extension of authentication protocol for gsm

Extension of authentication protocol for GSM

報告者 : 廖翊均

Outline

1. Overview of authentication protocol for GSM

2. Lee, C.-C. ’s authentication protocol for GSM

3. Improve scheme (1) & (2)4. Compare

1. Overview of authentication protocol for GSM ( con’t )

Ki

A8 A3

Ki

A3 A8

RAND

SRESSRES equalyes

no

reject

acceptKc

KcKcFrame number

deciphering

ciphering

A5

deciphering

A5cipheringdata

data*

data

data*

MS Home System

Visited System

AuthenticationEncryption

Ciphered informationdeciphering

1. Overview of authentication protocol for GSM

MS VLR HLR

Request(TMSI, LAI)

IMSI

n sets{RANDi,SRESi,KC} i

RANDi

SRESj

Fig. Authentication protocol for GSM

2. Lee, C.-C. ’s authentication protocol for GSM

A3

Ki

RAND

A3

Ki

TKi Auth_VLRm TKi Auth_VLRh

equal

RANDj

A5

SRES

A5

SRESm

equal

T T

TKi

MS HLR

VLR

yes

yes

No

No

accept

accept

reject

reject

2. Lee, C.-C. ’s authentication protocol for GSM ( con’t )

MS VLR HLR

Request(TMSI ,LAI,T)

VLR_ID, IMSI, T

Auth_VLRh , RAND , TKi

RAND , RAND1 , Auth_VLRh , T

SRESm

VLR

3. Improve scheme (1)

在第一次做完 VLR 和 MS 的認證後，兩者同時擁有 temporary key TKi

VLR 再利用 TKi 和 timestamp T 產生 Auth_VLRh = A3( Tj , TKi )

VLR send Auth_VLRh 和 RANDj to MS

MS: Auth_VLRm=A3( Tj , TKi ) 做 VLR 認證 SRESm = A5(RANDj , TKi) send to

VLR 做 MS 認證


MS VLR

Request(TMSI, Tj)

Auth_VLRh, RANDj, Tj

SRESm


MS 驗證 : VLR 利用 Tj-1,Tj and TKi 來產生

SRES = A5( Tj-1||Tj ,TKi )

=>VLR 不必每次 generate random number

VLR 驗證 :

Auth_VLRh = A3( Tj , TKi )

3. Improve scheme (2) phase-1

MS VLR HLR

Request(TMSI ,LAI,T)

VLR_ID, IMSI, T

Auth_VLRh , RAND , TKi

RAND , Auth_VLRh , T

SRESm

VLR

3. Improve scheme (2) phase-2

MS VLR

Request(TMSI, SRES j, T j)

Auth_VLRh, T j

4. Compare

只有第一次對 VLR 做認證而已

=> 利用在第一次做完 VLR 和 MS 的認證後，兩者同時擁有的 temporary key TKi 來產生產生 Auth_VLRh = A3( Tj , TKi ) , 用以完成每次都有同時對 VLR 和 MS 做認證

Improve MS 驗證 :

VLR 利用 Tj-1,Tj and TKi 來產生 SRES = A5( Tj-1||Tj ,TKi

) => VLR 不必每次 generate random number

extension of authentication protocol for gsm

Documents