You are on page 1of 14

Authentication procedure in gsm

Authentication ..why needed


To validate the subscriber who is sending the IMSI over air interface.

Authentication function is loaded where

HLR

The process where it starts ..for one sim card.


When one sim is launched (ki+imsi) is loaded on the sim Ki+imsi is also loaded in the auc in hlr

The process
Imsi sent to msc. MSC sends imsi to HLR/AUC for authentication which has (ki+imsi)over SAI(mentioning the number of requested vectors) AUC generates RAND and then using a3 (authentication) algorithm calculates SRES AUC uses a5 to generate Kc(rand+ki-----kc) and sends the triplet back to msc mSCs sends the RAND from triplet to MS. MS does the same process and calculates the sres Sres is matched with the previous sres.. If matches ..allowed to lu.

2G Authentication Flow

Imsi from ms carried by identity response

Imsi is sent over sai

SAI_response gives back the triplet

Authentication request RAND is sent

Sres is got from ms which is compared

3G Authentication and Encryption

The successful authentication flow of a 3G subscriber is as follows:


On receiving a location update, call, or supplementary service request, the MSC/VLR determines whether to perform authentication according to the data configuration. If authentication is not required, the MSC/VLR skips the authentication flow. If authentication is required, the VLR checks whether authentication quintuples are available. If authentication quintuples are available, the VLR sends an Authentication request to the UE. If no authentication quintuples are available, the VLR obtains authentication sets from the HLR. The MSC/VLR identifies the HLR serving the subscriber based on the IMSI carried in the received request, and then sends a MAP_SEND_AUTHENTICATION_INFO_REQ message to the HLR. The message carries the IMSI of the subscriber and the number of required authentication sets (can be configured as required). The HLR requests the AuC (usually integrated with the HLR) for five authentication quintuples, and then sends a MAP_SEND_AUTHENTICATION_INFO_RSP message carrying the authentication quintuples to the MSC/VLR. The MSC/VLR sends an Authentication request message carrying the first authentication quintuple to the UE and stores the remaining authentication sets in the VLR. On receiving the authentication request, the MS sends the RAND contained in the authentication quintuple to the USIM. The USIM performs the following processing based on the RAND, AUTN, and the authentication key (K) stored in the USIM:
Checks the AUTN: The USIM checks whether the MAC contained in the AUTN is the same as the MAC calculated by using the RAND. If the MACs are not the same, the USIM sends an Authentication failure message carrying the failure cause value to the MSC/VLR. The authentication flow is ended. Checks the SQN: The USIM checks whether the SQN stored in it is the same as the SQN calculated by using the AUTN. If the SQNs are not the same, the USIM sends an Authentication failure message carrying the failure cause value to the MSC/VLR. The authentication flow is ended. Calculates a UMTS CK and an IK by using the RAND, uses the UMTS CK and IK to overwrite the original CK and IK, and sends an Authentication response message carrying the authentication result to the MSC/VLR.

The MSC/VLR compares the SRES reported by the UE and the XRES provided by the AuC. If the SRES is the same as XRES, the MSC/VLR passes the authentication and sends a SECURITY MODE COMMAND message to start the encryption flow. The message carries the encryption and integrity protection algorithms supported by the MSC/VLR. The RNC chooses a common algorithm from the algorithms supported by the MSC/VLR, UE, and nodeB to start encryption and integrity protection, and then sends a SECURITY MODE COMPLETE message to the MSC/VLR. If there is no common algorithms among the algorithms supported by the MSC/VLR, UE, and nodeB and the network is not ready to use an unencrypted connection, the RNC ends a SECURITY MODE REJECT message to the MSC/VLR. At this point, the network access of the UE is complete.

Contd..
The VLR compares the value of SRES returned by the UE with the value of XRES computed by the AuC.
If the values are different, the VLR returns an authentication reject response to the UE. After receiving the message, the UE determines that the subscriber is illegal, and that authentication fails. If the values are the same, it indicates that the network succeeds in performing authentication. Then the VLR send to a response message that contains service acceptance or location update acceptance information to the UE. The UE continues the following authentication for the network side.

The UE computes the authentication parameters XMAC and SQNms of the UE side based on RAND and AUTN returned by the VLR, and then compares them with MAC and SQNhe in AUTN respectively.
If MAC is not equal to XMAC, it indicates that the UE fails to perform the validity check for the network, and that authentication fails. The VLR sends an Authentication failure message to the AuC. If the difference between SQNms and SQNhe is not in an acceptable range, it indicates that the UE fails to perform the effectiveness check for the network. The VLR originates a re-synchronization flow to the AuC. The re-synchronization flow is similar to the authentication set request flow. The difference is that the MAP_SEND_AUTHENTICATION_INFO message contains the re-synchronization information of AUTS and RAND that requires the AuC to synchronize. After receiving the re-synchronization message, the AuC computes MAC based on RAND in the message. Then the AuC compares MAC with MAC-S in the AUTS to determine whether the re-synchronization is legal. After that, the AuC adjusts its SQNhe based on the value of SQNms in the AUTS, and computes a group of authentication values to the VLR. The VLR uses these values to originate authentication flow again, and returns AUTN and RAND to the UE. Step 3 and Step 4 are repeated in the following flow. If both the validity check and the effectiveness check succeed, the authentication is successful

You might also like