Compiled by AIGETOA Chennai ( www.aigetoachtd.

org )
Security and Encryption in GSM, GPRS, CDMA System

Security and Encryption in GSM, GPRS, CDMA System

21

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

GSM SECURITY
2.1.1 Introduction [7]
The security methods standardized for the GSM System make it the most secure cellular telecommunications standard
currently available. Although the confidentiality of a call and anonymity of the GSM subscriber is only guaranteed on
the radio channel, this is a major step in achieving end-to- end security. The subscriber's anonymity is ensured through
the use of temporary identification numbers. The confidentiality of the communication itself on the radio link is
performed by the application of encryption algorithms and frequency hopping which could only be realized using
digital systems and signaling.

2.1.2 Overview of GSM Security Services [7]

Smartcard-based authentication of the user

Identification of the through worldwide unique name IMSI

Algorithm A3 for authentication is not public, Confidentiality on the radio link:

Algorithms: up to 7 A5 variants

unique, permanent subscriber key Ki and dynamically generated communication keys Kc

Anonymity:

use of temporary identities

2.1.3GSM Security Requirements [9]

2.1.3.1Network providers view

correct Billing: authenticity of the user

no misuse of the service, correct billing of content-usage

efficiency: no more bandwidth needed for security, no long delays (user acceptance), cost-

efficient

2.1.3.2Users view

confidentiality of communication (voice and data)

privacy, no profiles of the movements of the users

Security and Encryption in GSM, GPRS, CDMA System

22

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

connection with authentic base station

correct billing

2.1.3.3Content providers view

correct billing

2.1.4 Architecture security for GSM [9]

The security aspects of GSM are detailed in GSM Recommendations "Security Aspects, "Subscriber Identity Modules,
"security Related Network Functions." and "Security Related Algorithms". Security in GSM consists of the following
aspects: subscriber identity authentication, subscriber identity confidentiality, signaling data confidentiality, and user
data confidentiality. The subscriber is uniquely identified by the International Mobile Subscriber Identity (IMSI). This
information, along with the individual subscriber authentication key (Ki), constitutes sensitive identification credentials
analogous to the Electronic Serial Number (ESN) in analogue systems such as AMPS and TACS. The design of the
GSM authentication and encryption schemes is such that this sensitive information is never transmitted over the radio
channel. Rather, a challenge-response mechanism is used to perform authentication. The actual conversations are
encrypted using a temporary. randomly generated ciphering key (KC).
The MS identifies itself by means of the Temporary Mobile Subscriber Identity (TMSI). which is issued by the network
a d may be changed periodically (i.e. during hand-offs) for additional security. The security mechanisms of GSM are
implemented in three different system elements; the Subscriber Identity Module (SIM), the GSM handset or MS, and.
the GSM network. The SIM contains the IMSI, the individual subscriber authentication key (Ki), the ciphering key
generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number (PIN). The
GSM handset contains the ciphering algorithm (A5). The encryption algorithms (A3, A5, AS) are present in the GSM
network as well. The Authentication Centre (AUC), part of the Operation and Maintenance Subsystem (OMS) of the
GSM network, consists of a database of identification and authentication information for subscribers.
This information consists of the IMSI, the TMSI, the Location Area Identity (LAI), and the individual subscriber
authentication key (Ki) for each user. In order for the authentication and security mechanisms to function, all three
elements (SIM, handset, and GSM network) are required. This distribution of security credentials and encryption
algorithms provides an additional measure of security both in ensuring the privacy of cellular telephone conversations
and in the prevention of cellular telephone fraud. Distribution of security information is among the three system
elements, the SIM, the MS, and the GSM network. Within the GSM network, the security information is further

Security and Encryption in GSM, GPRS, CDMA System

23

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
distributed among the authentication centre (AUC), the home location register (HLR) and the visitor location register
(VLR).
The AUC is responsible for generating the sets of RAND, SRES, and Kc, which are stored in the HLR and VLR for
subsequent use in the authentication and encryption processes. Fig(2.1) demonstrates the distribution of security
information among the three system elements, the SIM, the MS, and the GSM network. Within the GSM network, the
security information is further distributed among the authentication center (AUC), the home location register (HlR) and
the visitor location register (VLR).

2.1.5 GSM- Security/Authentication/Access Control Features [9]

The GSM system promises to provide security over the air interface that is as good as the security offered by traditional
fixed networks .[l] The GSM standard specifies the following security features to be implemented in every PLMN.
-Subscriber identity. (lMSI) confidentiality. This feature protects the Subscriber ID (IMSI) from being attacked by
eaves-droppers.
-Subscriber (IMSI) authentication This feature protects the Network Assets from Attacks by imposters.
Fig connections.
2.1 Architecture
for GSMthe protection of user speech data and other
Use data confidentiality an physical
This security
feature provides
user related identification information.
-Connectionless user data confidentiality :
This feature provides protection of the message part of the conAnectionless user data pertaining to OSI layers 4 and
above.
-Signaling information element confidentiality.
This feature provides protection to some of the network signaling information that are considered to be sensitive.
According to the standard, the implementation of these above features is mandatory over both the fixed and the access
network sides.
The mechanisms for implementing these features are explained in the following sections

Security and Encryption in GSM, GPRS, CDMA System

24

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

2.1.5.1 Subscriber identity confidentiality:

This feature is implemented by means of Temporary Mobile Subscriber Identities
(TMSI). These TMSI are local numbers and have significance only in a given
location area (LA). The TMSI must be accompanied by Location Area Identifier
(LAI) to avoid ambiguities. Some of the requirements on the TMSI are :
The new TMSI must be allocated at least in each location update procedure.
This location updating whenever the mobile moves to a new location area (LA)
Whenever a new TMSI is allocated to a MS, it is transmitted to the MS in
A ciphered mode. The MS should store the TMSI in a non-volatile memory
Together with the LA so that these data are not lost whenever the mobile is
Switched off.

2.1.5.2GSM subscriber's authentication:

Purpose:
The authentication is used to identify the MS to the PLMN operator.
Operation:
Authentication is performed by challenge and response mechanism. Ki in the
HPLMN is held in the AUC . A random challenge (RAND ) is generated by the
Authentication algorithm A3 implemented within the SIM , and send a signed
Response (SRES) back to the PLMN.

Security and Encryption in GSM, GPRS, CDMA System

25

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

Fig 2.2 user authentication

Fig 2.3 user authentication

2.1.6 confidentiality of connectionless data user information and signaling information on

physical connections [9]
. Security Requirements of Mobile communication
. Authentication of MS or Subscriber
. Authentication of VLR\HLR
. Confidentiality of Data between MS and VLR
. Confidentiality of Data between VLR and HLR
. Requirements For End user privacy
. Security for call setup information
. Security for speech
. Privacy of Data
. Privacy of user-location

2.1.7 Privacy of user ID [7]

All mobile communication system use some sort of a user-ID to identity its
Subscriber. This subscriber indentication (or the user-ID ) must be protect
ted from hackers. Transmission of this information (that too. In clear) either
over the air-interface , or over the network must be avoided as far as possible

2.1.8 support of roaming [7]

Most mobile communications systems support roaming of users, wherein the
User is provided service even if he move into a region handled by a deferent
Service provider or a deferent network of the same service provider. Thus ,
There is requirement in the network for authenticating mobile user who roam
Into its area. The main problem here is that the subscriber related information
That is useful for authentication is present only in the home network of the
user end and is generally not accessible by the visited (or serving) network.
Security and Encryption in GSM, GPRS, CDMA System

26

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
Thus, there must be a method by which a subset of handset credentials is supplied to the serving network that is enough to authenticate the user. A complete
disclosure of handset credentials may result in a security compromise.

2.1.9 GSM security weaknesses [9]

Active attacks using false BTS are possible. This because the mobile dose not check the authenticity of the BTS while
establishing a connection. It simply responds to the challenge posed to it.
The cipher keys and the authentication data are transmitted in clear between and within Networks.
Data integrity is absent in GSM.
GSM was not built with a good flexibility for up gradation.
The Home Network (in GSM) had no knowledge or control over how an serving Network uses the authentication
parameters supplied to it for authenticating roaming subscribers.

GPRS Security
2.2.1 introduction [8]
The GPRS is a new service that is offered to the mobile phone user. Netcom and Telenor, who are the two largest
operators in Norway introduced GPRS on January 31 and February 1, 2001. So far it is just a small number of mobile
phone on the marked that supports GPRS and it is also difficult to get hold of a mobile phone. The operators offer a
limited numbers of services to the GPRS customers. One of the services that GPRS is supporting today is the Mobile
Mail. Mobile Mail is possible to use with the entire mobile phone that use WAP, but with the GPRS functionality
"always on" the email service Mobile Mail is more attractive It is important that the security is taken care of. This is
because the users; both private persons and companies, can feel safe and use the services that the operators offer.
Security and Encryption in GSM, GPRS, CDMA System

27

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
Services that demand a high level of security could be financial transactions transfer of medical information or
exchange of personal e-mail messages. In the next two subchapters we have explained which part in the GPRS system
we are focusing on and the test we did in the Ericsson AS'a lab environment.

2.2.2 Architure Security For GPRS [8]

from the fig there are five main areas where security in the GPRS system is exposed .the five areas are :
1-security aspect relate to the mobile phone and the SIM card .
2-security mechanics between the MS and SGSN. These include also the air interface from the MS to the BSS.
3-The PLMNs backbone network security that mainly
4-security between different operation.
5-Security between GGSN and the external connected network like internet .

Fig 2.4 system architecture

2.2.3 Security functions in GPRS [8]

Confidentiality, Integrity and Authentication (CIA) are three different services that computer and network security
should cover. All the three services have to be protected, and attack against one or some of them are possible. It is
important to have strict control for who should have Access control and dispense with Denial-of-Service for the
unauthorized users

Security and Encryption in GSM, GPRS, CDMA System

28

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
Confidentiality The property of information that has not been disclosed to unauthorized parties. Confidentiality has
traditionally been seen as the most formidable threat in the communications system. To provide confidentiality
encryption is used.
Integrity the property of information that has not been changed by authorized parties Integrity is normally associated
with error correction and retransmission techniques to ensure that data are not corrupted. Cryptographically checksum
is a technique to ensure that data is not willfully modified.
Authentication The provision of assurance of the claimed identity of an entity. Authentication is reference to the user
identity verification. Challenge- Response is a common authentication mechanism that active challenge the user to
claim that he is the right person, so the user has to give that right response.
Access control The prevention of unauthorized use of a resource, including the prevention of a resource in an
unauthorized manner. Access control is to give access to services for authorized user and denying unauthorized user the
same services.
Denial-of-Service While access control is about denying the unauthorized user access to the services, Denial-ofService can be seen as a security service to ensure that unauthorized users are denied access to the services.

2.2.5. GPRS processes [8]

this section describes the flowing processes used in GPRS network :

Attach process
Process by which the MS attaches (i.e. connected)
To the SGSN in the GPRS

Authentication prosess
Process by which the SGSN authentication the mobile subscriber.

Detach process
Process by which the MS detaches (i.e. disconnected ) from the SGSN in the GPRS network .

2.2.5.1GPRS attach process

when a mobile subscriber turns on their handset , the flowing actions occur:
1.a handset attach request is sent to the new SGSN .
Security and Encryption in GSM, GPRS, CDMA System

29

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
2.the new SGSN responds with the identity of the handset. The old SGSN responds with identity of the handset.
3.the new SGSN requests more informationA from MS .this information is used to authentication the MS to the new
SGSN .
4-The authentication process continues to the HLR. The HLR acts like a RADIUS server using a handset-level
authentication based on IMSI and similar to the CHAP authentication process in PPP.
5. A check of the equipment ID with the EIR is initiated.
6. If the equipment ID is valid, the new SGSN sends a location updated to the HLR indicating the change of location to
a new SGSN. The HLR notifies the old SGSN to cancel the location process for this MS. The HLR sends an insert
subscribe data request and other information associated with this mobile system and notifies the new SGSN that the
update location has been performed.
7. The new SGSN initiates a location update request to the VLR. The VLR acts like a proxy RADIUS that queries the
home HLR.
8. The new SGSN sends the Attach Accept message to the MS.
9. The MS sends the Attach Complete message to the new SGSN.
10. The new SGSN notifies the new VLR that the relocation process is complete.

2.2.5.2GPRS authentication process:

The GPRS authentication process is very similar to the CHAP with RADIUS server the authentication process follows
these steps:
1.The SGSN sends the authentication information to the HLR . the HLR sends information back to the SGSN based on
the user profile that was part of the user's initial setup.
2.The SGSN sends a request for authentication and ciphering (used a random key to encrypt information ) to the MS .
the MS uses an algorithm to send the user ID and password to the SGSN. Simultaneously , the SGSN uses the same
algorithm and compares the result. If match occur . the SGSN authentications the user.

Security and Encryption in GSM, GPRS, CDMA System

30

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

Fig 2.5 main GPRS procedures

2.2.5.3 detach process initiated by MS

when a mobile subscriber turns off their handset . the detach process initiates . the detach process is described below .
1.the MS sends detach request to the SGSN
2-the SGSN sends a delete PDP context request message to the serving GGSN .
3-the SGSN sends a GPRS detach indication message to the MSC/VLR indication the MS request to disconnected.
4-the SGSN sends a GPRS detach indication message to the MSC/VLR
5-the SGSN sends the detach accept message to the MS .
Note
the GSN nodes must always respond to the detach request with a positive delete response to the MS and accept the
detach requested by the client. The positive delete response is require even if the SGSN dose not have a connection
pending for that client .

2.2.6 GPRS security /authentication/access control feature

2.2.6.1 Confidentiality of the user identity [8]
the identity of the user is protect ed to avoid the possibility for an intruder to identify which subscriber is using a given
resource on the radio path by listening to the signaling exchange or the user traffic. As a condition to accomplice this
the IMSI (international mobile subscriber identity) or any other information allowing a listener to drive the IMSI easily,
should not normally be transmitted in clear text in any signaling message over the radio pathe, it is from a security
Security and Encryption in GSM, GPRS, CDMA System

31

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
point of view necessary that on the radio path a protected identifying method is used instead of the IMSI. The IMSI
should not normally be used as addressing means. But when signaling procedures permit it it, signaling information
elements that can expose information about the mobile subscriber identity must be ciphered for transmission.
To identify a mobile subscriber on the radio path a Temporary Logical Link Identity (TLLI) is used. The TLLI is a
local number and has only a meaning in a given Routing Area (RA), it is accompanied by the Routing Area Identity
(RAI). The relation between the TLLIs and IMSIs are stored in a database at the, SGSN. So when a TLLI is received
with a RAI that does not correspond to the current SGSN, the IMSI is requested from the SGSN in charge of the RA
indicated in the RAI. If the address of that SGSN is unknown the IMSI is requested from the MS. When a new TLLI is
allocated to a MS, it is transmitted from the SGSN to the MS in a ciphered mode produced with the GPRS-A5
algorithm. This is not completely the truth since the fixed part of the network can acquire the identification of the MS
in clear. However this is a breach in the provision of the service, and should only be used when necessary to cope with
malfunctioning e.g. arising from software failure

2.2.6.2confidentiality of user data

The SGSN can request security related information for a MS from the HLR/AuC corresponding to the IMSI, which will
include an array of pairs of corresponding
RAND and SRES. This is done in the HLR/AuC by using RAND and the key Ki in the A3 algorithm The pairs are
stored in the SGSN as part of the security information.
The HLR/AuC responds the SGSN by sending the vectors RAND/SRES in the Authentication Vector Response which
also includes the key Kc. These sets of information (RAND/SRES and Kc) are stored in the SGSN.
And they should be marked as used when they have been used, but it is the operators that decide how many times a set
can be used before it is marked. If there is no more unused sets left, the SGSN may use a used set. In order to get rid of
sets that is used the SGSN is to delete all the records marked as used, when it successfully request security related
information from the HLR. The sets may also be re-sent by the HLR depending on the rules for re-use of sets set by the
operator.

2.2.6.3 confidentiality of user information and signaling between MS and SGSN

The needs for a protected mode of transmission are fulfilled by a ciphering function in the LLC layer. It is the GPRSA5 algorithm that ciphers the LLC layer information. A mutual key setting is produced to allow the MS and the
network to agree on the key Kc to be used in the ciphering and the deciphering algorithms GPRS-A5. The Kc is
transmitted to the MS in the RAND value and it is derived from the RAND by using the A8 and the Subscriber
Security and Encryption in GSM, GPRS, CDMA System

32

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
Authentication key Ki. The MS and the SGSN must coordinate when the ciphering and the deciphering processes
should start.
indicating if the frame is ciphered or not. The SGSN indicates if the ciphering should be used or not in the
Authentication and Ciphering Request message, and the MS starts the ciphering after sending the Authentication and
Ciphering Response message. In order for the enciphering bit stream at one end and the deciphering bit stream at the
other end to coincide, the streams must be synchronized. This is done by using an explicit variable INPUT, the
DIRECTION and the Kc in the algorithm GPRS-A5, The synchronization of ciphering at LLC frames level is done by
a bit in the LLC header
When a inter SGSN routing area update occurs, the necessary information (i.e Kc ,INPUT) is transmitted within the
system infrastructure to enable the communication to proceed from the old SGSN to the new one. The key Kc may
remain unchanged at Inter SGSN routing area update. The MS should indicate which version of the GPRSA5 algorithm
it supports when it wants to establish a connection to the network. The negotiation of the GPRS-A5 algorithm happens
during the authentication procedure. The network can decide to release the connection if there is no common GPRS-A5
algorithm, or if the MS indicates an illegal combination of supported algorithms. Otherwise the network selects one of
the mutual acceptable versions of the GPRS-A5 algorithms to bused.

CDMA security
2.3.1 Introduction [6]
Since the birth of the cellular industry, security has been a major concern for both service providers and subscribers.
Service providers are primarily concerned with security to prevent fraudulent operations such as cloning or
subscription fraud, while subscribers are mainly concerned with privacy issues. In 1996, fraudulent activities through
cloning and other means cost operators some US$750 million in lost revenues in the United States alone. Fraud is still
a problem today, and IDC estimates that in 2000, operators lost more than US$180M in revenues from fraud.
Technical fraud, such as cloning, is decreasing in the United States, while subscription fraud is on the rise1. In this
paper, we will limit our discussions to technical fraud only. With the advent of second-generation digital technology
platforms like TDMA/CDMA-IS-41, operators were able to enhance their network security by using improved
encryption algorithms and other means. The noise-like signature of a CDMA signal over the air interface makes
eavesdropping very difficult. This is due to the CDMA Long Code, a 42-bit PN (Pseudo-Random Noise of length
242-1) sequence, which is used to scramble voice and data transmissions. This paper discusses how CDMA 2000
1xRTT implements three major features of mobile security: authentication, data protection, and anonymity

Security and Encryption in GSM, GPRS, CDMA System

33

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

2.3.2 Security CDMA Networks [15]

The security protocols with CDMA-IS-41 networks are among the best in the industry. By design, CDMA technology
makes eavesdropping very difficult, whether intentional or accidental. Unique to CDMA systems, is the 42-bit PN
(Pseudo-Random Noise) Sequence called Long Code to scramble voice and data. On the forward link (network to
mobile), data is scrambled at a rate of 19.2 Kilo symbols per second (Ksps) and on the reverse link, data is scrambled at
a rate of 1.2288 Mega chips per second (Mcps). CDMA network security protocols rely on a 64-bit authentication key
(A-Key) and the Electronic Serial Number (ESN) of the mobile.

Fig2.6 the authentication by CAVE

A random binary number called RANDSSD, which is generated in the HLR/AC, also plays a role in the authentication
procedures. The A-Key is programmed into the mobile and is stored in the Authentication Center (AC) of the network.
In addition to authentication, the A-Key is used to generate the sub-keys for voice privacy and message encryption.
CDMA uses the standardized CAVE (Cellular Authentication and Voice Encryption) algorithm to generate a 128-bit
sub-key called the Shared Secret Data (SSD). The A-Key, the ESN and the network-supplied RANDSSD are the
inputs to the CAVE that generates SSD. The SSD has two parts: SSD_A (64 bit), for creating authentication signatures
and SSD_B (64 bit), for generating keys to encrypt voice and signaling messages. The SSD can be shared with roaming
service providers to allow local authentication. A fresh SSD can be generated when a mobile returns to the home
network or roams to a different system.

2.3.3 Authentication [6]

Security and Encryption in GSM, GPRS, CDMA System

34

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
In CDMA networks, the mobile uses the SSD_A and the broadcast RAND* as inputs to the CAVE algorithm to
generate an 18-bit authentication signature (AUTH_SIGNATURE), and sends it to the base station. This signature is
then used by the base station to verify that the subscriber is legitimate. Both Global Challenge (where all mobiles are
challenged with same random number) and Unique Challenge (where a specific RAND is used for each requesting
mobile) procedures are available to the operators for authentication. The Global Challenge method allows very rapid
authentication. Also, both the mobile and the network track the Call History Count (a 6-bit counter). This provides a
way to detect cloning, as the operator gets alerted if there is a mismatch.The A-Key is re-programmable, but both the
mobile and the network Authentication Center

2.3.4 Basic of authentication : [6]

1. A- key (authentication Key)
2.ESN-MIN-MDN:
2.3.4.1 A- key (authentication Key):
the A-key or authentication key is a 64 bit permanent number stored in the permanent memory of the mobile. Preprogrammed and stored security on the mobile phone during factory settings. Known only to the mobile and its
associated HLR/AC. Is used to generate the SSD (share secret data)- the intermediate keys.

2.3.4.2. ESN-MIN-MDN:
ESN (electronic serial number)
The ESN is the 32 bit electronic serial number of the mobile phone. The ESN is pre-programmed by the phone
manufacturer during factory setting. The ESN is unique to each mobile on the network and is used in conjunction with
the mobile number to identity the mobile on the network . MIN (mobile identification number)
The MIN is the 10 digit number which is assigned by the service providers to a mobile phone in the network . the MIN
is unique each mobile on the network and is used in conjunction with the ESN to identify the mobile on the network.
MDN (mobile directory number) The MDN is the 10 digit dilatable number assigned by the service provider to a
mobile phone on its network . the MDN may be the same as the MIN (it depend on how the service provider provisions
this pair on its network)

2.3.5Global challenge [6]

1- allows only valid subscriber to access the network resources.
Security and Encryption in GSM, GPRS, CDMA System

35

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System
2- all MS challenge with same random number
3- VLR can authenticate MS if SDD is shared
4- subsequence action is based on policy in effect (i.e. unique challenge)
Global challenge is performed when ever:
1-registration: when the mobile dose autonomous registration.
2- origination: when the mobile station originates a call .
3- terminations: when the mobile station responds with page message .
4- mobile station data: when it sends a data burst message I.e. SMS.

Fig 2.8 global challenge

2.3.6 unique challenge [6]

signal MS challenged with selected random number( unique) VLR can initiate if SSD is shared (only report failure to
AC) can executed on the traffic channel used for call saves control channel resources
By design, all CDMA phones use a unique PN (Pseudo-random Noise) code for spreading the
signal, which makes it difficult for the signal to be intercepted.

Security and Encryption in GSM, GPRS, CDMA System

36

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

Fig 2.9 unique challenge:

2.3.7 The inherent security of the CDMA air interface [7]

Code Division Multiple Access (CDMA) technology is an advance wide area wireless technology for voice and highspeed internet access supporting high mobility speeds. CDMA is inherently secure and has advantages to firstgeneration analog and Time Division Multiple Access (TDMA) system . CDMA originated from military application
and cryptography and to data there has never been a report of high-jacking or eavesdropping on a CDMA call in a
commercially deployed network .the inherent security of CDMA 's air interface comes from a combination of
encryption and spread spectrum technology ,which are used simultaneously to void any gaps in security . first the
CDMA signals of all calls are transmitted or spread over the entire bandwidth rather than being tied to a specific time
or element in the system. this result in the signal of all calls tacking on white noise a noise-like appearance that work
as disguise making the signal of any one call difficult to distinguish and detect from background noise

Security and Encryption in GSM, GPRS, CDMA System

37

Compiled by AIGETOA Chennai ( www.aigetoachtd.org )

Security and Encryption in GSM, GPRS, CDMA System

Security and Encryption in GSM, GPRS, CDMA System

38