JARINGAN AKSES
SELULER
16:59
DTG2G3
GSM SIGNALING
HLR AuC
VLR
EIR
Air Interface
xAbis Interface
LAPDm
MS
BTS
BSC
A Interface
MSC
LAPD
SS#7
OMC
OMC
ISDN
GSM SIGNALING
HLR
CM
CC
SS
AC
VLR
SMS
EIR
MAP
MM
RR
TCAP
SCCP
LAPDm
L1
BTSm
LAPD
64 Kbps ch
BTS
BSC
MS
L3
L2
L1
MTP
MSC
BSSAP
ISUP
SCCP
BSSMAP DTAP
OMC
ISUP: ISDN User Part
MAP: Mobile Application Part
TCAP: Transmission Capabilities Application Part
SCCP: Signalling Connection Control Part
MTP: Message Transfer Part
BSSAP: BSS Application Part
SCCP
MTP
ISDN
OMC
MTP
CM: Connection Management
CC: Call Control
SS: Supplementary Services
SMS: Short Message Service
RR: Radio Resource management
Connection Management CM
Call
Supplementary Short Message
Control CC Services SS Services SMS
L3
Mobility Management MM
Radio Resource management
RR
Layer 2: LAPDm
Layer 1
Logical
Physical
L
e
v
e
l
4
TUP
DUP
ISDN
User Part
Telephone
User Part
Data
User Part
BSSMAP
DTAP
Layer
MAP
Mobile
Application
Part
TCAP
4-6
SCCP
3
3
MTP
Message
Transfer
Part
2
1
SS#7
A-Interface
protocol
subdivided into
DTAP
BSC not involved,
transparent: MS CN.
compare MM & CM
BSSMAP
BSC involved
Paging
HOV Request
HOV Complete
MAP
ISUP
BSS Application Part
Mobile Application
ISDN User Part
BSSMAP DTAP
Part
BSSAP
TCAP
Transmission Capabilities
Application Part
Connection related
signaling
(MSC - MSC / ISDN) e.g.:
Initial Address Message IAM
Address Complete
Message ACM, Alert
Answer Message
SCCP
Signaling Connection Control Part
PT3733-TekJarNirKab-MODUL:05
Pembangunan
Hubungan Telepon
pada GSM
EQUIPMENT CHECK
IMEI Check
HANDOVER
AUTHENTICATION
Authentication may be
executed during setup,
location updating and
supplementary
services
AUTHENTICATION
HLR/AUC
AUC
HLR
IMSI(m) KI
M)
VLR
IMSI(n) KI N
)
RAND
GENERATOR
RAN
D
KI(IMSI)
A8 A3
KC
SI
M
AUTH REQ
KI ( I MSI )+RAND A8 KC
M+KC A5 KC(M)
( MS/ BSS)
A5
KC( M) +KC ( MS/ BSS) M
SRES
KI(IMSI)
IMSIBUFFER
RAND KC SRES 1
RAND KC SRES 2
RAND KC SRES
RAND
KC
TEMP
DATA
SRES
CKSN
RAND
BSS
SRES
EQUAL
A8
A3
KC
RAND 16byte
KI 16byte
kc 8byte
SERS 4byte
CKSN low 3bits of
1byte
BSS
MS
1
2
PRE SEND
TRIPPLES TO VLR
3
4
5
AUTHENTICATION
RESPONSE
MSC
(RAND)
AUTHENTICATE
<SDCCH>
AUTHENTICATION
REQUEST
(RAND)
<SDCCH>
(SRES)
START CIPHERING
CIPHER MODE
COMMAND
<SDCCH>
CIPHER MODE
OMPLETE
<SDCCH>
VLR
HLR
PSTN
EIR
XOR
Um
XOR
plain text
SIM:
A3, A8,
Ki, IMSI
RAND
BTS:
A5
MS
VLR:
RAND, Kc IMSI
Triples
SRES
SRES
BTS
VLR
Authentication:
Ciphering:
Authentication:
A5(Kc,TDMA-No.) = CS
text XOR CS = ciphered text
SRES comparison
Ciphering:
A8(Ki, RAND) = Kc
A5(Kc,TDMA-No.) = CS
text XOR CS = ciphered text
0 1 1 0 0 1 1 1 0 1 1 1...
encoded
transmission !
ME:
A5
0 1 0 0 1 0 1 1 1 0 0 1...
0 1 0 0 1 0 1 1 1 0 0 1...
Triples:
RAND,
SRES, Kc
AC:
A3, A8,
IMSI,Ki
AC
Authentication
& ciphering:
generates RAND
A3(Ki, RAND) = SRES
A8(Ki, RAND) = Kc
CS: cipher sequence
EQUIPMENT CHECKING
BSS
MS
1
2
3
EQUIPMENT ID REQUEST
ID RESPONSE
CHECK IMEI
CHECK IMEI RESPONSE
<SDCCH>
<SDCCH>
(IMEI)
MSC
VLR
HLR
PSTN
EIR
THANK YOU