are
implemented in three different system elements; the Subscriber Identity Module (SIM), the GSM handset or MS, and.
the GSM network. The SIM contains the IMSI, the individual subscriber authentication key (Ki), the ciphering key
generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number (PIN). The
GSM handset contains the ciphering algorithm (A5). The encryption algorithms (A3, A5, AS) are present in the GSM
network as well. The Authentication Centre (AUC), part of the Operation and Maintenance Subsystem (OMS) of the
GSM network, consists of a database of identification and authentication information for subscribers.
This information consists of the IMSI, the TMSI, the Location Area Identity (LAI), and the individual subscriber
authentication key (Ki) for each user. In order for the authentication and security mechanisms to function, all three
elements (SIM, handset, and GSM network) are required. This distribution of security credentials and encryption
algorithms provides an additional measure of security both in ensuring the privacy of cellular telephone conversations
and in the prevention of cellular telephone fraud. Distribution of security information is among the three system
elements, the SIM, the MS, and the GSM network. Within the GSM network, the security information is further

distributed among the authentication centre (AUC), the home location register (HLR) and the visitor location register
(VLR).
The AUC is responsible for generating the sets of RAND, SRES, and Kc, which are stored in the HLR and VLR for
subsequent use in the authentication and encryption processes. Fig(2.1) demonstrates the distribution of security
information among the three system elements, the SIM, the MS, and the GSM network. Within the GSM network, the
security information is further distributed among the authentication center (AUC), the home location register (HlR) and
the visitor location register (VLR).
2.1.5 GSM- Security/Authentication/Access Control Features [9]
The GSM system promises to provide security over the air interface that is as good as the security offered by traditional
fixed networks .[l] The GSM standard specifies the following security features to be implemented in every PLMN.
-Subscriber identity. (lMSI) confidentiality. This feature protects the Subscriber ID (IMSI) from being attacked by
eaves-droppers.
-Subscriber (IMSI) authentication This feature protects the Network Assets from Attacks by imposters.
Fig connections.
Use data confidentiality an physical 2.1 Architecture
This security for GSMthe protection of user speech data and other
feature provides
user related identification information.
-Connectionless user data confidentiality :

This feature provides protection of the message part of the conAnectionless user data pertaining to OSI layers 4 and
above.
-Signaling information element confidentiality.

This feature provides protection to some of the network signaling information that are considered to be sensitive.
According to the standard, the implementation of these above features is mandatory over both the fixed and the access
network sides.
The mechanisms for implementing these features are explained in the following sections

2.1.5.1 Subscriber identity confidentiality:

This feature is implemented by means of Temporary Mobile Subscriber Identities
(TMSI). These TMSI are local numbers and have significance only in a given
location area (LA). The TMSI must be accompanied by Location Area Identifier
(LAI) to avoid ambiguities. Some of the requirements on the TMSI are :
The new TMSI must be allocated at least in each location update procedure.
This location updating whenever the mobile moves to a new location area (LA)
Whenever a new TMSI is allocated to a MS, it is transmitted to the MS in
A ciphered mode. The MS should store the TMSI in a non-volatile memory
Together with the LA so that these data are not lost whenever the mobile is
Switched off.
2.1.5.2GSM subscriber's authentication:

Purpose:
The authentication is used to identify the MS to the PLMN operator.
Operation:
Authentication is performed by challenge and response mechanism. Ki in the
HPLMN is held in the AUC . A random challenge (RAND ) is generated by the
Authentication algorithm A3 implemented within the SIM , and send a signed
Response (SRES) back to the PLMN.

Fig 2.2 user authentication
Fig 2.3 user authentication

2.1.6 confidentiality of connectionless data user information and signaling information on
physical connections [9]
. Security Requirements of Mobile communication
. Authentication of MS or Subscriber
. Authentication of VLR\HLR
. Confidentiality of Data between MS and VLR
. Confidentiality of Data between VLR and HLR
. Requirements For End – user privacy
. Security for call setup information
. Security for speech
. Privacy of Data
. Privacy of user-location
2.1.7 Privacy of user –ID [7]

All mobile communication system use some sort of a user-ID to identity its
Subscriber. This subscriber indentication (or the user-ID ) must be protect –
ted from hackers. Transmission of this information (that too. In clear) either
over the air-interface , or over the network must be avoided as far as possible
2.1.8 support of roaming [7]

Most mobile communications systems support roaming of users, wherein the
User is provided service even if he move into a region handled by a deferent
Service provider or a deferent network of the same service provider. Thus ,
There is requirement in the network for authenticating mobile user who roam
Into its area. The main problem here is that the subscriber related information
That is useful for authentication is present only in the home network of the
user end and is generally not accessible by the visited (or serving) network.

Thus, there must be a method by which a subset of handset credentials is supp-

lied to the serving network that is enough to authenticate the user. A complete
disclosure of handset credentials may result in a security compromise.
2.1.9 GSM security weaknesses [9]

Active attacks using false BTS are possible. This because the mobile dose not check the authenticity of the BTS while
establishing a connection. It simply responds to the challenge posed to it.
The cipher keys and the authentication data are transmitted in clear between and within Networks.
Data integrity is absent in GSM.
GSM was not built with a good flexibility for up gradation.
The Home Network (in GSM) had no knowledge or control over how an serving Network uses the authentication
parameters supplied to it for authenticating roaming subscribers.
GPRS Security
2.2.1 introduction [8]

The GPRS is a new service that is offered to the mobile phone user. Netcom and Telenor, who are the two largest
operators in Norway introduced GPRS on January 31 and February 1, 2001. So far it is just a small number of mobile
phone on the marked that supports GPRS and it is also difficult to get hold of a mobile phone. The operators offer a
limited numbers of services to the GPRS customers. One of the services that GPRS is supporting today is the Mobile
Mail. Mobile Mail is possible to use with the entire mobile phone that use WAP, but with the GPRS functionality
"always on" the email service Mobile Mail is more attractive It is important that the security is taken care of. This is
because the users; both private persons and companies, can feel safe and use the services that the operators offer.

Services that demand a high level of security could be financial transactions transfer of medical information or
exchange of personal e-mail messages. In the next two subchapters we have explained which part in the GPRS system
we are focusing on and the test we did in the Ericsson AS'a lab environment.
2.2.2 Architure Security For GPRS [8]

from the fig there are five main areas where security in the GPRS system is exposed .the five areas are :
1-security aspect relate to the mobile phone and the SIM card .
2-security mechanics between the MS and SGSN. These include also the air interface from the MS to the BSS.
3-The PLMNs backbone network security that mainly
4-security between different operation.
5-Security between GGSN and the external connected network like internet .
Fig 2.4 system architecture

2.2.3 Security functions in GPRS [8]
Confidentiality, Integrity and Authentication (CIA) are three different services that computer and network security
should cover. All the three services have to be protected, and attack against one or some of them are possible. It is
important to have strict control for who should have Access control and dispense with Denial-of-Service for the
unauthorized users

Confidentiality – The property of information that has not been disclosed to unauthorized parties. Confidentiality has
traditionally been seen as the most formidable threat in the communications system. To provide confidentiality
encryption is used.
Integrity – the property of information that has not been changed by authorized parties Integrity is normally associated
with error correction and retransmission techniques to ensure that data are not corrupted. Cryptographically checksum
is a technique to ensure that data is not willfully modified.
Authentication – The provision of assurance of the claimed identity of an entity. Authentication is reference to the user
identity verification. Challenge- Response is a common authentication mechanism that active challenge the user to
claim that he is the right person, so the user has to give that right response.
Access control – The prevention of unauthorized use of a resource, including the prevention of a resource in an
unauthorized manner. Access control is to give access to services for authorized user and denying unauthorized user the
same services.
Denial-of-Service – While access control is about denying the unauthorized user access to the services, Denial-of-
Service can be seen as a security service to ensure that unauthorized users are denied access to the services.
2.2.5. GPRS processes [8]

this section describes the flowing processes used in GPRS network :
Attach process
Process by which the MS attaches (i.e. connected)
To the SGSN in the GPRS
Authentication prosess
Process by which the SGSN authentication the mobile subscriber.
Detach process
Process by which the MS detaches (i.e. disconnected ) from the SGSN in the GPRS network .
2.2.5.1GPRS attach process

when a mobile subscriber turns on their handset , the flowing actions occur:
1.a handset attach request is sent to the new SGSN .

2.the new SGSN responds with the identity of the handset. The old SGSN responds with identity of the handset.
3.the new SGSN requests more informationA from MS .this information is used to authentication the MS to the new
SGSN .
4-The authentication process continues to the HLR. The HLR acts like a RADIUS server using a handset-level
authentication based on IMSI and similar to the CHAP authentication process in PPP.
5. A check of the equipment ID with the EIR is initiated.
6. If the equipment ID is valid, the new SGSN sends a location updated to the HLR indicating the change of location to
a new SGSN. The HLR notifies the old SGSN to cancel the location process for this MS. The HLR sends an insert
subscribe data request and other information associated with this mobile system and notifies the new SGSN that the
update location has been performed.
7. The new SGSN initiates a location update request to the VLR. The VLR acts like a proxy RADIUS that queries the
home HLR.
8. The new SGSN sends the Attach Accept message to the MS.
9. The MS sends the Attach Complete message to the new SGSN.
10. The new SGSN notifies the new VLR that the relocation process is complete.
2.2.5.2GPRS authentication process:
The GPRS authentication process is very similar to the CHAP with RADIUS server the authentication process follows
these steps:
1.The SGSN sends the authentication information to the HLR . the HLR sends information back to the SGSN based on
the user profile that was part of the user's initial setup.
2.The SGSN sends a request for authentication and ciphering (used a random key to encrypt information ) to the MS .
the MS uses an algorithm to send the user ID and password to the SGSN. Simultaneously , the SGSN uses the same
algorithm and compares the result. If match occur . the SGSN authentications the user.

Fig 2.5 main GPRS procedures

2.2.5.3 detach process initiated by MS
when a mobile subscriber turns off their handset . the detach process initiates . the detach process is described below .
1.the MS sends detach request to the SGSN
2-the SGSN sends a delete PDP context request message to the serving GGSN .
3-the SGSN sends a GPRS detach indication message to the MSC/VLR indication the MS request to disconnected.
4-the SGSN sends a GPRS detach indication message to the MSC/VLR
5-the SGSN sends the detach accept message to the MS .
Note
the GSN nodes must always respond to the detach request with a positive delete response to the MS and accept the
detach requested by the client. The positive delete response is require even if the SGSN dose not have a connection
pending for that client .
2.2.6 GPRS security /authentication/access control feature

2.2.6.1 Confidentiality of the user identity [8]
the identity of the user is protect ed to avoid the possibility for an intruder to identify which subscriber is using a given
resource on the radio path by listening to the signaling exchange or the user traffic. As a condition to accomplice this
the IMSI (international mobile subscriber identity) or any other information allowing a listener to drive the IMSI easily,
should not normally be transmitted in clear text in any signaling message over the radio pathe, it is from a security

point of view necessary that on the radio path a protected identifying method is used instead of the IMSI. The IMSI
should not normally be used as addressing means. But when signaling procedures permit it it, signaling information
elements that can expose information about the mobile subscriber identity must be ciphered for transmission.
To identify a mobile subscriber on the radio path a Temporary Logical Link Identity (TLLI) is used. The TLLI is a
local number and has only a meaning in a given Routing Area (RA), it is accompanied by the Routing Area Identity
(RAI). The relation between the TLLIs and IMSIs are stored in a database at the, SGSN. So when a TLLI is received
with a RAI that does not correspond to the current SGSN, the IMSI is requested from the SGSN in charge of the RA
indicated in the RAI. If the address of that SGSN is unknown the IMSI is requested from the MS. When a new TLLI is
allocated to a MS, it is transmitted from the SGSN to the MS in a ciphered mode produced with the GPRS-A5
algorithm. This is not completely the truth since the fixed part of the network can acquire the identification of the MS
in clear. However this is a breach in the provision of the service, and should only be used when necessary to cope with
malfunctioning e.g. arising from software failure
2.2.6.2confidentiality of user data

The SGSN can request security related information for a MS from the HLR/AuC corresponding to the IMSI, which will
include an array of pairs of corresponding
RAND and SRES. This is done in the HLR/AuC by using RAND and the key Ki in the A3 algorithm The pairs are
stored in the SGSN as part of the security information.
The HLR/AuC responds the SGSN by sending the vectors RAND/SRES in the Authentication Vector Response which
also includes the key Kc. These sets of information (RAND/SRES and Kc) are stored in the SGSN.
And they should be marked as used when they have been used, but it is the operators that decide how many times a set
can be used before it is marked. If there is no more unused sets left, the SGSN may use a used set. In order to get rid of
sets that is used the SGSN is to delete all the records marked as used, when it successfully request security related
information from the HLR. The sets may also be re-sent by the HLR depending on the rules for re-use of sets set by the
operator.
2.2.6.3 confidentiality of user information and signaling between MS and SGSN

The needs for a protected mode of transmission are fulfilled by a ciphering function in the LLC layer. It is the GPRS-
A5 algorithm that ciphers the LLC layer information. A mutual key setting is produced to allow the MS and the
network to agree on the key Kc to be used in the ciphering and the deciphering algorithms GPRS-A5. The Kc is
transmitted to the MS in the RAND value and it is derived from the RAND by using the A8 and the Subscriber

Authentication key Ki. The MS and the SGSN must coordinate when the ciphering and the deciphering processes
should start.
indicating if the frame is ciphered or not. The SGSN indicates if the ciphering should be used or not in the
Authentication and Ciphering Request message, and the MS starts the ciphering after sending the Authentication and
Ciphering Response message. In order for the enciphering bit stream at one end and the deciphering bit stream at the
other end to coincide, the streams must be synchronized. This is done by using an explicit variable INPUT, the
DIRECTION and the Kc in the algorithm GPRS-A5, The synchronization of ciphering at LLC frames level is done by
a bit in the LLC header
When a inter SGSN routing area update occurs, the necessary information (i.e Kc ,INPUT) is transmitted within the
system infrastructure to enable the communication to proceed from the old SGSN to the new one. The key Kc may
remain unchanged at Inter SGSN routing area update. The MS should indicate which version of the GPRSA5 algorithm
it supports when it wants to establish a connection to the network. The negotiation of the GPRS-A5 algorithm happens
during the authentication procedure. The network can decide to release the connection if there is no common GPRS-A5
algorithm, or if the MS indicates an illegal combination of supported algorithms. Otherwise the network selects one of
the mutual acceptable versions of the GPRS-A5 algorithms to bused.
CDMA security
Since the birth of the cellular industry, security has been a major concern for both service providers and subscribers.
Service providers are primarily concerned with security to prevent fraudulent operations such as cloning or
subscription fraud, while subscribers are mainly concerned with privacy issues. In 1996, fraudulent activities through
cloning and other means cost operators some US$750 million in lost revenues in the United States alone. Fraud is still
a problem today, and IDC estimates that in 2000, operators lost more than US$180M in revenues from fraud.
Technical fraud, such as cloning, is decreasing in the United States, while subscription fraud is on the rise1. In this
paper, we will limit our discussions to technical fraud only. With the advent of second-generation digital technology
platforms like TDMA/CDMA-IS-41, operators were able to enhance their network security by using improved
encryption algorithms and other means. The noise-like signature of a CDMA signal over the air interface makes
eavesdropping very difficult. This is due to the CDMA “Long Code,” a 42-bit PN (Pseudo-Random Noise of length
242-1) sequence, which is used to scramble voice and data transmissions. This paper discusses how CDMA 2000
1xRTT implements three major features of mobile security: authentication, data protection, and anonymity

2.3.2 Security – CDMA Networks [15]

The security protocols with CDMA-IS-41 networks are among the best in the industry. By design, CDMA technology
makes eavesdropping very difficult, whether intentional or accidental. Unique to CDMA systems, is the 42-bit PN
(Pseudo-Random Noise) Sequence called “Long Code” to scramble voice and data. On the forward link (network to
mobile), data is scrambled at a rate of 19.2 Kilo symbols per second (Ksps) and on the reverse link, data is scrambled at
a rate of 1.2288 Mega chips per second (Mcps). CDMA network security protocols rely on a 64-bit authentication key
(A-Key) and the Electronic Serial Number (ESN) of the mobile.
Fig2.6 the authentication by CAVE
A random binary number called RANDSSD, which is generated in the HLR/AC, also plays a role in the authentication
procedures. The A-Key is programmed into the mobile and is stored in the Authentication Center (AC) of the network.
In addition to authentication, the A-Key is used to generate the sub-keys for voice privacy and message encryption.
CDMA uses the standardized CAVE (Cellular Authentication and Voice Encryption) algorithm to generate a 128-bit
sub-key called the “Shared Secret Data” (SSD). The A-Key, the ESN and the network-supplied RANDSSD are the
inputs to the CAVE that generates SSD. The SSD has two parts: SSD_A (64 bit), for creating authentication signatures
and SSD_B (64 bit), for generating keys to encrypt voice and signaling messages. The SSD can be shared with roaming
service providers to allow local authentication. A fresh SSD can be generated when a mobile returns to the home
network or roams to a different system.
2.3.3 Authentication [6]

In CDMA networks, the mobile uses the SSD_A and the broadcast RAND* as inputs to the CAVE algorithm to
generate an 18-bit authentication signature (AUTH_SIGNATURE), and sends it to the base station. This signature is
then used by the base station to verify that the subscriber is legitimate. Both Global Challenge (where all mobiles are
challenged with same random number) and Unique Challenge (where a specific RAND is used for each requesting
mobile) procedures are available to the operators for authentication. The Global Challenge method allows very rapid
authentication. Also, both the mobile and the network track the Call History Count (a 6-bit counter). This provides a
way to detect cloning, as the operator gets alerted if there is a mismatch.The A-Key is re-programmable, but both the
mobile and the network Authentication Center
2.3.4 Basic of authentication : [6]

1. A- key (authentication Key)
2.ESN-MIN-MDN:
2.3.4.1 A- key (authentication Key):
the A-key or authentication key is a 64 bit permanent number stored in the permanent memory of the mobile. Pre-
programmed and stored security on the mobile phone during factory settings. Known only to the mobile and its
associated HLR/AC. Is used to generate the SSD (share secret data)- the intermediate keys.
2.3.4.2. ESN-MIN-MDN:
ESN (electronic serial number)
The ESN is the 32 bit electronic serial number of the mobile phone. The ESN is pre-programmed by the phone
manufacturer during factory setting. The ESN is unique to each mobile on the network and is used in conjunction with
the mobile number to identity the mobile on the network . MIN (mobile identification number)
The MIN is the 10 digit number which is assigned by the service providers to a mobile phone in the network . the MIN
is unique each mobile on the network and is used in conjunction with the ESN to identify the mobile on the network.
MDN (mobile directory number) The MDN is the 10 digit dilatable number assigned by the service provider to a
mobile phone on its network . the MDN may be the same as the MIN (it depend on how the service provider provisions
this pair on its network)
2.3.5Global challenge [6]

1- allows only valid subscriber to access the network resources.

2- all MS challenge with same random number

3- VLR can authenticate MS if SDD is shared
4- subsequence action is based on policy in effect (i.e. unique challenge)
Global challenge is performed when ever:
1-registration: when the mobile dose autonomous registration.
2- origination: when the mobile station originates a call .
3- terminations: when the mobile station responds with page message .
4- mobile station data: when it sends a data burst message I.e. SMS.
Fig 2.8 global challenge

2.3.6 unique challenge [6]
signal MS challenged with selected random number( unique) VLR can initiate if SSD is shared (only report failure to
AC) can executed on the traffic channel used for call saves control channel resources
By design, all CDMA phones use a unique PN (Pseudo-random Noise) code for spreading the
signal, which makes it difficult for the signal to be intercepted.

Fig 2.9 unique challenge:
2.3.7 The inherent security of the CDMA air interface [7]

Code Division Multiple Access (CDMA) technology is an advance wide area wireless technology for voice and high-
speed internet access supporting high mobility speeds. CDMA is inherently secure and has advantages to first-
generation analog and Time Division Multiple Access (TDMA) system . CDMA originated from military application
and cryptography and to data there has never been a report of high-jacking or eavesdropping on a CDMA call in a
commercially deployed network .the inherent security of CDMA 's air interface comes from a combination of
encryption and spread spectrum technology ,which are used simultaneously to void any gaps in security . first the
CDMA signals of all calls are transmitted or spread over the entire bandwidth rather than being tied to a specific time
or element in the system. this result in the signal of all calls tacking on white noise a noise-like appearance that work
as disguise making the signal of any one call difficult to distinguish and detect from background noise



GSM Encryption
Encryption, Decryption and cryptography
Encryption is the conversion of message from the original form to an unrecognizable form (encrypted message)
while decryption is the re-conversion of the encrypted message into its original form. The word cryptography comes
from the Greek words kryptos which means hidden and graphein which means writing. Cryptography is the science
of encryption and decryption. The art or study of cryptography was a known practice in the ancient world. The first
recorded use of cryptography was by the Spartan’s in 400 B.C. and one of the more famous ancient
cryptography was known as “Caesar Cipher” named after Julius Caesar which was used by the Roman armies to
transfer messages during war. The modern day cryptographic techniques make use of much faster processing
techniques which are embedded on advanced electronics chips and computers systems. In a general cryptographic
system a message is encrypted with the help of keys which are nothing but variables which are applied to the original
message. The formula for combining the original message and the key to produce an encrypted message is known as a
cryptographic algorithm. For example an original text written as HOWAREYOU could be encrypted into
KRZDUHBRX. In this example the cryptographic algorithm would read “shift key places forward” and the key
could be 2 which means shift 2 places forward.As can be seen in the above example both sides must have the same
cryptographic algorithm and must know the key or variable to perform the cryptographic algorithm on the original
message. Most Cryptographic systems use either the Secret Key (Symmetric) cryptography or Public Key
(Asymmetric) cryptography and sometimes even a mix of both. This White Paper will not discuss these two models
as used in various applications but would stay focused on the Authentication and Encryption as used in GSM systems
3.1.2 GSM ALGORITHM [3]

GSM subscriber identity module (SIM) contains
• International Mobile Subscriber Identity (IMSI)
• Subscriber identification key Ki Used for authentication and encryption via simple Challenge/response protocol
• A3 and A8 algorithms provide authentication (usually Combined as COMP128)
• A5 provides encryption

Fig 3.1 challenge response

3.1.3 GSM Security [15]
1. Base station transmits 128-bit challenge RAND
2. Mobile unit returns 32-bit signed response SRES via A3
3. RAND and Ki are combined via A8 to give a 64-bit A5 key
4. 114-bit frames are encrypted using the key and frame Number as input to A5
3.1.4 A5 ALGRITHM [15]

3.1.4.1 A5/1 Overview
“Cryptography is a mixture of mathematics and muddle, and without the muddle the mathematics can be used against
you.”
- Ian Cassells, a former Bletchly Park cryptanalyst.
• A5/1 is a stream cipher, which is initialized all over again for every frame sent.
• Consists of 3 LFSRs of 19,22,23 bits length.
• The 3 registers are clocked in a stop/go fashion using the majority rule.
3.1.4.2 A5/1 : Operation

• All 3 registers are zeroed
• 64 cycles (without the stop/go clock) :

• Each bit of K (lsb to msb) is XOR'ed in parallel into the lsb's of the registers
• 22 cycles (without the stop/go clock) :
• Each bit of Fn (lsb to msb) is XOR'ed in parallel into the lsb's of the registers
• 100 cycles with the stop/go clock control, discarding the output
• 228 cycles with the stop/go clock control which produce the output bit sequence.
Fig3.2 keystream generation
3.1.4.3 A5 The Model

• The internal state of A5/1 generator is the state of all 64 bits in the 3 registers, so there are 264-1
states.
• The operation of A5/1 can be viewed as a state transition :
• Standard attack assumes the knowledge of about 64 output bits (64 bits →264 different
sequences).
About A5 :
• A5/0 : no encryption.
• A5/1 : original A5 algorithm
• A5/2 : weaker algorithm created for export
• A5/3 : strong encryption created by 3GPP
• A5 is a stream cipher.
• Uses three linear feed-back shift registers (LFSR) of different length (19/21/22) and Variable clock. The xor of the
three registers Is the bit stream that is then xored with the
Plain text.

• The key is the initial content of the Registers, in total 64 bits derived from Kc
And the frame number.
3.1.5 A5/2 Algorithm [15]
3.1.5.1 Description of A5/2
• 4 LFSR R1,R2,R3,R4.
• R4 controls the clocking of R1,R2,R3.
• LFSRs are initialized using KC and frame # f.
• After key is loaded, one bit of each register is forced to be set.
• Output (228 bit key stream) is quadratic function of R1,R2,R3.
• 114 bits of key stream are used to encrypt uplink and rest 114 are used for downlink.
Fig 3.3 architecture of A5/2
3.1.5.3 Ciphertext-only Attack on A5/2

• Error correction codes are employed in GSM before encryption.

• Plaintext has highly structured redundancy.

• Complexity
Implementation on a personal computer recovers KC in less than a second and takes less than 5.5hours for one time
pre-computation.
Possible Attack Scenarios

• Eavesdropping conversation (passive listening)
• Call hijacking (man in the middle)
• Altering of data messages (SMS)
• Call theft (parallel session)
3.1.7 Attack Categories [15]

• Attacks on GSM Security
• SIM Attacks
• Cryptanalytic Attack
• Fake BTS
• Radio-link interception attacks
• Operator network attacks
• GSM does not protect an operator’s Network
3.1.8.1 Attacks on GSM Security

3.1.8.2 SIM Attacks
• Secret key KI is compromised.
• Physical access to SIM is needed.
• COMP-128 leaks KI (April 1998)
• Requires about 50K challenges
• Side-channel attacks
• Power consumption
• Timing of operation

• Electromagnetic emanations
• Cloning of SIM is possible
3.1.8.3 Cryptanalytic Attack
• Weakness in the encryption algorithm
• Session key KC is compromised
• Over the air attack (physical access not required)
3.1.9 Observations [15]
• Attack takes lesser time than authentication timeout.
• No authentication for base station.
• Replay attack is possible as nonce or time stamp are not used.
• A5/2 is already broken and A5/1 is weak. Even changing to A5/3 won’t help.
• GSM interceptor/scanners are easily available.
• Security problems in mobile communications are keeping the applications like m-commerce
from deployment.
• Attack takes lesser time than authentication timeout.
• No authentication for base station.
• Replay attack is possible as nonce or time stamp are not used.
• A5/2 is already broken and A5/1 is weak. Even changing to A5/3 won’t help.
• GSM interceptor/scanners are easily available.
• Security problems in mobile communications are keeping the applications like m-commerce
from deployment.
• GSM security design process was conducted in secrecy.
• The A5 encryption algorithm was never published.
• The key calculated does not depend on which of the A5 algorithms it is destined to be used with.
• Real time cryptanalysis of A5/2.
• The encryption is done after coding for error correction.

GPRS Encryption
3.2.1 Authentication and key agreement of GPRS [4]
3.2.1.1 Keys and triplets:
When a connection is established with a Mobile Station (MS), the Serving GPRS Support Node (SGSN) is informed
and takes over control of the Authentication procedure. The SGSN request the International Mobile Subscriber Identity
(IMSI) and uses it to identify the station's HLR. The SGSN conveys the IMSI and its own identity to the HLR so that
this can inform the Network of the Mobile Station's subscriber IMSI; it addresses the Authentication centre and
requests for the ciphering key Ki. The key is retrieved by the Authentication centre and used with a Random number as
parameter in an algorithm, A3 to calculate a signature or signed response. The AuC similarly uses Ki and the random
number as a parameter in an other algorithm A8 to calculate the ciphering key Kc for traffic channel coding. The
random number, the signed response and Kc make up a triplet for a mobile station which can be used for further
ciphering.
3.2.1.2 GPRS Authentication [8]

In GPRS the authentication mechanism is the same as in GSM except that it is performed by the SGSN instead of the
VLR. As a side effect, the GPRS system effectively prevents eavesdropping on the backbone between the BSS and
SGSN, because the frames are still encrypted at this point. Thus, security of GPRS depends largely on the placement
and safety of the SGSNs. The particularity of GPRS is the "attach" procedure which allows sending and receiving
packets on a date network. In fact, this procedure includes authentication as described above, ciphering algorithm
negotiation and IP address assignment by the SGSN.
The HLR conveys the value of the triplets (Kc, the signed response and the random number) to the SGSN and the value
of the Random number is then passed to the Mobile Station. Additionally the SGSN performs the selection of the
ciphering algorithm (different versions of the ciphering algorithm A5 should be available), and the synchronization for
the start of the ciphering.
The MS, after receiving the Random number, calculates the other value of the triplets (signed response and Kc) using
algorithm A3 and A8. The signed response is sent back to the SGSN and compared to the one sent by the HLR (see
Figure 3-12 Calculation of the triplets in the MS p.19). Any further processing are not undertaken before the signed
response calculated by the HLR and stored in the SGSN matches the one calculated in the mobile.
3.2.1.3 GPRS Encryption [8]

A cryptosystem defines a pair of data transformations. The first transformation, the encryption is applied to an ordinary
data item known as plaintext and generates a corresponding (unintelligible) data item called cipher text. The second
transformation or decryption is applied to the cipher text and results it in the regeneration of the original plaintext. An
encryption transformation is defined by an algorithm and uses as input both the plaintext data and an independent value
known as an encryption key Similarly, a decryption transformation is defined by an algorithm and uses a decryption
key as well as the cipher text so as to cover the plaintext.
If the authentication of the subscriber is successful then the encoding step is targeted. Data and signaling are merged on
a traffic channel between the mobile station and the SGSN using:
• The GPRS system uses a new A5 implementation as well referred to as the GEA version 1
(GPRS Encryption Algorithm). The GEA is responsible for securing the interface from Mobile Station
to SGSN. The Kc is not transmitted to the BTSs and the transmission channel between the BTS and the
SGSN is encrypted making impossible to monitor the backbone between the BTS and the SGSN
• The Key Kc as a parameter
Fig 3.4 authentication and encryption

An important security mechanism that protects the radio link against eavesdropping is encryption. Encryption protects
both user data and network control information. This is referred to as ciphering in the GPRS specification, is an option
employed by AT&T Wireless. Please note, not all GPRS or EDGE device and an infrastructure element called the
SGSN (a relatively centralized node)
Encryption spans not only the radio interface, but a portion of the wire line infrastructure as well and includes Base
Transceiver Station (BTSs), Base Station Controllers (BSCs), and all of the connections leading to the SGSN.
Following authentication, the network and MS calculate a 64-bit encryption key by applying a key-generating
algorithm called A8 to two values: the secret subscriber key and a random number previously used for authentication.

Once the encryption key id derived, communication between the NS and the GPRS/EDGE network is encrypted using
an algorithm called GPRSA5, a modified version of the A5 algorithm used in GSM network for voice communication.
GPRSA5 is optimized for packet-data communications.
Fig 3.5 the GPRS ciphering

This algorithm is also referred to as GPRS Encryption Algorithm (GEA). Both A5 and GPRS-A5 are based on an
algorithm called COMP128. The first version of GPRS encryption was called GEA1. The current version is GEA2.
The protocol level that handles encryption is called the Logical Link Control (LLC) layer. The LLC operates between
the MS and SGSN at layer two of the network reference model (see Figure 3-14). Both signaling (control) information
and user data are processed by the LLC layer; therefore the network keeps both user data and control information (such
as the user's location) confidential.
Fig 3.6 THE GPRS traffic

3.2.2 Scope of ciphering [8]

In contrast to the scope of ciphering in existing GSM (a single logical channel between BTS and MS), the scope GPRS
ciphering is form the ciphering function at the SGSN to the ciphering function in the MS. This means that user data and
signaling are protected by the ciphering algorithm (A5)all way long form the MS to the SGSN and not only form the
MS to the BTS as it was the case in GSM. As a matter of fact, this will avoid us to study the Gb Interface since the
interconnection between the BSS and the SGSN are as well protected as the Um interface (MS-BSS interface).
Fig 3.7 scope of GPRS ciphering
3.2.3 Characteristics Of The Different Algorithms in GPRS [15]

• Three kinds of algorithms have been defined:
• .Algorithm A3 which is the Authentication algorithm.
• Algorithm A5 which is the ciphering/deciphering algorithm. As previously explained
• several ciphering algorithms will be designed and one of them will be chosen during the
authentication procedure.
• Algorithm A8 which is the cipher key generator.
3.2.3.1 Algorithms A3 & A8 :

The algorithms is used for authentication processes and algorithms A8 it used for produce cipher key (kc). The
algorithms A3 and A8 in GPRS takes same procedures which they occurs in GSM system.
3.2.3.2 Algorithms A5:

A5 is implemented in to the math MS and SGSN. The ciphering take place just before modulation and after
interleaving. The deciphering take place just before demodulation and after symmetrically. The useful information
(plain text) is organized in to blocks of 114 bit .for ciphering A5 produces a sequence of 114cipher\ decipher bits (here
called BLOCK) which is combined by a bit wise modulo to addition to the 114 bits plain text . Deciphering is
symmetrically: A5 produces a sequence of 114cipher\ decipher bits and the first produced bits are added to cipher text
(coded massage) and so on …
For each slot , the decipherment is performed on MS side with first block ( BLOCK1) of 114 bits produced by the A5,
And the encipherment is performed with the second produced block (BLOCK2) for deciphering.{4} therefore , A5
must produce twice 114 bits .THE ciphering start when valid authentication response is received from MS using
synchronization for the start ciphering that has been selected in the BSC . synchronization guaranteed by explicit time
variable , COUNT
(22-bits) , derived from the logical link control (LLC) frame number .therefore , 114 bits block produced by A5 only
depends on the LLC frame numbering , the cipher key kc (64 bits) and of course the A5 algorithm used . THE fig (3.9)
summarises the above listed implementation indication , with only one cipher\ decipher bits procedure represented.
Fig 2.8 use of the A5 algorithm

CDMA ENCRYPTION
3.3.1 Authentication and Encryption in CDMA system [13]
Executive summary
Mobile usage has virtually penetrated every aspect of our daily lives from the traditional voice communication to short
message services (SMS), multimedia messaging services (MMS), ring tones, camera phones, games and a vast array of
applications. In fact with the advent of 3G technologies most Service Providers are promising even more attractive
features and applications. Most mobile phone manufacturers are making the mobile even more and more feature rich.
One of the key areas which has been addressed by both the Service Provider and the Mobile manufacturers is in th area
of Authentication and Encryption in Mobile technology. This White Paper is an attempt to address the concept of
Authentication and Encryption in CDMA systems and the usage of this feature in today’s mobile telephony
environment.
3.3.1.2 The Authentication model [6]

An Authentication model is best represented by Figure 1 shown below. As soon as the User
desires some service from the Serving System a random number is thrown at it from the
Serving System as a Challenge to authenticate itself. The User uses this random number and
performs a cryptographic algorithm on it using a Secret Key which is known at both ends. The
same process is carried out at the Serving System using the same cryptographic algorithm and
Secret key. The resultant output from the User side is given to the Serving System as a
Response. The Serving System compares the Response with its own computation. If the two
match the User is either permitted access to Services or is denied entry.

Fig 3.9 cryptographic algorithm
In CDMA systems as we shall see in subsequent sections the process of Authentication is to

identify and provide service to a genuine mobile on the network and deny access to a cloned
version of it.
3.3.1.3 Authentication and Encryption in CDMA system [13]
At the heart of the Authentication model in CDMA is the Authentication key or A-key which is
like a master key to the system. The A-key is a 64 bit number stored in the permanent section
of the memory and is usually pre-programmed at factory settings. The A-key as we shall see in
further sections is used to generate intermediate keys and session keys within the system. The
model represented below represents the complete Authentication and Encryption systems in
CDMA networks and will be the focus of our study from now.

Fig 1.10 authentication and Encryption

For better understanding this system can be divided into three sections namely SSD (Shared
Secret Data) Generation / Updation, Authentication and finally Encryption. The CDMA
networks make use of a cryptographic algorithm known as CAVE or Cellular Authentication
and Voice Encryption which is used in various stages of the procedure.
On the initiation of a SSD generation/update the Home Location Register/Authentication Centre
(HLR/AC) sends out a Random number RANDSSD (56 bits) as a challenge. The mobile takes
this RANDSSD value along with the ESN and A-key to generate the SSD pairs namely SSD_A
and SSD_B both 64 bits long.
The above is followed by a procedure known as Global Challenge. In this process the SSD_A
is further fed into the CAVE algorithm along with ESN and MIN and a random number known as
RAND (32 bits) which is now generated by the MSC. The result computed as Authentication
Signature (AUTHR) (18 bits) is sent back by the mobile to the network. The network too
would have calculated its own version of AUTHR which it uses to compare the result.
The network Base Station permits access to the mobile if the Authentication Signatures
matchand denies access if they do not. In the event of a mismatch the network may also
initiate a SSD update to generate a new pair of SSD_A and SSD_B and also in some cases
initiate a Unique Challenge to the mobile. Here it sends out a Unique Random number
RANDU (24 bits) to a particular mobile and receives a unique Authentication Signature
(AUTHU) (18 bits) from that
mobile. The Authentication Procedure is invoked during Registration, Origination, Page
Response or Data Burst Message.
How is Authentication Invoked [15]

When a mobile is trying to Register onto the network by sending a Registration message on the Access Channel
RAND (32) ESN (32) IMSI_S1 (24) SSD_A (64)
AUTH_SIGNATURE-CAVE
AUTHR (18)
When a Mobile attempts to Originate a call by sending an Origination message on the Access Channel
AUTH_SIGNATURE-CAVE
AUTHR (18)
When a Mobile is trying to Terminate a call by sending a Page Response message

on the Access Channel
AUTH_SIGNATURE-CAVE
AUTHR (18)
When a Mobile attempts to send a Data Burst message on the Access Channel

AUTH_SIGNATURE-CAVE
AUTHR (18)
3.3.2 Spread Spectrum [15]
A technique in which the transmission bandwidth W and message bandwidth R are related as
W >> R
Counter intuitive
Achieves several desirable objectives for e.g. enhanced capacity
3.3.3 Types of Spread Spectrum Systems

1-Frequency Hopping
2-Direct Sequence
Frequency Hopping
• Slow Frequency Hopping - multiple symbols per hop

• Fast Frequency Hopping - multiple hops per symbol
Care is taken to avoid or minimize collisions of hops from different users

3.3.3.1Frequency Hopping
Fig 1.11 Typical frequency-hopping waveform pattern

3.3.3.2 Direct Sequence
Fig 3.12 Transmitter side of system

3.3.4 Spreading Codes [15]

1- It is desired that each user’s transmitted signal appears noise like and random. Strictly
speaking, the signals should appear as Gaussian noise
2- Such signals must be constructed from a finite number of randomly preselected stored
parameters; to be realizable
3- The same signal must be generated at the receiver in perfect synchronization
4- We limit complexity by specifying only one bit per sample i.e. a binary sequence
IS-95 CDMA
1 Direct Sequence Spread Spectrum Signaling on Reverse and Forward Links
2 Each channel occupies 1.25 MHz
Reverse CH Forward CH
847.74 MHz 892.74 MHz

1-Fixed chip rate 1.2288 Mcps
45
3.3.4 Spreading Codes in IS-95 []15]
1
MHz
Orthogonal Walsh Codes
– To separate channels from one another on forward link
– Used for 64-ary orthogonal modulation on reverse link.
2 PN Codes
– Decimated version of long PN codes for scrambling on forward link
Long PN codes to identify users on reverse link
Short PN codes have different code phases for different base stations
Reverse Link Modulation
-The signal is spread by the short PN code modulation (since it is clocked at the same rate)
-Zero offset code phases of the short PN code are used for all mobiles
-The long code PN sequence has a user distinct phase offset.
3.3.6 Characteristics Of The Different Algorithms in CDMA

3.3.6.1 The cellular authentication and voice Encryption (CAVE) [12]
The cellular authentication and voice encryption (CAVE) security system used in ANSI-41 net words supporting
analog, TDMA and CDMA systems is much more compels. The wireless device's private key is shared only by the
wireless device and the home system, but the serving system is sent SSD, a secondary key (i.e. one that is derived from
the primary key), rather than just a list of challenge response pairs. This enables the serving system to securely
authenticate the wireless device any number of times without the overhead of further communication with the home
system. This flexibility and efficiency does, however, require the same algorithm (CAVE) be used by all system. If a
major loss of keys occurred it would be possible to update the valid wireless devices with a new SSD over the radio
interface, but a serious breach of the CAVE algorithm would not be easily rectified
CAVE id use
1. To generate A-Key Checksum.
2. To generate the SSD
3. To generate the CMEA Key an VPM
Fig 3.14 SAVE diagrammatically
3.3.6.2 Cellular Message Encryption Algorithm (CMEA) key (64 bit) [12]
The CMEA key is used with the (ECMEA) algorithm for protection of digital data exchanged between the mobile
station and the base station. Note that CMEA is not used to protect voice communications. Instead, it is intended to
protect sensitive control data, such as the digits dialed by the cell phone user. A successful break of dialed (all KTMF

tones) by the remote endpoint and alphanumeric personal pages received by the cell phone user. Finally, compromise
of the control channel contents could lead to any congenital data the user types on the keypad: calling card PIN
numbers may be an especially widespread concern, and credit card numbers, bank account numbers, and voicemail PIN
numbers are also at risk.
A description of CMEA
We describe the CMEA speci_cation fully here for reference. CMEA is a byte oriented variable-width block cipher
with a 64 bit key. Block sizes may be any number of bytes; with the block size potentially varying without any key
changes. CMEA is quite simple, and appears to be optimized for 7-bit microprocessors with severe resource
limitations. CMEA consists of three layers. Performs one non-linear, un keyed operation if tended to make changes
propagate in the opposite direction. One can think of the second step as (roughly speaking) XORing the right half of the
block from left to right; in fact, it is the inverse of the first layer.
Fig 3.15 the CMEA key
3.3.6.3 SSD –Shared Secret Data [12]
The SSD (Shared Secret Data)

1 A 128 bit number that is stored in the semi-permanent memory of the mobile.

2 Is a temporary number that is updated during SSD updates.

3-SSD is divided into two parts, SSD_A (64 bits) and SSD_B (64 bits) which is used to generate the session keys for
Voice, data and Signaling messages
4- The SSD is calculated simultaneously by both MS and AC
5- The SSD can be shared with the VLR
Fig 3.13 SSD update
3.3.6.4 The data key (32 bit) and the ORYX algorithm [12]
A separate data key, and an encryption algorithm called ORYX, is used by the mobile and the network to encrypt data
traffic on the CDMA channels.
ORYX is a simple stream cipher based on binary linear feedback shift registers (LFSRs) that has been proposed for use
in North American digital cellular systems to protect cellular data transmissions. The cipher ORYX is used as a key
stream generator. The output of the generator is a random-looking sequence of bytes. Encryption is performed by
XORing the key steam bytes with the data bytes to form cipher text. Decryption is performed by XORing the key steam
bytes with the cipher text to recover the plaintext. Hence known plaintext-cipher text pairs can be used to recover
segments of the key steam. In this paper, the security of ORYX is examined with respect to a known plaintext attack
conducted under the assume piton that the cryptanalyst knows the complete LFSRs. For this attack, we assume that the
compete structure of the cipher, including the LFSR feedback functions, is known to the cryptanalyst. The key is only

the initial states of the three 32 bit LFSRs: a total key size of 96 bits. there is a complicated key schedule which
decreases the total key space to something easily searchable using brute-force techniques; this reduces the key size to
32 bits for export. However, ORYX is apparently intended to be strong
Algorithm when used with a better key schedule that provides a full 96 bits of entropy. The attack proposed in this
paper makes no use of the key schedule and is
Applicable to ORYX whichever key schedule is use. Show the fig
Fig 3.16 the data key

3.3.6.5 Private long mask (PLM) [12]
CDMA system is the 42-bit PN (pseudo Random Noise) Sequence called "long code" to scramble voice and data . On
forward link (network to mobile) , data is scrambled at a rate 19-2 KSPS ( kilo symbols per second ) and on the reverse
link, data is scrambled at a rate 1.2288 MCPS(mega chips per second).

Fig 3.17 the PLM

3.3.8 Conclusion
The GSM security model is broken on many levels and is thus vulnerable to numerous attacks targeted different parts
of an operator’s network. Assuming that the security algorithms were not broken, the GSM architecture would still be
vulnerable to attacks targeting the operators backbone network or HLR and to various social engineering scenarios in
which the attacker bribes an employee of the operator, etc. further more , the secretly designed security algorithms
incorporated in to the GSM system have been proven faulty . The A5 algorithm used for encrypting over-the-air
transmission channel is vulnerable against known-plain-text and divide –and conquer attacks and intentionally reduced
key space is small enough to make a brute- force attack feasible as will . The COMP 128 algorithm used in most GSM
networks as the A3\A8has been proved faulty so that is secret key Ki can be reverse engineered over – the –air
through a chosen challenge attacks in approximately ten hours . All this means that if some body wants to intercept a
GSM call, he can do so. It cannot be assumed that the GSM security model provides any kind of security against a
dedicated attacker. The required resources depend on the attack chosen .Thus, one over the GSM network. The security
of GPRS networks depend upon the A3, A5 and A8 algorithms used by the GSM system to authenticate the user and
the base station and cipher all data and voice traffic between them .While on the surface GPRS seems to be secure
many security holes have been discovered .The smartcard used in GSM system uses an authentication system in which
a challenge response is performed with the mobile units ESN (electronic serial number). The encoding used in this
challenge response scheme has been shown to be vulnerable and smartcards can be thus cloned. The A5 cipher is used
to encrypt all the data communications. Researchers believe that A5 is not as strong as 114 bit key length but can be
broken using hardware based cryptanalysis .however such attacks are not prevalent as the importance of user data
transmitted by GPRS networks is stile quite small. The CDMA systems are believed to more secure than GPRS

networks, mainly due to the nature of the radio frequency signaling, while it is possible to listen in on a GPRS
transmission using TDMA receivers, such is not possible with CDMA. A CDMA receiver has to be coded with the
correct 64 bit code to be receive a channel of CDMA traffic and without This code , or with the wrong code ,the
received signal is noise ,A brute force attack to find correct code is not feasible . The code is exchanged between the
sender and receiver at the handshake , which happens over an encrypted channel. IN spite of the difficulty in 'tuning '
into CDMA transmission , the data (or voice ) transmission is further encrypted . This double layer of ciphering makes
CDMA security possibly quit strong . All cellular networks however vulnerable to location finding by triangulation or
directional antennas .that is , an attacker can find the location of mobile station with the use of the radio monitoring
equipment , This dose not compromise the privacy of the data , but the privacy of the operators location , In our
simulation we faced some difficulties in 3rd G security because it is new system and it is not applied more and
encryption and functions content still secrecy . We also found the algorithms in GSM as not complex as algorithms in
CDMA . in the end our advice to who wants to extend in this filed to concentrate in the algorithms and function and
their functionalities in the new system like CDMA .
3.3.9 Recommendations
In the project we are working hard to research in the Security and encryption in GSM, GPRS & CDMA system. But we
denote a recommendation to the researchers in this project to make this project complete.
A recommendation are :
1- they should be research in the new algorithm which are updated by the companies. Such as A5 algorithm , we are
researching about A5/1 and A5/2 algorithms but now there is new algorithm called A5/3 in the 3G system.
2- the project miss to making simulation in the security and Encryption in the CDMA system to gives a realty to the
project .
3- they should be research in the structure of the algorithm and architecture of the devices and chips which has
Encryption system.
4- they should be research about a way to generate a codes in CDMA system .such as PN code and Walsh code.

Chapter 4
Simulation for Security and Encryption
4.1. Introduction:
This project talks about the security and Encryption in cellular system so we should need to make simulate for a
security and Encryption for this system. And we will provide simple simulate in this project about the security and
Encryption in GSM system and specifically an Encryption via algorithms A5 , A8and A3.And we will provide a
program via language of the programming language the visual basic a program to simulate the Encryption and
Security . this program is not simulate an Encryption in all sides but its simulate the important side Message Encryption
and user Authentication .this program also simulate the security by make the domain for the user (specific rang) so any
user out of this domain can not allowed to access this system and each user in this domain can access a system by given
each user the special code. This program generates the random code for all users in the domain. A program is contain
two primary part, first the transmission part .second one the receiving part, and we well describe every part of them.
4.2. Purpose:
The purpose of the program is to illustrating more the ideas in the project for the readers and making simulation to be
closer to the realty.
4.3. Program operations:
4.3.1 Message encryption:

This program encrypts the messages and decrypts it also and we will describe the tow operations :
4.3.1.1 In transmission part or(message encryption)
Message Encryption defines by pair of data transformation .the way of Message Encryption operation when the user
send a message to an other user the message will Encrypt by converting every letter in the message to the ASCII code
and adding shift 128 bit to each letter, then the new result from the last converting , will be converting to the different
code such as
( }?>{ ).
4.3.1.2 In the receiving part or ( message decryption )

the receiving message will be like codes in the receiving part, but the program will convert these codes to the origin by
converting a code to the number and subtract 128 bit from the number to be ASCII code ,and convert the ASCII to the
letter , the converting of ASCII depending on the table of letter
Fig 4.1 algorithm of message encryption

4.3.2 User Authentication
In this section a program simulates the Authentication for users to make a system very secure and private .the steps of
Authentication operation are:
First the users should be enter the size or capacity of the domain by entering the first mobile number and the last
mobile number , Next u can chose any number between the first NO and last No for example first NO 733333333 and
last NO 733334333 , the authorized user is between these numbers. Finally the program will generates the random for
all authorized users, after that

Fig 4.2 algorithm for user Authentication
4.4.Program code :
4.4.2 Code of program
Private Sub Command1_Click()

Dim OurCodeMyString(200), CodeMyString(200), MyString(200) As String
Dim CodeStringPrint As String
Dim J, I, S, U As Integer
S = Len(Text1.Text)
‫تخزين حروف الرسالة في متغير‬

For U = 1 To S
MyString(U) = Mid$(Text1.Text, U, 1)

Next U
‫الحصول على قيم السكي للرسالة الصلية‬

For I = 1 To S
CodeMyString(I) = Asc(MyString(I))
Next
‫لطباعة السكي للرسالة الصلية‬

Text2.Text = ""
For I = 1 To S
Text2.Text = Text2.Text & CodeMyString(I) & ", "
Next I
‫سيتم عملية تشفيرالسكي للرسالة الصلية‬

128 ‫ تجعلة اكبر من‬128 ‫حيث السكي الذي قيمتة اقل من‬
128 ‫ تجعلة أصغر من‬128 ‫والسكي الذي قيمتة أكبر من‬
For J = 1 To S
If CodeMyString(J) < 128 Then
OurCodeMyString(J) = CodeMyString(J) + 128
Else
OurCodeMyString(J) = CodeMyString(J) - 128
End If
Next J
‫سيتم طباعة الرسالة الصلية مع وضع التشفير الجديد‬

Text3.Text = ""
For J = 1 To S
Text3.Text = Text3.Text & OurCodeMyString(J) & ", "

Next J
‫سيتم طباعة الرسالة المشفرة بالحرف‬

Text4.Text = ""
For J = 1 To S
Text4.Text = Text4.Text & Chr(OurCodeMyString(J))
Next J
End Sub

NewMobileNo = 322222221
'First Code No. =322222221

' Last Code No. =322223222
Text7.Text = NewMobileNo
Text8.Text = NewMobileNo + (Val(Text6.Text) - Val(Text5.Text))
End Sub

Form2.Show 1
End Sub

End
End Sub

x = InputBox("enter N.")
If x < Val(Text5.Text) Then

MsgBox "Error, x is smaller "

ElseIf x > Val(Text6.Text) Then
MsgBox "Error, x is Higher "
Else
choise = x - Val(Text5.Text) + 322222221
MsgBox choise
End If
End Sub

MsgBox "That project was Prepared by:" & Chr(13) & "Ammar Ahmed Naji" & Chr(13) & "Mohammed Ali Al-
Mashraei" & Chr(13) & "Mohammed Qasem Saleh" & Chr(13) & "15-6-2006AM"
End Sub
Show of program interface

1G
4.5. Conclusion First Generation (Mobile Communications)
2G Second Generation (Mobile Communications)
this program 3G
simulates the Authentication and message Encryption by the simple way .
Third Generation (Mobile Communications)
3GPP any researchers
we are recommending Third Generation Partnership
in the security Projectto(of
and Encryption ETSI) a program which simulate the
providing
8PSK
security and Encryption Eight system
in the CDMA phase Shift Keying
and any application of the algorithms in this system
A A interface
AAL ATM Adaptive Layer
AAL2 ATM Adaptation Layer Type 2
AAL5 ATM Adaptation Layer Type 5
Abis Abis interface
AC Authentication Center
AES Advanced Encryption Standard
AKA Authentication and Key Agreement
ALCAP Access Link Control Application Part
ALCAP Advanced Mobile Phone Service
AMPS Adaptive Multi-Rate (speech codec)
AMR Standards Committee T1 Telecommunication of the
ANSI T1 American National Standards Institute
ARIB/TTC Association of Radio Industries and
Business/Telecommunication Technology Committee
ASN.1 Abstract Syntax Notation One
ATM Asynchronous Transfer Mode
AuC Authentication Center
BEC Backward Error Correction
BMC Broadcast/Multicast Control
BSC Base Station Controller
BSS Base Station Subsystem
BTS Base Transceiver Station
CAMEL Customized Application for Mobile Enhanced Logic
CAP CAMEL Application Part
CATT China Academy of Telecommunication Technology
CAVE Cellular Authentication and Voice Encryption
CBR Constant Bit Rate (data stream)
CC Call Control
CCITT Comité Consultative International Téléphonique et
Abbreviations
Telecommunication
CCS7 Common Control Signaling System No 7
CDMA Code Division Multiple Access
CDMA2000 3rd Generation Code Division Multiple Access
CMEA Cellular Message Encryption Algorithm
CN Core Network
CRNC Controlling RNC (Radio Network Controller)
CS Circuit Switched
CS-CN Circuit Switched Core Network
CSE CAMEL Service Environment
CT Conformance Test
D-AMPS Digital AMPS
DCH Dedicated Channel
DECT Digital Enhanced Cordless Telephone
DL Downlink
DPC Destination Point Code
DRNC Drift Radio Network Controller
DRNS Drift Radio Network Subsystem
DTE Data Terminal Equipment
EDGE Enhanced Data Rates for GSM Evolution
EFR Enhanced Full Rate (speech codec)
EIR Equipment Identity Register
ESE Emulation Scenario Editor
ESN Electronic Serial Number
ETSI European Telecommunication Standards Institute
FDD Frequency Division Duplex
FDMA Frequency Division Multiple Access
FEC Forward Error Correction
FER Frame Error Rate
GGSN Gateway GPRS Support Node
GMM GPRS Mobility Management (protocols)
GMSC Gateway MSC
GMSK Gaussian Minimum Shift Keying
GPRS General Packet Radio Service
GSM Global System for Mobile Communication
GSM-R GSM Railway
GSMSCF GSM Service Control Function
GSMSSF GSM Service Switching Function
GTP GPRS Tunneling Protocol
GTP-C GTP Control
GTP-U GTP User
HLR Home Location Register
HO/HoV Handover
HSCSD High Speed Circuit Switched Data
ICO Intermediate Circular Orbits
IDC International Data Corporation
IETF Internet Engineering Task Force
IMEI International Mobile Equipment Identification

IMT-2000 International Mobile Telecommunications 2000
IMUN International Mobile User Number
IN Intelligent Network
IP Internet Protocol
IPv4 IP version 4
IPv6 IP version 6
IS-95 Interim Standard ´95
ISDN Integrated Services Digital Network
ISP Internet Service Provider
ISUP ISDN User Part
ITU International Telecommunication Union
ITUN SS7 ISUP Tunneling
Iu UTRAN interface between RNC and CN
Iub UTRAN interface between Node B and RNC
Iu-CS UTRAN interface between RNC and the circuit switched
domain of the CN
Iu-PS UTRAN interface between RNC and the packet switched
domain of the CN
Iur UTRAN interface between two RNCs
IUT Implementation Under Test
IWF Interworking Function
Kbps kilobits per second
LLC Relay Logical Link Control - Relay
MAC Medium Access Control
MAP Mobile Application Part
Mbps Megabits per second
MBS Message Building System
MC Multi-Carrier
MC-CDMA Multi-Carrier CDMA
MCE Multi-protocol Encapsulation
MDTP Multi Network Datagram Transmission Protocol
ME Mobile Equipment
MM Mobility Management (protocols)
MSC Mobile Services Switching Center, Message Sequence
Chart
MSS Mobile Satellite System
MT Mobile Telephone
Security and Encryption in GSM, GPRS, CDMA
Message SystemPart
Transfer 72
MTP
MTP3b Message Transfer Part level 3 (broadband) for Q.2140
NAS Non-Access Stratum

NBAP Node B Application Protocol
NE Network Elements
NMT Nordic Mobile Telephone
NNI Network-Node Interface
Node B UMTS Base Station
NRT Non-Real Time
NSS Network Switching Subsystem
O&M Operation and Maintenance
OMC Operation and Maintenance Center
OSA Open Service Architecture
OSS Operation Subsystem
OTASP Over The Air Service Provisioning
PDC Personal Digital Communication
PDCP Packet Data Convergence Protocol
PDH Plesiochronous Digital Hierarchy
PDN Packet Data Network
PDU Protocol Data Unit
PLMN Public Land Mobile Network
PMR Private Mobile Radio
PS Packet Switched
PS-CN Public Switched Core Network
PSTN Public Switched Telephone Network
QoS Quality of Service (ATM network channels)
QPSK Quadrate Phase Shift Keying (or, Quaternary Phase
Shift Keying)
RAB Radio Access Bearer
RAN Radio Access Network
RANAP Radio Access Network Application Part
RAND Random challenge
RLC Radio Link Control
RLP Radio Link Protocol
RNC Radio Network Controller
RNS Radio Network Subsystem
RNSAP Radio Network Subsystem Application Part
RNTI Radio Network Temporary Identity
RR Radio Resource
RRC Radio Resource Control
RRM Radio Resource Management
Security and RTT
Encryption in GSM, GPRS,
RadioCDMA System Technology
Transmission 73
SAAL Signaling ATM Adaptation Layer
SCCP Signaling Connection Control Part

SCTP
Simple Control Transmission Protocol
SDH
Synchronous Digital Hierarchy
SDO
Standard Developing Organization
SGSN
Serving GPRS Support Node
SIM
Subscriber Identity Module
SM
Session Management protocols
SRNC
Serving Radio Network Controller
SRNS
Serving Radio Network Subsystem
SS7
=CCS7 (Common Control Signaling System No. 7)
SSCOP
Service Specific Connection Oriented Protocol
SSD
Shared Secret Data
SSF
Service Switching Function
STC
Signaling Transport Converter
STM1
Synchronous Transport Module - level 1
SUT
System under Test
SW
Software
TACS
Total Access Communication System
TC
Transcoder
TD-CDMA
Time Division-Code Division Multiple Access
TDD
Time Division Duplex
TDMA
Time Division Multiple Access
TD-SCDMA
Time Division - Synchronous CDMA
TEID
Tunneling Endpoint ID
TETRA
TErrestrial Trunked Radio Access
TIA
Telecommunications Industry Association
TN-CP
Transport Network-Control Plane
TPC
Transmission Power Control
TRAU
Transcoder and Rate Adaptation Unit
TS
Technical Specification
TTA
Telecommunications Technology Association
U MSC
UL Uplink
U MSC Mobile Switching Center (the integration of the
Um GSM Air Interface
MSC and the SGSN in one physical entity (UMTS+MSC =
UMTS Universal Mobile Telecommunication System
UMSC)
U MSC-CS
UNI User-Network Interface
U MSC Circuit Switched
U MSC-PS
UP User Plane
U MSC Packed Switched
U SIM
USIM UMTS Subscriber Identity Module
UMTS Subscriber Interface Module
U SSD
UTRA UMTS Terrestrial Radio Access
Unstructured Supplementary Service Data
UBR
UTRAN UMTS Terrestrial Radio Access Network
Unspecified Bit Rate (data stream)
UDP
Uu UMTS Air interface
User Datagram Protocol
UE
UWC-136 Universal Wireless Communication
User Equipment
UICC
VBR Variable Bit Rate (data stream)
UMTS IC Card
VHE Virtual Home Environment
VLR Visitor Location Register
VMSC Visited MSC
W-CDMA Wide band Code Division Multiple Access
WLL Wireless Local Loop
References
[1]-M. Rahnema, “Overview of the GSM System and Protocol Architecture

[2]- j. Scourias “over view of the Global system gor mobile communication
[3]- Vijay k. Garg Joseph E. Wilkes “ Principles & application of GSM”
[4]- A. long-Garcia and l.wadjaja, “communication networks: fundamental concepts and key architecture “
[5]. Greg Rose, Qualcomm Inc., Australia. “Authentication and Security in Mobile Phones “
[6]. Frank Quick “Security in CDMA Wireless Systems”, Qualcomm Inc., February 1997
[7]. Mullaguru Naidu” Security Aspects of Mobile Wireless Networks,” , July 2002.
[8]. Geir Stian Bjaen and Erling Kaasin , “Security in GPRS “, Grimstad, may 2001.
[9]. Vijaya Chandran Ramasami , Kuid 698659, “security ,authentication and access control for
mobile communication”
[10]M. Rahnema, “Overview of the GSM System and Protocol Architecture”, IEEE Communication Magazine, April
1993
[11]- L. Pesonen, “GSM Interception”, November 1999
[12]- Amit Balani” Authentication and Encryption in CDMA SYSTEM “
[13]- Prof. Sridhar Iyer “Session 6 CDMA “ IIT Bombay
[14]- Mullaguru Naidu” Security Aspect of mobile wireless Network", ,july 1997
[15]- Pages
www.cdg.organdwww.Qualcomm.com
GSM Association, http://www.gsmworld.com
GSM World (www.gsmworld.com)
GSM Association, http://www.gsmworld.com
http://www.research.att.com/~janos/3gpp.html

Security & Encryption in GSM, GPRS & CDMA

Загружено:

Сведения о документе

Исходное описание:

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Security & Encryption in GSM, GPRS & CDMA

Загружено:

Авторское право:

Доступные форматы

Security and Encryption in GSM, GPRS, CDMA System

Security and Encryption in GSM, GPRS, CDMA System 1

Security and Encryption in GSM, GPRS, CDMA System 2

Fig 1.1 architecture of The GSM network [1]

1.1.3.1The Mobile Station [2]

1.1.3.2 The Base Transceiver Station [2]

Security and Encryption in GSM, GPRS, CDMA System 3

1.1.3.3The Base Station Controller [2]

1.1.3.4 The Mobile Switching Centre [2]

1.1.3.6 The Base Station Controller [2]

1.1.3.7 The Equipment Identity Register [2]

1.1.4- Subsystems [15]

Security and Encryption in GSM, GPRS, CDMA System 4

• Radio Sub System (RSS)

Security and Encryption in GSM, GPRS, CDMA System 5

1.1.6 GSM 900 and GSM 1800 [15]

GSM 900 GSM 1800

Table 1.1 GSM 900 and GSM 1800

Security and Encryption in GSM, GPRS, CDMA System 6

FDMA in GSM 900

Fig 1.3 TDMA in GSM 900

1.2.1 GPRS Introduction [4]

Security and Encryption in GSM, GPRS, CDMA System 7

1.2.3.2 Packet switching [4]

1.2.4 Properties [15]

1.2.5 Data services in GPRS [7]

Security and Encryption in GSM, GPRS, CDMA System 8

Fig 1.4 of the GPRS network

1.2.6.1 SGSN - Serving GPRS Support

Security and Encryption in GSM, GPRS, CDMA System 9

1.2.6.2 GGSN - Gateway GPRS Support

1.2.7 SPEED [4]

1.2.8GPRS – Interoperation [8]

1.2.9.1GPRS – Backbone networks [15]

Security and Encryption in GSM, GPRS, CDMA System 10

1.2.9.2 GPRS – Intra- and Inter-PLMN Backbones

1.2.10 GPRS – Interfaces [15]

1.2.11 NEW APPLICATIONS, BETTER APPLICATIONS [4]

Security and Encryption in GSM, GPRS, CDMA System 11

Security and Encryption in GSM, GPRS, CDMA System 12

Security and Encryption in GSM, GPRS, CDMA System 13

1.3.2.1. Frequency' Division Multiple Access

1.3.2.2 Time Division. Multiple Access

1.3.2.3 Code Division Multiple Access [4]

1.3.3 Types Of CDMA [4]

Three are two types of CDMA:

Security and Encryption in GSM, GPRS, CDMA System 14

Frequency Hopping CDMA

FIG 1.5 Frequency-Hopping Spread Spectrum

1.3.3.2 Direct sequence :

1.3.4 CDMA2000: Delivering on 3G [15]

Security and Encryption in GSM, GPRS, CDMA System 15

Security and Encryption in GSM, GPRS, CDMA System 16

Fig 1.6 Evolution of CDMA

1.3.5 Architecture of CDMA 1X network [4]

Fig1.7 CDMA network architecture

1.3.6. PDSN (Packet Data Service Node) [4]

Security and Encryption in GSM, GPRS, CDMA System 17

1.3.7.4 CDMA universal frequency Reuse:

Security and Encryption in GSM, GPRS, CDMA System 18

1.3.7.5 Soft handoff:

1.3.7.6 Throughput higher data: