4 Management of security features

12.033GPPSecurity ManagementTS

Clause 4 identifies the manageable aspects of the security features in the previous clause. The security management mechanisms which can be used are listed in clause 5. Clause 6 defines the procedures introduced in clause 4, and clause 7 provides the object model for the management these parameters.

4.1 Subscriber Identity (IMSI) confidentiality management

Subscriber confidentiality in the GSM PLMN is provided by the use of the Temporary Mobile Subscriber Identity (TMSI) on the air interface. Avoiding the use of the International Mobile Subscriber Identity (IMSI) over the air interface by substituting the TMSI, provides both a high level of confidentiality for user data and signaling, and protection against the tracing of a user’s location. This mechanism is described in GSM 03.20 [3] and the structure of the TMSI is described in GSM 03.03 [2].

As the frequency of reallocation of the TMSI has an effect on the subscriber confidentiality, a parameter is defined to provide control over it.

If the (old) TMSI is unknown to the Visitor Location Register (VLR) or wrong, the mobile subscriber can only be identified by using the IMSI. As encryption is not possible during that stage, the IMSI has to be sent unencrypted over the air interface. The occurrence of such an event (or similar) affects the quality of the subscriber confidentiality service. Counters are defined to provide information about this service.

4.2 Subscriber Identity (IMSI) authentication management

The GSM PLMN offers a mechanism for the authentication of subscriber identity. The purpose of this feature, is to protect the network against unauthorized use. It also enables the protection of the GSM PLMN subscribers, by making it practically impossible for intruders to impersonate authorized users.

Subscriber authentication may be included in the Mobile Application Part (MAP) procedures for access request and location update. The use of authentication should be under the control of the operator and a parameter is defined for this purpose.

Authentication may be retried to recover from failure due to incorrect TMSI by requesting open transfer of the IMSI over the air interface. This should be under the control of the operator and a parameter to this effect is defined.

To support authentication, vectors are generated in the AuC. The VLR requests these authentication vectors for use in the authentication procedures. Under exceptional conditions, these vectors may need to be reused. This may have an effect on the security of the network, and should be under the control of the operator.

4.3 Data confidentiality over the air interface

4.3.1 Encryption and algorithm management

In a GSM PLMN, encryption may be used to protect the confidentiality of data and signaling on the air interface .Two algorithms are essentially involved in the encryption process; the ciphering algorithm (A5) and the cipher key generation algorithm (A8). In general, the authentication algorithm (A3) and the A8 algorithm, are implemented as one in the AuC and the SIM, and may be operator-specific. The A5 algorithm is implemented in the ME and at the BTS.

The negotiation (between the MS and the MSC) of up to seven versions of the ciphering algorithm (A5/1, A5/2…,A5/7), is catered for in signaling. The MSC will then identify which of these versions are allowed by the network for this call (perhaps based on the user identity) and will pass the list of acceptable versions to the BSS. The BSS must then select a version from this list. If any versions in this list are supported by the BTS, then encryption must be used. For the case where multiple choices are available, the order of preference for this BSS selection should be set by the operator. A BTS related attribute specifying a priority ordered list of version choices is defined in the present document. If no version match is available, the MSC must decide whether or not to complete the call in unencrypted mode. An MSC related attribute to allow/prohibit unencrypted communications is defined in the present document.

4.3.2 Key management

Two types of keys are defined in GSM; the authentication key (Ki) and the cipher key (Kc).

The Ki is unique to the subscriber. It is stored in the SIM during pre-personalization and in the authentication centre

The Kc is normally generated at the same time as the authentication parameters. The same random number (RAND) that is passed through the A3 algorithm with the Ki during authentication, is passed through a different algorithm, the A8, again with the Ki to generate the Kc. The key Kc may be stored and used by the mobile station, until it is updated at the next authentication. Attention is necessary to achieve key consistency during all these operations and after (re)synchronization of nodes. This consistency is provided for by the use of the Ciphering Key Sequence Number (CKSN) and authentication retry.

The administration of the (IMSI,Ki) pair is described in recommendation GSM12.02 [7]. The generation of the Kc is described in recommendation GSM 03.20 [3].

4.4 Management of Mobile Equipment security

For equipment security, the international mobile equipment identity (IMEI) has been defined. The IMEI is physically secure in the ME, as defined in GSM 02.09 [1].

Equipment identification is achieved by requesting the IMEI from the ME. To control this identification, a parameter is defined in subclause 6.4.1 of the present document. It is used to select which MAP procedures shall include the request of the IMEI.

The Equipment Identity Register (EIR) is used to store IMEIs in the network. An IMEI is classified as white, gray or black.

The IMEI management functions related to the EIR are described in GSM 12.02 [7].

IMEI tracing can be used for the detection and elimination of security breaches. This process is also described in GSM 12.08 [21].