Location Area Identity (LAI)

 Within a PLMN, a Location Area identifies its own authentic Location Area Identity (LAI). The LAI hierarchy is based on international standard and structured in a unique format as mentioned below:

 ·          Country Code (CC) : 3 decimal places.

 ·          Mobile Network Code (MNC) : 2 decimal places.

 ·          Location Area Code (LAC) : maximum 5 decimal places or maximum twice 8 bits coded in hexadecimal (LAC < FFFF).

 Temporary Mobile Subscriber Identity (TMSI)

 Temporary Mobile Subscriber Identity (TMSI) can be assigned by the VLR, which is responsible for the current location of a subscriber. The TMSI needs to have only local significance in the area handled by the VLR. This is stored on the network side only in the VLR and is not passed to the Home Location Register (HLR).

 Together with the current location area, the TMSI identifies a subscriber uniquely. It can contain up to 4 × 8 bits.

 Local Mobile Subscriber Identity (LMSI)

 Each mobile station can be assigned with a Local Mobile Subscriber Identity (LMSI), which is an original key, by the VLR. This key can be used as the auxiliary searching key for each mobile station within its region. It can also help accelerate the database access. An LMSI is assigned if the mobile station is registered with the VLR and sent to the HLR. LMSI comprises of four octets (4x8 bits).

 Cell Identifier (CI)

Using a Cell Identifier (CI) (maximum 2 × 8) bits, the individual cells that are within an LA can be recognized. When the Global Cell Identity (LAI + CI) calls are combined, then it is uniquely defined.

 

GSM security

 GSM is the most secured cellular telecommunications system available today. GSM has its security methods standardized. GSM maintains end-to-end security by retaining the confidentiality of calls and anonymity of the GSM subscriber.

 Temporary identification numbers are assigned to the subscriber‘s number to maintain the privacy of the user. The privacy of the communication is maintained by applying encryption algorithms and frequency hopping that can be enabled using digital systems and signalling.

 

Mobile Station Authentication

 The GSM network authenticates the identity of the subscriber through the use of a challenge-response mechanism. A 128-bit Random Number (RAND) is sent to the MS. The MS computes the 32-bit Signed Response (SRES) based on the encryption of the RAND with the authentication algorithm (A3) using the individual subscriber authentication key (Ki). Upon receiving the SRES from the subscriber, the GSM network repeats the calculation to verify the identity of the subscriber.

 The individual subscriber authentication key (Ki) is never transmitted over the radio channel, as it is present in the subscriber's SIM, as well as the AUC, HLR, and VLR databases. If the received SRES agrees with the calculated value, the MS has been successfully authenticated and may continue. If the values do not match, the connection is terminated and an authentication failure is indicated to the MS.

 The calculation of the signed response is processed within the SIM. It provides enhanced security, as confidential subscriber information such as the IMSI or the individual subscriber authentication key (Ki) is never released from the SIM during the authentication process.

 

Signalling and Data Confidentiality

 The SIM contains the ciphering key generating algorithm (A8) that is used to produce the 64-bit ciphering key (Kc). This key is computed by applying the same random number (RAND) used in the authentication process to ciphering key generating algorithm (A8) with the individual subscriber authentication key (Ki).

 GSM provides an additional level of security by having a way to change the ciphering key, making the system more resistant to eavesdropping. The ciphering key may be changed  at  regular  intervals  as  required.  As  in  case  of  the  authentication  process,  the

 computation of the ciphering key (Kc) takes place internally within the SIM. Therefore,

 sensitive information such as the individual subscriber authentication key (Ki) is  never

 revealed by the SIM.

 Encrypted  voice  and  data  communications  between  the  MS  and  the  network  is

 accomplished by using the ciphering algorithm A5. Encrypted communication is initiated by

 a ciphering mode request command from the GSM network. Upon receipt of this command,

 the mobile station begins encryption and decryption of data using the ciphering algorithm

 (A5) and the ciphering key (Kc).

 

Subscriber Identity Confidentiality

 To  ensure  subscriber  identity  confidentiality,  the  Temporary  Mobile  Subscriber

 Identity (TMSI) is used. Once the authentication and encryption procedures are done, the

 TMSI is sent to the mobile station. After the receipt, the mobile station responds. The TMSI

 is valid in the location area in which it was issued. For communications outside the location

 area, the Location Area Identification (LAI) is necessary in addition to the TMSI.