Experiment No 3: GSM Security

PART A
(PART A: TO BE REFFERED BY STUDENTS)

A.1 Aim: To implement GSM security algorithms (A3/A5/A8)

A.2 Objectives: To understand the security algorithms in mobile networks

A.3 Outcomes: Student will be able to implement security algorithms for mobile
communication network. (LO-4)

A.4 Tools Used/programming language: Java, Python etc

A.5 Theory:
 Authentication verifies identity and validity of SIM card to the network and ensures
that subscriber has access to the network.
 Term used
 Ki= individual subscriber authentication key, it is 32 bit number and present
only in SIM card and stored in authentication center.
 RAND= random 128 bit number generated by AUC (authentication center)
when network request to authenticate the subscribers.
 SRES (signed responses) = 32 bit crypto variable used in authentication process.
 Kc = 64 bit cipher key.
 MS is challenged by given RAND by the network.
 Security in GSM
 Three algorithms have been specified to provide security services in GSM.
Algorithm A3 is used for authentication, A5 for encryption, and A8 for the
generation of a cipher key.

 In the GSM standard only algorithm A5 was publicly available, whereas A3

and A8 were secret, but standardized with open interfaces.
 Network providers can use stronger algorithms for authentication– or
users can apply stronger end-to-end encryption.
 Algorithms A3 and A8 (or their replacements) are located on the SIM and in
the AUC and can be proprietary.
 Only A5 which is implemented in the devices has to be identical for all
providers.

Subscriber Authentication
For subscriber authentication algorithm used is A3
1. A3 algorithm is inbuilt inside SIM and AUC, Input for A3 is Ki and RAND
2. Ki=Stored inside SIM(kiis encrypted inside SIM card) and not share on network
and also present in AUC of MSC.
3. Before a subscriber can use any service from the GSM network, he or she must be
authenticated. Authentication is based on the SIM, which stores the individual
authentication key Ki, the user identification IMSI, and the algorithm used for
authentication A3.
4. When user want to access GSM network IMSI number from SIM send to MSC
then HLR then to AUC.
5. Now AUC check IMSI number is present or not and identify associated Ki value
(Ki is fixed), in this procedure AUC generate RAND number which is different
for every new user request.
6. AUC using authentication algorithm A3(input to A3 are ki and RAND) calculate
SRES as output of A3 and AUC using algorithm A8 of cipher generation (input to
A8 are ki and RAND) calculate Kcand send these SRES, Kc and RAND to HLR
 then from HLR to MSC. These three terms SRES, Kc and RAND are called as
triplet.
7. MSC now send only RAND value to MS
8. MS using algorithm A3 (input to A3 is Ki and RAND)calculate SRES and using
algorithm A8 calculate Kc and send these SRES and kc to MSC
9. MSC check SRES receive from MS and Network are same or not. If both are same
user is authenticated and connection is set up.

Figure: Subscriber Authentication

Encryption
1. To ensure privacy, all messages containing user-related information are
encrypted in GSM over the air interface.
2. After authentication, MS and BSS can start using encryption by applying the
cipher key Kc
3. Kc is generated using the individual key Ki and a random value by applying
the algorithm A8. Note that the SIM in the MS and the network both calculate
the same Kc based on the random value RAND. The key Kc itself is not
transmitted over the air interface.
4. MS and BTS can now encrypt and decrypt data using the algorithm
A5andthe cipher key Kc. As Figure shows, Kc should be a 64 bit key –
 which is not very strong, but is at least a good protection against
simple eavesdropping. However, the publication of A3 and A8 on the
internet showed that in certain implementations 10 of the 64 bits are
always set to 0, so that the real length of the key is thus only 54
consequently, the encryption is much weaker.
5. Note: An eavesdropping attack, also known as a sniffing or snooping attack,
is a theft of information as it is transmitted over a network by a computer,
smart-phone, or another connected device. The attack takes advantage of
unsecured network communications to access data as it is being sent or
received by its user. Eavesdropping is the act of intercepting communications
between two points.

Figure: Data Encryption

A.6 Sample Source Code:

https://www.theprogrammingcodeswarehouse.com/2020/04/implementation-of-
a3-security.html

import random
k=random.getrandbits(128)
 m=random.getrandbits(128)
kb=bin(k)[2:]
mb=bin(m)[2:]
kbl=kb[0:64]
kbr=kb[64:]
mbl=mb[0:64]
mbr=mb[64:]
a1=int(kbl,2)^int(mbr,2)
a2=int(kbr,2)^int(mbl,2)
a3=a1^a2
a4=bin(a3)[2:].zfill(64)
a5=a4[0:32]
a6=a4[32:]
a7=int(a5,2)^int(a6,2)
print("128 Bit Key = ",kb)
print("128 Random Bits Generated = ",mb)
print("RES/SRES = ",bin(a7)[2:].zfill(len(a5)))

A.6 Sample Output:

128 Bit Key
=1111101110100110010000010010011000100111001111010011101011010001111000111000001
111

011101110110111010100010110101000111010001

128 Random Bits Generated

=1100000100010001011000101110010011011010110011001000110101110001001000010100101
001

0000010011110000001000011001001111111000100

RES/SRES=11110110110100000010111110001101
 PART B
(PART B: TO BE COMPLETED BY STUDENTS)
(Students must submit the soft copy as per following segments within two hours of
the practical. The soft copy must be uploaded on the ERP or emailed to the
concerned lab in charge faculties at the end of the practical in case the there is no
ERP access available)
Roll No.: C46 Name:Pravin Dattatray Gholap

Class :TE C Batch :C3

Date of Experiment: Date of Submission

Grade :

B.1 Question of Curiosity:

Q.1: Source Code (students need to implement GSM Security Algorithm using any programming
language like Java, Python, etc)
ANS:
A3:
import random

#Generating a random 128-bit key

randomKey = random.getrandbits(128)

#Generating a random 128-bit number

randomNumber = random.getrandbits(128)

#Converting the key and number to binary

keyBinary = bin(randomKey) [2:]
numberBinary = bin(randomNumber) [2:]

#Dividing the binary key and number into left and right halves
keyBinaryLeft = keyBinary[0:64]
keyBinaryRight = keyBinary[64:]
numberBinaryLeft = numberBinary[0:64]
numberBinaryRight = numberBinary [64:]

#Performing bitwise XOR operation between the left half of key and the right half of number
result1 = int(keyBinaryLeft, 2)^int(numberBinaryRight, 2)

#Performing bitwise XOR operation between the right half of key and the left half of number

result2 = int(keyBinaryRight, 2)^int(numberBinaryLeft, 2)

#Performing bitwise XOR operation between the results of resulti and result2
result3 = result1^result2

#Converting the result to a 64-bit binary number

result4 = bin(result3)[2:].zfill(64)

# Dividing the binary number into two 32-bit numbers

result5 = result4[0:32]

result6 = result4[32:]

#Performing bitwise XOR operation between the two 32-bit numbers

finalResult = int(result5, 2) ^ int(result6, 2)

print("128 Bit Key=", keyBinary)

print("128 Random Bits Generated=", numberBinary)

#Printing the result of the A3 algorithm which is a SRES

print("RES/SRES=", bin(finalResult) [2:].zfill(len(result5)))

A5:
import random

# Generate a 64-bit key and a 22-bit frame number

key = random.getrandbits(64)
frame_number = random.getrandbits(22)

# Convert the key and frame number to binary strings

key_binary = bin(key)[2:].zfill(64)
frame_binary = bin(frame_number)[2:].zfill(22)

# Split the key into three sections

key_section_1 = key_binary[:19]
key_section_2 = key_binary[19:41]
key_section_3 = key_binary[41:]

# Create three shift registers with the key sections

register_1 = [int(bit) for bit in key_section_1]
register_2 = [int(bit) for bit in key_section_2]
register_3 = [int(bit) for bit in key_section_3]

# Shift registers
register_1 += [int(bit) for bit in frame_binary]
register_2 += [int(bit) for bit in frame_binary]
register_3 += [int(bit) for bit in frame_binary]

# Create a clocking function that determines which registers to shift

def clock():
if register_1[8] == register_2[10] == register_3[10]:
return 1
elif register_1[8] != register_2[10]:
return 2
 else:
return 3

# Generate 114 bits of output

output = ""
for i in range(114):
# Clock the registers to determine which one to shift
shift_register = clock()

# Shift the selected register

if shift_register == 1:
new_bit = register_1[18] ^ register_1[17] ^ register_1[16] ^ register_1[13]
register_1.pop()
register_1.insert(0, new_bit)
elif shift_register == 2:
new_bit = register_2[20] ^ register_2[19]
register_2.pop()
register_2.insert(0, new_bit)
else:
new_bit = register_3[21] ^ register_3[20] ^ register_3[7] ^ register_3[20]
register_3.pop()
register_3.insert(0, new_bit)

# Calculate the output bit by XORing bits from each register

output_bit = register_1[18] ^ register_2[20] ^ register_3[21]
output += str(output_bit)

# Extract the 114-bit output corresponding to the frame number

frame_output = output[:114]

# Print the results

print("64-bit Key:", key_binary)
print("Frame Number:", frame_binary)
print("A5 Algorithm Result (in binary):", frame_output)

A8:
def a8_algorithm(secret_key, rand):
"""
A8 Algorithm implementation for GSM
:param secret_key: 64-bit secret key (Ki)
:param rand: 128-bit random number (RAND)
:return: 64-bit cipher key (Ki)
"""
# XOR each bit of the secret key with the corresponding bit of the random number
cipher_key = secret_key ^ rand

# Take the least significant 64 bits as the cipher key

cipher_key = cipher_key & ((1 << 64) - 1)

return cipher_key

# Example usage
secret_key = 0x0011223344556677 # Replace with the actual secret key
rand_number = 0x0123456789ABCDEF0123456789ABCDEF # Replace with the actual random
number

cipher_key = a8_algorithm(secret_key, rand_number)

print("Secret Key (Ki):", hex(secret_key))

print("Random Number (RAND):", hex(rand_number))
print("Cipher Key (Ki):", hex(cipher_key))

Q.2: Output of GSM Security Algorithm

ANS:
A3

A5

A8

Q.3: List out various elements of GSM architecture and explain in brief function of each element.
Ans:
GSM architecture comprises several key elements:

Mobile Station (MS): Handset and SIM card used by subscribers.

Base Transceiver Station (BTS): Radio equipment for signal transmission.
Base Station Controller (BSC): Manages multiple BTSs and radio resources.
Mobile Switching Center (MSC): Central component for call switching and mobility
management.
Home Location Register (HLR): Stores subscriber information and handles authentication.
Visitor Location Register (VLR): Temporarily stores subscriber data within MSC coverage area.
Authentication Center (AuC): Manages subscriber authentication and encryption key
generation.
Equipment Identity Register (EIR): Tracks device identities to prevent unauthorized access.
Gateway Mobile Services Switching Center (GMSC): Interconnects GSM network with other
networks.
Short Message Service Center (SMSC): Manages storage and forwarding of SMS messages.
B.2 Conclusion:
A3, A5, and A8 algorithms are integral to GSM security. A3 handles subscriber
authentication, A5 encrypts voice and data, and A8 generates session keys. Together, they
ensure the integrity, confidentiality, and authenticity of GSM communications, remaining
relevant despite technological advancements.