LOGBOOK

HELP

Quiz Entry - updated: 2026.07.05

Walk through the full GSM authentication and encryption flow after the PIN is entered.

The phone registers; the network sends a 128-bit random challenge RAND; the SIM computes SRES = A3(RAND, Ki) to authenticate; both sides derive the session key Kc = A8(RAND, Ki); then A5 encrypts the payload using Kc — and crucially, encryption exists only between handset and base station.

GSM challenge-response: RAND and Ki into A3/A8 producing SRES and session key Kc.

* GSM authentication and Kc generation (A3/A8). — Лихачев Виталий, CC BY-SA 3.0, via Wikimedia Commons. *

Step by step:

  1. The PIN is entered by the user (unlocks the SIM)
  2. The phone registers (Einbuchen) with the network
  3. The network creates a 128-bit RAND (the challenge) and sends RAND to the phone
  4. The SIM computes the Signed Response: SRES = A3(RAND, Ki) and sends it back; the network checks A3(RAND, Ki) == SRES
    • → at this point the mobile has authenticated itself to the network
  5. Both sides derive the 64-bit connection key: Kc = A8(RAND, Ki)
  6. The payload m is encrypted with the A5 stream cipher: A5(m, Kc)

The most security-relevant fact: encryption (and decryption) happens in the BTS — i.e., only on the radio link between the mobile station and the base station. Beyond the base station, into the core and fixed network, the call is not encrypted by this mechanism. So GSM's "encryption" protects the air interface only.

Tip: Note what GSM does NOT do here — the network never proves itself to the phone. Only the phone authenticates. That one-sidedness is the root of the IMSI-catcher problem.

Go deeper:

From Quiz: MOBINFSEC / GSM & LTE Security Infrastructure | Updated: Jul 05, 2026