Page 36 - From GMS to LTE
P. 36

22  From GSM to LTE-Advanced Pro and 5G

            SIM/Mobile device                 MSC                       HLR/AuC


                       Connection establishment
                 (e.g. location update or call establishment)
                                                 MAP: Send authentication triplets
                                                 (IMSI)
                                                  Send authentication triplets ack.
                     DTAP: Authentication request  (RAND, SRES, Kc)
                     (RAND)

                     DTAP: Authentication response
                     (SRES*)


                                          SRES* = SRES?


                       Connection is maintained,                              t
                        activation of ciphering


            Figure 1.16  Authentication between network and mobile device.

             To speed up subsequent connection establishments, the AuC usually returns several
            authentication triplets per request. These are buffered by the MSC/VLR and are used
            during subsequent connection establishments.
             In the next step, the MSC sends the RAND inside an Authentication Request message to
            the mobile device. The mobile device forwards the RAND to the SIM card, which then uses
                                                                              *
            the Ki and the authentication A3 algorithm to generate a signed response (SRES ). The
                *
            SRES  is returned to the mobile device and then sent back to the MSC inside an Authentication
                                                              *
            Response message. The MSC then compares SRES and SRES , and if they are equal, the
            subscriber is authenticated and allowed to proceed with the communication.
             As the secret key, Ki, is not transmitted over any interface that could be eavesdropped
            on, it is not possible for a third party to correctly calculate an SRES. As a fresh random
                                                                                *
            number is used for the next authentication, it is also pointless to intercept the SRES  and
            use it for another authentication. A detailed description of the authentication proce-
            dure and many other procedures between the mobile device and the core network can
            be found in 3GPP TS 24.008 [14].
             Figure 1.16 shows some parts of an authentication request and an Authentication
            Response message. Apart from the format of RAND and SRES, it is also interesting
            to note the different protocols that are used to encapsulate the message (see
            Section 1.4.2).

            1.6.5  The Short Messaging Service Center (SMSC)
            Another important network element is the Short Messaging Service Center (SMSC),
            which is used to store and forward short messages. The SMS was only introduced about
            four years after the first GSM networks went into operation, as an add‐on, and has been
   31   32   33   34   35   36   37   38   39   40   41