GSM

 GSM (Global System for Mobile Communication)

 Introduction and Objectives.
 GSM Services.
 GSM System Architecture.
 GSM Radio Link.
 GSM Handover and types of handover
 GSM Channel Types.
 Localisation and Calling in GSM.
 Frame Structure of GSM.
 GSM Security.
 Protocol architecture for Signaling.
20-01-2021 1
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security [1]
 GSM provides security over unauthorized use of
services as well as for user data over air interface.
 The necessary passwords, algorithms, keys, etc are
stored in AuC as well as in MS.
 Security services offered by GSM are as follows:
 Access Control and Authentication,
 Confidentiality and
 Anonymity.
 AuC: Authentication Center
 AC: Access Control
 MS: Mobile Station, Device: Mobile phone equipment.
 20-01-2021
MS = Device + SIM; 2
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security
• First step includes the authentication of a valid
user to SIM.

• Second step includes authentication of a

subscriber by the GSM system.

• If these steps are done properly then user data

can be encrypted and user is provided the GSM
services to which it is subscribed for.
20-01-2021 3
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security
• GSM system uses 3 different algorithms namely
• Algorithm A3, (SIM)
• Algorithm A5 (Device) and
• Algorithm A8. (SIM)

• Care must be taken by all the SIM, device

manufacturer as well as service providers to follows
same algorithms

20-01-2021 4
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security
• Authentication:
 Before subscriber can access the services, he or she must be
authenticated.
 Authentication is based on SIM.
 Authentication key Ki is stored in SIM and not in MS. SIM
also stores TMSI, algorithm A3.
 Using Authentication key Ki and A3 user can be
authenticated by the system.
 This step is done to avoid any unauthorized access to the
device services as well as network services.
 Without entering a correct PIN, device and SIM cannot be
activated. (Hence, no question of unauthorized service
20-01-2021 access) 5
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security
• Authentication:
As soon as user enters a correct PIN, SIM card will be
activated and device is now ready to access the
services provided authentication of the subscriber to
the system is true.
SIM uses authentication key Ki (Identification Key)
with algorithm A3 to generate SRES (Signed
Response).
This is given to AC (Access Control) for verification.
This method is called as challenge-response method
of user identification.
20-01-2021 6
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security
• AC gives a random number as a challenge and SIM using PIN
responses to the challenge.
• A random number ‘RAND’ is generated by AC is given to MS
(when demanded).
• ‘RAND’ is available with AC as well as with MS.
• Authentication key is also available with AC and MS.
• Using algorithm A3, SIM as well as AC generates SRES.
• These two values are compared at MSC and if they found to be
true user is authenticated by the system. Now user can access the
services.
• Random number can be varied regularly to enhance security.

20-01-2021 7
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security

Ki RAND
RAND Ki

128 bits
128 bits
A3 AC

32 bits

SRES* SIM
A3
32 bit

MSC SRES = ?SRES* SRES

Air interface

20-01-2021 8
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security
• To ensure privacy, all messages containing user related
information are encrypted in GSM over air interface.

• The user information is encrypted using cipher key

generated by SIM.

• The cipher key Kc and using algorithm A5 user

information is encrypted over air interface.

• In encryption, mobile device plays a vital role as it stores

the necessary algorithm A5.

20-01-2021 9
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Security

Ki RAND RAND Ki

128 bits
128 bits
A8 AC A8 SIM

64 bits
64 bits
KC KC

BSS A5 A5
Device

Data Air interface

Data

20-01-2021 10
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Protocols
A
MS Um Abis MSC

CM BSC CM
BTS
MM MM
BSSAP
RR RR’
RR’ BTSM BTSM
BSSAP
SS7
LAPDm LAPDm LAPD LAPD SS7

radio radio PCM PCM PCM PCM

16/64Kbps 64 Kbps/ 2.048

Mbps

20-01-2021 11
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Protocols

Layer1: Physical Layer

Physical layer at Um interface uses GMSK for digital
modulation.
Functions
Creation and multiplexing of bursts
Detection of idle channels
Channel quality measurement
 Encryption/decryption of data
 Channel coding
 Error detection and correction
20-01-2021 12
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Protocols

Layer2: LAPDm protocol

Link Access Procedure for D channel

Reliable data transfer
Segmentation and reassembly of data frames
Flow control
Acknowledge of data transfer

20-01-2021 13
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Protocols

Layer3:Network layer
RR (Radio Resource Management):
Set up, maintenance and release of radio channels.
Higher layers:
MM (Mobility Management):
Registration, authentication, identification, location updates, reliable
connection for higher layers with the provision of TMSI.
CM (Call Management):
It contains three entities
• CC (Call control)- end to end connection establishment
• SMS (Short Message Service)
• SS (Supplementary Service)
20-01-2021 14
Radhika Gour, Asst. Prof., VNIT Nagpur
 GSM Protocols

Layer3:Network layer
RR (Radio Resource Management):
Set up, maintenance and release of radio channels.
Higher layers:
MM (Mobility Management):
Registration, authentication, identification, location updates, reliable
connection for higher layers with the provision of TMSI.
CM (Call Management):
It contains three entities
• CC (Call control)- end to end connection establishment
• SMS (Short Message Service)
• SS (Supplementary Service)
20-01-2021 15
Radhika Gour, Asst. Prof., VNIT Nagpur
 References

1. “Mobile Communication”, 2nd edition, Jochen Schiller, “Pearson

Education”.

16
20-01-2021 Radhika Gour, Asst. Prof., VNIT Nagpur