The present invention usage and need are deeply rooted in the security design of the Global System for Mobility (GSM) and its successors, the Universal Mobile Telephone System (UMTS) and the Long Term Evolution (LTE) wireless networks.
Description of GSM Security
Wireless GSM networks are very secure because they were designed with security in mind given the then (The original design for GSM was engineered over the period 1987 to 1991) bifurcation of Europe into the Eastern and Western blocs.
The first level of security is obfuscation of the user's identity by substituting a Temporary Mobile Subscriber Identity (TMSI) for the user's actual, unique identity, i.e. the IMSI. Thus, when a subscriber first powers up his GSM mobile in a network, where he has not been before his IMSI will be transmitted over the air interface in the clear, i.e. not encrypted, during the power up registration procedure. This will register this subscriber into the VLR of that network, whether it is his home network or not. Once in the network's VLR, the subscriber will be assigned a TMSI which will be used as his identifier for all subsequent network transactions. His TMSI will change as he moves about the geographic area of the network, but the VLR will always maintain this dynamic relationship between the TMSI and IMSI. The second level of security in GSM networks is the authentication process. All requests by the mobile for use of the network's resources will be challenged with an authentication process to verify that the subscriber is the subscriber he says he is, has permission to use the requested resources and is in good standing with the wireless carrier. The GSM authentication process requires the mobile to exchange data over the air interface. Early in this authentication process the network and the mobile exchange information to enable encryption of any subsequent data that is exchanged. The encryption algorithm utilized in the authentication process is generally the same across GSM networks worldwide but can be unique to specific GSM providers.
The third level of security in GSM networks occurs after a subscriber has been authenticated. Once authenticated, all over-the-air communications between the mobile and network will be encrypted to hide the subscriber's unique identity, i.e. IMSI, hide his network transactions and to prevent eavesdropping on the conversation. This encryption algorithm is universal across GSM networks worldwide which permits subscribers to “roam” on networks other than their home one. Although the level of security in GSM networks is significant it has been designed to prevent the interception of information over the air interface.
The GSM security algorithms A3, A5 and A8 are used to provide authentication and radio link privacy to users on a GSM network. Generally the Subscriber Identity Module (SIM) card based A3 and A8 algorithms are implemented together (known as the A3/A8 algorithm). The A3/A8 encryption algorithm output is used by the GSM network to both authenticate the user and to generate the key for encrypting voice traffic.
Both the base station (BS) and mobile station (MS) implement the A5 encryption algorithm. The A5 algorithm is designed to ensure user privacy by encrypting voice and data streams sent over the GSM radio link.
The 3GPP specification TS 55.205 “Specification of the GSM-MILENAGE Algorithms: An example algorithm set for the GSM Authentication and Key Generation functions A3 and A8” specifies an example, functional implementation of the GSM authentication and key generation algorithms A3 and A8.
GSM Call Flow Example
After an initial registration at a previous time by a mobile on its home network, a mobile will request network resources by communicating with the network with an uplink transmission on the Random Access (RACH) channel with a random identifier via the Aloha protocol. If the mobile is successful communicating with the wireless network the network will respond with a transmission on the downlink on the Access Grant (AGCH) channel providing information about the uplink stand alone dedicated control channel (SDCCH) instructing the mobile, identified by the random identifier the mobile provided on the uplink RACH, how to communicate with the network next. The mobile will transmit on the uplink SDCCH requesting network resources with a CM_Serv_Req message. This message will contain the temporary international mobile station identifier (TMSI) of the mobile that the network had previously assigned to the mobile when it registered. The network is now aware of the identity of the mobile because it had previously received the mobile's international mobile station identifier (IMSI) and assigned it a temporary one, i.e. the TMSI. In preparation for authenticating the mobile the BTS serving the mobile will receive a (RAND, SRES, Kc) vector from the HLR, via the MSC/VLR and BSC, for this particular mobile. The value of SRES is determined by the HLR utilizing RAND and the same A3 algorithm resident in the mobile's SIM. The value of the encryption key, Kc, results from the HLR utilizing RAND and the same A8 algorithm that the mobile utilizes and is in its SIM. The network authenticates the mobile by sending the mobile an authorization request on the downlink which will contain the random challenge RAND. The mobile will calculate SRES with RAND, cipher key Ki and the A3 algorithm in its SIM and transmit it back to the network on the uplink. If the value of SRES received from the mobile is identical to the value of SRES from the HLR/AuC the mobile is authenticated. The mobile will also calculate the encryption key, Kc, with the RAND the network provided, cipher key Ki and the same A8 algorithm in its SIM. The network will instruct the mobile to begin encrypting its transmissions with the encryption key Kc with a cipher mode command on the downlink. Similarly the network, specifically the BTS, will also encrypt its transmissions to the mobile with the same encryption key Kc. Soon after the ciphering process begins the network will assign the mobile to a traffic channel where a phone conversation can take place.