» GSM Security
» Algorithms

GSM Security Algorithms

GSM security algorithms are used to provide authentication and radio link privacy to users on a GSM network.

GSM uses three different security algorithms called A3, A5, and A8. In practice, A3 and A8 are generally implemented together (known as A3/A8).

An A3/A8 algorithm is implemented in Subscriber Identity Module (SIM) cards and in GSM network Authentication Centres. It is used to authenticate the customer and generate a key for encrypting voice and data traffic, as defined in 3GPP TS 43.020 (03.20 before Rel-4). Development of A3 and A8 algorithms is considered a matter for individual GSM network operators, although example implementations are available.

An A5 encryption algorithm scrambles the user's voice and data traffic between the handset and the base station to provide privacy. An A5 algorithm is implemented in both the handset and the base station subsystem (BSS).

3GPP Confidentiality and Integrity Algorithms UEA2 and UIA2

The GSM Association, having cooperated in the development of the 3GPP Confidentiality and Integrity Algorithms UEA2 and UIA2 ("The UEA2 & UIA2 Algorithm"), has been granted distribution rights to the Algorithms that have been developed through the collaborative efforts of the 3GPP Organisational Partners.

The UEA2 and UIA2 Algorithm specifications are available below and may be used only for the development and operation of equipment conforming to the UEA2 & UIA2 Algorithm or standards based on it. Every Beneficiary intending to implement and/or use the UEA2 & UIA2 Algorithm must sign a Restricted Usage Undertaking with a Custodian and demonstrate that they satisfy the approval criteria specified in the Restricted Usage Undertaking. A fee of EUR4,000 is chargeable to non-members of the GSM Association wishing to implement and/or use the UEA2 and UIA2 Algorithm.

Every Beneficiary must send to the GSM Association two signed paper copies of the Restricted Usage Undertaking - one copy will be countersigned and returned. Non-GSM Association members must also enclose the Administrative Charge of € 4,000.

3GPP A5/3 and GEA3 algorithms

The GSM Association is a Custodian of the A5/3 encryption algorithms for GSM and EDGE, and the GEA3 encryption algorithm for GPRS, that have been developed through the collaborative efforts of the 3GPP Organisational Partners.

The A5/3 and GEA3 encryption algorithm specifications are available below. They may be used only for the development and operation of GSM, EDGE and GPRS mobile communications and services. Every Beneficiary intending to implement and/or use the algorithms must sign a Restricted Usage Undertaking with a Custodian and demonstrate that they fulfill the approval criteria specified in the Restricted Usage Undertaking. A fee of EUR2,000 is chargeable to non-members of the GSM Association wishing to implement and/or use the A5/3 and GEA3 algorithm specifications.

The A5/3 and GEA3 algorithms are based on the 3GPP ciphering algorithm (F8), for which Mitsubishi holds essential patents. Beneficiaries of the A5/3 and GEA3 algorithms must also be licensed by Mitsubishi Electronic Corporation Japan. Mitsubishi grants royalty-free licenses under those patents under separate written license agreements and subject to other terms and conditions which are believed fair and commercially reasonable. Mitsubishi reserves the right to refuse or withdraw the license to/from the parties that refuse to license, or claim unfair, unreasonable or discriminatory royalty rates for their essential GSM/3G IPRs. Requests for IPR licensing from Mitsubishi should be directed to:

Mitsubishi Electric Corporation
Corporate Licensing Division
Mr. Nobuaki Uchida
2-7-3 Marunouchi, Chiyoda-ku
Tokyo 100-8310 Japan
Fax: +81 3 3218 2474
Tel: +81 3 3218 3465

The relevant specifications are as follows:

Every Beneficiary must send to the GSM Association two signed paper copies of the Restricted Usage Undertaking – one copy will be countersigned and returned. Non-GSM Association members must also enclose the Administrative Charge of EUR2,000.

GSM Milenage

The 3GPP specification TS 55.205 contains an example set of algorithms which may be used as the GSM authentication and key generation functions A3 and A8. The algorithms specified in this document are examples that may be used by an operator who does not wish to design his own.

The specification document 3GPP TS 55.205 "Specification of the GSM-MILENAGE Algorithms: An example algorithm set for the GSM Authentication and Key Generation functions A3 and A8" is available here. Download, implementation and use of the example algorithm set is subject to the terms indicated in the document only and is available at no cost.

Authorisation for use of GSM algorithms by network operators

Network operator members of the GSM Association are provided with written authorisation to use the following algorithms when they join the Association:

• Example A3/A8 algorithm COMP128-2
  
• Example A3/A8 algorithm COMP128-3
  
• Encryption algorithm A5/1
  

GSM algorithm specifications available on application

Copies of the following example A3/A8 algorithm specifications are available to qualified industry parties (GSM network operators and manufacturers of eligible GSM equipment) on application to the GSM Association:

• COMP128
  
• COMP128-2
  
• COMP128-3

Copies of the specifications of the following A5 algorithm specifications are available to qualified industry parties (GSM network operators and manufacturers of eligible GSM equipment) on application to the GSM Association:

• A5/1
  
• A5/2

Application packs for the above algorithms can be requested from security@gsm.org. A per-copy fee of EUR2,000 is chargeable to non-members of the GSM Association wishing to receive these algorithm specifications.