A mobile communication network generally uses strong digital cryptographic mechanisms to authenticate a mobile station (MS) (handset device, laptop computer, or personal digital assistant (PDA)) before it can be permitted to operate in the network. It may also require the MS to encrypt voice and data traffic sent over the radio interface. Mechanisms such as Subscriber Identity Modules (SIM) cards and cellular authentication and voice encryption (CAVE) algorithm are used for GSM, CDMA or IDEN cell phones and other devices that operate in these networks. These mechanisms can also be used to authenticate these devices on private networks.
Cryptographic methods are used to authenticate a MS to the service provider's network and to encrypt voice and data traffic. ANSI-41 standards, which are used in IS-136 and IS-95 networks, use shared secret keys where the key is loaded into the mobile station and also kept at the authentication center associated with the home location register (HLR) of the mobile user's billing service provider. There are also mechanisms that allow these secret keys to be shared with the visitor location register (VLR) of a visited network. The VLR can be associated with the user's service provider or it can be owned by another service provider. Communication between the HLR and VLR usually occurs over packet switched Signaling System 7 (SS7) networks via the roaming arrangements between the carriers, if the home network and the visited network belong to different carriers. Otherwise, it occurs over the carrier's private internal data network.
The ANSI-41 mechanism to register a MS with a service provider uses the cellular authentication and voice encryption (CAVE) algorithm to produce an authentication result (AUTHR) to be sent to the authentication system of its HLR. The CAVE algorithm uses as inputs the equipment serial number (ESN) installed in the phone by the manufacturer, the mobile identification number (MIN) (in North America MIN is usually the phone number) installed at the time the device is sold and first brought into service on the service provider's network, the shared secret data (SSD) that are installed in the MS and also kept at the service provider's authentication center (AC) associated with the HLR, and a random number provided to the MS by the service provider. The AUTHR is received by the authentication center and if it matches the AUTHR that it computed using the CAVE algorithm with the same set of input parameters, the user is allowed to register with the service provider's network and use their mobile device.
There is also a mechanism to encrypt voice and data transmissions over the wireless channel. In this case in addition to using the CAVE algorithm to produce the AUTHR, the MS also uses the MIN, ESN, SSD and a random number from the carrier network to produce a voice privacy mask (VPMASK) and a signaling message encryption key (SMEKEY). The VPMASK and SMEKEY are also computed by the authentication center associated with the HLR and the results are compared with those of the MS. The VPMASK is used to encrypt voice over the radio channel between the MS and the nearest service provider system. The SMEKEY is used to encrypt certain fields of signaling messages between the MS and the nearest service provider system.
The authentication mechanism for GSM systems is similar to that of ANSI-41 systems except that GSM stores the secret key and the authentication algorithm in a subscriber identity module (SIM) smart card. The SIM is designed to be tamper-proof and contains data and algorithms that cannot be easily read out by a user.
To authenticate a user, the MS and HLR perform similar calculations using the same algorithm A3 and encryption variables Ki and a random number from the service provider's network to produce a signed result (SRES). The SRESs are compared and if they match, the MS is authenticated and admitted into the network. This comparison is typically performed by the serving Mobile Switching Center (MSC), though other devices along the path can also do this comparison. One of the outputs of another authentication algorithm A8 is an encryption key Kc that is fed into an encrypter and decrypter using algorithm A5 to encode the voice or data stream. Ki, A3, A5, and A8 are variables that are all contained in the SIM smart card.
A new class of devices that operate on public or private cellular networks using GSM, CDMA, or IDEN in one mode of operation and on public or private IEEE 802.11 wireless local area networks (LANs) in another mode of operation is being introduced.