Security & Encryption in GSM , GPRS & CDMA

Security and Encryption in GSM, GPRS, CDMA System

Abstract

In any mobile system, it is important to send or receive or any kind of data in security situation, it is important to reach

to the services in any time, it is also important to not any one to use other accounts. All these threats require good

security in the mobile system.

This project will discuss security issue. Security is complex subject, so the project tries to view this feature in easy way

without review all details, because that the main goal is to explain what is the security in mobile systems (GSM ,GPRS

and CDMA)?

There are security mechanism in mobile system which will be explained in this project and these mechanism applied by

vary algorithms and functions. As seen to GSM system,

The GSM was designed to be a secure mobile phone system with strong subscriber authentication and over-the-air

transmission encryption. The security model and algorithms were developed in secrecy and were never published.

Eventually some of the algorithms and specifications have leaked out. The algorithms have been studied since and

critical errors have been found. Thus, after closer look at the GSM standard, one can see that the security model is not

all that good. An attacker can go through the security model or even around it, and attack other parts of a GSM

network, instead of the actual phone call.

The security was improved in the CDMA system to avoid the weaknesses in the GSM system, the improvement

appeared clearly in authentication, confidentiality and integrity procedure.

The GSM,GPRS and CDMA architectures must be explained before studying security. Chapter one explain the

important 3G elements and their functional.

In chapter two, the project explain the main security aspects as the security architecture, security requirement and

security services authentication, confidentiality and integrity.

The Authentication and Key Agreement (AKA) which means the authentication procedures, data encryption (data

confidentiality) and data integrity will be explained more in chapter three. These services make by algorithms and

functions varies from generation to other, due to that are complex and some of that still secrecy, it is not explained in

detail.

To study AKA procedures more deeply we will present in chapter four program that simulates the AKA and algorithms

used in GSM.

Security and Encryption in GSM, GPRS, CDMA System 1


GSM

(Global System for Mobile communications)

1.1.1-Introduction [1]

In the early 1980s many countries in Europe witnessed a rapid expansion of analog cellular telephone system however,

each country developed its own system, and interoperability across borders became limiting factor.

In 1982, the conference of European post and telecommunications (CEPT), an association of telephone and telegraph

operators in Europe, established a working group to develop a new public land mobile system to span the continent.

Because their working language was French, the group was called the group special mobile (GSM).

1.1.2-GSM Properties [15]

cellular radio network

digital transmission up to 9600 bit/s

roaming (mobilität among different network providers, international)

Good transmission quality (error recognition and correction)

scalable (große Teilnehmerzahlen möglich)

worldwide 900 million subscribers

Europe : over 300 million subscribers

security mechanisms provided (authentication, authorisation, encryption)

good usage of resources (frequency- and time-multiplex)

integration with ISDN and analogue telephone network

standard (ETSI, European Telecommunications Standards Institute)



Fig 1.1 architecture of The GSM network [1]

1.1.3.1The Mobile Station [2]

The Mobile Station (MS) is the user equipment in GSM. The MS is what the user can see of the GSM system. The

station consists of two entities, the Mobile Equipment (the phone itself), and the Subscriber Identity Module (SIM), in

form of a smart card contained inside the phone.

1.1.3.2 The Base Transceiver Station [2]

The Base Transceiver Station (BTS) is the entity corresponding to one site communicating with the

Mobile Stations. Usually, the BTS will have an antenna with several TRXs (radio transceivers) that each communicate

on one radio frequency. The link-level signaling on the radio-channels is interpreted in the BTS, whereas most of the

higher-level signaling is forwarded to the BSC and MSC. Speech and data-transmissions from the MS is recoded in the

BTS from the special encoding used on the radio interface to the standard 64 kbit/s encoding used in

telecommunication networks. Like the radio-interface, the Abis interface between the BTS and the BSC is highly

standardized, allowing BTSs and BSCs from different manufacturers in one network.



1.1.3.3The Base Station Controller [2]

Each Base Station Controller (BSC) controls the magnitude of several hundred BTSs. The BSC takes care of a number

of different procedures regarding call setup, location update and handover for each MS.

1.1.3.4 The Mobile Switching Centre [2]

The Mobile Switching Centre is a normal ISDN-switch with extended functionality to handle

mobile subscribers. The basic function of the MSC is to switch speech and data connections

between BSCs, other MSCs, other GSM-networks and external non-mobile-networks. The MSC

also handles a number of functions associated with mobile subscribers, among others

registration, location updating and handover. There will normally exist only a few BSCs per

MSC, due to the large number of BTSs connected to the BSC. The MSC and BSCs are connected

via the highly standardized A-interface [GSM0808]. However, due to the lack of standardization

on Operation and Mangement protocols, network providers usually choose BSCs, MSCs and

Location Registers from one manufacturer.

1.1.3.6 The Base Station Controller [2]

Each Base Station Controller (BSC) controls the magnitude of several hundred BTSs. The BSC takes care of a number

of different procedures regarding call setup, location update and handover for each MS.

1.1.3.7 The Equipment Identity Register [2]

The Equipment Identity Register (EIR) is an optional register. Its purpose is to register IMEIs of

mobile stations in use. By implementing the EIR the network provider can blacklist stolen or

malfunctioning MS, so that their use is not allowed by the network.

1.1.4- Subsystems [15]

• BSS: GSM net several BSS, 1 BSC/BSS

• BTS: radio equipments. Forms a radio cell.

• BSC

• Reserves frequencies (frequency/ch. assignment)

• Handles handovers



Radio Sub System (RSS)

- RSS = MS + BSS

- BSS = BTS+ BSC

Network Sub System (NSS)

- NSS = MSC+ HLR + VLR + GMSC

- Operation Sub System

OSS = EIR + AuC

1.1.5 GSM –Frequencies [15]

GSM-900:

Uplink: 890,2 MHz – 915 MHz (25 MHz)

Downlink: 935,2 MHz – 960 MHz (25 MHz)

Uplink-Downlink distance: 45 MHz

Frequency Division Multiple Access [15]

Channels are 200 kHz wide.

124 pairs of channels

Time Division Multiple Access

8 connections each channel

Theoretical 124*8 = 992 channel to use.

GSM-1800:

Uplink: 1725,2 - 1780,4 MHz

Downlink: 1820,2 - 1875,4 MHz

Uplink-Downlink distance: 95 MHz

384 pairs of channels



1.1.6 GSM 900 and GSM 1800 [15]

Table 1.1 GSM 900 and GSM 1800

GSM link [15]

Full rate-Channel (Speech)

13 kBit/s

Half rate-Channel (Speech)

6,5 kBit/s

GSM-Data-Channel

9,6 kBit/s

1.1.7 FDMA and TDMA

Fig

1.2

FDMA in GSM 900



Fi

g

1.3

TDMA in GSM 900

GPRS

General Packet Radio Service

1.2.1 GPRS Introduction [4]

The basics of GPRS are rapidly explained; its history, standards and applications are presented, but the frantic

concision of the paragraphs seems to betray

An impersonal approach to the material.

Data communication needs:

1.2.3.1 Circuit switching [4]

Is a mode in which a connection (or circuit) is established from the point of origin of a data transfer to the destination.

Network resources are dedicated for the duration of the call until the user breaks the connection. Using these resources,

data can be transmitted or receive either continuously or in bursts, depending on the application. Since resources

remain dedicated for the entire duration of a data call, the number of subscribers that the network can support is limited.

1.2.3.2 Packet switching [4]

Is a mode in which resources are assigned to a user only when data needs to be sent or receives. Data is sent in packets,

which are routed across the network along with other user traffic. This technique allows multiple users to share the



same resources, thus increasing capacity on the network and managing resources quite effectively. However, the

technique does place some limitations on data throughput. Experience has shown that most data communication

application network (such as a LAN, WAN, the Internet, or a corporate Intranet), but that does not mean they are

sending and receiving data at all times. Furthermore, data transfer needs generally are not symmetrical

1.2.4 Properties [15]

• Packet mode service (end-to-end)

• Data rates up to 171,2 kbit/s (theoretical), effectively up to 115 Kbit/s

• Effektive und flexible Verwaltung der Luftschnittstelle

• Adaptive channel coding

• Standardized interworking with IP- and X.25 networks

• dynamic resource sharin with the „classic“ GSM voice services

• advantage: billing per volume, not per connection time

1.2.5 Data services in GPRS [7]

• GPRS (General Packet Radio Service)

• Packet switching

using free slots only if data packets ready to send

(e.g., 115 kbit/s using 8 slots temporarily) Standardization 1998, introduced 2000

• GPRS network elements GSN (GPRS Support Nodes)

• GGSN (Gateway GSN)

• Interlocking unit between GPRS and PDN (Packet Data Network)

• SGSN (Serving GSN)

• supports the MS (location, billing, security)

• GR (GPRS Register)

• User addresses



Fig 1.4 of the GPRS network

1.2.6.1 SGSN - Serving GPRS Support

Node

• SGSN responsible for delivery of data packets from and To mobiles

• One per service area (i.e. per BSC)

• Roles:

– Packet routing and transfer

– attach/detach and location management

– Logical link management

– Authentication and charging

• Location register stores location information (e.g., Current cell, current VLR) and user profiles (IMSI,

Address) for all GPRS users registered with this SGSN



1.2.6.2 GGSN - Gateway GPRS Support

Node

• Interface between GPRS backbone and external packet Data networks (IP/X.25/etc.)

• Converts GPRS packets coming from SGSN into packet Data protocol format

• Sends packets out on corresponding packet data Network

• Incoming data packets’ addresses (e.g. IP) converted to GSM address of destination user

• Re-addressed packets sent to responsible SGSN– GGSN stores current SGSN address of station in

Location Register

• Also some authentication and charging

1.2.7 SPEED [4]

Theoretical maximum speeds of up to 171.2 kilobits per second (kbps) are achievable with GPRS using all eight

timeslots at the same time. This is about three times as fast as the data transmission speeds possible over today's fixed

telecommunication networks and ten times as fast as current Circuit Switched Data services on GSM networks.

1.2.8GPRS – Interoperation [8]

• GGSN is interface to external packet data Networks for several SGSNs

• SGSN may route its packets over several Different GGSNs to reach different packet data Networks

• All GSNs are connected via IP-based GPRS Backbone network

• Within backbone, GSNs encapsulate the PDN Packets and tunnel them using GPRS Tunneling Protocol (GTP)

1.2.9.1GPRS – Backbone networks [15]

• Two kinds GPRS backbone:

– Intra-PLMN backbone networks connect GSNs of same PLMN for private IP-based Networks of GPRS network

provider

– Inter-PLMN backbone networks connect GSNs of different PLMNs

• Roaming agreement between two GPRS Network providers necessary from inter-

PLMN backbone



1.2.9.2 GPRS – Intra- and Inter-PLMN Backbones

• Two intra-PLMN backbone networks of different PLMNs connected with an inter-PLMN backbone.

• Gateways between PLMNs and the External inter-PLMN backbone are called Border gateways.

• Border gateways perform security Functions to protect private intra-PLMN Backbones against

unauthorized users And attacks

1.2.10 GPRS – Interfaces [15]

Gn/Gp: between two GSNs , allow GSNs to exchange user profiles when a mobile Station

moves from one SGSN area to another

Gf: between SGSN and EIR , Allow SGSNs to query IMEI of a mobile station trying To

register with the

network

Gi: between PLMN and external public or private PDNs (e.g. Internet/corporate intranet)

Gr: between HLR and SGSN , HLR stores user profile, current SGSN address and The

PDP address (es) for each GPRS user in PLMN.SGSN informs HLR about current

location of the Station. When station registers with new SGSN, HLR sends User profile

to new SGSN

Gc: between HLR and GGSN , used by GGSN to query user's location and profile in Order to

update its

location register

Gs: between SGSN and MSC/VLR, MSC/VLR may be extended with functions and Register

entries. allow

efficient coordination between packet switched And circuit switched services E.g. combined GPRS and non

GPRS location Updates , combined attachment procedures– Paging requests of circuit switched GSM calls

can be Performed via SGSN

Gd: between SGSN and SMS gateway MSC , SMS messages can be exchanged via GPRS

1.2.11 NEW APPLICATIONS, BETTER APPLICATIONS [4]

GPRS facilitates several new applications that have not previously been available over GSM networks due to the

limitations in speed of Circuit Switched Data (9.6 kbps) and message length of the Short Message Service (160



characters). GPRS will fully enable the Internet applications you are used to on your desktop from web browsing to

chat over the mobile network. Other new applications for GPRS, profied later, including file transfer and home

automation-the ability to remotely access and control in-house appliances and machines. A wide range of corporate and

consumer applications are enabled by no voice mobile services such as SMS and GPRS. This section will introduce

those that are particularly suited to GPRS.

Applications [4]

1-Chat

2- Textual and visual information

3- Still images

4- Moving images

5- web browsing

6-Audio

7-Internet email

1.2.13 SERVICE ACCESS [15]

To use GPRS, users specifically need:

A mobile phone or terminal that supports GPRS (existing GSM phones do NOT support GPRS)

A subscription to a mobile telephone network that supports GPRS

Use of GPRS must be enabled for that user. Automatic access to the GPRS may be allowed by

some mobile network operators, others will require a specific opt-in

Knowledge of how to send and/or receive GPRS information using their specific model of

mobile phone, including software and hardware configuration (this creates a customer service

requirement)

A destination to send or receive information through GPRS. Whereas with SMS this was often

another mobile phone, in the case of GPRS, it is likely to be an Internet address since GPRS is

designed to make the Internet fully available to mobile users for the first time. From day one,

GPRS users can access any web page or other Internet applications-providing an immediate

critical mass of uses.

Having looked at the key user features of GPRS, lets look at the key features from s network

operator perspective.



CDMA

(Code division multiple access)

1.3.1 Background history [4]

Code Division Multiple Access (CDMA) is a radically new concept in wireless communications. It has gained

widespread international acceptance by cellular radio system operators as an upgrade that will dramatically increase

both their system capacity and the service quality. It has likewise been chosen for deployment by the majority of the

winners of the United States Personal Communications System spectrum auctions. It may seem, however, mysterious

for those who aren't familiar with it. This site is provided in an effort to dispel some of the mystery and to disseminate

at least a basic level of knowledge about the technology. CDMA is a form of spread-spectrum, a family of digital

communication techniques that ,have been used in military applications for many vears. The core principle of spread

spectrum is the use of noise-like carrier waves, and, as the name implies, bandwidths much wider than that required for

simple point-to-point communication at the same data rate. Originally there were two motivations: either to resist

enemy efforts to jam the communications (anti-jam, or AJ), or to hide the fact that communication was even taking

place, sometimes called low probability of intercept (LPI). It has a history that goes back to the early days of World

War 11. The use of

CDMA for civilian mobile radio applications is novel. It was proposed theoretically in the late 1940's, but the practical

application in the civilian marketplace did not take place until 40 years later. Commercial applications became possible

because of two evolutionary developments. One was the availability of very low cost, high density digital integrated

circuits, which reduce the size, weight, and cost of the subscriber stations to an acceptably low level. The other was the

realization that optimal multiple access communication requires that all user stations regulate their transmitter powers

to the lowest that will achieve adequate signal quality.

1.3.2 overview of Division Multiple Access [4]

It is easier to understand CDMA if it is compared with other multiple access technologies . The following sections

describe tlle fundamental differences between a frequency division Multiple Access Analog technology (TDMA), a

Time Division multiple Access Digital technology (TDMA)



1.3.2.1. Frequency' Division Multiple Access

Each Frequency Division Multiple Access (FDMA) subscriber is using the same medium (air) for communicating, but

they are assigned a specific frequency channel. While they are using the frequency channel, no one else in that cell or

neighboring cell can use the frequency channel.

FDMA Cocktail Party (analogy)

Two users have continuous access to the room. But, no one else can use the room

1.3.2.2 Time Division. Multiple Access

Time Division Multiple Access (TDMA) subscribers share a common frequency channel, but use the channel only for a

short time. They are each given a time slot and allowed to transmit during that time slot only. When all of the available

time slots in a given mquency are used the next user must be assigned to a time slot on another frequency.

TDMA Cocktail Par(j! (analogy)

Subscribers have access to the same room, but only a pair of them can use the room for a short time. Then they must

leave and another couple enters. Throughout the evening, the subscribers rotate usage of the room.

1.3.2.3 Code Division Multiple Access [4]

Code Division Multiple Access subscribers share a common channel (frequency). All users are on the same frequency

at the same time, they are divided however by codes. CDMA Cocktail Par v (analogy)

All subscribers are in the same room together. They can be all talking at the same time. They can be grouped together

or standing across the room from each other. Unlike the other two multiple access systems, they do not have to leave

the room!

1.3.3 Types Of CDMA [4]

Three are two types of CDMA:

1.3.3.1 Frequency-Hopping:



Each user's narrowband signal hops among discrete frequency, and the receiver follows in sequence Frequency-

Hopping Spread Spectrum (FHSS) CDMA is not currently used in wireless system, although by the military

Frequency Hopping CDMA

FIG 1.5 Frequency-Hopping Spread Spectrum

1.3.3.2 Direct sequence :

Narrowband input from a user is coded (“spread”) by user-unique broadband code .then transmitted broadband signal is

receiver, receiver knows, applies user’s code ,recovers users’ data direct sequence spread spectrum (DSSS) CDMA IS

the method used in IS 95 commercial systems

1.3.4 CDMA2000: Delivering on 3G [15]



CDMA2000 represents a family of ITU-approved. IMT-2000 (3G) standard and network capacity to meet growing

demand for wireless services and high-speed data services. CDMA2000 1X was the world's first 3G technology

commercially deployed (October2000). CDMA2000 represents a family of technologies that includes CDMA2000 1X

and CDMA2000 1X EV.

A:- CDMA2000 1X

The world's first 3G (CDMA2000 1X) commercial system CDMA2000 1X can double the voice capacity of cdmaOne

networks and delivers peak packet data speeds of 307 kbps in mobile environment. There is only one 1.25-MHZ carrier

b: CDMA2000 1X EV

CDMA2000 1X EV includes:

CDMA2000 1X EV-DO

CDMA2000 1X EV-DO delivers peak data speeds of 2.4Mbps and supports applications such as MP3 transfers and

video conferencing.

CDMA2000 1X EV-DV

Hugh-speed packet multimedia services at speeds of up to 3.09 Mbps. 1XEV-DO and 1XEV-DV are both backward

compatible with CDMA2000 1X and cdmaOne (IS-95a & IS-95B).

C: CDMA2000 3X

US (CDMA2000) version: 3X chip rate and more Even faster data:2MB burstingThe Figure Blew IIIustrate that



Fig 1.6 Evolution of CDMA

1.3.5 Architecture of CDMA 1X network [4]

It has focused on the components that are added to the CDMA system

Fig1.7 CDMA network architecture

1.3.6. PDSN (Packet Data Service Node) [4]



Establishes, maintains and terminates point-to-point protocol (999) session with the MS.

Establishes, maintains and terminates the logical link to the radio network across the radio-

packet (R-9) interface.

Initiates authentication , authorization and accounting (AAA) for the MS to the packet data

network (internet) via the AAA server .

Receives service parameters for the MS from the AAA.

Routes packet data between the RAN and the internet (like NAS in the internet).

Collects usage data that is related to the AAA server.

Supports both simple and mobile IP.

For mobile IP the FA (foreign agent ) should be implemented on the PDSN (also a HA (home

agent) is needed).

One BSC can interconnect to a few PDSNs for load balancing.

1.3.7.1 Advantages of CDMA2000 [4]

1.3.7.2 Coverage:

Forward and reverse link power control helps a CDMA network dynamically expand the coverage area . the coding and

interleaving techniques used in CDMA provide the ability to cover a larger area for the same amount of available

power used in the system . under line of sight condition CDMA has a 1.7 to 3 times more coverage than time division

multiple access(TDMA)

1.3.7.3 Capacity:

Third generation cellular systems are designed to provide enhanced voice capacity and the support of high data rate

packet data services . these data services are typically characterized by asymmetric traffic requirement subjected to the

adverse effect of the mobile channel . such condition require that use of advances techniques such as fast feedback

channel information adaptive modulation and coding incremental redundancy multiuse diversity ,efficient handoff

algorithm , adaptive data rate control ,etc.

1.3.7.4 CDMA universal frequency Reuse:

CDMA has a frequency reuse of one .Each base transfer station (BTS) in the network uses the same frequency

eliminating the need for frequency planning.



1.3.7.5 Soft handoff:

Capacity of a system is reduced when more power is required to communicate with a mobile . the soft handoff and

power control in CDMA reduces the power requirement of a call allowing more users in the system.

1.3.7.6 Throughput higher data:

Toda’s commercial CDMA support a peak data rate enables peak rates of up to 5 Mbps there are another advantages of

CDMA system as frequency band flexibility increased battery life synchronization, power control, and internet protocol

(IP) networks, improved service multiplexing and quality of service (QOS) management and flexible channel structure

in support of multiple services with various QOS and variable transmission rate..Etc

1.3.7.7 Applications:

CDMA offering a world of opportunities for multimedia services, satellite communication, military communication,

wireless local loop (WLL) and so on.

1.3.8.1 Benefits

Backward-compatibility with cdma one deployments:

-protect operator investment in exiting cdma one networks.

-provides simple and cost-effective migration to 3G service voice improvement

1.3.8.2 Voice improvement:

-voice quality improvement

-voice capacity improvement ( 1 X offers one and a half to times the capacity of cdma one 1X EV-DV offers even

grater capacity increase ).

1.3.8.3 High speed data services support:

-higher data rate (114 kbps to 2 Mbps and beyond )

-low latency data support

1.3.8.4 Multimedia services support :



- Simultaneous voice / data support for mult-serviece

- Quality of service (QOS) support for multimedia applications

1.3.8.5 Special Applications:

Hot spot coverage (spot beams) and follow- ME service (Smart Antennas ).

Access reliability and extended battery life.





GSM SECURITY

2.1.1 Introduction [7]

The security methods standardized for the GSM System make it the most secure cellular telecommunications standard

currently available. Although the confidentiality of a call and anonymity of the GSM subscriber is only guaranteed on

the radio channel, this is a major step in achieving end-to- end security. The subscriber's anonymity is ensured through

the use of temporary identification numbers. The confidentiality of the communication itself on the radio link is

performed by the application of encryption algorithms and frequency hopping which could only be realized using

digital systems and signaling.

2.1.2 Overview of GSM Security Services [7]

Smartcard-based authentication of the user

Identification of the through worldwide unique name IMSI

Algorithm A3 for authentication is not public, Confidentiality on the radio link:

Algorithms: up to 7 A5 variants

unique, permanent subscriber key Ki and dynamically generated communication keys Kc

Anonymity:

use of temporary identities

2.1.3GSM Security Requirements [9]

2.1.3.1Network provider‘s view

correct Billing: authenticity of the user

no misuse of the service, correct billing of content-usage

efficiency: no more bandwidth needed for security, no long delays (user acceptance), cost-

efficient

2.1.3.2User‘s view

confidentiality of communication (voice and data)

privacy, no profiles of the movements of the users

connection with authentic base station



correct billing

2.1.3.3Content provider‘s view

correct billing

2.1.4 Architecture security for GSM [9]

The security aspects of GSM are detailed in GSM Recommendations "Security Aspects, "Subscriber Identity Modules,

"security Related Network Functions." and "Security Related Algorithms". Security in GSM consists of the following

aspects: subscriber identity authentication, subscriber identity confidentiality, signaling data confidentiality, and user

data confidentiality. The subscriber is uniquely identified by the International Mobile Subscriber Identity (IMSI). This

information, along with the individual subscriber authentication key (Ki), constitutes sensitive identification credentials

analogous to the Electronic Serial Number (ESN) in analogue systems such as AMPS and TACS. The design of the

GSM authentication and encryption schemes is such that this sensitive information is never transmitted over the radio

channel. Rather, a challenge-response mechanism is used to perform authentication. The actual conversations are

encrypted using a temporary. randomly generated ciphering key (KC).

The MS identifies itself by means of the Temporary Mobile Subscriber Identity (TMSI). which is issued by the network

a d may be changed periodically (i.e. during hand-offs) for additional security. The security mechanisms of GSM are

implemented in three different system elements; the Subscriber Identity Module (SIM), the GSM handset or MS, and.

the GSM network. The SIM contains the IMSI, the individual subscriber authentication key (Ki), the ciphering key

generating algorithm (A8), the authentication algorithm (A3), as well as a Personal Identification Number (PIN). The

GSM handset contains the ciphering algorithm (A5). The encryption algorithms (A3, A5, AS) are present in the GSM

network as well. The Authentication Centre (AUC), part of the Operation and Maintenance Subsystem (OMS) of the

GSM network, consists of a database of identification and authentication information for subscribers.

This information consists of the IMSI, the TMSI, the Location Area Identity (LAI), and the individual subscriber

authentication key (Ki) for each user. In order for the authentication and security mechanisms to function, all three

elements (SIM, handset, and GSM network) are required. This distribution of security credentials and encryption

algorithms provides an additional measure of security both in ensuring the privacy of cellular telephone conversations

and in the prevention of cellular telephone fraud. Distribution of security information is among the three system

elements, the SIM, the MS, and the GSM network. Within the GSM network, the security information is further

distributed among the authentication centre (AUC), the home location register (HLR) and the visitor location register

(VLR).



The AUC is responsible for generating the sets of RAND, SRES, and Kc, which are stored in the HLR and VLR for

subsequent use in the authentication and encryption processes. Fig(2.1) demonstrates the distribution of security

information among the three system elements, the SIM, the MS, and the GSM network. Within the GSM network, the

security information is further distributed among the authentication center (AUC), the home location register (HlR) and

the visitor location register (VLR).

2.1.5 GSM- Security/Authentication/Access Control Features [9]

The GSM system promises to provide security over the air interface that is as good as the security offered by traditional

fixed networks .[l] The GSM standard specifies the following security features to be implemented in every PLMN.

-Subscriber identity. (lMSI) confidentiality. This feature protects the Subscriber ID (IMSI) from being attacked by

eaves-droppers.

-Subscriber (IMSI) authentication This feature protects the Network Assets from Attacks by imposters.

Use data confidentiality an physical connections. This feature provides the protection of user speech data and other

user related identification information.

-Connectionless user data confidentiality :

This feature provides protection of the message part of the conAnectionless user data pertaining to OSI layers 4 and

above.

-Signaling information element confidentiality.

This feature provides protection to some of the network signaling information that are considered to be sensitive.

According to the standard, the implementation of these above features is mandatory over both the fixed and the access

network sides.

The mechanisms for implementing these features are explained in the following sections

2.1.5.1 Subscriber identity confidentiality:

This feature is implemented by means of Temporary Mobile Subscriber Identities


Fig 2.1 Architecture security for GSM


(TMSI). These TMSI are local numbers and have significance only in a given

location area (LA). The TMSI must be accompanied by Location Area Identifier

(LAI) to avoid ambiguities. Some of the requirements on the TMSI are :

The new TMSI must be allocated at least in each location update procedure.

This location updating whenever the mobile moves to a new location area (LA)

Whenever a new TMSI is allocated to a MS, it is transmitted to the MS in

A ciphered mode. The MS should store the TMSI in a non-volatile memory

Together with the LA so that these data are not lost whenever the mobile is

Switched off.

2.1.5.2GSM subscriber's authentication:

Purpose:

The authentication is used to identify the MS to the PLMN operator.

Operation:

Authentication is performed by challenge and response mechanism. Ki in the

HPLMN is held in the AUC . A random challenge (RAND ) is generated by the

Authentication algorithm A3 implemented within the SIM , and send a signed

Response (SRES) back to the PLMN.

Fig 2.2 user authentication



Fig 2.3 user authentication

2.1.6 confidentiality of connectionless data user information and signaling information on

physical connections [9]

. Security Requirements of Mobile communication

. Authentication of MS or Subscriber

. Authentication of VLR\HLR

. Confidentiality of Data between MS and VLR

. Confidentiality of Data between VLR and HLR

. Requirements For End – user privacy

. Security for call setup information

. Security for speech

. Privacy of Data

. Privacy of user-location

2.1.7 Privacy of user –ID [7]

All mobile communication system use some sort of a user-ID to identity its

Subscriber. This subscriber indentication (or the user-ID ) must be protect –

ted from hackers. Transmission of this information (that too. In clear) either

over the air-interface , or over the network must be avoided as far as possible

2.1.8 support of roaming [7]

Most mobile communications systems support roaming of users, wherein the

User is provided service even if he move into a region handled by a deferent

Service provider or a deferent network of the same service provider. Thus ,

There is requirement in the network for authenticating mobile user who roam

Into its area. The main problem here is that the subscriber related information

That is useful for authentication is present only in the home network of the

user end and is generally not accessible by the visited (or serving) network.

Thus, there must be a method by which a subset of handset credentials is supp-



lied to the serving network that is enough to authenticate the user. A complete

disclosure of handset credentials may result in a security compromise.

2.1.9 GSM security weaknesses [9]

Active attacks using false BTS are possible. This because the mobile dose not check the authenticity of the BTS while

establishing a connection. It simply responds to the challenge posed to it.

The cipher keys and the authentication data are transmitted in clear between and within Networks.

Data integrity is absent in GSM.

GSM was not built with a good flexibility for up gradation.

The Home Network (in GSM) had no knowledge or control over how an serving Network uses the authentication

parameters supplied to it for authenticating roaming subscribers.

GPRS Security

2.2.1 introduction [8]

The GPRS is a new service that is offered to the mobile phone user. Netcom and Telenor, who are the two largest

operators in Norway introduced GPRS on January 31 and February 1, 2001. So far it is just a small number of mobile

phone on the marked that supports GPRS and it is also difficult to get hold of a mobile phone. The operators offer a

limited numbers of services to the GPRS customers. One of the services that GPRS is supporting today is the Mobile

Mail. Mobile Mail is possible to use with the entire mobile phone that use WAP, but with the GPRS functionality

"always on" the email service Mobile Mail is more attractive It is important that the security is taken care of. This is

because the users; both private persons and companies, can feel safe and use the services that the operators offer.

Services that demand a high level of security could be financial transactions transfer of medical information or



exchange of personal e-mail messages. In the next two subchapters we have explained which part in the GPRS system

we are focusing on and the test we did in the Ericsson AS'a lab environment.

2.2.2 Architure Security For GPRS [8]

from the fig there are five main areas where security in the GPRS system is exposed .the five areas are :

1-security aspect relate to the mobile phone and the SIM card .

2-security mechanics between the MS and SGSN. These include also the air interface from the MS to the BSS.

3-The PLMNs backbone network security that mainly

4-security between different operation.

5-Security between GGSN and the external connected network like internet .

Fig 2.4 system architecture

2.2.3 Security functions in GPRS [8]

Confidentiality, Integrity and Authentication (CIA) are three different services that computer and network security

should cover. All the three services have to be protected, and attack against one or some of them are possible. It is

important to have strict control for who should have Access control and dispense with Denial-of-Service for the

unauthorized users



Confidentiality – The property of information that has not been disclosed to unauthorized parties. Confidentiality has

traditionally been seen as the most formidable threat in the communications system. To provide confidentiality

encryption is used.

Integrity – the property of information that has not been changed by authorized parties Integrity is normally associated

with error correction and retransmission techniques to ensure that data are not corrupted. Cryptographically checksum

is a technique to ensure that data is not willfully modified.

Authentication – The provision of assurance of the claimed identity of an entity. Authentication is reference to the user

identity verification. Challenge- Response is a common authentication mechanism that active challenge the user to

claim that he is the right person, so the user has to give that right response.

Access control – The prevention of unauthorized use of a resource, including the prevention of a resource in an

unauthorized manner. Access control is to give access to services for authorized user and denying unauthorized user the

same services.

Denial-of-Service – While access control is about denying the unauthorized user access to the services, Denial-of-

Service can be seen as a security service to ensure that unauthorized users are denied access to the services.

2.2.5. GPRS processes [8]

this section describes the flowing processes used in GPRS network :

Attach process

Process by which the MS attaches (i.e. connected)

To the SGSN in the GPRS

Authentication prosess

Process by which the SGSN authentication the mobile subscriber.

Detach process

Process by which the MS detaches (i.e. disconnected ) from the SGSN in the GPRS network .

2.2.5.1GPRS attach process

when a mobile subscriber turns on their handset , the flowing actions occur:

1.a handset attach request is sent to the new SGSN .



2.the new SGSN responds with the identity of the handset. The old SGSN responds with identity of the handset.

3.the new SGSN requests more informationA from MS .this information is used to authentication the MS to the new

SGSN .

4-The authentication process continues to the HLR. The HLR acts like a RADIUS server using a handset-level

authentication based on IMSI and similar to the CHAP authentication process in PPP.

5. A check of the equipment ID with the EIR is initiated.

6. If the equipment ID is valid, the new SGSN sends a location updated to the HLR indicating the change of location to

a new SGSN. The HLR notifies the old SGSN to cancel the location process for this MS. The HLR sends an insert

subscribe data request and other information associated with this mobile system and notifies the new SGSN that the

update location has been performed.

7. The new SGSN initiates a location update request to the VLR. The VLR acts like a proxy RADIUS that queries the

home HLR.

8. The new SGSN sends the Attach Accept message to the MS.

9. The MS sends the Attach Complete message to the new SGSN.

10. The new SGSN notifies the new VLR that the relocation process is complete.

2.2.5.2GPRS authentication process:

The GPRS authentication process is very similar to the CHAP with RADIUS server the authentication process follows

these steps:

1.The SGSN sends the authentication information to the HLR . the HLR sends information back to the SGSN based on

the user profile that was part of the user's initial setup.

2.The SGSN sends a request for authentication and ciphering (used a random key to encrypt information ) to the MS .

the MS uses an algorithm to send the user ID and password to the SGSN. Simultaneously , the SGSN uses the same

algorithm and compares the result. If match occur . the SGSN authentications the user.



Fig 2.5 main GPRS procedures

2.2.5.3 detach process initiated by MS

when a mobile subscriber turns off their handset . the detach process initiates . the detach process is described below .

1.the MS sends detach request to the SGSN

2-the SGSN sends a delete PDP context request message to the serving GGSN .

3-the SGSN sends a GPRS detach indication message to the MSC/VLR indication the MS request to disconnected.

4-the SGSN sends a GPRS detach indication message to the MSC/VLR

5-the SGSN sends the detach accept message to the MS .

Note

the GSN nodes must always respond to the detach request with a positive delete response to the MS and accept the

detach requested by the client. The positive delete response is require even if the SGSN dose not have a connection

pending for that client .

2.2.6 GPRS security /authentication/access control feature

2.2.6.1 Confidentiality of the user identity [8]

the identity of the user is protect ed to avoid the possibility for an intruder to identify which subscriber is using a given

resource on the radio path by listening to the signaling exchange or the user traffic. As a condition to accomplice this

the IMSI (international mobile subscriber identity) or any other information allowing a listener to drive the IMSI easily,

should not normally be transmitted in clear text in any signaling message over the radio pathe, it is from a security



point of view necessary that on the radio path a protected identifying method is used instead of the IMSI. The IMSI

should not normally be used as addressing means. But when signaling procedures permit it it, signaling information

elements that can expose information about the mobile subscriber identity must be ciphered for transmission.

To identify a mobile subscriber on the radio path a Temporary Logical Link Identity (TLLI) is used. The TLLI is a

local number and has only a meaning in a given Routing Area (RA), it is accompanied by the Routing Area Identity

(RAI). The relation between the TLLIs and IMSIs are stored in a database at the, SGSN. So when a TLLI is received

with a RAI that does not correspond to the current SGSN, the IMSI is requested from the SGSN in charge of the RA

indicated in the RAI. If the address of that SGSN is unknown the IMSI is requested from the MS. When a new TLLI is

allocated to a MS, it is transmitted from the SGSN to the MS in a ciphered mode produced with the GPRS-A5

algorithm. This is not completely the truth since the fixed part of the network can acquire the identification of the MS

in clear. However this is a breach in the provision of the service, and should only be used when necessary to cope with

malfunctioning e.g. arising from software failure

2.2.6.2confidentiality of user data

The SGSN can request security related information for a MS from the HLR/AuC corresponding to the IMSI, which will

include an array of pairs of corresponding

RAND and SRES. This is done in the HLR/AuC by using RAND and the key Ki in the A3 algorithm The pairs are

stored in the SGSN as part of the security information.

The HLR/AuC responds the SGSN by sending the vectors RAND/SRES in the Authentication Vector Response which

also includes the key Kc. These sets of information (RAND/SRES and Kc) are stored in the SGSN.

And they should be marked as used when they have been used, but it is the operators that decide how many times a set

can be used before it is marked. If there is no more unused sets left, the SGSN may use a used set. In order to get rid of

sets that is used the SGSN is to delete all the records marked as used, when it successfully request security related

information from the HLR. The sets may also be re-sent by the HLR depending on the rules for re-use of sets set by the

operator.

2.2.6.3 confidentiality of user information and signaling between MS and SGSN

The needs for a protected mode of transmission are fulfilled by a ciphering function in the LLC layer. It is the GPRS-

A5 algorithm that ciphers the LLC layer information. A mutual key setting is produced to allow the MS and the

network to agree on the key Kc to be used in the ciphering and the deciphering algorithms GPRS-A5. The Kc is

transmitted to the MS in the RAND value and it is derived from the RAND by using the A8 and the Subscriber



Authentication key Ki. The MS and the SGSN must coordinate when the ciphering and the deciphering processes

should start.

indicating if the frame is ciphered or not. The SGSN indicates if the ciphering should be used or not in the

Authentication and Ciphering Request message, and the MS starts the ciphering after sending the Authentication and

Ciphering Response message. In order for the enciphering bit stream at one end and the deciphering bit stream at the

other end to coincide, the streams must be synchronized. This is done by using an explicit variable INPUT, the

DIRECTION and the Kc in the algorithm GPRS-A5, The synchronization of ciphering at LLC frames level is done by

a bit in the LLC header

When a inter SGSN routing area update occurs, the necessary information (i.e Kc ,INPUT) is transmitted within the

system infrastructure to enable the communication to proceed from the old SGSN to the new one. The key Kc may

remain unchanged at Inter SGSN routing area update. The MS should indicate which version of the GPRSA5 algorithm

it supports when it wants to establish a connection to the network. The negotiation of the GPRS-A5 algorithm happens

during the authentication procedure. The network can decide to release the connection if there is no common GPRS-A5

algorithm, or if the MS indicates an illegal combination of supported algorithms. Otherwise the network selects one of

the mutual acceptable versions of the GPRS-A5 algorithms to bused.

CDMA security


Since the birth of the cellular industry, security has been a major concern for both service providers and subscribers.

Service providers are primarily concerned with security to prevent fraudulent operations such as cloning or

subscription fraud, while subscribers are mainly concerned with privacy issues. In 1996, fraudulent activities through

cloning and other means cost operators some US$750 million in lost revenues in the United States alone. Fraud is still

a problem today, and IDC estimates that in 2000, operators lost more than US$180M in revenues from fraud.

Technical fraud, such as cloning, is decreasing in the United States, while subscription fraud is on the rise1. In this

paper, we will limit our discussions to technical fraud only. With the advent of second-generation digital technology

platforms like TDMA/CDMA-IS-41, operators were able to enhance their network security by using improved

encryption algorithms and other means. The noise-like signature of a CDMA signal over the air interface makes

eavesdropping very difficult. This is due to the CDMA “Long Code,” a 42-bit PN (Pseudo-Random Noise of length

242-1) sequence, which is used to scramble voice and data transmissions. This paper discusses how CDMA 2000

1xRTT implements three major features of mobile security: authentication, data protection, and anonymity



2.3.2 Security – CDMA Networks [15]

The security protocols with CDMA-IS-41 networks are among the best in the industry. By design, CDMA technology

makes eavesdropping very difficult, whether intentional or accidental. Unique to CDMA systems, is the 42-bit PN

(Pseudo-Random Noise) Sequence called “Long Code” to scramble voice and data. On the forward link (network to

mobile), data is scrambled at a rate of 19.2 Kilo symbols per second (Ksps) and on the reverse link, data is scrambled at

a rate of 1.2288 Mega chips per second (Mcps). CDMA network security protocols rely on a 64-bit authentication key

(A-Key) and the Electronic Serial Number (ESN) of the mobile.

Fig2.6 the authentication by CAVE

A random binary number called RANDSSD, which is generated in the HLR/AC, also plays a role in the authentication

procedures. The A-Key is programmed into the mobile and is stored in the Authentication Center (AC) of the network.

In addition to authentication, the A-Key is used to generate the sub-keys for voice privacy and message encryption.

CDMA uses the standardized CAVE (Cellular Authentication and Voice Encryption) algorithm to generate a 128-bit

sub-key called the “Shared Secret Data” (SSD). The A-Key, the ESN and the network-supplied RANDSSD are the

inputs to the CAVE that generates SSD. The SSD has two parts: SSD_A (64 bit), for creating authentication signatures

and SSD_B (64 bit), for generating keys to encrypt voice and signaling messages. The SSD can be shared with roaming

service providers to allow local authentication. A fresh SSD can be generated when a mobile returns to the home

network or roams to a different system.

2.3.3 Authentication [6]



In CDMA networks, the mobile uses the SSD_A and the broadcast RAND* as inputs to the CAVE algorithm to

generate an 18-bit authentication signature (AUTH_SIGNATURE), and sends it to the base station. This signature is

then used by the base station to verify that the subscriber is legitimate. Both Global Challenge (where all mobiles are

challenged with same random number) and Unique Challenge (where a specific RAND is used for each requesting

mobile) procedures are available to the operators for authentication. The Global Challenge method allows very rapid

authentication. Also, both the mobile and the network track the Call History Count (a 6-bit counter). This provides a

way to detect cloning, as the operator gets alerted if there is a mismatch.The A-Key is re-programmable, but both the

mobile and the network Authentication Center

2.3.4 Basic of authentication : [6]

1. A- key (authentication Key)

2.ESN-MIN-MDN:

2.3.4.1 A- key (authentication Key):

the A-key or authentication key is a 64 bit permanent number stored in the permanent memory of the mobile. Pre-

programmed and stored security on the mobile phone during factory settings. Known only to the mobile and its

associated HLR/AC. Is used to generate the SSD (share secret data)- the intermediate keys.

2.3.4.2. ESN-MIN-MDN:

ESN (electronic serial number)

The ESN is the 32 bit electronic serial number of the mobile phone. The ESN is pre-programmed by the phone

manufacturer during factory setting. The ESN is unique to each mobile on the network and is used in conjunction with

the mobile number to identity the mobile on the network . MIN (mobile identification number)

The MIN is the 10 digit number which is assigned by the service providers to a mobile phone in the network . the MIN

is unique each mobile on the network and is used in conjunction with the ESN to identify the mobile on the network.

MDN (mobile directory number) The MDN is the 10 digit dilatable number assigned by the service provider to a

mobile phone on its network . the MDN may be the same as the MIN (it depend on how the service provider provisions

this pair on its network)

2.3.5Global challenge [6]



1- allows only valid subscriber to access the network resources.

2- all MS challenge with same random number

3- VLR can authenticate MS if SDD is shared

4- subsequence action is based on policy in effect (i.e. unique challenge)

Global challenge is performed when ever:

1-registration: when the mobile dose autonomous registration.

2- origination: when the mobile station originates a call .

3- terminations: when the mobile station responds with page message .

4- mobile station data: when it sends a data burst message I.e. SMS.

Fig 2.8 global challenge

2.3.6 unique challenge [6]

signal MS challenged with selected random number( unique) VLR can initiate if SSD is shared (only report failure to

AC) can executed on the traffic channel used for call saves control channel resources

By design, all CDMA phones use a unique PN (Pseudo-random Noise) code for spreading the

signal, which makes it difficult for the signal to be intercepted.



Fig 2.9 unique challenge:

2.3.7 The inherent security of the CDMA air interface [7]

Code Division Multiple Access (CDMA) technology is an advance wide area wireless technology for voice and high-

speed internet access supporting high mobility speeds. CDMA is inherently secure and has advantages to first-

generation analog and Time Division Multiple Access (TDMA) system . CDMA originated from military application

and cryptography and to data there has never been a report of high-jacking or eavesdropping on a CDMA call in a

commercially deployed network .the inherent security of CDMA 's air interface comes from a combination of

encryption and spread spectrum technology ,which are used simultaneously to void any gaps in security . first the

CDMA signals of all calls are transmitted or spread over the entire bandwidth rather than being tied to a specific time

or element in the system. this result in the signal of all calls tacking on white noise a noise-like appearance that work

as disguise making the signal of any one call difficult to distinguish and detect from background noise







GSM Encryption


Encryption, Decryption and cryptography

Encryption is the conversion of message from the original form to an unrecognizable form (encrypted message)

while decryption is the re-conversion of the encrypted message into its original form. The word cryptography comes

from the Greek words kryptos which means hidden and graphein which means writing. Cryptography is the science

of encryption and decryption. The art or study of cryptography was a known practice in the ancient world. The first

recorded use of cryptography was by the Spartan’s in 400 B.C. and one of the more famous ancient

cryptography was known as “Caesar Cipher” named after Julius Caesar which was used by the Roman armies to

transfer messages during war. The modern day cryptographic techniques make use of much faster processing

techniques which are embedded on advanced electronics chips and computers systems. In a general cryptographic

system a message is encrypted with the help of keys which are nothing but variables which are applied to the original

message. The formula for combining the original message and the key to produce an encrypted message is known as a

cryptographic algorithm. For example an original text written as HOWAREYOU could be encrypted into

KRZDUHBRX. In this example the cryptographic algorithm would read “shift key places forward” and the key

could be 2 which means shift 2 places forward.As can be seen in the above example both sides must have the same

cryptographic algorithm and must know the key or variable to perform the cryptographic algorithm on the original

message. Most Cryptographic systems use either the Secret Key (Symmetric) cryptography or Public Key

(Asymmetric) cryptography and sometimes even a mix of both. This White Paper will not discuss these two models

as used in various applications but would stay focused on the Authentication and Encryption as used in GSM systems

3.1.2 GSM ALGORITHM [3]

GSM subscriber identity module (SIM) contains

• International Mobile Subscriber Identity (IMSI)

• Subscriber identification key Ki Used for authentication and encryption via simple Challenge/response protocol

• A3 and A8 algorithms provide authentication (usually Combined as COMP128)

• A5 provides encryption



Fig 3.1 challenge response

3.1.3 GSM Security [15]

1. Base station transmits 128-bit challenge RAND

2. Mobile unit returns 32-bit signed response SRES via A3

3. RAND and Ki are combined via A8 to give a 64-bit A5 key

4. 114-bit frames are encrypted using the key and frame Number as input to A5

3.1.4 A5 ALGRITHM [15]

3.1.4.1 A5/1 Overview

“Cryptography is a mixture of mathematics and muddle, and without the muddle the mathematics can be used against

you.”

- Ian Cassells, a former Bletchly Park cryptanalyst.

A5/1 is a stream cipher, which is initialized all over again for every frame sent.

Consists of 3 LFSRs of 19,22,23 bits length.

The 3 registers are clocked in a stop/go fashion using the majority rule.

3.1.4.2 A5/1 : Operation

All 3 registers are zeroed

64 cycles (without the stop/go clock) :



Each bit of K (lsb to msb) is XOR'ed in parallel into the lsb's of the registers

22 cycles (without the stop/go clock) :

Each bit of Fn (lsb to msb) is XOR'ed in parallel into the lsb's of the registers

100 cycles with the stop/go clock control, discarding the output

228 cycles with the stop/go clock control which produce the output bit sequence.

Fig3.2 keystream generation

3.1.4.3 A5 The Model

The internal state of A5/1 generator is the state of all 64 bits in the 3 registers, so there are 264-1

states.

The operation of A5/1 can be viewed as a state transition :

Standard attack assumes the knowledge of about 64 output bits (64 bits →264 different

sequences).

About A5 :

• A5/0 : no encryption.

• A5/1 : original A5 algorithm

• A5/2 : weaker algorithm created for export

• A5/3 : strong encryption created by 3GPP

• A5 is a stream cipher.

• Uses three linear feed-back shift registers (LFSR) of different length (19/21/22) and Variable clock. The xor of the

three registers Is the bit stream that is then xored with the

Plain text.

• The key is the initial content of the Registers, in total 64 bits derived from Kc



And the frame number.

3.1.5 A5/2 Algorithm [15]

3.1.5.1 Description of A5/2

4 LFSR R1,R2,R3,R4.

R4 controls the clocking of R1,R2,R3.

LFSRs are initialized using KC and frame # f.

After key is loaded, one bit of each register is forced to be set.

Output (228 bit key stream) is quadratic function of R1,R2,R3.

114 bits of key stream are used to encrypt uplink and rest 114 are used for downlink.

Fig 3.3 architecture of A5/2

3.1.5.3 Ciphertext-only Attack on A5/2

Error correction codes are employed in GSM before encryption.

Plaintext has highly structured redundancy.


NAWAF, 06/07/06,

Majority (a, b, c) = ab + bc + ca


Complexity

Implementation on a personal computer recovers KC in less than a second and takes less than 5.5hours for one time

pre-computation.

Possible Attack Scenarios

Eavesdropping conversation (passive listening)

Call hijacking (man in the middle)

Altering of data messages (SMS)

Call theft (parallel session)

3.1.7 Attack Categories [15]

Attacks on GSM Security

SIM Attacks

Cryptanalytic Attack

Fake BTS

Radio-link interception attacks

Operator network attacks

GSM does not protect an operator’s Network

3.1.8.1 Attacks on GSM Security

3.1.8.2 SIM Attacks

Secret key KI is compromised.

Physical access to SIM is needed.

COMP-128 leaks KI (April 1998)

Requires about 50K challenges

Side-channel attacks

Power consumption

Timing of operation

Electromagnetic emanations

Cloning of SIM is possible



3.1.8.3 Cryptanalytic Attack

Weakness in the encryption algorithm

Session key KC is compromised

Over the air attack (physical access not required)

3.1.9 Observations [15]

Attack takes lesser time than authentication timeout.

No authentication for base station.

Replay attack is possible as nonce or time stamp are not used.

A5/2 is already broken and A5/1 is weak. Even changing to A5/3 won’t help.

GSM interceptor/scanners are easily available.

Security problems in mobile communications are keeping the applications like m-commerce

from deployment.

Attack takes lesser time than authentication timeout.

No authentication for base station.

Replay attack is possible as nonce or time stamp are not used.

A5/2 is already broken and A5/1 is weak. Even changing to A5/3 won’t help.

GSM interceptor/scanners are easily available.

Security problems in mobile communications are keeping the applications like m-commerce

from deployment.

GSM security design process was conducted in secrecy.

The A5 encryption algorithm was never published.

The key calculated does not depend on which of the A5 algorithms it is destined to be used with.

Real time cryptanalysis of A5/2.

The encryption is done after coding for error correction.

GPRS Encryption

3.2.1 Authentication and key agreement of GPRS [4]

3.2.1.1 Keys and triplets:



When a connection is established with a Mobile Station (MS), the Serving GPRS Support Node (SGSN) is informed

and takes over control of the Authentication procedure. The SGSN request the International Mobile Subscriber Identity

(IMSI) and uses it to identify the station's HLR. The SGSN conveys the IMSI and its own identity to the HLR so that

this can inform the Network of the Mobile Station's subscriber IMSI; it addresses the Authentication centre and

requests for the ciphering key Ki. The key is retrieved by the Authentication centre and used with a Random number as

parameter in an algorithm, A3 to calculate a signature or signed response. The AuC similarly uses Ki and the random

number as a parameter in an other algorithm A8 to calculate the ciphering key Kc for traffic channel coding. The

random number, the signed response and Kc make up a triplet for a mobile station which can be used for further

ciphering.

3.2.1.2 GPRS Authentication [8]

In GPRS the authentication mechanism is the same as in GSM except that it is performed by the SGSN instead of the

VLR. As a side effect, the GPRS system effectively prevents eavesdropping on the backbone between the BSS and

SGSN, because the frames are still encrypted at this point. Thus, security of GPRS depends largely on the placement

and safety of the SGSNs. The particularity of GPRS is the "attach" procedure which allows sending and receiving

packets on a date network. In fact, this procedure includes authentication as described above, ciphering algorithm

negotiation and IP address assignment by the SGSN.

The HLR conveys the value of the triplets (Kc, the signed response and the random number) to the SGSN and the value

of the Random number is then passed to the Mobile Station. Additionally the SGSN performs the selection of the

ciphering algorithm (different versions of the ciphering algorithm A5 should be available), and the synchronization for

the start of the ciphering.

The MS, after receiving the Random number, calculates the other value of the triplets (signed response and Kc) using

algorithm A3 and A8. The signed response is sent back to the SGSN and compared to the one sent by the HLR (see

Figure 3-12 Calculation of the triplets in the MS p.19). Any further processing are not undertaken before the signed

response calculated by the HLR and stored in the SGSN matches the one calculated in the mobile.

3.2.1.3 GPRS Encryption [8]

A cryptosystem defines a pair of data transformations. The first transformation, the encryption is applied to an ordinary

data item known as plaintext and generates a corresponding (unintelligible) data item called cipher text. The second

transformation or decryption is applied to the cipher text and results it in the regeneration of the original plaintext. An



encryption transformation is defined by an algorithm and uses as input both the plaintext data and an independent value

known as an encryption key Similarly, a decryption transformation is defined by an algorithm and uses a decryption

key as well as the cipher text so as to cover the plaintext.

If the authentication of the subscriber is successful then the encoding step is targeted. Data and signaling are merged on

a traffic channel between the mobile station and the SGSN using:

The GPRS system uses a new A5 implementation as well referred to as the GEA version 1

(GPRS Encryption Algorithm). The GEA is responsible for securing the interface from Mobile

Station to SGSN. The Kc is not transmitted to the BTSs and the transmission channel between

the BTS and the SGSN is encrypted making impossible to monitor the backbone between the

BTS and the SGSN

The Key Kc as a parameter

Fig 3.4 authentication and encryption

An important security mechanism that protects the radio link against eavesdropping is encryption. Encryption protects

both user data and network control information. This is referred to as ciphering in the GPRS specification, is an option

employed by AT&T Wireless. Please note, not all GPRS or EDGE device and an infrastructure element called the

SGSN (a relatively centralized node)

Encryption spans not only the radio interface, but a portion of the wire line infrastructure as well and includes Base

Transceiver Station (BTSs), Base Station Controllers (BSCs), and all of the connections leading to the SGSN.

Following authentication, the network and MS calculate a 64-bit encryption key by applying a key-generating

algorithm called A8 to two values: the secret subscriber key and a random number previously used for authentication.

Once the encryption key id derived, communication between the NS and the GPRS/EDGE network is encrypted using

an algorithm called GPRSA5, a modified version of the A5 algorithm used in GSM network for voice communication.

GPRSA5 is optimized for packet-data communications.



Fig 3.5 the GPRS ciphering

This algorithm is also referred to as GPRS Encryption Algorithm (GEA). Both A5 and GPRS-A5 are based on an

algorithm called COMP128. The first version of GPRS encryption was called GEA1. The current version is GEA2.

The protocol level that handles encryption is called the Logical Link Control (LLC) layer. The LLC operates between

the MS and SGSN at layer two of the network reference model (see Figure 3-14). Both signaling (control) information

and user data are processed by the LLC layer; therefore the network keeps both user data and control information (such

as the user's location) confidential.

Fig 3.6 THE GPRS traffic



3.2.2 Scope of ciphering [8]

In contrast to the scope of ciphering in existing GSM (a single logical channel between BTS and MS), the scope GPRS

ciphering is form the ciphering function at the SGSN to the ciphering function in the MS. This means that user data and

signaling are protected by the ciphering algorithm (A5)all way long form the MS to the SGSN and not only form the

MS to the BTS as it was the case in GSM. As a matter of fact, this will avoid us to study the Gb Interface since the

interconnection between the BSS and the SGSN are as well protected as the Um interface (MS-BSS interface).

Fig 3.7 scope of GPRS ciphering

3.2.3 Characteristics Of The Different Algorithms in GPRS [15]

Three kinds of algorithms have been defined:

.Algorithm A3 which is the Authentication algorithm.

Algorithm A5 which is the ciphering/deciphering algorithm. As previously explained

several ciphering algorithms will be designed and one of them will be chosen during the

authentication procedure.

Algorithm A8 which is the cipher key generator.

3.2.3.1 Algorithms A3 & A8 :

The algorithms is used for authentication processes and algorithms A8 it used for produce cipher key (kc). The

algorithms A3 and A8 in GPRS takes same procedures which they occurs in GSM system.



3.2.3.2 Algorithms A5:

A5 is implemented in to the math MS and SGSN. The ciphering take place just before modulation and after

interleaving. The deciphering take place just before demodulation and after symmetrically. The useful information

(plain text) is organized in to blocks of 114 bit .for ciphering A5 produces a sequence of 114cipher\ decipher bits (here

called BLOCK) which is combined by a bit wise modulo to addition to the 114 bits plain text . Deciphering is

symmetrically: A5 produces a sequence of 114cipher\ decipher bits and the first produced bits are added to cipher text

(coded massage) and so on …

For each slot , the decipherment is performed on MS side with first block ( BLOCK1) of 114 bits produced by the A5,

And the encipherment is performed with the second produced block (BLOCK2) for deciphering.{4} therefore , A5

must produce twice 114 bits .THE ciphering start when valid authentication response is received from MS using

synchronization for the start ciphering that has been selected in the BSC . synchronization guaranteed by explicit time

variable , COUNT

(22-bits) , derived from the logical link control (LLC) frame number .therefore , 114 bits block produced by A5 only

depends on the LLC frame numbering , the cipher key kc (64 bits) and of course the A5 algorithm used . THE fig (3.9)

summarises the above listed implementation indication , with only one cipher\ decipher bits procedure represented.

Fig 2.8 use of the A5 algorithm



CDMA ENCRYPTION

3.3.1 Authentication and Encryption in CDMA system [13]

Executive summary

Mobile usage has virtually penetrated every aspect of our daily lives from the traditional voice communication to short

message services (SMS), multimedia messaging services (MMS), ring tones, camera phones, games and a vast array of

applications. In fact with the advent of 3G technologies most Service Providers are promising even more attractive

features and applications. Most mobile phone manufacturers are making the mobile even more and more feature rich.

One of the key areas which has been addressed by both the Service Provider and the Mobile manufacturers is in th area

of Authentication and Encryption in Mobile technology. This White Paper is an attempt to address the concept of

Authentication and Encryption in CDMA systems and the usage of this feature in today’s mobile telephony

environment.

3.3.1.2 The Authentication model [6]

An Authentication model is best represented by Figure 1 shown below. As soon as the User

desires some service from the Serving System a random number is thrown at it from the

Serving System as a Challenge to authenticate itself. The User uses this random number and

performs a cryptographic algorithm on it using a Secret Key which is known at both ends. The

same process is carried out at the Serving System using the same cryptographic algorithm and

Secret key. The resultant output from the User side is given to the Serving System as a

Response. The Serving System compares the Response with its own computation. If the two

match the User is either permitted access to Services or is denied entry.



Fig 3.9 cryptographic algorithm

In CDMA systems as we shall see in subsequent sections the process of Authentication is to

identify and provide service to a genuine mobile on the network and deny access to a cloned

version of it.

3.3.1.3 Authentication and Encryption in CDMA system [13]

At the heart of the Authentication model in CDMA is the Authentication key or A-key which is

like a master key to the system. The A-key is a 64 bit number stored in the permanent section

of the memory and is usually pre-programmed at factory settings. The A-key as we shall see in

further sections is used to generate intermediate keys and session keys within the system. The

model represented below represents the complete Authentication and Encryption systems in

CDMA networks and will be the focus of our study from now.



Fig 1.10 authentication and Encryption

For better understanding this system can be divided into three sections namely SSD (Shared

Secret Data) Generation / Updation, Authentication and finally Encryption. The CDMA

networks make use of a cryptographic algorithm known as CAVE or Cellular Authentication

and Voice Encryption which is used in various stages of the procedure.

On the initiation of a SSD generation/update the Home Location Register/Authentication Centre

(HLR/AC) sends out a Random number RANDSSD (56 bits) as a challenge. The mobile takes

this RANDSSD value along with the ESN and A-key to generate the SSD pairs namely SSD_A

and SSD_B both 64 bits long.

The above is followed by a procedure known as Global Challenge. In this process the SSD_A

is further fed into the CAVE algorithm along with ESN and MIN and a random number known as

RAND (32 bits) which is now generated by the MSC. The result computed as Authentication

Signature (AUTHR) (18 bits) is sent back by the mobile to the network. The network too

would have calculated its own version of AUTHR which it uses to compare the result.



The network Base Station permits access to the mobile if the Authentication Signatures

matchand denies access if they do not. In the event of a mismatch the network may also

initiate a SSD update to generate a new pair of SSD_A and SSD_B and also in some cases

initiate a Unique Challenge to the mobile. Here it sends out a Unique Random number

RANDU (24 bits) to a particular mobile and receives a unique Authentication Signature

(AUTHU) (18 bits) from that

mobile. The Authentication Procedure is invoked during Registration, Origination, Page

Response or Data Burst Message.

How is Authentication Invoked [15]

When a mobile is trying to Register onto the network by sending a Registration message on the Access Channel

When a Mobile attempts to Originate a call by sending an Origination message on the Access Channel

When a Mobile is trying to Terminate a call by sending a Page Response message

on the Access Channel


RAND (32) IMSI_S1 (24)ESN (32) SSD_A (64)

AUTH_SIGNATURE-CAVE

AUTHR (18)


AUTH_SIGNATURE-CAVE

AUTHR (18)


AUTH_SIGNATURE-CAVE

AUTHR (18)

54


When a Mobile attempts to send a Data Burst message on the Access Channel

3.3.2 Spread Spectrum [15]

A technique in which the transmission bandwidth W and message bandwidth R are related as

W >> R

Counter intuitive

Achieves several desirable objectives for e.g. enhanced capacity

3.3.3 Types of Spread Spectrum Systems

1-Frequency Hopping

2-Direct Sequence

Frequency Hopping

Slow Frequency Hopping - multiple symbols per hop

Fast Frequency Hopping - multiple hops per symbol

Care is taken to avoid or minimize collisions of hops from different users



AUTH_SIGNATURE-CAVE

AUTHR (18)

55


3.3.3.1Frequency Hopping

Fig 1.11 Typical frequency-hopping waveform pattern

3.3.3.2 Direct Sequence

Fig 3.12 Transmitter side of system



3.3.4 Spreading Codes [15]

1- It is desired that each user’s transmitted signal appears noise like and random. Strictly

speaking, the signals should appear as Gaussian noise

2- Such signals must be constructed from a finite number of randomly preselected stored

parameters; to be realizable

3- The same signal must be generated at the receiver in perfect synchronization

4- We limit complexity by specifying only one bit per sample i.e. a binary sequence

IS-95 CDMA

1 Direct Sequence Spread Spectrum Signaling on Reverse and Forward Links

2 Each channel occupies 1.25 MHz

Reverse CH Forward CH

847.74 MHz 892.74 MHz

1-Fixed chip rate 1.2288 Mcps

3.3.4 Spreading Codes in IS-95 []15]

1 Orthogonal Walsh Codes

To separate channels from one another on forward link

Used for 64-ary orthogonal modulation on reverse link.

2 PN Codes

– Decimated version of long PN codes for scrambling on forward link

Long PN codes to identify users on reverse link

Short PN codes have different code phases for different base stations

Reverse Link Modulation


45 MHz


-The signal is spread by the short PN code modulation (since it is clocked at the same rate)

-Zero offset code phases of the short PN code are used for all mobiles

-The long code PN sequence has a user distinct phase offset.

3.3.6 Characteristics Of The Different Algorithms in CDMA

3.3.6.1 The cellular authentication and voice Encryption (CAVE) [12]

The cellular authentication and voice encryption (CAVE) security system used in ANSI-41 net words supporting

analog, TDMA and CDMA systems is much more compels. The wireless device's private key is shared only by the

wireless device and the home system, but the serving system is sent SSD, a secondary key (i.e. one that is derived from

the primary key), rather than just a list of challenge response pairs. This enables the serving system to securely

authenticate the wireless device any number of times without the overhead of further communication with the home

system. This flexibility and efficiency does, however, require the same algorithm (CAVE) be used by all system. If a

major loss of keys occurred it would be possible to update the valid wireless devices with a new SSD over the radio

interface, but a serious breach of the CAVE algorithm would not be easily rectified

CAVE id use

1. To generate A-Key Checksum.

2. To generate the SSD

3. To generate the CMEA Key an VPM

Fig 3.14 SAVE diagrammatically

3.3.6.2 Cellular Message Encryption Algorithm (CMEA) key (64 bit) [12]



The CMEA key is used with the (ECMEA) algorithm for protection of digital data exchanged between the mobile

station and the base station. Note that CMEA is not used to protect voice communications. Instead, it is intended to

protect sensitive control data, such as the digits dialed by the cell phone user. A successful break of dialed (all KTMF

tones) by the remote endpoint and alphanumeric personal pages received by the cell phone user. Finally, compromise

of the control channel contents could lead to any congenital data the user types on the keypad: calling card PIN

numbers may be an especially widespread concern, and credit card numbers, bank account numbers, and voicemail PIN

numbers are also at risk.

A description of CMEA

We describe the CMEA speci_cation fully here for reference. CMEA is a byte oriented variable-width block cipher

with a 64 bit key. Block sizes may be any number of bytes; with the block size potentially varying without any key

changes. CMEA is quite simple, and appears to be optimized for 7-bit microprocessors with severe resource

limitations. CMEA consists of three layers. Performs one non-linear, un keyed operation if tended to make changes

propagate in the opposite direction. One can think of the second step as (roughly speaking) XORing the right half of the

block from left to right; in fact, it is the inverse of the first layer.

Fig 3.15 the CMEA key

3.3.6.3 SSD –Shared Secret Data [12]



The SSD (Shared Secret Data)

1 A 128 bit number that is stored in the semi-permanent memory of the mobile.

2 Is a temporary number that is updated during SSD updates.

3-SSD is divided into two parts, SSD_A (64 bits) and SSD_B (64 bits) which is used to generate the session keys for

Voice, data and Signaling messages

4- The SSD is calculated simultaneously by both MS and AC

5- The SSD can be shared with the VLR

Fig 3.13 SSD update

3.3.6.4 The data key (32 bit) and the ORYX algorithm [12]

A separate data key, and an encryption algorithm called ORYX, is used by the mobile and the network to encrypt data

traffic on the CDMA channels.

ORYX is a simple stream cipher based on binary linear feedback shift registers (LFSRs) that has been proposed for use

in North American digital cellular systems to protect cellular data transmissions. The cipher ORYX is used as a key

stream generator. The output of the generator is a random-looking sequence of bytes. Encryption is performed by

XORing the key steam bytes with the data bytes to form cipher text. Decryption is performed by XORing the key steam

bytes with the cipher text to recover the plaintext. Hence known plaintext-cipher text pairs can be used to recover



segments of the key steam. In this paper, the security of ORYX is examined with respect to a known plaintext attack

conducted under the assume piton that the cryptanalyst knows the complete LFSRs. For this attack, we assume that the

compete structure of the cipher, including the LFSR feedback functions, is known to the cryptanalyst. The key is only

the initial states of the three 32 bit LFSRs: a total key size of 96 bits. there is a complicated key schedule which

decreases the total key space to something easily searchable using brute-force techniques; this reduces the key size to

32 bits for export. However, ORYX is apparently intended to be strong

Algorithm when used with a better key schedule that provides a full 96 bits of entropy. The attack proposed in this

paper makes no use of the key schedule and is

Applicable to ORYX whichever key schedule is use. Show the fig

Fig 3.16 the data key

3.3.6.5 Private long mask (PLM) [12]

CDMA system is the 42-bit PN (pseudo Random Noise) Sequence called "long code" to scramble voice and data . On

forward link (network to mobile) , data is scrambled at a rate 19-2 KSPS ( kilo symbols per second ) and on the reverse

link, data is scrambled at a rate 1.2288 MCPS(mega chips per second).



Fig 3.17 the PLM

3.3.8 Conclusion

The GSM security model is broken on many levels and is thus vulnerable to numerous attacks targeted different parts

of an operator’s network. Assuming that the security algorithms were not broken, the GSM architecture would still be

vulnerable to attacks targeting the operators backbone network or HLR and to various social engineering scenarios in

which the attacker bribes an employee of the operator, etc. further more , the secretly designed security algorithms

incorporated in to the GSM system have been proven faulty . The A5 algorithm used for encrypting over-the-air

transmission channel is vulnerable against known-plain-text and divide –and conquer attacks and intentionally reduced

key space is small enough to make a brute- force attack feasible as will . The COMP 128 algorithm used in most GSM

networks as the A3\A8has been proved faulty so that is secret key Ki can be reverse engineered over – the –air

through a chosen challenge attacks in approximately ten hours . All this means that if some body wants to intercept a

GSM call, he can do so. It cannot be assumed that the GSM security model provides any kind of security against a

dedicated attacker. The required resources depend on the attack chosen .Thus, one over the GSM network. The security

of GPRS networks depend upon the A3, A5 and A8 algorithms used by the GSM system to authenticate the user and

the base station and cipher all data and voice traffic between them .While on the surface GPRS seems to be secure

many security holes have been discovered .The smartcard used in GSM system uses an authentication system in which

a challenge response is performed with the mobile units ESN (electronic serial number). The encoding used in this

challenge response scheme has been shown to be vulnerable and smartcards can be thus cloned. The A5 cipher is used

to encrypt all the data communications. Researchers believe that A5 is not as strong as 114 bit key length but can be

broken using hardware based cryptanalysis .however such attacks are not prevalent as the importance of user data

transmitted by GPRS networks is stile quite small. The CDMA systems are believed to more secure than GPRS



networks, mainly due to the nature of the radio frequency signaling, while it is possible to listen in on a GPRS

transmission using TDMA receivers, such is not possible with CDMA. A CDMA receiver has to be coded with the

correct 64 bit code to be receive a channel of CDMA traffic and without This code , or with the wrong code ,the

received signal is noise ,A brute force attack to find correct code is not feasible . The code is exchanged between the

sender and receiver at the handshake , which happens over an encrypted channel. IN spite of the difficulty in 'tuning '

into CDMA transmission , the data (or voice ) transmission is further encrypted . This double layer of ciphering makes

CDMA security possibly quit strong . All cellular networks however vulnerable to location finding by triangulation or

directional antennas .that is , an attacker can find the location of mobile station with the use of the radio monitoring

equipment , This dose not compromise the privacy of the data , but the privacy of the operators location , In our

simulation we faced some difficulties in 3rd G security because it is new system and it is not applied more and

encryption and functions content still secrecy . We also found the algorithms in GSM as not complex as algorithms in

CDMA . in the end our advice to who wants to extend in this filed to concentrate in the algorithms and function and

their functionalities in the new system like CDMA .

3.3.9 Recommendations

In the project we are working hard to research in the Security and encryption in GSM, GPRS & CDMA system. But we

denote a recommendation to the researchers in this project to make this project complete.

A recommendation are :

1- they should be research in the new algorithm which are updated by the companies. Such as A5 algorithm , we are

researching about A5/1 and A5/2 algorithms but now there is new algorithm called A5/3 in the 3G system.

2- the project miss to making simulation in the security and Encryption in the CDMA system to gives a realty to the

project .

3- they should be research in the structure of the algorithm and architecture of the devices and chips which has

Encryption system.

4- they should be research about a way to generate a codes in CDMA system .such as PN code and Walsh code.



Chapter 4

Simulation for Security and Encryption

4.1. Introduction:

This project talks about the security and Encryption in cellular system so we should need to make simulate for a

security and Encryption for this system. And we will provide simple simulate in this project about the security and

Encryption in GSM system and specifically an Encryption via algorithms A5 , A8and A3.And we will provide a

program via language of the programming language the visual basic a program to simulate the Encryption and

Security . this program is not simulate an Encryption in all sides but its simulate the important side Message Encryption

and user Authentication .this program also simulate the security by make the domain for the user (specific rang) so any

user out of this domain can not allowed to access this system and each user in this domain can access a system by given

each user the special code. This program generates the random code for all users in the domain. A program is contain

two primary part, first the transmission part .second one the receiving part, and we well describe every part of them.

4.2. Purpose:

The purpose of the program is to illustrating more the ideas in the project for the readers and making simulation to be

closer to the realty.

4.3. Program operations:

4.3.1 Message encryption:

This program encrypts the messages and decrypts it also and we will describe the tow operations :

4.3.1.1 In transmission part or(message encryption)

Message Encryption defines by pair of data transformation .the way of Message Encryption operation when the user

send a message to an other user the message will Encrypt by converting every letter in the message to the ASCII code

and adding shift 128 bit to each letter, then the new result from the last converting , will be converting to the different

code such as

( }?>{ ).

4.3.1.2 In the receiving part or ( message decryption )



the receiving message will be like codes in the receiving part, but the program will convert these codes to the origin by

converting a code to the number and subtract 128 bit from the number to be ASCII code ,and convert the ASCII to the

letter , the converting of ASCII depending on the table of letter

START

input(message)

S= NO. of message

Codemessage=Ascii(message)

Print(asc(message))

Ourcode= code message +function

Print message

END

Fig 4.1 algorithm of message encryption

4.3.2 User Authentication

In this section a program simulates the Authentication for users to make a system very secure and private .the steps of

Authentication operation are:

First the users should be enter the size or capacity of the domain by entering the first mobile number and the last

mobile number , Next u can chose any number between the first NO and last No for example first NO 733333333 and

last NO 733334333 , the authorized user is between these numbers. Finally the program will generates the random for

all authorized users, after that



Fig 4.2 algorithm for user Authentication

4.4.Program code :

4.4.2 Code of program

Private Sub Command1_Click()

Dim OurCodeMyString(200), CodeMyString(200), MyString(200) As String

Dim CodeStringPrint As String

Dim J, I, S, U As Integer

S = Len(Text1.Text)

متغير في الرسالة حروف تخزين

For U = 1 To S

MyString(U) = Mid$(Text1.Text, U, 1)



Next U

االصلية للرسالة األسكي قيم على الحصول

For I = 1 To S

CodeMyString(I) = Asc(MyString(I))

Next

االصلية للرسالة األسكي لطباعة

Text2.Text = ""

For I = 1 To S

Text2.Text = Text2.Text & CodeMyString(I) & ", "

Next I

االصلية للرسالة تشفيراألسكي عملية سيتم

من اقل قيمتة الذي األسكي من 128حيث اكبر 128تجعلة

من أكبر قيمتة الذي من 128واألسكي أصغر 128تجعلة

For J = 1 To S

If CodeMyString(J) < 128 Then

OurCodeMyString(J) = CodeMyString(J) + 128

Else

OurCodeMyString(J) = CodeMyString(J) - 128

End If

Next J

الجديد التشفير وضع مع األصلية الرسالة طباعة سيتم

Text3.Text = ""

For J = 1 To S

Text3.Text = Text3.Text & OurCodeMyString(J) & ", "



Next J

باالحرف المشفرة الرسالة طباعة سيتم

Text4.Text = ""

For J = 1 To S

Text4.Text = Text4.Text & Chr(OurCodeMyString(J))

Next J

End Sub


NewMobileNo = 322222221

'First Code No. =322222221

' Last Code No. =322223222

Text7.Text = NewMobileNo

Text8.Text = NewMobileNo + (Val(Text6.Text) - Val(Text5.Text))

End Sub


Form2.Show 1

End Sub


End

End Sub


x = InputBox("enter N.")

If x < Val(Text5.Text) Then



MsgBox "Error, x is smaller "

ElseIf x > Val(Text6.Text) Then

MsgBox "Error, x is Higher "

Else

choise = x - Val(Text5.Text) + 322222221

MsgBox choise

End If

End Sub


MsgBox "That project was Prepared by:" & Chr(13) & "Ammar Ahmed Naji" & Chr(13) & "Mohammed Ali Al-

Mashraei" & Chr(13) & "Mohammed Qasem Saleh" & Chr(13) & "15-6-2006AM"

End Sub

Show of program interface



4.5. Conclusion

this program simulates the Authentication and message Encryption by the simple way .

we are recommending any researchers in the security and Encryption to providing a program which simulate the

security and Encryption in the CDMA system and any application of the algorithms in this system




1G 2G 3G 3GPP 8PSK AAAL AAL2 AAL5 Abis ACAESAKAALCAP ALCAPAMPS AMR ANSI T1ARIB/TTC ASN.1 ATM AuC BEC BMCBSC BSS BTS CAMEL CAPCATTCAVE CBR CC CCITT

CCS7 CDMACDMA2000 CMEA CN CRNC

First Generation (Mobile Communications)Second Generation (Mobile Communications)Third Generation (Mobile Communications)Third Generation Partnership Project (of ETSI)Eight phase Shift KeyingA interfaceATM Adaptive LayerATM Adaptation Layer Type 2ATM Adaptation Layer Type 5Abis interfaceAuthentication CenterAdvanced Encryption StandardAuthentication and Key AgreementAccess Link Control Application PartAdvanced Mobile Phone ServiceAdaptive Multi-Rate (speech codec)Standards Committee T1 Telecommunication of theAmerican National Standards InstituteAssociation of Radio Industries andBusiness/Telecommunication Technology CommitteeAbstract Syntax Notation OneAsynchronous Transfer ModeAuthentication CenterBackward Error CorrectionBroadcast/Multicast ControlBase Station ControllerBase Station SubsystemBase Transceiver StationCustomized Application for Mobile Enhanced LogicCAMEL Application PartChina Academy of Telecommunication TechnologyCellular Authentication and Voice EncryptionConstant Bit Rate (data stream)Call ControlComité Consultative International Téléphonique etTelecommunicationCommon Control Signaling System No 7Code Division Multiple Access3rd Generation Code Division Multiple AccessCellular Message Encryption AlgorithmCore NetworkControlling RNC (Radio Network Controller)

Abbreviations



CSCS-CN CSE CT D-AMPS DCH DECT DL DPC DRNC DRNS DTE EDGE EFR EIR ESEESN ETSI FDD FDMA FEC FER GGSN GMMGMSC GMSK GPRS GSM GSM-R GSMSCFGSMSSF GTP GTP-C GTP-U HLR HO/HoV HSCSD ICOIDC IETF

Circuit SwitchedCircuit Switched Core NetworkCAMEL Service EnvironmentConformance TestDigital AMPSDedicated ChannelDigital Enhanced Cordless TelephoneDownlinkDestination Point CodeDrift Radio Network ControllerDrift Radio Network SubsystemData Terminal EquipmentEnhanced Data Rates for GSM EvolutionEnhanced Full Rate (speech codec)Equipment Identity RegisterEmulation Scenario EditorElectronic Serial NumberEuropean Telecommunication Standards InstituteFrequency Division DuplexFrequency Division Multiple AccessForward Error CorrectionFrame Error RateGateway GPRS Support NodeGPRS Mobility Management (protocols)Gateway MSCGaussian Minimum Shift KeyingGeneral Packet Radio ServiceGlobal System for Mobile CommunicationGSM RailwayGSM Service Control FunctionGSM Service Switching FunctionGPRS Tunneling ProtocolGTP ControlGTP UserHome Location RegisterHandoverHigh Speed Circuit Switched DataIntermediate Circular OrbitsInternational Data CorporationInternet Engineering Task Force



IMEI IMT-2000 IMUN IN IP IPv4 IPv6 IS-95 ISDN ISP ISUP ITU ITUN Iu Iub Iu-CS

Iu-PS

Iur IUT IWF Kbps LLC Relay MAC MAP Mbps MBS MC MC-CDMAMCE MDTP ME MM MSC

MSS MTMTPMTP3b

International Mobile Equipment IdentificationInternational Mobile Telecommunications 2000International Mobile User NumberIntelligent NetworkInternet ProtocolIP version 4IP version 6Interim Standard ´95Integrated Services Digital NetworkInternet Service ProviderISDN User PartInternational Telecommunication UnionSS7 ISUP TunnelingUTRAN interface between RNC and CNUTRAN interface between Node B and RNCUTRAN interface between RNC and the circuit switcheddomain of the CNUTRAN interface between RNC and the packet switcheddomain of the CNUTRAN interface between two RNCsImplementation Under TestInterworking Functionkilobits per secondLogical Link Control - RelayMedium Access ControlMobile Application PartMegabits per secondMessage Building SystemMulti-CarrierMulti-Carrier CDMAMulti-protocol EncapsulationMulti Network Datagram Transmission ProtocolMobile EquipmentMobility Management (protocols)Mobile Services Switching Center, Message SequenceChartMobile Satellite SystemMobile TelephoneMessage Transfer PartMessage Transfer Part level 3 (broadband) for Q.2140



NAS NBAP NE NMT NNI Node B NRT NSS O&M OMC OSA OSSOTASP PDC PDCP PDH PDNPDU PLMN PMR PS PS-CN PSTN QoS QPSK

RABRAN RANAPRANDRLC RLP RNC RNS RNSAP RNTI RR RRC RRM RTT SAAL SCCP

Non-Access StratumNode B Application ProtocolNetwork ElementsNordic Mobile TelephoneNetwork-Node InterfaceUMTS Base StationNon-Real TimeNetwork Switching SubsystemOperation and Maintenance Operation and Maintenance CenterOpen Service ArchitectureOperation SubsystemOver The Air Service ProvisioningPersonal Digital CommunicationPacket Data Convergence ProtocolPlesiochronous Digital HierarchyPacket Data NetworkProtocol Data UnitPublic Land Mobile NetworkPrivate Mobile RadioPacket SwitchedPublic Switched Core NetworkPublic Switched Telephone NetworkQuality of Service (ATM network channels)Quadrate Phase Shift Keying (or, Quaternary PhaseShift Keying)Radio Access BearerRadio Access NetworkRadio Access Network Application PartRandom challengeRadio Link ControlRadio Link ProtocolRadio Network ControllerRadio Network SubsystemRadio Network Subsystem Application PartRadio Network Temporary IdentityRadio ResourceRadio Resource ControlRadio Resource ManagementRadio Transmission TechnologySignaling ATM Adaptation LayerSignaling Connection Control Part



SCTP SDH SDO SGSN SIM SM SRNC SRNS SS7 SSCOPSSD SSF STC STM1 SUT SW TACS TC TD-CDMA TDD TDMA TD-SCDMA TEID TETRA TIA TN-CP TPC TRAU TS TTA U MSC

U MSC-CS U MSC-PS U SIM U SSD UBR UDP UE UICC

Simple Control Transmission ProtocolSynchronous Digital HierarchyStandard Developing OrganizationServing GPRS Support NodeSubscriber Identity ModuleSession Management protocolsServing Radio Network ControllerServing Radio Network Subsystem=CCS7 (Common Control Signaling System No. 7)Service Specific Connection Oriented ProtocolShared Secret DataService Switching FunctionSignaling Transport ConverterSynchronous Transport Module - level 1System under TestSoftwareTotal Access Communication SystemTranscoderTime Division-Code Division Multiple AccessTime Division DuplexTime Division Multiple AccessTime Division - Synchronous CDMATunneling Endpoint IDTErrestrial Trunked Radio AccessTelecommunications Industry AssociationTransport Network-Control PlaneTransmission Power ControlTranscoder and Rate Adaptation UnitTechnical SpecificationTelecommunications Technology AssociationU MSC Mobile Switching Center (the integration of theMSC and the SGSN in one physical entity (UMTS+MSC = UMSC)U MSC Circuit SwitchedU MSC Packed SwitchedUMTS Subscriber Interface ModuleUnstructured Supplementary Service DataUnspecified Bit Rate (data stream)User Datagram ProtocolUser EquipmentUMTS IC Card



UL Um UMTS UNI UP USIM UTRA UTRAN Uu UWC-136 VBR VHE VLR VMSC W-CDMA WLL

UplinkGSM Air InterfaceUniversal Mobile Telecommunication SystemUser-Network InterfaceUser PlaneUMTS Subscriber Identity ModuleUMTS Terrestrial Radio AccessUMTS Terrestrial Radio Access NetworkUMTS Air interfaceUniversal Wireless CommunicationVariable Bit Rate (data stream)Virtual Home EnvironmentVisitor Location RegisterVisited MSCWide band Code Division Multiple AccessWireless Local Loop


References

[1]-M. Rahnema, “Overview of the GSM System and Protocol Architecture

[2]- j. Scourias “over view of the Global system gor mobile communication

[3]- Vijay k. Garg Joseph E. Wilkes “ Principles & application of GSM”

[4]- A. long-Garcia and l.wadjaja, “communication networks: fundamental concepts and key architecture “

[5]. Greg Rose, Qualcomm Inc., Australia. “Authentication and Security in Mobile Phones “

[6]. Frank Quick “Security in CDMA Wireless Systems”, Qualcomm Inc., February 1997

[7]. Mullaguru Naidu” Security Aspects of Mobile Wireless Networks,” , July 2002.

[8]. Geir Stian Bjaen and Erling Kaasin , “Security in GPRS “, Grimstad, may 2001.

[9]. Vijaya Chandran Ramasami , Kuid 698659, “security ,authentication and access control for

mobile communication”

[10]M. Rahnema, “Overview of the GSM System and Protocol Architecture”, IEEE Communication Magazine, April

1993

[11]- L. Pesonen, “GSM Interception”, November 1999

[12]- Amit Balani” Authentication and Encryption in CDMA SYSTEM “

[13]- Prof. Sridhar Iyer “Session 6 CDMA “ IIT Bombay

[14]- Mullaguru Naidu” Security Aspect of mobile wireless Network", ,july 1997

[15]- Pages

www.cdg.organdwww.Qualcomm.com

GSM Association, http://www.gsmworld.com

GSM World (www.gsmworld.com)

GSM Association, http://www.gsmworld.com

http://www.research.att.com/~janos/3gpp.html


http://www.Qualcomm.com/

http://www.cdg.org/

Date post:	16-Nov-2014
Category:	Documents
Upload:	binsalah
View:	129 times
Download:	2 times

Security & Encryption in GSM , GPRS & CDMA

Documents