CAVE-based authentication: Difference between revisions
Content deleted Content added
Copyedited, explained and made it simpler. Tags: Mobile edit Mobile web edit Advanced mobile edit |
|||
| (28 intermediate revisions by 19 users not shown) | |||
| Line 1: | Line 1: | ||
{{Short description|Authentification protocol}} |
|||
{{Multiple issues |
|||
{{more references|date=June 2024}} |
|||
| context = September 2008 |
|||
'''CAVE-based authentication''' is a security protocol used to verify access in [[CDMA2000|CDMA2000 1X]], a type of third-generation ([[3G]]) mobile network system. The term "CAVE" stands for Cellular Authentication and Voice Encryption, which is the algorithm used to perform the [[authentication]] process.<ref>{{cite journal |last1=Zhang |first1=Chi |last2=Liu |first2=Jun-Rong |last3=Gu |first3=Da-Wu |last4=Wang |first4=Wei-Jia |last5=Lu |first5=Xiang-Jun |last6=Guo |first6=Zheng |last7=Lu |first7=Hai-Ning |title=Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks |journal=Journal of Computer Science and Technology |date=1 September 2019 |volume=34 |issue=5 |pages=1079–1095 |doi=10.1007/s11390-019-1961-5 |url=https://link.springer.com/article/10.1007/s11390-019-1961-5 |access-date=18 June 2024 |language=en |issn=1860-4749}}</ref> This system helps to confirm that a user is authorized to connect to the mobile network. |
|||
| intromissing = September 2008 |
|||
| jargon = September 2008 |
|||
| unreferenced = September 2008 |
|||
| wikify = September 2008 |
|||
}} |
|||
It is also referred to as "HLR authentication" (Home Location Register authentication), "[[2G]] authentication," or "Access Authentication." In simpler terms, it ensures that the person trying to access the network is who they claim to be, protecting the network from unauthorized users. |
|||
'''CAVE-based Authentication |
|||
==Network entities== |
|||
''a.k.a. HLR Authentication, 2G Authentication, Access Authentication (for CDMA/1xRTT) |
|||
In CAVE-based authentication, two main components work together when a user is roaming on a mobile network: |
|||
* Authentication Center (AC) (also known as HLR/AC or AuC): This is located in the user's home network and manages the authentication process. It either directly verifies the identity of the [[Mobile Station]] (MS, commonly known as a mobile phone) or shares a security key (called SSD) with the Visitor Location Register (VLR) in the network the user is visiting. The AC must have a specific security key (A-key) for each mobile device. Authentication depends on both the device and the AC having the same A-key. The AC is usually part of the Home Location Register (HLR) but can also exist as a separate system that serves multiple HLRs. Although "AuC" is the abbreviation used in GSM networks, it is sometimes incorrectly applied to CDMA networks as well. |
|||
Access authentication used in CDMA/1xRTT systems. There are two [[computer network|network]] entities involved in CAVE-based authentication when roaming: |
|||
* Visitor Location Register (VLR): This is the network component in the visited network (the one the user is currently connected to while roaming). If the SSD key is shared with this network, the VLR can authenticate the user locally. If not, it acts as a middleman, passing authentication requests to the user's home AC for verification. |
|||
:*'''Authentication Center (AC)''' ''a.k.a. HLR/AC, AuC'' – Located in a roamer’s home network, the AC controls the authentication process and either authenticates the Mobile Station (Mobile Phone, MS) or shares SSD with the serving VLR to allow this authentication to occur locally. The AC must be provisioned with an A-key value for each MS. Authentication is predicated on the assumption that A-key value provisioned in an MS is the same as the A-key value provisioned in the AC. The AC is often co-located with the HLR and referred to as the HLR/AC. However, the AC could be a standalone network entity that serves one or more HLRs. Though the CDMA abbreviation is AC, the GSM abbreviation of AuC is sometimes used (albeit incorrectly in CDMA networks). |
|||
:*'''Visitor Location Register (VLR)''' – If SSD is shared with the visited network, the VLR locally authenticates the roamer. Otherwise, the VLR proxies authentication responses from roamers to their home HLR/AC for authentication. |
|||
This system ensures that users can be securely authenticated even when they are using networks outside their home area. |
|||
The authentication controller is the entity that determines whether the response from the MS is correct. Depending upon whether SSD is shared, the authentication controller may be either the AC or VLR. In either case, CAVE-based authentication is based on the CAVE algorithm and the following two shared keys: |
|||
| ⚫ | |||
:*'''Shared Secret Data (SSD)''' – A 128-bit secondary secret key that is calculated using the CAVE algorithm during an SSD Update procedure. During this procedure both MS and the AC in the user’s home network separately calculate SSD. It is this SSD, not the A-key that is used during authentication. SSD may or may not be shared between home and roaming partner networks to enable local authentication. SSD consists of two 64-bit keys: SSD_A, which is used during authentication to calculate authentication signatures, and SSD_B, which is used in the generation of session keys for encryption and voice privacy. |
|||
==Keys== |
|||
| ⚫ | |||
In mobile network authentication, the ''authentication controller'' is responsible for determining whether the response from the [[Mobile Station]] (MS, or mobile phone) is correct. Depending on the situation, this controller can either be the Authentication Center (AC) in the user's home network or the Visitor Location Register (VLR) in the network the user is currently roaming in. This process uses two shared keys in CAVE-based authentication, which relies on the CAVE (Cellular Authentication and Voice Encryption) [[algorithm]]: |
|||
:*'''Global challenge''' – Procedure that requires any MS attempting to access the serving network to respond to a common challenge value being broadcast in the overhead message train. The MS must generate an authentication signature response (AUTHR) using CAVE with inputs of the global challenge value, ESN, either the last six dialed digits (for an origination attempt) or IMSI_S1 (for any other system access attempt), and SSD_A. |
|||
| ⚫ | |||
| ⚫ | * Authentication key (A-key): This is a 64-bit secret key that is only known to the MS and the AC. If the mobile phone uses a [[RUIM]] card (similar to a SIM card), the A-key is stored on the RUIM; otherwise, it is stored in the device's memory. The A-key is never shared with other networks. However, it is used to create another key called Shared Secret Data (SSD), which can be shared with a roaming network to allow local authentication. |
||
CAVE-based authentication is one-way authentication mechanism that always involves the network authenticating the MS (with the exception of the base station challenge procedure that only occurs only during an SSD update). |
|||
* Shared Secret Data (SSD): This is a 128-bit key created using the CAVE algorithm during a procedure known as an SSD update.<ref>{{cite book |last1=Miceli |first1=Andrew |title=Wireless technician's handbook |date=2003 |publisher=Artech House |location=Boston, Mass. |isbn=978-1580533577 |edition=2. |url=https://pub.deadnet.se/Books%20and%20Docs%20on%20Hacking/Networking/Wireless%20LAN/Wireless%20Technicians%20Handbook.pdf |access-date=18 June 2024}}</ref> Both the MS and the AC in the user’s home network independently calculate this SSD. The SSD, not the A-key, is used during the actual authentication process. SSD may or may not be shared between the user’s home network and a roaming network. If it is shared, it allows the roaming network to authenticate the user locally. The SSD is divided into two parts: |
|||
** SSD_A: Used for generating authentication signatures. |
|||
** SSD_B: Used to create session keys for encryption and voice privacy. |
|||
This process allows users to be securely authenticated without revealing the most sensitive key (A-key) to other networks. |
|||
CAVE based authentication procedures are specified in TIA-41 ([[3GPP2]] X.S0004). |
|||
==Authentication challenges== |
|||
For information about CAVE-based authentication in roaming, see [[CDG]] Reference Document #138. |
|||
| ⚫ | |||
* Global challenge: This is a process where every mobile device trying to access the network must respond to a common challenge. This challenge is broadcast to all devices in the area through the network's overhead messages. To respond, the mobile phone creates an ''authentication signature response'' (called AUTHR) using the CAVE algorithm. It combines the challenge value, the phone’s electronic serial number (ESN), and either the last six digits dialed (if the user is making a call) or a part of the subscriber’s unique identification number (IMSI_S1). It also uses part of the shared secret data (SSD_A) to generate this response. |
|||
| ⚫ | * Unique challenge: This process allows the network (either the home network or a roaming network if SSD is shared) to specifically challenge a particular mobile phone. This might happen for security reasons or to verify the device’s identity. The phone generates a different ''authentication signature response'' (called AUTHU), using the CAVE algorithm with inputs from the unique challenge value, ESN, IMSI_S1, and SSD_A. |
||
CAVE-based authentication is a ''one-way process'', meaning the network always authenticates the mobile phone, but the phone does not authenticate the network. The only exception is during an SSD update, where the phone may challenge the base station. |
|||
==Specification== |
|||
CAVE-based authentication procedures are outlined in the TIA-41 standard, which is part of the specifications created by [[3GPP2]] (3rd Generation Partnership Project 2). These procedures explain how mobile phones and networks verify each other in CDMA-based systems, ensuring secure communication. TIA-41, also known as X.S0004, provides detailed guidelines for how this verification, or authentication, is performed using the CAVE algorithm. |
|||
==See also== |
|||
* [[Channel access method]] |
|||
* [[Authentication and Key Agreement]] (AKA) - a successor authentication type |
|||
* [[Cellular Message Encryption Algorithm]] - an algorithm similar to CAVE |
|||
==References== |
|||
{{Reflist}} |
|||
==External links== |
|||
* [https://www.3gpp2.org/Public_html/Specs/X.S0004-000-E_v1.0_040406.pdf TIA-41 - 3GPP2 X.S0004 (March 2004)] |
|||
{{Authentication APIs}} |
|||
[[Category:Code division multiple access]] |
[[Category:Code division multiple access]] |
||
[[Category:Cryptographic protocols]] |
|||
Latest revision as of 20:22, 30 September 2024
 | This article needs additional citations for verification. (June 2024) |
CAVE-based authentication is a security protocol used to verify access in CDMA2000 1X, a type of third-generation (3G) mobile network system. The term "CAVE" stands for Cellular Authentication and Voice Encryption, which is the algorithm used to perform the authentication process.[1] This system helps to confirm that a user is authorized to connect to the mobile network.
It is also referred to as "HLR authentication" (Home Location Register authentication), "2G authentication," or "Access Authentication." In simpler terms, it ensures that the person trying to access the network is who they claim to be, protecting the network from unauthorized users.
Network entities
[edit]In CAVE-based authentication, two main components work together when a user is roaming on a mobile network:
- Authentication Center (AC) (also known as HLR/AC or AuC): This is located in the user's home network and manages the authentication process. It either directly verifies the identity of the Mobile Station (MS, commonly known as a mobile phone) or shares a security key (called SSD) with the Visitor Location Register (VLR) in the network the user is visiting. The AC must have a specific security key (A-key) for each mobile device. Authentication depends on both the device and the AC having the same A-key. The AC is usually part of the Home Location Register (HLR) but can also exist as a separate system that serves multiple HLRs. Although "AuC" is the abbreviation used in GSM networks, it is sometimes incorrectly applied to CDMA networks as well.
- Visitor Location Register (VLR): This is the network component in the visited network (the one the user is currently connected to while roaming). If the SSD key is shared with this network, the VLR can authenticate the user locally. If not, it acts as a middleman, passing authentication requests to the user's home AC for verification.
This system ensures that users can be securely authenticated even when they are using networks outside their home area.
Keys
[edit]In mobile network authentication, the authentication controller is responsible for determining whether the response from the Mobile Station (MS, or mobile phone) is correct. Depending on the situation, this controller can either be the Authentication Center (AC) in the user's home network or the Visitor Location Register (VLR) in the network the user is currently roaming in. This process uses two shared keys in CAVE-based authentication, which relies on the CAVE (Cellular Authentication and Voice Encryption) algorithm:
- Authentication key (A-key): This is a 64-bit secret key that is only known to the MS and the AC. If the mobile phone uses a RUIM card (similar to a SIM card), the A-key is stored on the RUIM; otherwise, it is stored in the device's memory. The A-key is never shared with other networks. However, it is used to create another key called Shared Secret Data (SSD), which can be shared with a roaming network to allow local authentication.
- Shared Secret Data (SSD): This is a 128-bit key created using the CAVE algorithm during a procedure known as an SSD update.[2] Both the MS and the AC in the user’s home network independently calculate this SSD. The SSD, not the A-key, is used during the actual authentication process. SSD may or may not be shared between the user’s home network and a roaming network. If it is shared, it allows the roaming network to authenticate the user locally. The SSD is divided into two parts:
- SSD_A: Used for generating authentication signatures.
- SSD_B: Used to create session keys for encryption and voice privacy.
This process allows users to be securely authenticated without revealing the most sensitive key (A-key) to other networks.
Authentication challenges
[edit]CAVE-based authentication uses two types of challenges to verify the identity of a mobile phone (MS):
- Global challenge: This is a process where every mobile device trying to access the network must respond to a common challenge. This challenge is broadcast to all devices in the area through the network's overhead messages. To respond, the mobile phone creates an authentication signature response (called AUTHR) using the CAVE algorithm. It combines the challenge value, the phone’s electronic serial number (ESN), and either the last six digits dialed (if the user is making a call) or a part of the subscriber’s unique identification number (IMSI_S1). It also uses part of the shared secret data (SSD_A) to generate this response.
- Unique challenge: This process allows the network (either the home network or a roaming network if SSD is shared) to specifically challenge a particular mobile phone. This might happen for security reasons or to verify the device’s identity. The phone generates a different authentication signature response (called AUTHU), using the CAVE algorithm with inputs from the unique challenge value, ESN, IMSI_S1, and SSD_A.
CAVE-based authentication is a one-way process, meaning the network always authenticates the mobile phone, but the phone does not authenticate the network. The only exception is during an SSD update, where the phone may challenge the base station.
Specification
[edit]CAVE-based authentication procedures are outlined in the TIA-41 standard, which is part of the specifications created by 3GPP2 (3rd Generation Partnership Project 2). These procedures explain how mobile phones and networks verify each other in CDMA-based systems, ensuring secure communication. TIA-41, also known as X.S0004, provides detailed guidelines for how this verification, or authentication, is performed using the CAVE algorithm.
See also
[edit]- Channel access method
- Authentication and Key Agreement (AKA) - a successor authentication type
- Cellular Message Encryption Algorithm - an algorithm similar to CAVE
References
[edit]- ^ Zhang, Chi; Liu, Jun-Rong; Gu, Da-Wu; Wang, Wei-Jia; Lu, Xiang-Jun; Guo, Zheng; Lu, Hai-Ning (1 September 2019). "Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks". Journal of Computer Science and Technology. 34 (5): 1079–1095. doi:10.1007/s11390-019-1961-5. ISSN 1860-4749. Retrieved 18 June 2024.
- ^ Miceli, Andrew (2003). Wireless technician's handbook (PDF) (2. ed.). Boston, Mass.: Artech House. ISBN 978-1580533577. Retrieved 18 June 2024.
External links
[edit]| Authentication APIs |
|
|---|---|
| Authentication protocols |
|
