6.2. Authentication and identification in the GSM network

Authentication (authentication) is the authentication procedure (the existence of rights to use cellular services) of a subscriber of a cellular mobile communication system. Each subscriber receives a standard subscriber identity module (SIM card) while using the communication system. Using the information embedded in the SIM card as a result of the mutual exchange of data between the MS and the cellular network, a full authentication cycle is performed and the subscriber is allowed access to the network.

The procedure for checking the network subscriber is implemented as follows:

- the network transmits a random RAND number to MS;

- MS determines the value of the SRES response using RAND, Kt and the AZ algorithm: SRES = Ki [RAND];

- The MS sends the calculated SRES value to the cellular network, which compares the value of the received SRES with the SRES value calculated by the network.

If both values ​​match, then the MS can transmit messages, otherwise the connection is interrupted and the MS indicator should show that the identification did not take place.

Due to secrecy, SRES is calculated within the SIM card.

Unclassified information is not processed in the SIM module.

Identification is the procedure for identifying MS, that is, identifying that an MS belongs to one of the MS groups with certain characteristics and properties. The identification procedure in the GSM standard consists in comparing the identification number assigned to this MS with the numbers contained in the so-called “black lists” of the equipment register in order to remove stolen or technically faulty MS from circulation.