headers
Nguyen Thi Mai Trang | 27 Jun 2005 13:32
Picon

IMSI

Hello,

I am trying to understand the mechanisme of confidentiality of 
subscriber identity in GSM. As far as I know, the technique used is not 
to send the IMSI frequently in the air interface. A temporary identity, 
the TMS is rather used. However, I think that the IMSI must be sent in 
clear at least once at the begining to the network because it is 
neccessary for locating the authentication key Ki and then, the Kc for 
delivering a TMSI. Is it true? Is the fact of sending the IMSI in clear 
implies some problems of security in GSM?
Thank you very much.

Mai Trang
Permalink | Reply |
headers
Marc Witteman | 27 Jun 2005 15:12
Favicon

RE: IMSI

Yes you are right. Your identity IMSI is occasionally sent over the air.
This happens at first use, but also when a subscriber roams to another
network and there is no exchange of the temporary identity TMSI between the
two networks. The security impact is quite limited though, as new TMSIs are
assigned frequently and exchanged over an encrypted channel. In practice
this means that a fanatic eavesdropper could see your IMSI if he's lucky,
but he would loose track of you rather soon because he should not be able to
decipher your next TMSI.

Marc

Marc Witteman

Mob: +31624595408
Tel: +31152139942
Fax: +31152139943
Web: www.riscure.com

> -----Original Message-----
> From: gsmsecurity-bounces <at> gsm-security.net 
> [mailto:gsmsecurity-bounces <at> gsm-security.net] On Behalf Of 
> Nguyen Thi Mai Trang
> Sent: Monday, June 27, 2005 1:33 PM
> To: gsmsecurity <at> gsm-security.net
> Subject: [GSMSecurity] IMSI
> 
> Hello,
> 
> I am trying to understand the mechanisme of confidentiality 
> of subscriber identity in GSM. As far as I know, the
(Continue reading)

Permalink | Reply |
headers
Nguyen Thi Mai Trang | 7 Jul 2005 10:49
Picon

P-TMSI

Hello,

I read in several books that the GPRS uses the P-TMSI to avoid exhanging 
the IMSI for the identification of a subcriber. This mechanism is 
identical to the use of TMSI in GSM. The objectif is for providing 
subcriber identity condifentiality. However, in the 3GPP TS 43.020, 
version 6.1.0, Annex D, the identifying method used for providing 
subscriber identity confidentiality is the use of TLLI, not P-TMSI. 
There is an incoherence!

I would like to clarify the method used for subcriber identity 
confidentiality in GPRS: P-TMSI or TLLI ? And which standard document 
points this out? Even if the is a relationship between TLLI and P-TMSI, 
I belive that only one temporal identity is used for the purpose of GPRS 
security objectif of subscriber identity confidentiality. The other may 
be just a protocol identification, like IP address at the network layer.

I am not sure if this list is an appropriate place for discussing about 
GPRS security. But as GSM is evolving towards GPRS, I hope that's ok. 
Otherwise, an orientation to a more appropriate list will be much 
appreciated.

Thank you very much,
Mai Trang
Permalink | Reply |

Gmane