Ciphering GBSS12.

Feature Parameter Description

Issue Date

01 2010-06-30

HUAWEI TECHNOLOGIES CO., LTD.

Copyright Huawei Technologies Co., Ltd. 2011. All rights reserved.

No part of this document may be reproduced or transmitted in any form or by any means without prior written consent of Huawei Technologies Co., Ltd.

Trademarks and Permissions

and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd. All other trademarks and trade names mentioned in this document are the property of their respective holders.

Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the customer. All or part of the products, services and features described in this document may not be within the purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information, and recommendations in this document are provided "AS IS" without warranties, guarantees or representations of any kind, either express or implied. The information in this document is subject to change without notice. Every effort has been made in the preparation of this document to ensure accuracy of the contents, but all statements, information, and recommendations in this document do not constitute the warranty of any kind, express or implied.

Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base Bantian, Longgang Shenzhen 518129 People's Republic of China Website: Email: http://www.huawei.com support@huawei.com

GSM BSS Ciphering

Contents

Contents
1 Introduction to This Document .............................................................................................1-1
1.1 Scope ............................................................................................................................................ 1-1 1.2 Intended Audience ........................................................................................................................ 1-1 1.3 Change History.............................................................................................................................. 1-1

2 Overview .....................................................................................................................................2-1 3 Technical Description ..............................................................................................................3-1

3.1 Kc and Its Generation.................................................................................................................... 3-1 3.2 A5 Ciphering Algorithm .................................................................................................................. 3-1 3.3 Algorithm Selection ....................................................................................................................... 3-2 3.4 Signaling Procedure ...................................................................................................................... 3-3 3.5 Improvements in A5 Ciphering Algorithm ...................................................................................... 3-4 3.6 Impact on KPI ................................................................................................................................ 3-5

4 Engineering Guidelines...........................................................................................................4-1 5 Parameters .................................................................................................................................5-1 6 Counters ......................................................................................................................................6-1 7 Glossary ......................................................................................................................................7-1 8 Reference Documents .............................................................................................................8-1

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

GSM BSS Ciphering

1 Introduction to This Document

1 Introduction to This Document

1.1 Scope
This document describes ciphering of Huawei GBSS. It covers the function of and technology mechanisms regarding this feature, including the ciphering key (Kc) generation, A5 ciphering algorithm, ciphering algorithm selection, signaling procedure, and improvements in A5 ciphering algorithm.

1.2 Intended Audience

It is assumed that users of this document are familiar with GSM basics and have a working knowledge of GSM telecommunication. This document is intended for:

Personnel working on Huawei GSM products or systems System operators who need a general understanding of this feature

1.3 Change History

The change history provides information on the changes in the ciphering feature in different document versions. There are two types of changes, which are defined as follows:

Feature change Feature change refers to the change in the ciphering feature of a specific product version. Editorial change Editorial change refers to the change in wording or the addition of the information that was not described in the earlier version.

Document Issues
The document issues are as follows:

01 (2010-06-30) Draft (2010-03-30)

01 (2010-06-30)
This is the first release of GBSS12.0. Compared with issue draft (2010-03-30) of GBSS12.0, issue 01 (2010-06-30) of GBSS12.0 incorporates the changes described in the following table. Change Type Change Description Feature change Editorial change None. Parameter Change None.

Parameters are presented in the None. form of Parameter ID instead of Parameter Name.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

1-1

GSM BSS Ciphering

1 Introduction to This Document

Draft (2010-03-30)
This is the draft release of GBSS12.0.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

1-2

GSM BSS Ciphering

2 Overview

2 Overview
The information ciphered on the Um interface involves signaling, speech, and data. The implementation of ciphering guarantees the information security and prevents user information or conversation contents from unauthorized access. The ciphering procedure is initiated on the network side. The BTS and MS cipher and decipher the information by using the A5 algorithm and the ciphering key (Kc) generated by the A8 algorithm on the basis of the capability of the MS and BTS. Thus, the security of the information on the Um interface is ensured. The Kc is generated by the GSM authentication center (AuC) and stored in the MSC/VLR. The Kc is sent to the BTS before the ciphering procedure begins. The MS and the network adopt the A8 algorithm to generate the Kc by using the same Ki and random number (RAND). A ciphering or deciphering sequence is generated through the A5 algorithm on the basis of the Kc stored in the MS and the network and the frame number from the current pulse stream. The network uses the same ciphering sequence in the uplink and downlink. For each burst, the data is ciphered or deciphered as follows:

One sequence is used for the MS ciphering and BTS deciphering. The other sequence is used for the BTS ciphering and MS deciphering.

The GSM specifications define the following ciphering algorithms:

A5/0 Ciphering Algorithm A5/1 Ciphering Algorithm A5/2 Ciphering Algorithm A5/3 Ciphering Algorithm A5/4 Ciphering Algorithm A5/5 Ciphering Algorithm A5/6 Ciphering Algorithm A5/7 Ciphering Algorithm

A5/0 means no ciphering at all.

A network operator can use the A5 ciphering algorithm only after applying for and being granted with authorization of the 3GPP Organizational Partners. The network operator should use A5/1 or A5/3 ciphering algorithm because the A5/2 ciphering algorithm is deciphered currently. The A5/3 ciphering algorithm is preferred in terms of security. The ciphering algorithms are selected on the basis of the capabilities of the network and MS. The ciphering algorithms to be adopted should be those allowed in the ciphering command delivered by the MSC, allowed in the BSC data configuration, and supported by the MS. The BSC selects the appropriate ciphering algorithms based on the priorities of the algorithms. If the BSS does not support the ciphering algorithms allowed in the ciphering command delivered by the MSC, the ciphering is rejected. The A5 ciphering algorithm provides weak protection for data security. Therefore, the ciphering procedure is optimized on the basis of the characteristics of the Um interface transmission in GSM, thus enhancing transmission security and network bugging defense.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

2-1

GSM BSS Ciphering

3 Technical Description

3 Technical Description
3.1 Kc and Its Generation
This describes the application and generation of the ciphering key (Kc). The MS and the network use the same Kc for ciphering and deciphering user data. An MS is allocated an International Mobile Station Identity (IMSI) and Ki after it is registered in the GSM network. The MS and the network use the same Ki and RAND. The RAND is generated by the network and sent to the MS. Both the network and the MS use the A8 algorithm to generate the ciphering key Kc. Figure 3-1 shows the generation of the Kc. Figure 3-1 Generation of Kc
The network side MS AUC Random number

Ki

Ki

A8 algorithm

A8 algorithm

store the cipher key

store the cipher key

3.2 A5 Ciphering Algorithm

This describes the application of the A5 ciphering algorithm, which is used to generate a pseudo-random sequence. (GBFD-113501 A5/1 and A5/2 Ciphering Algorithm, GBFD-113503 A5/3 Ciphering Algorithm) The A5 ciphering algorithm generates a 114-bit ciphering sequence or a 114-bit deciphering sequence based on the 64-bit Kc stored in the MS and the network, and a 22-bit frame number from the current pulse stream. The data ciphering/deciphering is achieved through the Exclusive OR operation between the ciphering/deciphering sequence and the information bit in the ciphered/deciphered data according to the A5 algorithm. The network uses the same ciphering sequence in the uplink and downlink. For each burst, one sequence is used for the MS ciphering and BTS deciphering whereas the other is used for the BTS ciphering and MS deciphering. The ciphering/deciphering on the radio links is performed by the BTS and MS. Figure 3-2 shows the ciphering/deciphering process.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

3-1

GSM BSS Ciphering

3 Technical Description

Figure 3-2 Ciphering/deciphering process

Sender Frame number Kc (TDMA) Receiver Frame number Kc (TDMA)

A5 algorithm Encryption serial number

A5 algorithm Decryption serial number

Modulo 2 minus 1

Modulo 2 plus 1

Data that is not encrypted

Data that is not encrypted

3.3 Algorithm Selection

The ciphering algorithms are selected on the basis of the capabilities of the network and MS. The process of selecting the ciphering algorithms is as follows: 1.
If If

In the call access procedure, the MS sends an Establish Indication message to the BSC.

the parameter ECSC in the system information is set to No, the MS reports Classmark 1 or Classmark 2, indicating whether the MS supports A5/1, A5/2, and A5/3 ciphering algorithms. the parameter ECSC in the system information is set to Yes, the MS reports Classmark 1, Classmark 2, and Classmark 3, indicating whether the MS supports A5/1, A5/2, A5/3, A5/4, A5/5, A5/6, and A5/7 ciphering algorithms. 2. On receiving the Ciphering Mode Command message from the MSC, the BSC checks the classmarks reported by the MS. If the BSC does not receive Classmark 3, the BSC sends a Classmark Enquiry message to the MS, asking the MS to report Classmark 3. Classmark 3 defines whether an MS supports A5/4, A5/5, A5/6, and A5/7 ciphering algorithms.

The selection of the ciphering algorithms follows the following principles:

The ciphering algorithms to be adopted should be those allowed in the ciphering command delivered by the MSC, allowed in the BSC data configuration, and supported by the MS. The BSC selects the appropriate ciphering algorithms based on the priorities of the algorithms, and then sends an Encryption Mode Command message to the BTS.

The priorities of the ciphering algorithms are decreased from A5/7 to A5/0.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

3-2

GSM BSS Ciphering

3 Technical Description

If the BSS does not support the ciphering algorithms specified in the Ciphering Mode Command message, it sends the MSC a Ciphering Mode Reject message with the cause value Ciphering Algorithms Not Supported. If the MSC requests to change the ciphering algorithms while the BSS has enabled the former ciphering algorithms, the BSS sends a Ciphering Mode Reject message to the MSC.

3.4 Signaling Procedure

This describes the signaling procedure for ciphering. The ciphering procedure generally applies to location update, service access, and inter-BSC handover. It requests that the BSC and MSC are configured with the ciphering algorithms and that the BTS and MS have the codec capabilities associated with the ciphering algorithms. The application of ciphering algorithms in the radio telecommunications system depends on the radio resources management entity. Figure 3-3 shows the ciphering procedure, which is initiated by the network and executed by the BTS. Figure 3-3 Ciphering procedure
MS BTS BSC Ciphering Mode Command(1) MSC

Ciphering Mode Command(3) SDCCH Ciphering Mode Complete(4) SDCCH

Encryption Mode Command(2)

Ciphering Mode Complete(5)

Initiating the Setting of the Ciphering Mode

When the authentication procedure is complete, the MSC sends the BSC a Ciphering Mode Command message, which contains the Kc. The BSC sends a Ciphering Mode Command message to the MS through the BTS. This message indicates whether the ciphering should be performed by the MS and which ciphering algorithm should be used by the MS.

Completing the Setting of the Ciphering Mode

Completing the setting of the ciphering mode involves the following operations:
1.

On receiving a valid Ciphering Mode Command message, the MS loads the Kc stored in the SIM card. If the MS receives an invalid Ciphering Mode Command message, the message is considered erroneous. In this case, the MS sends an RR Status message with the cause value Protocol Error and does no further processing. A valid Ciphering Mode Command message is defined to be one of the following:
One One

that indicates "start ciphering" and is received by the MS in "not ciphered" mode. that indicates "no ciphering" and is received by the MS in "not ciphered" mode.
Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd. 3-3

Issue 01 (2010-06-30)

GSM BSS Ciphering

One 2.

3 Technical Description

that indicates "no ciphering" and is received by the MS in "ciphered" mode.

After the MS receives the Ciphering Mode Command message and finishes the ciphering, it begins to send and receive messages in ciphered mode.
If If

the MS has started certain operations specified in the Ciphering Mode Command message, it sends a Ciphering Mode Complete message to the network. the "cipher response" field in the Ciphering Mode Command message is specified "IMEISV request", the MS shall include its IMEI in the Ciphering Mode Complete message. On receiving the Ciphering Mode Complete message from the MS, the network starts information transmission in ciphered mode.

3.

Rejecting the Ciphering Mode

If the BSS does not support the ciphering algorithms specified in the Ciphering Mode Command message, it sends the MSC a Cipher Mode Reject message with the cause value Ciphering Algorithm Not Supported.

3.5 Improvements in A5 Ciphering Algorithm

This describes the improvements in A5 ciphering algorithm against security problems. The ciphering procedure is optimized on the basis of the characteristics of the Um interface transmission in GSM, and thereby enhances transmission security and network bugging defense.( GBFD-113521 A5/1 Encryption Flow Optimization) The optimization of the ciphering procedure is achieved from the following aspects:

Fast SDCCH handover is adopted in the MS access process, which increases the difficulty for the intruder to trace the user call. Fast SDCCH handover indicates that the BTS initiates an intra-cell SDCCH handover immediately after sending the ciphering command to the MS. Thus, the subsequent ciphered signaling can be transmitted and received on a new signaling channel. SDFASTHOSWITCH specifies whether this function is enabled. To avoid incompatibility with the MS, the handover command is sent after the ciphering complete message is received.

The TCH timing handover is introduced to increase the difficulty for the intruder to trace a user. For speech calls, intra-cell handovers are performed at a specified time. TCHTIMEHOSWITCH specifies whether the TCH timing handover is enabled. If TCHTIMEHOSWITCH is set to Yes, the handover timer is started and the length of the timer is TCHTIMEHOPERIOD. When TCHTIMEHOPERIOD expires, an intra-cell forced handover is performed.

The Hopping Sequence Number (HSN) in the Flex Training Sequence Code (TSC) and Flex Mobile Allocation Index Offset (MAIO) differentiates one TCH from another. Therefore, the characteristics of TCHs are different and an intruder cannot trace other TCHs according to the characteristics of a certain TCH. Whether to enable the Flex TSC function depends on the setting of FLEXTSCSWITCH. If FLEXTSCSWITCH is set to Yes, the channels join in frequency hopping and each channel is randomly assigned a TSC, ranging from 0 to 7.

After the BTS sends the ciphering command, it stops sending System Information 5, 5bis, and 5ter over the SACCH on the SDCCH. STOPSI5SWITCH specifies whether to stop the sending of system information. If STOPSI5SWITCH is set to Yes, the BTS stops sending System Information 5, 5bis, and 5ter over the SACCH on the SDCCH after sending the ciphering command. Instead, the BTS sends System Information 6 or L2 fill frames.

The dummy bits are randomized.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

3-4

GSM BSS Ciphering

3 Technical Description

DUMMYBITRANDSWITCH specifies whether to randomize the dummy bits. If DUMMYBITRANDSWITCH is set to Yes, the BTS randomizes all the 0x2b dummy bits in the signaling and all the dummy bits in L2 fill frames. To avoid incompatibility with the MS, the BTS reserves the initial 0x2b dummy bits when randomizing signaling.

3.6 Impact on KPI

Impact on System Performance
The use of ciphering algorithms in the telecommunications increases the signaling link flow and the access delay of a call. If the BSS does not support a specified ciphering algorithm, call accesses or handovers might fail. In this case, the performance counters such as assignment success rate and handover success rate are affected.

Impact on Other Features

None.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

3-5

GSM BSS Ciphering

4 Engineering Guidelines

4 Engineering Guidelines
This describes the ciphering algorithms supported currently. Currently, Huawei equipment supports the following ciphering algorithms: A5/1, A5/2, and A5/3. The ciphering algorithms A5/1, A5/2, and A5/3 coexist in the same system and can be flexibly defined through data configuration to meet specific regional requirements. The 3GPP Organizational Partners allow all countries to apply for A5/1 or A5/3 because A5/2 is prone to be decrypted. The A5/3 ciphering algorithm is preferred over other ciphering algorithms in terms of security.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

4-1

GSM BSS Ciphering

5 Parameters

5 Parameters
Table 5-1 Parameters Description Parameter ID ECSC NE BSC6900 MML Description

SET Meaning: The early classmark GCELLCCBASIC(Optional) sending control (ECSC) parameter specifies whether the MSs in a cell use early classmark sending. After a successful immediate assignment, the MS sends additional classmark information to the network as early as possible. The additional classmark information mainly contains the CM3 (classmark 3) information. The CM3 (classmark 3) information contains the frequency band support capability of the MS (used for the future channel assignment), power information about each frequency band supported by the MS (used for the handover between different frequency bands), and encryption capability of the MS. GUI Value Range: NO(No), YES(Yes) Actual Value Range: NO, YES Unit: None Default Value: YES

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

5-1

GSM BSS Ciphering

5 Parameters

SDFASTHOSWITC BSC6900 H

SET GCELLSOFT(Optional)

Meaning: Whether to enable the SDCCH quick handover test function. If this parameter is set to Yes, the BSC initiates intra-cell SDCCH handover as soon as the MSC issues an encrypted command to the MS. Thus, the forwarding encrypted signaling can be transmitted and received on a new signaling channel. In this way, the network security is improved. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

TCHTIMEHOSWIT BSC6900 CH

SET GCELLSOFT(Optional)

Meaning: This parameter specifies whether to perform periodic intra-cell handover for speech services on TCH. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

TCHTIMEHOPERI BSC6900 OD

SET GCELLSOFT(Optional)

Meaning: This parameter specifies the interval at which the speech service on a TCH is handed over. GUI Value Range: 1~600 Actual Value Range: 1~600 Unit: s Default Value: 60

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

5-2

GSM BSS Ciphering

5 Parameters

FLEXTSCSWITCH BSC6900

SET GCELLSOFT(Optional)

Meaning: Whether to enable the function of the Flex training sequence code (TSC). If the value of this parameter is ON and the BTS supports the Flex TSC function, the BSS dynamically allocates TSCs to hopping frequencies for improving the security of calls. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

STOPSI5SWITCH BSC6900

SET GCELLSOFT(Optional)

Meaning: This parameter specifies whether the sending of system information 5, 5bis, and 5ter can be stopped on the SACCH on the SDCCH after the BTS issues a ciphering command. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

DUMMYBITRANDS BSC6900 WITCH

SET GCELLSOFT(Optional)

Meaning: Whether a BTS randomizes the dummy bits in all the signaling messages that the BTS sends to an MS. That is, dummy bits are randomized rather than filled on the basis of 0x2B. GUI Value Range: OFF(Off), ON(On) Actual Value Range: OFF, ON Unit: None Default Value: OFF

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

5-3

GSM BSS Ciphering

6 Counters

6 Counters
For the counters, see the BSC6900 GSM Performance Counter Reference.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

6-1

GSM BSS Ciphering

7 Glossary

7 Glossary
For the acronyms, abbreviations, terms, and definitions, see the Glossary.

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

7-1

GSM BSS Ciphering

8 Reference Documents

8 Reference Documents
[1] 3GPP 48.058: "Base Station Controller - Base Transceiver Station (BSC-BTS) Interface Layer 3 Specification" [2] BSC6900 Feature List [3] BSC6900 Optional Feature Description [4] GBSS Reconfiguration Guide [5] BSC6900 GSM Parameter Reference [6] BSC6900 GSM MML Command Reference [7] BSC6900 GSM Performance Counter Reference

Issue 01 (2010-06-30)

Huawei Proprietary and Confidential Copyright Huawei Technologies Co., Ltd.

8-1