Authentication

Authentication is a process by which UE and Network check if the other party has right
authority to communicate each other. It is very similar to 'login process' when you use a
computer. The only difference is that in computer login process, only the computer is
checking your authority and you are not technically checking the PC's authority (Of
course, you have your own 'will' to use it or not to use it.. but it is not the technically
deterministic authentication algorithm). In LTE (in WCDMA as well), Network
authenticate UE and UE also authenticate the Network. Authentication on both side
should be passed for the communication to proceed.
Authentication" process is a process similar to 'log in' process when you use a computer.
In C2K and GSM, this authentication process is 'uni-directional', meaning that only
Network authenticate UE and UE does not authenticate the network. As you may easily
guess, this would cause a serious security problem. If I make a fake network which
accept any UE, I can cheat a UE to camp on the fake network rather than the one the UE
is supposed to camp on to. (But this kind of 'uni directional' authentication would make
it so easy to test a UE using network simulator -:)
To improve this security issues, in LTE (in WCDMA as well) they do 'bi-directional'
authentication, meaning that UE has to pass the authentication process and Network
also has to pass the process as well.
The overall authentication process is as follows.

There are three main components of this authentication process:

i) Input Parameters
ii) Authentication Algorithm
iii) Output Values (calculated by Authentication Algorithm using the Input Parameters).

Both UE and Network uses the same Input Parameters and the same Authentication
Algorithms, so they both should produce the same Output Values, otherwise
Authentication fails.
One thing you have to keep in mind is that UE and Network exchange only Input
Parameters and Output values, not the authentication Algorithm. Authentication
Algorithm on UE side is stored in USIM and Authentication Algorithm on NW side is
stored in Authentication Centre. Both UE and NW just assume that they would use the
identical algorithms.
Normally we use different Authentication Algorithm for testing and different for live
network. The most commonly used algorithm for testing is what we often call "Dummy
XOR" algorithm which is defined in 36.508 section 4.9 Common test USIM parameters
for LTE and 34.408 section 8 Test USIM Parameters for WCDMA.
The most common used algorithm in live network (as far as I know) is Milenage
algorithm.
One example of Authentication Request and Authentication Response is as follows. You
would notice that RAND, AUTN are carried by Authentication Request message and RES
value is carried by Authentication Response.
NAS_LTE:EMM,Authentication request
Authentication request ::= DIVISION
+-Security header type ::= V
| +-Security header type ::= CHOICE [Plain NAS message, not security protected]
+-EPS mobility management protocol discriminator ::= V
| +-Protocol discriminator ::= PD [7]
+-Authentication request message type ::= V
| +-Message type ::= MSG [52]
+-Spare half octet ::= V
| +-Spare half octet ::= FIX [0]
+-NAS key set identifier ASME ::= V
| +-TSC ::= CHOICE [native security context (for KSI ASME)]
| +-NAS key set identifier ::= CHOICE [possible values for the NAS key set identifier 0]
+-Authentication parameter RAND ::= V
| +-Octet1-Octet16 ::= DIVISION
| +-RAND value ::= OCTETARRAY SIZE(16..16)
[A3DE0C6D363E30C364A4078F1BF8D577]
32 hexadecimal
+-Authentication parameter AUTN ::= LV
numbers = 16
+-Octet1 ::= DIVISION
bytes
| +-Length of AUTN contents ::= LEN (0..255) [16]
+-Octet2-Octet17 ::= DIVISION
+-AUTN ::= OCTETARRAY SIZE(0..16) [5E726B56B4EC9001A3CF2E5E726BC6B5]
NAS_LTE:EMM,Authentication response
Authentication response ::= DIVISION
+-Security header type ::= V
| +-Security header type ::= CHOICE [Plain NAS message, not security protected]
+-EPS mobility management protocol discriminator ::= V
| +-Protocol discriminator ::= PD [7]
+-Authentication response message identity ::= V
| +-Message type ::= MSG [53]
+-Authentication response parameter ::= LV
+-Octet1 ::= DIVISION

| +-Length of Authentication response parameter contents ::= LEN (0..255) [8]

+-Octet2-17 ::= DIVISION
16 hexadecimal
+-RES ::= OCTETARRAY SIZE(0..16) [A3CF2E5E726B56B4]

numbers = 8
bytes

As you see from the two messages above, there are only three values
which plays critical roles. RAND, AUTN, RES.
RAND is not a calculated value. It is just randomly assigned by the network
Authentication Centre. AUTN and RES is calculated by special algorithm as illustrated
below. (If you want to know the very detailed process, refer to 3GPP TS 35.206 V4.0.0
(2001-04) and analyse the source code line by line. If you just want to get general
understanding, following illustration would be enough.)

Key Generation for Test USIM (based on 34.108)

< Example >

Following is an example USIM parameter and the result of each step described above.
You would not need any special program to try this. Just try with your hand. If you are
on a boring trip, this can be very good for killing time.

Parameter
K

Value
00112233445566778899AABBCCDDEEFF (HEX)
00000000 00010001 00100010 00110011 01000100 01010101 01100110
01110111 10001000 10011001 10101010 10111011 11001100 11011101

11101110 11111111 (Bin)

RAND

31323131353836343132313135383634 (HEX)
00110001 00110010 00110001 00110001 00110101 00111000 00110110
00110100 00110001 00110010 00110001 00110001 00110101 00111000
00110110 00110100 (Bin)

SQN

000000000000 (HEX)
00000000 00000000 00000000 00000000 00000000 00000000 (Bin)

AMF

8000 (HEX)
10000000 00000000 (Bin)

XDOUT

31231302716D5043B9AB9B8AF9E5D8CB (HEX)
00110001 00100011 00010011 00000010 01110001 01101101 01010000
01000011 10111001 10101011 10011011 10001010 11111001 11100101
11011000 11001011 (Bin)

CK

231302716D5043B9AB9B8AF9E5D8CB31 (HEX)
00100011 00010011 00000010 01110001 01101101 01010000 01000011
10111001 10101011 10011011 10001010 11111001 11100101 11011000
11001011 00110001 (Bin)

IK

1302716D5043B9AB9B8AF9E5D8CB3123 (HEX)
00010011 00000010 01110001 01101101 01010000 01000011 10111001
10101011 10011011 10001010 11111001 11100101 11011000 11001011
00110001 00100011 (Bin)

AK

02716D5043B9 (HEX)
00000010 01110001 01101101 01010000 01000011 10111001 (Bin)

CDOUT

0000000000008000 (HEX)
00000000 00000000 00000000 00000000 00000000 00000000 10000000
00000000 (Bin)

XMAC

31231302716DD043 (HEX)
00110001 00100011 00010011 00000010 01110001 01101101 11010000
01000011 (Bin)

AUTN

02716D5043B9800031231302716DD043 (HEX)
00000010 01110001 01101101 01010000 01000011 10111001 10000000
00000000 00110001 00100011 00010011 00000010 01110001 01101101
11010000 01000011 (Bin)

Key Generation for Milenage

Refer to 3GPP TS 35.206 V4.0.0 (2001-04) and you can get the C implementation of this
algorithm and the code would tell you everything.