Page 35 - From GMS to LTE
P. 35

Global System for Mobile Communications (GSM)  21

                        Figure 1.14  Creation of a signed response (SRES).  Ki
                                                                         A3       SRES
                                                             RAND


                For many operations in the network, for instance, during the establishment of a call,
               the subscriber is identified by use of this key. Thus, it can be ensured that the  subscriber’s
               identity is not misused by a third party. Figure  1.15 shows how the authentication
                 process is performed.
                The authentication process, as shown in Figure 1.16, is initiated when a subscriber
               establishes a signaling connection with the network before the actual request (e.g. call
               establishment request) is sent. In the first step of the process, the MSC requests an
               authentication triplet from the HLR/AuC. The AuC retrieves the Ki of the subscriber
               and the authentication algorithm (A3 algorithm) based on the IMSI of the subscriber
               that is part of the message from the MSC. The Ki is then used together with the A3
               algorithm and a random number to generate the authentication triplet, which contains
               the following values:
                 RAND: A 128‐bit random number.
               ●
                 SRES: The signed response (SRES) is generated by using Ki, RAND and the A3
               ●
                authentication algorithm, and has a length of 32 bits (see Figure 1.14).
                 Kc: The ciphering key, Kc, is also generated by using Ki and RAND. It is used for the
               ●
                ciphering of the connection once the authentication has been performed successfully.
                Further information on this topic can be found in Section 1.7.7.
                RAND, SRES and Kc are then returned to the MSC, which then performs authentication
               of the subscriber. It is important to note that the secret Ki key never leaves the AuC.


               Extract of a decoded authentication request message
               SCCP MSG: Data Form 1
               DEST. REF ID: 0B 02 00
               DTAP MSG LENGTH: 19
               PROTOCOL DISC.: Mobility Management
               DTAP MM MSG: Auth. Request
               Ciphering Key Seq.: 0
               RAND in hex: 12 27 33 49 11 00 98 45 87 49 12 51 22 89 18 81
               (16 B = 128 bit)
               Extract of a decoded authentication response message
               SCCP MSG: Data Form 1
               DEST. REF ID: 00 25 FE
               DTAP MSG LENGTH: 6
               PROTOCOL DISC.: Mobility Management
               DTAP MM MSG: Auth. Response
               SRES in hex: 37 21 77 61 (4 B = 32 bit)
               Figure 1.15  Message flow during the authentication of a subscriber.
   30   31   32   33   34   35   36   37   38   39   40