Thomas Kunz
Systems and Computer Engineering
38
Security in GSM
nSecurity services
–access control/authentication
nuser Õ SIM (Subscriber Identity Module): secret PIN (personal identification number)
nSIM Õ network: challenge response method
–confidentiality
nvoice and signaling encrypted on the wireless link (after successful authentication)
–anonymity
ntemporary identity TMSI
(Temporary Mobile Subscriber Identity)
nnewly assigned at each new location update (LUP)
nencrypted transmission
n3 algorithms specified in GSM
–A3 for authentication (“secret”, open interface)
–A5 for encryption (standardized)
–A8 for key generation (“secret”, open interface)
“secret”:
• A3 and A8 available via the Internet • network providers can use stronger mechanisms