1. PURPOSE OF USING GSM SECURITY:-
As we know that security is the essential feature in any service. Hence, GSM network also follows certain level of security in the services which it provides. As we know that GSM uses radio communications for its mobile subscribers' this makes it a sensitive service for the persons who are unauthorized users and are accessing through the different mobile stations. These unauthorized users pretend that they are usual subscribers' and listen to the private conversations which are being exchanged on the radio paths.
Hence, there are mainly two security purposes which are kept in mind when it is concerned of the GSM network:-
First of all, to protect the Accessibility to the mobile services and secondly to prevent disclosure of any crucial information/data at the radio path to achieve the privacy regarding that particular data.
2. THE SECURITY FEATURES OF THE GSM SERVICES:-
There are several features of the GSM service for the security of its customers. Some features are stated below: ---
- Authentication is being provided to the registered customers only.
- The process of encryption is being used for secure data transfer.
- The identity of customer is being verified.
- The cellular phones are useless without a SIM card.
- A secret key Ki is being used to achieve authentication.
3. Representation of the GSM Security:-
GSM security is represented in two ways:-
The process of authentication is being provided is being categorized in to various stages which are stated below:-
- First of all an IMSI (International mobile subscriber Identity) is being send to the network by the mobile station.
- After that the IMSI is being received by the network and the KI corresponding to that IMSI is found.
- A 128 bit random number (RAND) gets generated by the corresponding network and is send to the mobile station through the medium of air.
- Through the use of the algorithm A3, the network (AuC) and the MS (SIM) use KI and RAND to produce a signed result (SRES).
- The SRES is being sent to the network by the MS.
- For the validity purpose network performs the testing on the received SRES.
The process of encryption gets started by ciphering mode request (i.e.: secretly executed request) command from the GSM network. After receiving the request the process of encryption and decryption of data gets performed by the mobile station. Different key stream is involved in the encryption of each frame over the air traffic. Different key stream is generated for each frame as the A5algorithm which is used to encrypt the data is initialised with the KC and the number of the frame to be executed resulting in the generation of different key stream.
The same KC gets executed as long as it does not get verified by the MSC (Mobile services switching Centre) through the MS(mobile station) which results in the generation of the new KC. The Authentication of MS is an optional process and is usually not performed in the beginning of a call. Hence it is assured that the KC will not get changed during a particular call. As it gets switched off IMSI (International mobile subscriber identity) gets stored by the mobile station on the SIM card to assure that is gets available when it is switched on again. In the hardware of the mobile phone the A5 algorithm gets executed as data is being encrypted and decrypted through the air.
4. The Algorithm used in the GSM Security:--
There are three algorithms which are used in the GSM security:-
A3: The MS Authentication Algorithm:----
In the GSM model, A3 acts as the authentication algorithm. This algorithm generates a 32 bit output as it gets the RAND (128 bit random number) from the MSC (Mobile service switching Centre) and the secret key KI as input from the SIM. The size of KI and RAND is of 128 bits. The A3 algorithm is represented as a one-way hash function. This function produces an output which is of fixed length as a random input is given to it. A COMP 128 algorithm is used for the A3 algorithm by every GSM operator in the world. This algorithm acts as the reference algorithm for the various tasks which has been pointed out by the GSM association.
A8, The ciphering Key Generation Algorithm:---
In the GSM network, A8 algorithm acts the session key algorithm. The A8 algorithm generates 64 bit output by taking two 128 bit input. The output generated is 64 bit session key KC. COMP128 acts the reference algorithm for the A8 algorithm also as it is there in the A3 algorithm. At one run, COMP128 generates both the session key KC as well as the SRES response.
A5, the stream-ciphering algorithm:-----
In this algorithm encryption of data over the air occurs. For secure data, there are three possibilities in the case of GSM; it includes the A5/0, A5/1 and the A5/2 algorithm. This algorithm came into existence because the GSM standard was designed for Europe and as per the export regulations it did not allow the implementation of the technology outside Europe.
Advantage of GSM Services:-
Following are the Advantage of GSM service: -------
- First of all the GSM network is fully developed which means that it contains stability with proper features and services. Hence it has over 450 million subscribers worldwide.
- The other advantage of GSM network is that it contains better voice quality and low- cost alternatives to make calls, such as Short message service (SMS) . In the case of GSM network the quality of voice is fine inside the buildings.
- Another advantage of this service is that the equipment's are easily available from the vendors who execute the following service.
- GSM services provide the roaming facility to its customers so that they can use the service anywhere in the world.
- GSM networks provide higher talk time due to its pulse nature of transmission and its ability to use routers.
- GSM provides the facility of International Roaming which is highly beneficial in context to its customers.
- The presence of Smart Cards which acts as subscriber Identity Modules through which encryption of data occurs in a secure manner which is highly advantageous with respect to commercial background.
- lastly the common advantage of the GSM service is that it provides the user the freedom to choose a mobile set of his/her choice and the SIM card is also being selected by user of their choice. They also have the option of making the changes to both the equipment's accordingly.
Disadvantage of GSM Services:-
The GSM service has following Disadvantages:-
- The first disadvantage is that the algorithms which are being used in this service for the security purpose is not available to the public.
- In the GSM service only Access security is being provided and the different communications occurs only in a fixed network.
- The major disadvantage of the GSM service is that it lacks the access to the American market.
- For the usage of this service, the user needs the requirement of higher power and the coordination between cell to cell.
- The network coverage of this technology is not better in the rural areas as compared to its competitor service of the CDMA technology.