Privacy and authentication protocols for PCS

Abstract

This article describes the message flow due to authentication, voice privacy, and signaling message encryption expected to be incorporated in the EIA/TIA's cellular industry Interim Standard IS 41 Revision C. The algorithm for authentication and generation of voice privacy mask and signalling message encryption keys employed by the standard is based on private key cryptographic techniques that use a secret key (also known as shared secret data, or SSD) for authentication. Two schemes have been proposed in the standard. In the first one, the SSD is shared only between the handset and the authentication center. In the second, the SSD is also shared with the visited system. Compared to the first scheme, the second scheme requires a considerably reduced rate of accesses to network databases for authentication during call origination determination, thereby reducing call setup time. However, during registration, the second scheme requires additional database accesses compared to the first due to the need to get an up-to-date call history count from the previous visited system. We compare the two schemes with the use of a simple mobility model for users and study their impact on the traffic to network databases. Defining the user mobility rule as the number of registrations per hour per user, we show that as the user mobility rate increases from roughly 0.5 to 15, the effectiveness of the second scheme compared to the first varies from about a 66 percent improvement to about a 30 percent degradation, clearly implying that the mobility characteristics of the user population dictate the choice of the authentication scheme.