0
562views
Security algorithms in GSM
1 Answer
0
3views

A consequence of international roaming is the exchange of information between providers in different countries. All countries have strict regulations against the export of encryption algorithms and thus GSM works around it. When a user tries to use his phone in say another country, the local networks request the HLR of the subscriber’s home network for the RAND, SRES and KC which is sufficient for authentication and encrypting data. Thus the local network does not need to know anything about the A3 or A8 algorithms stored in the SIM.

Authentication Algorithm A3 – It is operator dependent and is an operator option. The A3 algorithm is a oneway function. That means it is easy to compute the output parameter SRES by using the A3 algorithm but very complex to retrieve the input parameters (RAND and KI) from the output parameter. Remember the key to GSM’s security is keeping KIunknown. While it maysound odd that each operator may choose touse A3 independently, it was necessary tocover the case of international roaming.

Ciphering Algorithm A5 - Currently, there exists several implementations of this algorithm though the most commonly used ones are A5/0, A5/1 and A5/2. The reason for the different implementations is due to export restrictions of encryption technologies. A5/1 is the strongest version and is used widely in Western Europeand America, while the A5/2 is commonlyused in Asia. Countries under UN Sanctions and certain third world countries use the A5/0, which comes with no encryption.

Ciphering Key Generating Algorithm A8 – It is operator dependent. In most providers the A3 and A8 algorithms are combined intoa single hashfunction known as COMP128. The COMP128 creates KCand SRES, in a single instance.

Please log in to add an answer.