<h1 id="heading-3-pillars-of-gsm-security-are">3 Pillars of GSM security are</h1>
<ol>
<li>Authentication</li>
<li>Encryption</li>
<li>Privacy(confidentiality)</li>
</ol>
<h3 id="heading-authentication"><strong>Authentication</strong></h3>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1670320968704/EfDavnAgF.png" alt="image.png" /></p>
<ol>
<li><p>The secret authentication key (Ki) is not known to the mobile user and is the property of the service provider, the home system of the mobile station (MS) generates the random number say Rand which is a 126-bit number. This random number is sent to MS.</p>
</li>
<li><p>The MS uses the A3 algorithm to authenticate the user. The algorithm A3 uses Ki and Rand numbers to generate a signed result called s_RES. MS sends s_RES to the home system of MS.</p>
</li>
<li><p>The s_RES generated by MS and the authentication centre are compared. If both s_RES are identical only then the user is valid and access is granted otherwise not.</p>
</li>
</ol>
<h3 id="heading-encryption"><strong>Encryption</strong></h3>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1670321178290/IPFy5MIAT.png" alt="image.png" /></p>
<p><strong>Process Inside sim card:</strong></p>
<ul>
<li>we have a random number and a key Ki which is unknown to the user that gets passed as input to the A8 key generation algorithm.</li>
<li>A8 algorithm generates output known as key Kc.</li>
</ul>
<p><strong>Process outside sim card:</strong></p>
<ul>
<li>A5 ciphering algorithm takes raw voice and data and produces an encrypted voice and data stream output.</li>
</ul>
<h3 id="heading-privacyconfidentiality"><strong>Privacy(confidentiality)</strong></h3>
<p><img src="https://cdn.hashnode.com/res/hashnode/image/upload/v1670321258345/PYd3GRWKj.png" alt="image.png" /></p>
<p>To ensure subscriber identity confidentiality, the Temporary Mobile Subscriber Identity (TMSI) is used instead of IMSI.</p>


# 3 Pillars of GSM security are
1. Authentication
2. Encryption
3. Privacy(confidentiality)


### **Authentication**

![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1670320968704/EfDavnAgF.png align="left")

1. The secret authentication key (Ki) is not known to the mobile user and is the property of the service provider, the home system of the mobile station (MS) generates the random number say Rand which is a 126-bit number. This random number is sent to MS.

2. The MS uses the A3 algorithm to authenticate the user. The algorithm A3 uses Ki and Rand numbers to generate a signed result called s_RES. MS sends s_RES to the home system of MS.

3. The s_RES generated by MS and the authentication centre are compared. If both s_RES are identical only then the user is valid and access is granted otherwise not.


### **Encryption**

![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1670321178290/IPFy5MIAT.png align="left")

**Process Inside sim card:**
- we have a random number and a key Ki which is unknown to the user that gets passed as input to the A8 key generation algorithm.
- A8 algorithm generates output known as key Kc.


**Process outside sim card:**
- A5 ciphering algorithm takes raw voice and data and produces an encrypted voice and data stream output.


### **Privacy(confidentiality)**

![image.png](https://cdn.hashnode.com/res/hashnode/image/upload/v1670321258345/PYd3GRWKj.png align="left")

To ensure subscriber identity confidentiality, the Temporary Mobile Subscriber Identity (TMSI) is used instead of IMSI.











3 Pillars of GSM Security

3 Pillars of GSM security are

Authentication

Encryption

Privacy(confidentiality)