The present invention relates to a system and method for automatically selecting an encryption algorithm to comply with the requirements of a particular geographic jurisdiction, and more particularly to a system and method for selecting one of a plurality of encryption algorithms to implement on a Base Transceiver Station (BTS) based on the GSM Mobile Country Code parameter in the network's operating system software.
Public cellular communication networks (public land mobile networks) are commonly employed to provide voice and data communication to a plurality of subscribers drawn from the general population. For example, analog cellular radiotelephone systems, such as AMPS, ETACS, NMT-450, and NMT-900, have been deployed successfully throughout the world. Digital cellular radiotelephone systems such as IS-136 and IS-95 in North America, the Personal Digital Cellular (PDC) system in Japan and the pan-European GSM system have been introduced. Some of these systems, and others, are described, for example, in the book titled Cellular Radio Systems by Balston, et al., published by Artech House, Norwood, Mass., 1993.
Security, and particularly securing the communication channel between a remote terminal and a base station, is an issue common to all cellular networks, regardless of the channel access technique. Cellular communication systems employ security mechanisms to avoid cellular telephone fraud and to secure signaling and conversations from interception. The present invention relates to mechanisms for securing the communication channel between a remote terminal and a base station. While the present invention will be explained primarily with reference to GSM networks, principles of the present invention are fully applicable to networks that employ alternate channel access techniques, e.g., CDMA networks.
Referring to FIG. 1, there is illustrated a Public Land Mobile Network (PLMN), such as cellular network 10, in accordance with a GSM architecture. Cellular network 10 includes at least one, and preferably a plurality of areas 12, each with a Mobile Switching Center (MSC) 14 and an integrated Visitor Location Register (VLR) 16 therein. The MSC/VLR area 12, in turn, include a plurality of Location Areas (LA) 18, which are defined as that part of a given MSC/VLR area 12 in which a remote terminal 20 may move freely without having to send update location information to the MSC/VLR area 12 that controls LA 18. Each Location Area 12 is divided into a number of cells 22. Remote terminal 20 is the physical equipment, e.g., a car phone or other portable phone, used by mobile subscribers to communicate with the cellular network 10, each other and users outside the subscribed network, both wireline and wireless.
The MSC 14 is in communication with at least one Base Station Controller (BSC) 23, which, in turn, is in contact with at least one Base Transceiver Station (BTS) 24, which is the physical equipment, illustrated for simplicity as a radio tower, that provides radio coverage to the geographical area of the cell 22. It will be understood that the BSC 23 may be connected to several BTSs 24 and may be implemented as a stand-alone node or as integrated with the MSC 14. The BSC 23 and BTS 24 components are generally referred to as a Base Station System (BSS) 25.
Cellular network 10 includes a Home Location Register (HLR) 26, which is a database maintaining subscriber information, e.g., user profiles, current location information, International Mobile Subscriber Identity (IMSI) numbers, and other administrative information. The HLR 26 may be co-located with a given MSC 14, an integral part of the MSC 14 or service multiple MSCs 14.
The VLR 16 is a database containing information about all of the remote terminals 20 currently located within the MSC/VLR area 12. If a remote terminal 20 roams into a new MSC/VLR area 12, the VLR 16 connected to that MSC 14 will request data about that remote terminal 20 from the HLR database 26, and will inform the HLR 26 of the current location of the remote terminal 20. Accordingly, if a call is placed from the remote terminal 20, the local VLR 16 will have the information necessary to identify and authenticate remote terminal 20 without launching an inquiry to the HLR 26. In this manner, the VLR and HLR databases 16 and 26, respectively, contain various subscriber information associated with a given remote terminal 20.
Various security features of GSM networks are detailed in GSM Recommendations 02.09, “Security Aspects,” 02.17, “Subscriber Identity Modules,” 03.20, “Security Related Network Functions,” and 03.21, “Security Related Algorithms”. Security in GSM consists of the following aspects: subscriber identity authentication, subscriber identity confidentiality, signaling data confidentiality, and user data confidentiality. The present invention is primarily concerned with securing user data confidentiality, and particularly concerned with encryption algorithms for encrypting data transmitted across an air interface between a BTS and a remote terminal.
GSM networks encipher, i.e., encrypt, voice and data transmitted on the communication channel between a remote terminal and a BTS. Voice and data communications between a remote terminal and the network are encrypted through use of an encryption algorithm, referred to in GSM as A5. Encrypted communication is initiated by an encryption mode request command from the GSM network. Upon receipt of this command, the mobile station begins encryption and decryption of data using the A5 encryption algorithm and an encryption key (Kc). Presently, GSM offers two different A5 encryption algorithms: A5/1 and A5/2, which is a weaker version of the A5/1 algorithm.
Many countries consider encryption technology a matter of national security, and regulate the importation and exportation of encryption technology. Some governments forbid network operators from encrypting signals transmitted within their jurisdiction. Other governments permit a weak form of encryption (e.g., A5/2), but prohibit a strong form of encryption (e.g., A5/1). Many governments require communication equipment providers and network operators to certify, under penalty of law, that their equipment complies with the requirements.
Accommodating the various governmental restrictions on encryption technology raises technical issues for cellular network equipment providers and network operators. Equipment providers can produce different product configurations to comply with various different encryption restrictions imposed by different governments. However, this is an inefficient use of design, manufacturing, distribution, and training resources.
Accordingly, there is a need for network systems and methods that comply with the encryption restrictions of various different governments. To promote efficient use of resources, there is a need for network systems capable of implementing one of two or more different encryption algorithms, and automatically selecting one of the encryption algorithms, to comply with a governmental restriction.