The GSM system has many security features that are designed to provide a subscriber and network operator a greater level of protection against fraudulent activity. Authentication mechanisms ensure that only bona fide subscribers, with good equipment that is not stolen or is non-standard, will be granted access to the network. As soon as the connection has been established, the data in the communication line is transmitted in an encrypted form to avoid eavesdropping. Confidentiality of each subscriber is protected, his identity and location are protected. This is achieved by assigning each user a Temporary Mobile Subscriber Identity (TMSI), which is changed from call to call. Thus, it is not necessary to transmit the International Mobile Subscriber Identity (IMSI) via the radio interface, making it difficult to identify and locate the user by perpetrator.
The first and simplest level of protection against fraudulent use of your mobile phone is a personal identification number (PIN), which is designed to protect you against the fraudulent use of your stolen SIM cards. The PIN-code has the form of a four-to eight-digit numbers. The user may be able to disable this protection. Specifications also define the procedures to be followed when the PIN code is entered incorrectly. After three consecutive incorrect attempts to enter PIN-code, SIM card is blocked and further attempts to enter the PIN-code are ignored, even if the SIM card is removed from the maintenance entity. The SIM card can be unlocked by entering a code decimal code known as the PUK (Personal Unlock Key), which is also stored in the SIM card. After 10 wrong attempts of entering the PUK-code, SIM card will be blocked permanently.
The procedure of authentication is running under and on the initiative of the VLR. It uses the request/response scenario in which the VLR sends a special random number in MS RAND, which is one of the input parameters of the A3 algorithm used in SIM card to calculate response SRES value. Other A3 input parameter include secret Ki key, contained in the SIM card. Ki Key is not available for reading from SIM and it is one of the fundamental aspects of GSM security.
As soon as the subscriber’s identity has been verified, thus protecting subscriber and network operator from a fraudulent access, the user must be protected from eavesdropping. It is done by encrypting data transmitted over the radio interface, using the second Kc key and secret algorithm A5.
KC is generated during authentication, using Ki, RAND, and secret algorithm A8, which is also stored in the SIM card. Like the A3, A8 algorithm is not unique, and it can also be selected by the operator. Kc keys for each user are calculated by AuC home network and handed to the VLR as a set of triplets, where each triplet and, accordingly, the Kc key, CKSN number is assigned to. In some implementations, the A3 and A8 algorithms are combined into a single algorithm A38 that uses the RAND and Ki, to generate the Kc and SRES. In contrast to the A3 and A8, which may be different for each individual operator, A5 selected from the list of 7 options.
To learn more on the topic, use free sample research papers on GSM security and encryption.
Actually all free research paper samples and examples available online are 100% plagiarized! If you need a high-quality customized research paper on GSM Security and Encryption topics written from scratch, you can easily hire professional academic writers online:
Click here to read more about customized research papers here!
You will get a 100% non-plagiarized research paper about GSM Security and Encryption from SmartWritingService research paper writing service!