Ciphering

Ciphering GBSS12.0

Feature Parameter Description

Issue 01

Date 2010-06-30

HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2011. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without prior

written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.

All other trademarks and trade names mentioned in this document are the property of their respective

holders.

Notice

The purchased products, services and features are stipulated by the contract made between Huawei and

the customer. All or part of the products, services and features described in this document may not be

within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements,

information, and recommendations in this document are provided "AS IS" without warranties, guarantees or

representations of any kind, either express or implied.

The information in this document is subject to change without notice. Every effort has been made in the

preparation of this document to ensure accuracy of the contents, but all statements, information, and

recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base

Bantian, Longgang

Shenzhen 518129

People's Republic of China

Website: http://www.huawei.com

Email: [email protected]

http://www.huawei.com/

mailto:[email protected]

GSM BSS

Ciphering Contents

Issue 01 (2010-06-30) Huawei Proprietary and Confidential

Copyright © Huawei Technologies Co.,

Ltd.

i

Contents

1 Introduction to This Document ............................................................................................. 1-1

1.1 Scope ............................................................................................................................................ 1-1

1.2 Intended Audience ........................................................................................................................ 1-1

1.3 Change History .............................................................................................................................. 1-1

2 Overview ..................................................................................................................................... 2-1

3 Technical Description .............................................................................................................. 3-1

3.1 Kc and Its Generation.................................................................................................................... 3-1

3.2 A5 Ciphering Algorithm .................................................................................................................. 3-1

3.3 Algorithm Selection ....................................................................................................................... 3-2

3.4 Signaling Procedure ...................................................................................................................... 3-3

3.5 Improvements in A5 Ciphering Algorithm ...................................................................................... 3-4

3.6 Impact on KPI ................................................................................................................................ 3-5

4 Engineering Guidelines ........................................................................................................... 4-1

5 Parameters ................................................................................................................................. 5-1

6 Counters ...................................................................................................................................... 6-1

7 Glossary ...................................................................................................................................... 7-1

8 Reference Documents ............................................................................................................. 8-1

GSM BSS

Ciphering 1 Introduction to This Document



Ltd.

1-1

1 Introduction to This Document

1.1 Scope

This document describes ciphering of Huawei GBSS. It covers the function of and technology mechanisms regarding this feature, including the ciphering key (Kc) generation, A5 ciphering algorithm, ciphering algorithm selection, signaling procedure, and improvements in A5 ciphering algorithm.

1.2 Intended Audience

It is assumed that users of this document are familiar with GSM basics and have a working knowledge of GSM telecommunication.

This document is intended for:

Personnel working on Huawei GSM products or systems

System operators who need a general understanding of this feature

1.3 Change History

The change history provides information on the changes in the ciphering feature in different document versions.

There are two types of changes, which are defined as follows:

Feature change

Feature change refers to the change in the ciphering feature of a specific product version.

Editorial change

Editorial change refers to the change in wording or the addition of the information that was not described in the earlier version.

Document Issues

The document issues are as follows:

01 (2010-06-30)

Draft (2010-03-30)

01 (2010-06-30)

This is the first release of GBSS12.0.

Compared with issue draft (2010-03-30) of GBSS12.0, issue 01 (2010-06-30) of GBSS12.0 incorporates the changes described in the following table.

Change Type Change Description Parameter Change

Feature change

None. None.

Editorial change

Parameters are presented in the

form of Parameter ID instead of

Parameter Name.

None.

GSM BSS

Ciphering 1 Introduction to This Document



Ltd.

1-2

Draft (2010-03-30)

This is the draft release of GBSS12.0.

GSM BSS

Ciphering 2 Overview



Ltd.

2-1

2 Overview

The information ciphered on the Um interface involves signaling, speech, and data. The implementation of ciphering guarantees the information security and prevents user information or conversation contents from unauthorized access.

The ciphering procedure is initiated on the network side. The BTS and MS cipher and decipher the information by using the A5 algorithm and the ciphering key (Kc) generated by the A8 algorithm on the basis of the capability of the MS and BTS. Thus, the security of the information on the Um interface is ensured. The Kc is generated by the GSM authentication center (AuC) and stored in the MSC/VLR. The Kc is sent to the BTS before the ciphering procedure begins.

The MS and the network adopt the A8 algorithm to generate the Kc by using the same Ki and random number (RAND).

A ciphering or deciphering sequence is generated through the A5 algorithm on the basis of the Kc stored in the MS and the network and the frame number from the current pulse stream. The network uses the same ciphering sequence in the uplink and downlink. For each burst, the data is ciphered or deciphered as follows:

One sequence is used for the MS ciphering and BTS deciphering.

The other sequence is used for the BTS ciphering and MS deciphering.

The GSM specifications define the following ciphering algorithms:

A5/0 Ciphering Algorithm








A5/0 means no ciphering at all.

A network operator can use the A5 ciphering algorithm only after applying for and being granted with authorization of the 3GPP Organizational Partners. The network operator should use A5/1 or A5/3 ciphering algorithm because the A5/2 ciphering algorithm is deciphered currently. The A5/3 ciphering algorithm is preferred in terms of security.

The ciphering algorithms are selected on the basis of the capabilities of the network and MS. The ciphering algorithms to be adopted should be those allowed in the ciphering command delivered by the MSC, allowed in the BSC data configuration, and supported by the MS. The BSC selects the appropriate ciphering algorithms based on the priorities of the algorithms. If the BSS does not support the ciphering algorithms allowed in the ciphering command delivered by the MSC, the ciphering is rejected.

The A5 ciphering algorithm provides weak protection for data security. Therefore, the ciphering procedure is optimized on the basis of the characteristics of the Um interface transmission in GSM, thus enhancing transmission security and network bugging defense.

GSM BSS

Ciphering 3 Technical Description



Ltd.

3-1

3 Technical Description

3.1 Kc and Its Generation

This describes the application and generation of the ciphering key (Kc).

The MS and the network use the same Kc for ciphering and deciphering user data.

An MS is allocated an International Mobile Station Identity (IMSI) and Ki after it is registered in the GSM network. The MS and the network use the same Ki and RAND. The RAND is generated by the network and sent to the MS. Both the network and the MS use the A8 algorithm to generate the ciphering key Kc. Figure 3-1 shows the generation of the Kc.

Figure 3-1 Generation of Kc

store the cipher

key

A8 algorithm

KiRandom

number

AUC

A8 algorithm

store the cipher

key

MS

The network side

Ki

3.2 A5 Ciphering Algorithm

This describes the application of the A5 ciphering algorithm, which is used to generate a pseudo-random sequence. (GBFD-113501 A5/1 and A5/2 Ciphering Algorithm, GBFD-113503 A5/3 Ciphering Algorithm)

The A5 ciphering algorithm generates a 114-bit ciphering sequence or a 114-bit deciphering sequence based on the 64-bit Kc stored in the MS and the network, and a 22-bit frame number from the current pulse stream. The data ciphering/deciphering is achieved through the Exclusive OR operation between the ciphering/deciphering sequence and the information bit in the ciphered/deciphered data according to the A5 algorithm.

The network uses the same ciphering sequence in the uplink and downlink. For each burst, one sequence is used for the MS ciphering and BTS deciphering whereas the other is used for the BTS ciphering and MS deciphering.

The ciphering/deciphering on the radio links is performed by the BTS and MS. Figure 3-2 shows the ciphering/deciphering process.

GSM BSS




Ltd.

3-2

Figure 3-2 Ciphering/deciphering process

A5 algorithm

Kc

Frame

number

(TDMA)

Receiver

Encryption

serial number

Modulo 2

minus 1

Data that is not

encrypted

A5 algorithm

Kc

Frame

number

(TDMA)

Modulo 2

plus 1

Data that is not

encrypted

Sender

Decryption

serial number

3.3 Algorithm Selection

The ciphering algorithms are selected on the basis of the capabilities of the network and MS.

The process of selecting the ciphering algorithms is as follows:

1. In the call access procedure, the MS sends an Establish Indication message to the BSC.

− If the parameter ECSC in the system information is set to No, the MS reports Classmark 1 or Classmark 2, indicating whether the MS supports A5/1, A5/2, and A5/3 ciphering algorithms.

− If the parameter ECSC in the system information is set to Yes, the MS reports Classmark 1, Classmark 2, and Classmark 3, indicating whether the MS supports A5/1, A5/2, A5/3, A5/4, A5/5, A5/6, and A5/7 ciphering algorithms.

2. On receiving the Ciphering Mode Command message from the MSC, the BSC checks the classmarks reported by the MS. If the BSC does not receive Classmark 3, the BSC sends a Classmark Enquiry message to the MS, asking the MS to report Classmark 3. Classmark 3 defines whether an MS supports A5/4, A5/5, A5/6, and A5/7 ciphering algorithms.

The selection of the ciphering algorithms follows the following principles:

The ciphering algorithms to be adopted should be those allowed in the ciphering command delivered by the MSC, allowed in the BSC data configuration, and supported by the MS.

The BSC selects the appropriate ciphering algorithms based on the priorities of the algorithms, and then sends an Encryption Mode Command message to the BTS.

The priorities of the ciphering algorithms are decreased from A5/7 to A5/0.

GSM BSS




Ltd.

3-3

If the BSS does not support the ciphering algorithms specified in the Ciphering Mode Command message, it sends the MSC a Ciphering Mode Reject message with the cause value Ciphering Algorithms Not Supported.

If the MSC requests to change the ciphering algorithms while the BSS has enabled the former ciphering algorithms, the BSS sends a Ciphering Mode Reject message to the MSC.

3.4 Signaling Procedure

This describes the signaling procedure for ciphering. The ciphering procedure generally applies to location update, service access, and inter-BSC handover. It requests that the BSC and MSC are configured with the ciphering algorithms and that the BTS and MS have the codec capabilities associated with the ciphering algorithms.

The application of ciphering algorithms in the radio telecommunications system depends on the radio resources management entity. Figure 3-3 shows the ciphering procedure, which is initiated by the network and executed by the BTS.

Figure 3-3 Ciphering procedure

MS

Ciphering Mode

Command(1)Encryption Mode

Command(2)Ciphering Mode

Command(3)

Ciphering Mode

Complete(4) Ciphering Mode

Complete(5)

SDCCH

BTS BSC MSC

SDCCH

Initiating the Setting of the Ciphering Mode

When the authentication procedure is complete, the MSC sends the BSC a Ciphering Mode Command message, which contains the Kc. The BSC sends a Ciphering Mode Command message to the MS through the BTS. This message indicates whether the ciphering should be performed by the MS and which ciphering algorithm should be used by the MS.

Completing the Setting of the Ciphering Mode

Completing the setting of the ciphering mode involves the following operations:

1. On receiving a valid Ciphering Mode Command message, the MS loads the Kc stored in the SIM card. If the MS receives an invalid Ciphering Mode Command message, the message is considered erroneous. In this case, the MS sends an RR Status message with the cause value Protocol Error and does no further processing.

A valid Ciphering Mode Command message is defined to be one of the following:

− One that indicates "start ciphering" and is received by the MS in "not ciphered" mode.

− One that indicates "no ciphering" and is received by the MS in "not ciphered" mode.

GSM BSS




Ltd.

3-4

− One that indicates "no ciphering" and is received by the MS in "ciphered" mode.

2. After the MS receives the Ciphering Mode Command message and finishes the ciphering, it begins to send and receive messages in ciphered mode.

− If the MS has started certain operations specified in the Ciphering Mode Command message, it sends a Ciphering Mode Complete message to the network.

− If the "cipher response" field in the Ciphering Mode Command message is specified "IMEISV request", the MS shall include its IMEI in the Ciphering Mode Complete message.

3. On receiving the Ciphering Mode Complete message from the MS, the network starts information transmission in ciphered mode.

Rejecting the Ciphering Mode

If the BSS does not support the ciphering algorithms specified in the Ciphering Mode Command message, it sends the MSC a Cipher Mode Reject message with the cause value Ciphering Algorithm Not Supported.

3.5 Improvements in A5 Ciphering Algorithm

This describes the improvements in A5 ciphering algorithm against security problems. The ciphering procedure is optimized on the basis of the characteristics of the Um interface transmission in GSM, and thereby enhances transmission security and network bugging defense.( GBFD-113521 A5/1 Encryption Flow Optimization)

The optimization of the ciphering procedure is achieved from the following aspects:

Fast SDCCH handover is adopted in the MS access process, which increases the difficulty for the intruder to trace the user call.

Fast SDCCH handover indicates that the BTS initiates an intra-cell SDCCH handover immediately after sending the ciphering command to the MS. Thus, the subsequent ciphered signaling can be transmitted and received on a new signaling channel. SDFASTHOSWITCH specifies whether this function is enabled. To avoid incompatibility with the MS, the handover command is sent after the ciphering complete message is received.

The TCH timing handover is introduced to increase the difficulty for the intruder to trace a user.

For speech calls, intra-cell handovers are performed at a specified time. TCHTIMEHOSWITCH specifies whether the TCH timing handover is enabled. If TCHTIMEHOSWITCH is set to Yes, the handover timer is started and the length of the timer is TCHTIMEHOPERIOD. When TCHTIMEHOPERIOD expires, an intra-cell forced handover is performed.

The Hopping Sequence Number (HSN) in the Flex Training Sequence Code (TSC) and Flex Mobile Allocation Index Offset (MAIO) differentiates one TCH from another. Therefore, the characteristics of TCHs are different and an intruder cannot trace other TCHs according to the characteristics of a certain TCH.

Whether to enable the Flex TSC function depends on the setting of FLEXTSCSWITCH. If FLEXTSCSWITCH is set to Yes, the channels join in frequency hopping and each channel is randomly assigned a TSC, ranging from 0 to 7.

After the BTS sends the ciphering command, it stops sending System Information 5, 5bis, and 5ter over the SACCH on the SDCCH.

STOPSI5SWITCH specifies whether to stop the sending of system information. If STOPSI5SWITCH is set to Yes, the BTS stops sending System Information 5, 5bis, and 5ter over the SACCH on the SDCCH after sending the ciphering command. Instead, the BTS sends System Information 6 or L2 fill frames.

The dummy bits are randomized.

GSM BSS




Ltd.

3-5

DUMMYBITRANDSWITCH specifies whether to randomize the dummy bits. If DUMMYBITRANDSWITCH is set to Yes, the BTS randomizes all the 0x2b dummy bits in the signaling and all the dummy bits in L2 fill frames. To avoid incompatibility with the MS, the BTS reserves the initial 0x2b dummy bits when randomizing signaling.

3.6 Impact on KPI

Impact on System Performance

The use of ciphering algorithms in the telecommunications increases the signaling link flow and the access delay of a call. If the BSS does not support a specified ciphering algorithm, call accesses or handovers might fail. In this case, the performance counters such as assignment success rate and handover success rate are affected.

Impact on Other Features

None.

GSM BSS

Ciphering 4 Engineering Guidelines



Ltd.

4-1

4 Engineering Guidelines

This describes the ciphering algorithms supported currently.

Currently, Huawei equipment supports the following ciphering algorithms: A5/1, A5/2, and A5/3.

The ciphering algorithms A5/1, A5/2, and A5/3 coexist in the same system and can be flexibly defined through data configuration to meet specific regional requirements. The 3GPP Organizational Partners allow all countries to apply for A5/1 or A5/3 because A5/2 is prone to be decrypted. The A5/3 ciphering algorithm is preferred over other ciphering algorithms in terms of security.

GSM BSS

Ciphering 5 Parameters



Ltd.

5-1

5 Parameters

Table 5-1 Parameters Description

Parameter ID NE MML Description

ECSC BSC6900 SET GCELLCCBASIC(Optional)

Meaning: The early classmark sending control (ECSC) parameter specifies whether the MSs in a cell use early classmark sending. After a successful immediate assignment, the MS sends additional classmark information to the network as early as possible. The additional classmark information mainly contains the CM3 (classmark 3) information. The CM3 (classmark 3) information contains the frequency band support capability of the MS (used for the future channel assignment), power information about each frequency band supported by the MS (used for the handover between different frequency bands), and encryption capability of the MS. GUI Value Range: NO(No), YES(Yes) Actual Value Range: NO, YES Unit: None Default Value: YES

GSM BSS




Ltd.

5-2

SDFASTHOSWITCH

BSC6900 SET GCELLSOFT(Optional)

Meaning: Whether to enable the SDCCH quick handover test function. If this parameter is set to Yes, the BSC initiates intra-cell SDCCH handover as soon as the MSC issues an encrypted command to the MS. Thus, the forwarding encrypted signaling can be transmitted and received on a new signaling channel. In this way, the network security is improved. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

TCHTIMEHOSWITCH


Meaning: This parameter specifies whether to perform periodic intra-cell handover for speech services on TCH. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

TCHTIMEHOPERIOD


Meaning: This parameter specifies the interval at which the speech service on a TCH is handed over. GUI Value Range: 1~600 Actual Value Range: 1~600 Unit: s Default Value: 60

GSM BSS




Ltd.

5-3

FLEXTSCSWITCH BSC6900 SET GCELLSOFT(Optional)

Meaning: Whether to enable the function of the Flex training sequence code (TSC). If the value of this parameter is ON and the BTS supports the Flex TSC function, the BSS dynamically allocates TSCs to hopping frequencies for improving the security of calls. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

STOPSI5SWITCH BSC6900 SET GCELLSOFT(Optional)

Meaning: This parameter specifies whether the sending of system information 5, 5bis, and 5ter can be stopped on the SACCH on the SDCCH after the BTS issues a ciphering command. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

DUMMYBITRANDSWITCH


Meaning: Whether a BTS randomizes the dummy bits in all the signaling messages that the BTS sends to an MS. That is, dummy bits are randomized rather than filled on the basis of 0x2B. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

GSM BSS

Ciphering 6 Counters



Ltd.

6-1

6 Counters

For the counters, see the BSC6900 GSM Performance Counter Reference.

GSM BSS

Ciphering 7 Glossary



Ltd.

7-1

7 Glossary

For the acronyms, abbreviations, terms, and definitions, see the Glossary.

Glossary.htm

GSM BSS

Ciphering 8 Reference Documents



Ltd.

8-1

8 Reference Documents

[1] 3GPP 48.058: "Base Station Controller - Base Transceiver Station (BSC-BTS) Interface Layer 3 Specification"

[2] BSC6900 Feature List

[3] BSC6900 Optional Feature Description

[4] GBSS Reconfiguration Guide

[5] BSC6900 GSM Parameter Reference

[6] BSC6900 GSM MML Command Reference

[7] BSC6900 GSM Performance Counter Reference