Mobile usage has virtually penetrated every aspect of our daily lives from the traditional voice

communication to short message services (SMS), multimedia messaging services (MMS), ring
tones, camera phones, games and a vast array of applications.

In fact with the advent of 3G technologies most Service Providers are promising even more
attractive features and applications. Most mobile phone manufacturers are making the mobile
even more and more feature rich.

One of the key areas which has been addressed by both the Service Provider and the Mobile
manufacturers is in the area of Authentication and Encryption in Mobile technology.

This White Paper is an attempt to address the concept of Authentication and Encryption in
CDMA systems and the usage of this feature in today’s mobile telephony environment.

Encryption is the conversion of message from the original form to an unrecognizable form
(encrypted message) while decryption is the re-conversion of the encrypted message into its
original form.

The word cryptography comes from the Greek words kryptos which means hidden and graphein
which means writing. Cryptography is the science of encryption and decryption.

The art or study of cryptography was a known practice in the ancient world. The first recorded
use of cryptography was by the Spartan’s in 400 B.C. and one of the more famous ancient
cryptography was known as “Caesar Cipher” named after Julius Caesar which was used by the
Roman armies to transfer messages during war.

The modern day cryptographic techniques make use of much faster processing techniques which
are embedded on advanced electronics chips and computers systems.

In a general cryptographic system a message is encrypted with the help of keys which are nothing
but variables which are applied to the original message. The formula for combining the original
message and the key to produce an encrypted message is known as a cryptographic algorithm.

For example an original text written as HOWAREYOU could be encrypted into KRZDUHBRX.
In this example the cryptographic algorithm would read “shift key places forward” and the key
could be 2 which means shift 2 places forward.

As can be seen in the above example both sides must have the same cryptographic algorithm and
must know the key or variable to perform the cryptographic algorithm on the original message.

Most Cryptographic systems use either the Secret Key (Symmetric) cryptography or Public
Key (Asymmetric) cryptography and sometimes even a mix of both.
This White Paper will not discuss these two models as used in various applications but would stay
focused on the Authentication and Encryption as used in CDMA systems.

An Authentication model is best represented by Figure 1 shown below. As soon as the User
desires some service from the Serving System a random number is thrown at it from the Serving
System as a Challenge to authenticate itself. The User uses this random number and performs a
cryptographic algorithm on it using a Secret Key which is known at both ends. The same process
is carried out at the Serving System using the same cryptographic algorithm and Secret key. The
resultant output from the User side is given to the Serving System as a Response. The Serving
System compares the Response with its own computation. If the two match the User is either
permitted access to Services or is denied entry.

USER SERVING SYSTEM

Challenge
Random #

Cryptographic Algorithm Cryptographic Algorithm

Secret Key Secret Key

? Deny Access
Response

Permit Access

Figure 1 Authentication Model

In CDMA systems as we shall see in subsequent sections the process of Authentication is to

identify and provide service to a genuine mobile on the network and deny access to a cloned
version of it.

Before continuing our discussion further it is important to understand some CDMA terms which
would be used frequently in this paper.

ESN (Electronic Serial Number)

Every mobile on the system is uniquely identified by the Electronic Serial Number (ESN) which
is a 32 bit number pre-programmed at factory setting by the mobile phone manufacturer. The
ESN is used to identify a mobile on the network.
 MIN (Mobile Identification Number)
The Mobile Identification Number (MIN) is a 10 digit number that is assigned by the Service
Provider to a mobile on the network. This too is unique to each mobile on the network and is used
in conjunction with the ESN to identify the mobile on the network.

MDN (Mobile Directory Number)

The Mobile Directory Number (MDN) is another 10 digit number which is assigned by the
Service Provider to a mobile on the network. This is the number which is known to the outside
world as the user’s mobile number.

Cloning is a malicious process whereby a rogue intruder in the system assigns an unauthorized
pair of ESN and MIN to a mobile phone thereby pretending to be a genuine user and try and
break into the network.

To prevent such malpractices most Service Providers are implementing Authentication and
Encryption in their CDMA networks so that cloning of mobiles is halted. The basis of this paper
is to understand this process and usages in the future.

At the heart of the Authentication model in CDMA is the Authentication key or A-key which is
like a master key to the system. The A-key is a 64 bit number stored in the permanent section of
the memory and is usually pre-programmed at factory settings.

The A-key as we shall see in further sections is used to generate intermediate keys and session
keys within the system.

The model represented below represents the complete Authentication and Encryption systems in
CDMA networks and will be the focus of our study from now.
 MS BS MSC HLR/AC

RANDSSD

RANDSSD
A-key ESN A-key ESN

RAND

SSD Gen. Procedure-CAVE SSD Gen. Procedure-CAVE

RAND ESN ESN MIN ESN MIN ESN RAND

SSD_B SSD_A SSD_A SSD_B

CAVE CAVE CAVE CAVE

?
Authentication Signature (18 bit) VPM
(PLCM) CMEA Key
Long Code Generator
VPM Data Key
(PLCM) CMEA Key
Voice

………. SSD_B
E-CMEA RAND

Signaling Message
Data Key Generator
CAVE: Cellular Authentication & Voice
Encryption Data Key

Forward Link Data

ORYX

Reverse Link

Figure 2 Authentication and Encryption in CDMA Systems

For better understanding this system can be divided into three sections namely SSD (Shared
Secret Data) Generation / Updation, Authentication and finally Encryption.

The CDMA networks make use of a cryptographic algorithm known as CAVE or Cellular
Authentication and Voice Encryption which is used in various stages of the procedure.

On the initiation of a SSD generation/update the Home Location Register/Authentication Centre

(HLR/AC) sends out a Random number RANDSSD (56 bits) as a challenge. The mobile takes
this RANDSSD value along with the ESN and A-key to generate the SSD pairs namely SSD_A
and SSD_B both 64 bits long.

The above is followed by a procedure known as Global Challenge. In this process the SSD_A is
further fed into the CAVE algorithm along with ESN and MIN and a random number known as
RAND (32 bits) which is now generated by the MSC. The result computed as Authentication
Signature (AUTHR) (18 bits) is sent back by the mobile to the network. The network too would
have calculated its own version of AUTHR which it uses to compare the result.

It should be pointed out here that before an SSD Update procedure is carried out the mobile will
calculate the AUTHR using a default SSD_A of zero (0), i.e. prior to generation of the new
SSD_A and SSD_B which is done during the SSD Update Procedure by sending out RANDSSD
as explained above.
The network Base Station permits access to the mobile if the Authentication Signatures match
and denies access if they do not. In the event of a mismatch the network may also initiate a SSD
update to generate a new pair of SSD_A and SSD_B and also in some cases initiate a Unique
Challenge to the mobile. Here it sends out a Unique Random number RANDU (24 bits) to a
particular mobile and receives a unique Authentication Signature (AUTHU) (18 bits) from that
mobile.

The Authentication Procedure is invoked during Registration, Origination, Page Response or

Data Burst Message.

Voice Privacy is provided by changing the characteristics of the Long PN Code which is used for
spreading the Voice on the Traffic Channel.

The SSD_B is further fed into the CAVE algorithm along with the RAND and ESN to generate a
520 bit Voice Privacy Mask (VPM). The last 40 bits of this VPM is used as the Private Long
Code Mask (PLCM) which changes the characteristics the Long PN Code on the mobile and the
Network. This modified long code is then used to scramble the voice.

The SSD_B along with the RAND and ESN also generates a CMEA (Cellular Message
Encryption Algorithm) key (64 bits) which is then used on the E-CMEA (Enhanced CMEA)
algorithm to encrypt the signaling messages. The Signaling messages could be in the form of
DTMF tones, dialed keypad and short messages.

In addition to the above the SSD_B is also fed into a Data Key Generator along with the RAND
to generate the Data key. The Data key is used to encrypt Data messages using the ORYX (no
acronym) algorithm

Mobile Commerce, Mobile Banking and other Financial transaction applications over the mobile
will require high level of security which can be provided for by the CDMA networks when the
CDMA message signaling encryption is enabled.

In addition the networks can check on the fraudulent use of their networks by preventing cloning
of the mobile phones by enabling Authentication procedures on the network.

Amit Balani
Head – India Carrier Support Group
LG Soft India Private Limited
Mumbai - India
Email : amit.balani@lgsoftindia.com