PDA

View Full Version : MSC answer to LU Req with No key.



m121
2010-12-11, 08:25 AM
Hi,everybody!
I would like to ask - could somebody, please, tell me what shoud be MSC response when it gets Location update request with Key sequence=7 (No key is available/Reserved).
Should it send normal authentification request or should it be something else?
Thanks in advance!

zhanglw268
2010-12-20, 08:35 PM
It depends on MSC/VLR's combined setting of authentication and encryption and whether the SIM is local or roaming.

If SIM is roaming, it is most likely got Location update Reject. If the authentication is on and Encryption is necessary at MSC/VLR, the location update will also fail.

If authentication is off, then you will not see anthentication at all. the location update maybe successful depending on the encryption setting.

What have you observed in your case?

m121
2010-12-31, 04:03 AM
Hi, zhanglw268
Sorry for such late reply.
I see that in some cases in my network after MSC have received LU with no key it answers with Auth REQ, MS answers with Classmark change but no Auth Response and after timer expiry resources are released. MS then tries again and till he haven't send LU with any key he will not complete LU due his own fault (no Auth Resp).
But when I search A-interface traces I see, that in some cases when LU is with no key it completes normaly and Auth response is received.
So I am now struggling to figure does it always MS fault or MSCs?

PS.SIM is local and authentication is on.

zhanglw268
2010-12-31, 08:53 PM
Hi m121,

Your MSC/VLR procedure for Authtentication is set right. The MSC/VLR shall always perform authentication when mobile does LU or other service types without Key or with wrong key, this will allow genuine SIM/USIM to access the network by retrying with authentication procedure.

If MSC/VLR doesn't do this, This would allow an intruder to disable encryption by simply setting this value to "no key available". If the SIM/USIM isn't genuine, the mobile along with the SIM/USIM will fail the authentication procedure and can't access the network.

Please refer to 3GPP 24.008(04.08) and 12.03 if you want to see what 3GPPs suggestions.

Also the link http://www.blackhat.com/presentations/bh-asia-01/gadiax.ppt would provide an introduction for possible fraud and security issues with GSM and UMTS network.

If you face a lot of same issues with the geuine SIMs/USIMs, you maybe have a SIM/USIM card or Mobile quality issue. If not, then some people are trying to use your network to do some dodgy things.

Regards

Zhanglw268