a5 3 ciphering

A5/3 ciphering in Release B11

Alcatel-Lucent File Reference Date Edition Page FFUV7WE2.DOC 3DC 21144 0140 TQZZA 18/082008 02 1

All rights reserved. Passing on and copying of this document, use and communication of its contents not permitted without written authorization.

Functional Feature Description

A5/3 ciphering

in Release B11




Contents

1. SCOPE ............................................................................................................. 3 2. RATIONALE ....................................................................................................... 4 3. ALCATEL-LUCENT IMPLEMENTATION ......................................................................... 4

3.1 General behavior ........................................................................................ 4 3.2 Call setup ................................................................................................. 5 3.3 TCH Handover............................................................................................ 6

4. HW IMPACT IN THE BSS AND EXTERNAL DEPENDENCIES................................................... 6 5. PARAMETERS ..................................................................................................... 6 6. COUNTERS ........................................................................................................ 7 7. GLOSSARY......................................................................................................... 8 8. REFERENCES...................................................................................................... 8




1. SCOPE

The present functional feature description provides detailed information concerning the implementation of the A5/3 ciphering feature in the Alcatel-Lucent BSS B11 release.

The following feature is described:

15 72 90 A5/3




2. RATIONALE

Due to fact that A5/2 ciphering algorithm has been broken, the GSM Association requested all operators to not use A5/2 anymore from July 2007 onwards. As a complement to this request, the MS do not support A5/2 ciphering algorithm starting with 3GPP Release 6 onwards.

In the same time, some representatives of hacker community claim that they would be able to break also the A5/1 ciphering algorithm with relatively limited means.

These were the reasons to introduce a new ciphering algorithm in order to continue ensuring voice calls privacy in the GSM networks.

For that purpose the A5/3 ciphering algorithm was chosen. The new algorithm is very robust. It was standardized in 3GPP Release 4 and it is already used in the UMTS technology.

A5/3 can be a mandatory requirement of some end-users and will be needed by Operators to maintain a good corporate image and to avoid churn due to a feeling of uncertainty.

The A5/3 ciphering algorithm only concerns the Circuit Switched domain. In the Packet Switched domain, ciphering is not provided by the BSS.

3. ALCATEL-LUCENT IMPLEMENTATION

3.1 General behavior

Before the introduction of the A5/3 algorithm, a BSS was supporting up to 2 encryption algorithms (A5/1 and alternatively A5/2 up to 2007), but not both of them at the same time: either A5/1 was used for all calls, either A5/2 was used for all calls.

As A5/3 algorithm is not supported by all MS in the network and also not supported by all TRX generations, the BSS will have to support 2 encryption algorithms simultaneously. The choice of the algorithm to be used will be performed on a per call basis: the ciphering algorithm is decided at call setup, and can be changed after a handover in case the new TRX has different ciphering capabilities.

For a call, A5/3 is used if:

- MS supports A5/3, as indicated in Class mark 2,

- TRX supports A5/3,

- The operator has enabled A5/3 support for the cell,

- NSS allows the use of A5/3;




- DTM is not enabled in the cell or DTM is enabled and the Ciphering Mode Setting Capability of the MS bit is set. (Only 3GPP Release 6 MS are able to change the ciphering algorithm when the call is established in DTM, this being indicated in its Ciphering Mode Setting Capability bit.)

The MSC gives in a bit field a set of permitted algorithms on call basis, e.g. in the CIPHER MODE COMMAND message. The BSC will always give priority to A5/3 over A5/1, in case several ciphering algorithms are possible.

If no ciphering algorithm is specified by the MSC, the BSC will use A5/0 (No encryption).

3.2 Call setup

MS BTS BSC MSC

Air Abis A

IMMEDIATE ASSIGNMENT

SABM / SDCCH

CIPHER MODE CMD ENCRYPTION COMMAND

CIPHERING MODE CMD

ASSIGNMENT COMMANDASSIGNMENT COMMAND

1

SDCCH unciphered

SDCCH ciphered

TCH ciphered

SABM / FACCH

HANDOVER CMD

ASSIGNMENT REQUEST

IMMEDIATE ASSIGNMENT

TRX2

TRX3

TRX1

HANDOVER CMD

2

3

4

Figure 1: Call setup example

1. At initial SDCCH allocation (i.e. call setup), ciphering is not started. At this point, SDCCH is established without ciphering.




2. The ciphering algorithm is chosen at reception of CIPHER MODE COMMAND and takes into account the TRX capabilities.

3. If a SDCCH handover takes place, it may happen that the ciphering capabilities of the new TRX are different from the previous one. This situation can lead to a change of ciphering algorithm after the handover.

4. Upon reception of the ASSIGNMENT REQUEST message, the selection of the ciphering algorithm is done again for the TCH. The ciphering algorithm may have to be changed if the TRX chosen for the TCH has different ciphering capabilities than the TRX where the SDCCH was established. For normal TCH assignments, ciphering selection will be done based on the Encryption Information IE stored when Cipher Mode Command was received.

3.3 TCH Handover

When a TCH handover is performed, the ciphering capabilities of the new TRX can be different from the ciphering capabilities of the previous one.

If an internal or external handover condition is met, the BSC derives the ciphering algorithm according to §3.1. This selection is signaled with the ciphering information in the CHANNEL ACTIVATION message to the new TRX and in the HANDOVER CMD (or ASSIGNMENT CMD message in case of intra-cell HO) to the MS (the later only in case the ciphering algorithm is changed).

For internal handover, the BSC takes the NSS settings concerning ciphering from the CIPHER MODE COMMAND message. For external handover, this information is taken from HANDOVER REQUEST message.

4. HW IMPACT IN THE BSS AND EXTERNAL DEPENDENCIES

In the A9100 BTS, A5/3 ciphering is supported by all EDGE capable TRX.

A5/3 is supported by the Alcatel-Lucent micro-BTS starting from the 9110-E Micro-BTS (M5M).

A5/3 feature must be supported by the MSC.

5. PARAMETERS

CELL_CIPH_SET: List of the ciphering algorithms allowed by the Operator, on a per cell basis.

The values can be: A5/0, A5/0+A5/1, A5/0+A5/1+A5/3. The A5/0 bit is always set.




6. COUNTERS

MC951

Indicates the number of Assignment Request messages received for MS supporting A5/3 ciphering.

MC952

Indicates the number of Cipher Mode Command received from the MSC, allowing A5/3 ciphering for a MS supporting A5/3 in a cell where A5/3 is enabled.

MC953

Indicates number of successful Cipher Mode Command procedures for usage of A5/3

MC954

Counter is incremented each time the BSC sends:

1) If the cell is a serving cell: a 44.018 ASSIGNMENT COMMAND message with the target ciphering algorithm to be used by the MS for this call set to A5/3 (whatever the ciphering algorithm used before),

2) If the cell is the target cell of an Intra-Cell handover, or inter-cell handover, or external handover or internal/external directed retry: or a 44.018 HANDOVER COMMAND message via the serving cell with the target ciphering algorithm to be used by the MS for this call in the target cell set to A5/3 (whatever the ciphering algorithm used before).

MC955

Indicates number of 44.018 Assignment Command / Handover Command messages sent to an MS, with A5/3 as ciphering algorithm

MC956

Counter is incremented each time the BSC sends:

1) If the cell is a serving cell: a 44.018 ASSIGNMENT COMMAND message to an A5/3 capable MS without requiring the usage of A5/3, because the TRX on which the MS is being allocated in the serving cell does not support A5/3,

2) If the cell is the target cell of an intra-cell handover, or inter-cell handover, or external handover or internal/external directed retry: or a 44.018 HANDOVER COMMAND message to an A5/3 capable MS via the serving cell, without requiring the usage of A5/3, because the TRX on which the MS will be allocated in the target cell does not support A5/3.




7. GLOSSARY

2G 2nd Generation

3GPP 3rd Generation Partnership Project

BSC Base Station Controller

BSS Base Station Subsystem

BTS Base Transceiver Station

CS Circuit Switched

DTM Dual Transfer Mode

GMSK Gaussian Minimum Shift Keying

GPRS General Packet Radio Service

GSM Global System for Mobile communications

HO Handover

IP Internet Protocol

MS Mobile Station

MSC Mobile Switching Centre

NSS Network Sub-System

OMC-R Operation and Maintenance Center - Radio

PS Packet Switched

SDCCH Standalone Dedicated Control Channel (GSM TS)

SUM Station Unit Module

TCH Traffic Channel

TDM Time-Division Multiplexing

TRX Transceiver

8. REFERENCES 3GPP TS 24.008 Mobile radio interface Layer 3 specification; Core network protocols; Stage 3. 3GPP TS 42.009 Security aspects. 3GPP TS 43.020 Security related network functions. 3GPP TS 48.058 Base Station Controller - Base Transceiver Station (BSC - BTS) interface; Layer

3 specification. 3GPP TS 55.216 Specification of the A5/3 Encryption Algorithms for GSM and ECSD, and the

GEA3 Encryption Algorithm for GPRS; Document 1: A5/3 and GEA3 Specifications.

End of Document

a5 3 ciphering

Documents