CAVE-based authentication

Last updated

CAVE-based Authentication (a.k.a. HLR Authentication, 2G Authentication, Access Authentication) is an access authentication protocol used in CDMA/1xRTT computer network systems.

Contents

CAVE (Cellular Authentication and Voice Encryption)

There are two network entities involved in CAVE-based authentication when roaming:

  • Authentication Center (AC)a.k.a. HLR/AC, AuC – Located in a roamer’s home network, the AC controls the authentication process and either authenticates the Mobile Station (Mobile Phone, MS) or shares SSD with the serving VLR to allow this authentication to occur locally. The AC must be provisioned with an A-key value for each MS. Authentication is predicated on the assumption that A-key value provisioned in an MS is the same as the A-key value provisioned in the AC. The AC is often co-located with the HLR and referred to as the HLR/AC. However, the AC could be a standalone network entity that serves one or more HLRs. Though the CDMA abbreviation is AC, the GSM abbreviation of AuC is sometimes used (albeit incorrectly in CDMA networks).
  • Visitor Location Register (VLR) – If SSD is shared with the visited network, the VLR locally authenticates the roamer. Otherwise, the VLR proxies authentication responses from roamers to their home HLR/AC for authentication.

The authentication controller is the entity that determines whether the response from the MS is correct. Depending upon whether SSD is shared, the authentication controller may be either the AC or VLR. In either case, CAVE-based authentication is based on the CAVE algorithm and the following two shared keys:

  • Authentication key (A-key) – A 64-bit primary secret key known only to the MS and AC. In the case of RUIM equipped mobiles, the A-key is stored on the RUIM; otherwise, it is stored in semi-permanent memory on the MS. The A-key is never shared with roaming partners. However, it is used to generate a secondary key known as SSD that may be shared with a roaming partner to enable local authentication in the visited network.
  • Shared Secret Data (SSD) – A 128-bit secondary secret key that is calculated using the CAVE algorithm during an SSD Update procedure. During this procedure both MS and the AC in the user’s home network separately calculate SSD. It is this SSD, not the A-key that is used during authentication. SSD may or may not be shared between home and roaming partner networks to enable local authentication. SSD consists of two 64-bit keys: SSD_A, which is used during authentication to calculate authentication signatures, and SSD_B, which is used in the generation of session keys for encryption and voice privacy.

CAVE-based authentication provides two types of challenges

CAVE-based authentication is a one-way authentication mechanism that always involves the network authenticating the MS (with the exception of the base station challenge procedure that occurs only during an SSD update).

CAVE-based authentication procedures are specified in TIA-41 (3GPP2 X.S0004).

See also

Related Research Articles

The international mobile subscriber identity (IMSI) is a number that uniquely identifies every user of a cellular network. It is stored as a 64-bit field and is sent by the mobile device to the network. It is also used for acquiring other details of the mobile in the home location register (HLR) or as locally copied in the visitor location register. To prevent eavesdroppers from identifying and tracking the subscriber on the radio interface, the IMSI is sent as rarely as possible and a randomly-generated TMSI is sent instead.

SIM card Integrated circuit card for a mobile device

A SIM card, also known as subscriber identity module or subscriber identification module (SIM), is an integrated circuit running a card operating system (COS) that is intended to securely store the international mobile subscriber identity (IMSI) number and its related key, which are used to identify and authenticate subscribers on mobile telephony devices. It is also possible to store contact information on many SIM cards. SIM cards are always used on GSM phones; for CDMA phones, they are needed only for LTE-capable handsets. SIM cards can also be used in satellite phones, smart watches, computers, or cameras.

Roaming

Roaming is a wireless telecommunication term typically used with mobile devices, such as mobile phones. It refers to a mobile phone being used outside the range of its native network and connecting to another available cell network.

The GPRS core network is the central part of the general packet radio service (GPRS) which allows 2G, 3G and WCDMA mobile networks to transmit IP packets to external networks such as the Internet. The GPRS system is an integrated part of the GSM network switching subsystem.

Mobility management is one of the major functions of a GSM or a UMTS network that allows mobile phones to work. The aim of mobility management is to track where the subscribers are, allowing calls, SMS and other mobile phone services to be delivered to them.

Network switching subsystem (NSS) is the component of a GSM system that carries out call out and mobility management functions for mobile phones roaming on the network of base stations. It is owned and deployed by mobile phone operators and allows mobile devices to communicate with each other and telephones in the wider public switched telephone network (PSTN). The architecture contains specific features and functions which are needed because the phones are not fixed in one location.

GSM services are a standard collection of applications and features available over the Global System for Mobile Communications (GSM) to mobile phone subscribers all over the world. The GSM standards are defined by the 3GPP collaboration and implemented in hardware and software by equipment manufacturers and mobile phone operators. The common standard makes it possible to use the same phones with different companies' services, or even roam into different countries. GSM is the world's most dominant mobile phone standard.

Authentication and Key Agreement (AKA) is a security protocol used in 3G networks. AKA is also used for one-time password generation mechanism for digest access authentication. AKA is a challenge-response based mechanism that uses symmetric cryptography.

AAA refers to Authentication, Authorization and Accounting. It is used to refer to a family of protocols that mediate network access.

The Mobile Application Part (MAP) is an SS7 protocol that provides an application layer for the various nodes in GSM and UMTS mobile core networks and GPRS core networks to communicate with each other in order to provide services to users. The Mobile Application Part is the application-layer protocol used to access the Home Location Register, Visitor Location Register, Mobile Switching Center, Equipment Identity Register, Authentication Centre, Short message service center and Serving GPRS Support Node (SGSN).

A mobile equipment identifier (MEID) is a globally unique number identifying a physical piece of CDMA2000 mobile station equipment. The number format is defined by the 3GPP2 report S.R0048 but in practical terms, it can be seen as an IMEI but with hexadecimal digits.

GSM procedures are sets of steps performed by the GSM network and devices on it in order for the network to function. GSM is a set of standards for cell phone networks established by the European Telecommunications Standards Institute and first used in 1991. Its procedures refers to the steps a GSM network takes to communicate with cell phones and other mobile devices on the network. IMSI attach refers to the procedure used when a mobile device or mobile station joins a GSM network when it turns on and IMSI detach refers to the procedure used to leave or disconnect from a network when the device is turned off.

IS-41, also known as ANSI-41, is a mobile, cellular telecommunications system standard to support mobility management by enabling the networking of switches. ANSI-41 is the standard now approved for use as the network-side companion to the wireless-side AMPS (analog), IS-136, cdmaOne, and CDMA2000 networks. It competes with GSM MAP, but the two will eventually merge to support worldwide roaming.

The Short Message Service is realised by the use of the Mobile Application Part (MAP) of the SS7 protocol, with Short Message protocol elements being transported across the network as fields within the MAP messages. These MAP messages may be transported using "traditional" TDM based signalling, or over IP using SIGTRAN and an appropriate adaptation layer.

A12 Authentication is a CHAP-based mechanism used by a CDMA2000 Access Network (AN) to authenticate a 1xEV-DO Access Terminal (AT).

A UIMID is a 32-bit Electronic Serial Number (ESN) stored in a R-UIM or CSIM used for TDMA or CDMA2000 phones. It is given a different name to avoid confusion with the hardware ESN stored in the phone. In all known systems the UIMID displaces the ESN in signaling. Because the UIMID is allocated from the same numbering space as ESN its existence is transparent to the network. The reason the UIMID is transmitted instead of the ESN is because the card contains the MIN or IMSI and devices such as the HLR running the Asbi

The Um interface is the air interface for the GSM mobile telephone standard. It is the interface between the mobile station (MS) and the Base transceiver station (BTS). It is called Um because it is the mobile analog to the U interface of ISDN. Um is defined in the GSM 04.xx and 05.xx series of specifications. Um can also support GPRS packet-oriented communication.

Insert Subscriber Data is a Subscriber Data Handling procedure in LTE services. This procedure is used to manage the subscription data of subscriber in MME and SGSN over S6a/S6d interface. IDR is invoked by Home Subscriber Server for subscription data handling. IDR is MAP subscriber management service utilized in GSM/UMTS networks, standardized by 3GPP, and defined in the MAP specification, TS 29.002. This service is used to provide specific subscriber data in the following environments: by an HLR to update a VLR, by an HLR to update a SGSN, and by an HSS to update a MME via IWF in an EPS. This service is primarily used by the home subscriber management entity to update the serving subscriber management entity when there is either a change in a subscriber parameter, or upon a location updating of the subscriber.

A telecom network protocol analyzer is a protocol analyzer to analyze a switching and signaling telecommunication protocol between different nodes in PSTN or Mobile telephone networks, such as 2G or 3G GSM networks, CDMA networks, WiMAX and so on.

References

    This page is based on this Wikipedia article
    Text is available under the CC BY-SA 4.0 license; additional terms may apply.
    Images, videos and audio are available under their respective licenses.