Sunday, 11 March 2018

Authentication Center (AUC) Works In GSM


How Authentication Center (AUC) Works In GSM
When we talk about Mobile Business then its worst useful without authentication means to make Network as business all user required to be authenticate lets understand how authentication done in gsm.
Authentication Center (AUC)
The AUC is a processor system, it performs the “authentication” function. It will normally be co-located with the Home Location Register (HLR) as it will be required to continuously access and update, as necessary, the system subscriber records.
The AUC/HLR centre can be co-located with the MSC or located remote from the MSC. The authentication process will usually take place each time the subscriber “initializes” on the system.

Authentication Process
To discuss the authentication process we will assume that the VLR has all the information required to perform that authentication process (Kc, SRES and RAND). If this information is unavailable, then the VLR would request it from the HLR/AUC.
1. Triples (Kc, SRES and RAND) are stored at the VLR.
2. The VLR sends RAND via the MSC and BSS, to the MS (unencrypted).
3. The MS, using the A3 and A8 algorithms and the parameter Ki stored on the MS SIM card, together with the received RAND from the VLR, calculates the values of SRES and Kc.
4. The MS sends SRES unencrypted to the VLR
5. Within the VLR the value of SRES is compared with the SRES received from the mobile. If the two values match, then the authentication is successful.
6. If cyphering is to be used, Kc from the assigned triple is passed to the BTS.
7. The mobile calculates Kc from the RAND and A8 and Ki on the SIM.
8. Using Kc, A5 and the GSM hyperframe number, encryption between the MS and the BSS can now occur over the air interface.
Note: The triples are generated at the AUC by:
·         RAND = Randomly generated number.
·         SRES = Derived from A3 (RAND, Ki).
·         Kc = Derived from A8 (RAND, Ki).
·         A3 = From 1 of 16 possible algorithms defined on allocation of IMSI and creation of SIM card.
·         A8 = From 1 of 16 possible algorithms defined on allocation of IMSI and creation of SIM card.
·         Ki = Authentication key, assigned at random together with the versions of A3 and A8.
The first time a subscriber attempts to make a call, the full authentication process takes place.
However, for subsequent calls attempted within a given system control time period, or within a single system provider’s network, authentication may not be necessary, as the data generated during the first authentication will still be available.
GSM Security:-

          Ki = Authentication key (32 hex digits)
           RAND = Random Number
           SRES = Signed Response
           Kc = Ciphering key

           A3 and A8 = algorithms
           Authentication Triplet = RAND + SRES + Kc

Authentication:-

           Authentication Triplet is sent from AUC to VLR
           RAND is sent to MS
           MS generates SRES with Ki and A3 algorithm
           SRES is sent to VLR
           VLR compares the two SRES, if identical => ok


Ciphering:-

           Kc is sent to BTS
           MS generates Kc with Ki and A8 algorithm
           The speech is ciphered with Kc and A5
           Prevents eavesdropping

Comments are most Welcomed,

Telecom Champ Team
telecomchamp@gmail.com

No comments:

Post a Comment

5G Network Funcntion :- UDM

The 5G UDM, or User Data Management, is a critical component in 5G (fifth-generation) wireless networks. It plays a key role in managing use...

Popular Post