GSM cellular phone

GSM Handset

The system elements responsible for the security of the GSM cellular phone conversation are:

 * SIM,

 * GSM Handset

 * GSM Network.

SIM: Contains International Mobile Subscriber Identity (IMSI) individual subscriber authentication key (ki) ciphering key generating algorithm (A8), authentication algorithm (A3), Personal Identification Number (PIN).

GSM Handset: Contains Ciphering Algorithm (A5).  In the GSM network are the encryption algorithm (A5, A3, A8).  A further securing of information is distributed among the HLR, VLR and the AUC, which is responsible for sets of rand, sres and kc stored in the HLR and VLR for authentication and encryption processes. 



When a new subscription is registered in GSM the mobile is given a subscriber authentication key (ki) and a telephone number or International Mobile Subscriber Identity (IMSI), which the network uses to identify the mobile. Subscriber Identity confidentiality means that the operator tries to protect the user’s telephone number from unauthorized tapping, such that information is disclosed only to those who are authorized to view it.  A Temporary Mobile Subscriber Identity (TMSI) in the GSM is used in the dialogue between the mobile and the network. The aim of Subscriber Identity Confidentiality is to provide anonymity such that it is not easy to identify the user of the system.  After the authentication and encryption have taken place, the temporary mobile subscriber identity is then sent to mobile station (MS) for confirmation of reception. Any information that allows an eavesdropper to derive the IMSI is not transmitted in, therefore the signaling elements that convey information about the IMSI are enciphered.  In this work, it is necessary to check the equipment identity whereby the network is able to identity all mobile devices accessing the network. 

Secret key cryptographic algorithm provides confidentiality while protection against modification provides authentication of data’s



This service consists of three elements that are provided using the same encryption mechanism. They are:

 * User data confidentiality and signaling information on physical connections: it provides privacy of all user-generated data both voice and non-voice transferred over the radio path on traffic channels.

 * Connectionless users data confidentiality: provides for privacy user data transferred in packet mode over the radio path on a dedicated signaling channels.

 * Signaling information element confidentiality: provides for privacy of certain user related signaling elements transferred over the radio path on dedicated signaling channels. Encrypted voice and data communication between the MS and the network is achieved through the ciphering algorithm A5. The A5 algorithm produces a key stream under control of a cipher key kc.In addition to the SRES, the AUC calculated an Encryption key (kc) based on ki and rand, the MS calculates a kc value based on the rand value received during authentication process and on the ki value stored in the base station via BSC for encryption/decryption purposes.

The BSC send a “test signal” (encryption mode command) to the MS. In response, the MS generates an encrypted signal (encryption mode complete) once it is interpreted by the BSC, the signaling and communication is continued and is thus encrypted. Authentication and response messages are repeated under the control of timers to cope with possible transmission error or loss.



Subscriber identity confidentiality is achieved using the temporary mobile subscriber identity (TMSI) mechanism, which is securely updated after each successful access to the system. When authentication and encryption processes have taken places the TMSI is sent to the MS for confirmation of its reception. Note that the IMSI or any information that allows an eavesdropper to derive the IMSI is not transmitted in, clear in any signaling message on the radio path except at registration. Hence, the signaling elements that convey information about the IMSI are enciphered.