Identification, Authentication and Authorization

Applied Cryptography Robust Software Quantum Safety Machine Learning Applied to Security Analysis and Exploration of Vulnerabilities Computer Systems Forensic Analysis Reverse Engineering Identification, Authentication and Authorization Secure Execution Environments Direito da Organização e da Segurança

Identification, Authentication and Authorization
Access Control Models
OAuth 2.0 Authorization Framework
Linux Security Mechanisms
Authentication Protocols
PAM (Pluggable Authentication Modules)
FIDO and FIDO2 framework
Authentication with Trusted Third Parties / KDCs
Identity Management
Anonymity and Privacy

Powered by GitBook

On this page

Authentication architecture
Mobile station authentication

GSM

PreviousS/Key (RFC 2289, 1998)NextHost authentication

Last updated 7 months ago

Authentication architecture

Based on a secret key shared between the HLR and the station.

128 Ki, stored in the station’s SIM card.
Can only be used after entering a PIN.

Algorithms (initially not public):

A3 for authentication.
A8 for generating a session key.
A5 for encrypting the communication.

A3 and A8 are implemented by SIM cards.

Can be freely selected by the operator.

Mobile station authentication

MSC fetches a trio from HLR.

RAND, SRES, Kc.
More than one is requested.

HLR generates RAND and corresponding trio using the subscriber’s Ki.

RAND, random value (128 bits).
SRES = A3 (Ki, RAND) (32 bits)
Kc = A8 (Ki, RAND) (64 bits)

Usually, operators use COMP128 for A3/A8.

Recommended by the GSM Consortium.
[SRES, Kc] = COMP128 (Ki, RAND).