C.2 Algorithm A3

03.203GPPRelease 1999Security related network functionsTS

Algorithm A3 is considered as a matter for GSM PLMN operators. Therefore, only external specifications are given. However a proposal for a possible Algorithm A3 is managed by GSM/MoU and available upon appropriate request.

C.2.1 Purpose

As defined in GSMĀ 03.20, the purpose of Algorithm A3 is to allow authentication of a mobile subscriber’s identity.

To this end, Algorithm A3 must compute an expected response SRES from a random challenge RAND sent by the network. For this computation, Algorithm A3 makes use of the secret authentication key Ki.

C.2.2 Implementation and operational requirements

On the MS side, Algorithm A3 is contained in a Subscriber Identity Module, as specified in GSMĀ 02.17.

On the network side, it is implemented in the HLR or the AuC. The two input parameters (RAND and Ki) and the output parameter (SRES) of Algorithm A3 shall use the following formats:

– length of Ki: 128 bits;

– length of RAND: 128 bits;

– length of SRES: 32 bits.

The run-time of Algorithm A3 shall be less than 500 ms.