Authentication of Subscribers
The Um authentication procedure is detailed in GSM 04.08 Section 4.3.2 and GSM 03.20 Section 3.3.1 and summarized here:
- The network generates a 128 bit random value, RAND.
- The network sends RAND to the MS in the MM Authentication Request message.
- The MS forms a 32-bit hash value called SRES by encrypting RAND with an algorithm called A3, using Ki as a key. SRES = A3(RAND,Ki). The network performs an identical SRES calculation.
- The MS sends back its SRES value in the RR Authentication Response message.
- The network compares its calculated SRES value to the value returned by the MS. If they match, the MS is authenticated.
- Both the MS and the network also compute a 64-bit ciphering key, Kc, from RAND and Ki using the A8 algorithm. Kc = A8(RAND,Ki). Both parties save this value for later use when ciphering is enabled.
Note that this transaction always occurs in the clear, since the ciphering key is not established until after the transaction is started.
Read more about this topic: Um Interface, Um Security Features