A5 3 Ciphering PDF
A5 3 Ciphering PDF
A5 3 Ciphering PDF
The information in this document is subject to change without notice and describes only the
product defined in the introduction of this documentation. This documentation is intended for the
use of Nokia Siemens Networks customers only for the purposes of the agreement under which
the document is submitted, and no part of it may be used, reproduced, modified or transmitted
in any form or means without the prior written permission of Nokia Siemens Networks. The
documentation has been prepared to be used by professional and properly trained personnel,
and the customer assumes full responsibility when using it. Nokia Siemens Networks welcomes
customer comments as part of the process of continuous development and improvement of the
documentation.
The information or statements given in this documentation concerning the suitability, capacity,
or performance of the mentioned hardware or software products are given "as is" and all liability
arising in connection with such hardware or software products shall be defined conclusively and
finally in a separate agreement between Nokia Siemens Networks and the customer. However,
Nokia Siemens Networks has made all reasonable efforts to ensure that the instructions
contained in the document are adequate and free of material errors and omissions. Nokia
Siemens Networks will, if deemed necessary by Nokia Siemens Networks, explain issues which
may not be covered by the document.
Nokia Siemens Networks will correct errors in this documentation as soon as possible. IN NO
EVENT WILL Nokia Siemens Networks BE LIABLE FOR ERRORS IN THIS DOCUMENTATION OR FOR ANY DAMAGES, INCLUDING BUT NOT LIMITED TO SPECIAL, DIRECT, INDIRECT, INCIDENTAL OR CONSEQUENTIAL OR ANY LOSSES, SUCH AS BUT NOT LIMITED
TO LOSS OF PROFIT, REVENUE, BUSINESS INTERRUPTION, BUSINESS OPPORTUNITY
OR DATA,THAT MAY ARISE FROM THE USE OF THIS DOCUMENT OR THE INFORMATION
IN IT.
This documentation and the product it describes are considered protected by copyrights and
other intellectual property rights according to the applicable laws.
The wave logo is a trademark of Nokia Siemens Networks Oy. Nokia is a registered trademark
of Nokia Corporation. Siemens is a registered trademark of Siemens AG.
Other product names mentioned in this document may be trademarks of their respective
owners, and they are mentioned for identification purposes only.
Copyright Nokia Siemens Networks 2009. All rights reserved
Id:0900d8058058d589
Table of contents
This document has 16 pages.
Reason for update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
1
1.1
1.2
1.2.1
1.2.2
Introduction . . . . . . . . .
In general . . . . . . . . . .
Benefits . . . . . . . . . . . .
End user benefits . . . .
Operator benefits . . . .
......
......
......
......
......
.......
.......
.......
.......
.......
2
2.1
2.2
Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Software requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Hardware requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
3
3.1
3.2
Functional description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Functional overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Ciphering algorithm. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
System impacts. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
5
5.1
5.2
5.3
5.4
5.5
User interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Parameter evolution . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
System responses to failures . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Measurements and counters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
6
6.1
6.2
Abbreviations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
0 Z . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
Id:0900d8058058d589
......
......
......
......
......
.......
.......
.......
.......
.......
......
......
......
......
......
.......
.......
.......
.......
.......
..
..
..
..
..
7
7
7
7
7
13
13
13
13
13
13
List of figures
Figure 1
Id:0900d8058058d589
List of tables
Table 1
Table 2
Table 3
Id:0900d8058058d589
Date of issue
01
12/2008
1-1
02/2009
Details
Id:0900d80580515851
Introduction
1 Introduction
1.1
In general
For CS calls and SMSs, the A5/3 ciphering code provides more secure air interface links
to prevent hacking attacks than A5/1 encryption. Therefore, A5/3 encoding shall be
deployed if possible, as defined by the A5/3 ciphering feature (BSS20093). Otherwise,
the A5/1 algorithm can be used, which is supported by all BTS and MS types.
Maximum encryption is selected by the BSC in the call setup phase. This algorithm will
be changed to the less complex one only if the target TRX is not capable of supporting it.
According to 3GPP GERAN standardization, the A5/2 cipher mode (which is less secure
than A5/1) is not allowed to be supported in MSs for further releases. If non-encryption
is permitted, A5/0 can be deployed. The set of usable ciphering algorithms is then {A5/0,
A5/1, A5/3}, where the 3GPP standardization ciphering method A5/3 is the most secure
one. First, application of this algorithm will be tried. If a ciphering mode cannot be established, a less secure one will be applied.
Ciphering is performed by the BTS. The BSC selects the ciphering algorithm based on
information received from the MSC and information about allowed and supported algorithms in the BSS and the MS.
1.2
Benefits
The ciphering algorithm A5/3 provides more secure air interface links than A5/1 encryption. If the network capabilities are sufficient, A5/3 encryption shall be deployed. Introduction of A5/3 mode provides an adequate level of security against hacking attacks.
Nevertheless, the A5/1 algorithm can be used as fallback solution.
1.2.1
1.2.2
Operator benefits
A5/3 ciphering enables the operator to offer modern encryption methods in order to
support the subscribers right to use secure communication paths.
Id:0900d8058021f512
Requirements
2 Requirements
The A5/3 ciphering algorithm can be used for voice calls and SMSs if both the MS and
the BSS support this encryption.
During handovers, the ciphering mode changes from A5/3 to A5/1 coding and, if nonencryption is permitted, it is even possible to change from A5/3 to A5/0 and from A5/1
to A5/0. If ciphering mode change is not possible, then the required handover is not executed.
The BSS is also capable of changing ciphering modes for DTM intracell HOs. For DTM,
a release 7 MS is required to support ciphering mode change during DTM assignment.
2.1
Software requirements
The A5/3 ciphering algorithm has to be deployed in the BSS. The BSC has to be
equipped with S14 software.
BTS
The new ciphering software package has to be installed if BTS hardware requirements
are fulfilled.
BTS software support can be checked by the following mapping:
Hex digits
Supported ciphering
UV.WX-Y0
A5/0
UV.WX-Y1
A5/0, A5/1
UV.WX-Y3
Table 1
handover DL messages,
messages to update database entries of the MSC after intercell handovers, inter
BSC handovers, and after MOC and MTC setup.
A interface
Ciphering mode change requires usage of cipher mode IE for handover command
messages.
The selected encryption algorithm IE is used for the following messages to the MSC:
Handover performed, Cipher mode complete, and Handover request acknowledge.
Air interface
Ciphering mode change requires usage of cipher mode IE for handover command
messages.
Cipher mode IE is used for the assignment command message and the DTM
assignment command message for intracell handovers.
Id:0900d80580258dc2
2.2
Requirements
Hardware requirements
The above-mentioned prerequisites have to be supported by the hardware. The Flexi
EDGE BTS hardware supports A5/3 ciphering. For UltraSite BTS and MetroSite BTS,
EDGE support or EDGE capable baseband units are required. The Talk Family BTS
type does not support A5/3 ciphering because of its DSP capacity limitation.
Id:0900d80580258dc2
Functional description
3 Functional description
The A5/3 ciphering feature improves ciphering by implementing the A5/3 algorithm.
This chapter is divided into the following sections:
Functional overview
Ciphering algorithm
For general information on the ciphering procedure, the reader is referred to Basic Call,
DN9814062, ch. 2.8.
3.1
Functional overview
Data of GSM air interface channels can be encrypted and decrypted by means of the A5
algorithm. The data will be A5 encrypted after interleaving and before GMSK modulation. This new feature offers improved methods to select A5 ciphering algorithms for the
air interface, and introduces A5/3 encryption to the BSS. A5/3 ciphering is based on the
Kasumi F8 algorithm, which is also used in WCDMA RAN.
According to 3GPP GERAN standardization, A5/2 ciphering mode may not be supported in MSs for further releases. The A5/1 algorithm can be used as an alternative to
A5/3 encryption. The latter is supported by all BTS and MS types.
Ciphering is performed by the BTS burst by burst. The BSC selects the ciphering algorithm based on the information received from the MSC and the information about
allowed and supported algorithms in the BSS.
The use of A5/3 is licensed, and license checking (on/off) for the feature is implemented
in the BSC. In the BTS, the A5/3 algorithm is implemented only in the EDGE BB of the
TRX, because of the DSP capacity required for this feature. Therefore, the BSC has to
check whether the TRX is A5/3 capable before selecting the ciphering algorithm.
Maximum A5 encryption is selected by the BSC in the call setup phase based on the
MSC parameters, the MS capability, and software and hardware support of BTS and
BSC parameters. This ciphering algorithm is selected according to the algorithm used
previously and the TRX capability, and will be changed only if the target TRX is not
capable of supporting it. The ciphering algorithm can be changed during assignment or
during handover from a stronger to a weaker one, e.g. from A5/3 to A5/1. If the nonciphering algorithm A5/0 is permitted and encryption is not possible, this mode can also
be taken into account.
The ciphering mode has to be changed from A5/3 to A5/1 or to A5/0 if at least one of
these algorithms is deployed, and
It is neither required nor possible to change the ciphering mode for intra BTS handovers
of the Flexi EDGE BTS.
The strongest ciphering algorithm is initially selected during the call setup phase based
on the MS and BSS capabilities. This algorithm will be changed if needed, possible, and
permitted.
Application of A5/3 ciphering affects BTS, MSC and MS functionalities.
10
Id:0900d80580258d97
3.2
Functional description
Ciphering algorithm
If GMSK modulation is used, as presupposed for this feature, the plain text is mapped
to binary blocks 114 bits in length. Each of these blocks is part of a normal burst and
transmitted during a time slot. For ciphering, algorithm A5 produces an enciphered/deciphered block every 4.615 ms using a bit-wise modulo 2 addition with the plain text block.
#/5.4
$)2%#4)/.
,%.'4(
+C
#IPHERING !LGORITHM
+%9342%!",/#+
0,!).4%84
",/#+
#)0(%24%84
",/#+
3ENDER
-3 OR "33
Figure 1
Id:0900d80580258d97
11
System impacts
4 System impacts
In this chapter, dependencies on other features of the BSS are considered.
DTM call
Sometimes DTM call intracell handovers require ciphering mode change. Cipher mode
IE is used for this purpose in DTM assignment messages. If the MS does not support
this IE, intracell handover with ciphering mode change cannot be used. Evidently, A5/3
encoding for the corresponding handovers has to be supported.
A5/1 ciphering
A5/3 ciphering is used instead of the weaker A5/1 encoding if the BTS supports A5/3
ciphering and if this encoding is enabled in the BSC and the MSC.
FACCH call
A5/3 ciphering for FACCH calls is possible.
12
Id:0900d80580258de7
User interface
5 User interface
This chapter is divided into the following sections:
Parameters
Parameter evolution
System responses to failures
Alarms
Measurements and counters
5.1
Parameters
Configuration management provides parameters in order to select allowed A5 algorithms with regard to the BSC:
Parameter
ALLOWED_A5_ALGORITHMS
Table 2
Values
A5/0, A5/1
Selection of A5 algorithms
The on/off license defines whether the A5/3 algorithm is permitted in the BSC.
5.2
Parameter evolution
Not applicable.
5.3
Description
5.4
Error description
Alarms
No alarms are related to this feature.
5.5
Id:0900d80580258e9f
13
6.1
Feature activation
Prerequisites
Additional support by the following network entities is needed to use the feature:
MSC
BTS hardware and software
MS
Check that the license or licenses for the A5/3 ciphering feature are installed
For an overview of licensing procedures, see Licensing in BSC and W7 License and
Feature Handling.
ZW7I: LIC,FULL:LIC=<licence code>;
6.2
End
Feature deactivation
The feature can be deactivated by the following commands:
14
Id:0900d80580258ede
End
Id:0900d80580258ede
15
Abbreviations
7 Abbreviations
0Z
3GPP
BB
baseband
BSC
BSS
BTS
CS
circuit switched
DL
downlink
DSP
DTM
EDGE
FACCH
GERAN
GMSK
GSM
HO
IE
MML
MOC
MS
mobile station
MSC
MTC
SMS
TCH
traffic channel
TDMA
TRX
16
Id:0900d80580258ee9