GSM vs.

WCDMA authentication
 GSM
– Authentication vectors: Triplets (Kc, Sres, RAND)
– Authentication can be selective
– Reuse of authentication vectors
– Network is authenticated by MS(SIM)
– Algorithms: A3A8 (Comp128-2, Comp128-3 and G-Milenage)

 WCDMA
– Authentication vector: Quintets (CK, XRES, RAND, IK, AUTN)
– Authentication is not selective (i.e. all operations are authenticated)
– Reuse of authentication vectors is not allowed
– Freshness of authentication vector is checked
– Network is authenticated by the UE (USIM)
– Algorithms: Function Set (FSET) a maximum of 16 instances: (Milenage)

Public
 Authentication in WCDMA 6. Ciphertext

5. RES
CK
4.RAND, AUTN
IK (4)
1. IMSI, IMEI

EIR BS

2.
Ye

TN
ES
s/

U
1.

,A
R
o
IM

5.

IK
EI

EI
K
C

M
D,

,I
ME?

SI
N
A

IM

K
R

O
1.
5. RES

3.

TH
2. Quintets

U
2.Quintets

A
3.RAND, CK, IK, AUTN

6.
1. IMSI
1. IMSI 1. IMSI, IMEI

M
AUC HLR BS

USI
MSC/VLR RNC
6. AUTH OK IMSI
Ki
IMSI IMSI IMSI
(2) XRES (5) FSETind
Ki Subsc. Quintets XRES = RES?
FSETind (3) RAND USIM
Data
RES (4)
CK SQN AK
RAND BS IK
XRES GMSC AMF
(1) AUTN MAC
CK SQN AK
Quintet
IK AMF (5)
AUTN MAC MAC?
Quintet SQN correct?
Public