CTIA Certification Program

Transcription

1 Certification Program Mobile Station Authentication Test Plan Cellular Telecommunications & Internet Association Mobile Station Authentication Test Plan November 2002 Revision 3.2

2 Certification Programs Interested parties may obtain permission to reproduce a limited number of copies by contacting the CTIA Certification Department at: CTIA Certification Department 1250 Connecticut Ave. NW, Suite 800 Washington, DC certification@ctia.org Telephone: , Cellular Telecommunications & Internet Association All rights reserved.

3 TABLE OF CONTENTS SECTION 1 INTRODUCTION PURPOSE SCOPE AUTHENTICATION SOFTWARE AND TEST EQUIPMENT APPLICABLE DOCUMENTS SUBMITTING UNITS DEFINITIONS...2 SECTION 2 SETUP ITEMS SETUP ITEM 1: SYSTEM PARAMETERS Definition Procedure SETUP ITEM 2: MOBILE REGISTRATION Definition Procedure...6 SECTION 3 TEST ITEMS TEST ITEM 1: TEST CYCLES Definition Procedure TEST ITEM 2: GENERAL SECURITY & THE AUTHENTICATION KEY Definition Security A-Key Value TEST ITEM 3: A-KEY ENTRY Definition Procedure Results: TEST ITEM 4: SSD UPDATE Definition Procedure Results TEST ITEM 5: UNIQUE CHALLENGE RESPONSE Definition Procedure Results TEST ITEM 6: ORIGINATION WITH AUTHENTICATION Definition Procedure Results TEST ITEM 7: TERMINATION WITH AUTHENTICATION Definition...22 November 2002 iii Revision 3.2

4 3.7.2 Procedure Results TEST ITEM 8: REGISTRATION WITH AUTHENTICATION Definition Procedure Results TEST ITEM 9: SSD UPDATE ON A FVC Definition Procedure Results TEST ITEM 10: UNIQUE CHALLENGE ON A FVC Definition Procedure Results...31 APPENDIX A REVISION HISTORY...32 November 2002 iv Revision 3.2

5 List of Figures Figure 1 Authentication SSD Update Message...11 Figure 2 Unique Challenge Response...17 Figure 3 Origination with Authentication...20 Figure 4 Origination with Authentication...23 Figure 5 Registration with Authentication...26 November 2002 v Revision 3.2

6 1.1 Purpose Section 1 Introduction The purpose of this Test Plan is to define the CTIA Certification Program test requirements for evaluating the authentication capability of AMPS mobile stations. The overall test requirements for AMPS mobile station certification are described in the CTIA for AMPS Mobile Stations. This Test Plan is part of a CTIA Certification Program as described in a separate document entitled CTIA Certification Program Management Document. This document contains criteria, in addition to laboratory conformance tests, that must be met for CTIA Certification. CTIA s Authentication Test Procedures are based upon dual-mode 800 MHz mobile stations and 800 MHz AMPS only mobile stations. For a dual-mode mobile, authentication capabilities will be judged on the analog control channel, and the analog voice channel when the mobile is in the AMPS mode. For AMPS only mobiles, authentication capabilities will be judged on the analog control and voice channels. 1.2 Scope This Test Plan details the test procedures, messaging protocols and criteria used during the authentication testing process. Due to its technical nature, the use of the industry s compatibility standard(s) in conjunction with this document is strongly recommended. Because a mobile s implementation of authentication is subject to the interpretation of the industry s standards, this document was created to detail the bit-level messaging words typically used by a base station equipped with authentication. The test procedures are divided into two sections. The first section, Setup Items, defines the configuration and relevant bit-settings of the simulated control and voice channels. The second section, Test Items, describes in detail the messaging protocol and test areas used in judging a mobile s compliance to the minimum requirements. Charts are supplied throughout this document which indicate the information element that is controlled, the type of information relevant to the message (M=manual, O=optional), the length of the bit word, and the value(s) used by the authentication software when configuring the message. 1.3 Authentication Software and Test Equipment For the purpose of this evaluation, CTIA will use the IFR Systems, Inc CSA test set in conjunction with IFR s Authentication Software 1. Purchase of the software and test 1 Other solutions meeting the requirements defined in this Test Plan may be utilized November Revision 3.2

7 equipment is available through IFR Systems, Inc. The IFR Authentication Software was written and produced by IFR Systems, Inc. Since the software, in conjunction with the 1600-CSA, provides a user with full automation capabilities, the hardware and messaging words are software preset and not alterable. This document details the bit settings used within the signaling messages. 1.4 Applicable Documents The following documents are applicable to this Test Plan: CTIA for AMPS Mobile Stations, Revision 4.0, November 2002, CTIA. CTIA Certification Program Management Document, Revision 2.1, September 2002, CTIA. TSB 50: User Interface for Authentication Key Entry TR45.0.A: Common Cryptographic Algorithms, Revision B, June 21, 1995 TIA/EIA/IS-91-A: Mobile Station-Base Station Compatibility Standard for 800 MHz Analog Cellular, November Submitting Units Mobile stations incorporating authentication capabilities will be tested for Authentication as a requirement during the Certification process. Therefore, no additional information will be required from the mobile manufacturer for authentication testing. 1.6 Definitions The following authentication relevant words are used throughout this document. Provided are brief definitions and general use of each word: A-Key: A secret 64-bit pattern stored in the mobile station. It is used to generate / update the mobile station s Shared Secret Data (SSD). The A-Key is used in the mobile station authentication process. AUTH: A 1-bit field in the System Parameter Overhead Message. When set to 1, it signifies that the system supports the authentication process. AUTHBS: Base Station Authentication Response (AUTHBS). An 18-bit pattern generated by the authentication algorithm. AUTHBS is used to confirm the validity of November Revision 3.2

8 base station orders to update the Shared Secret Data (SSD). AUTHR: Authentication Response (AUTHR). An 18-bit output of the authentication algorithm. It is used to validate mobile station registrations, originations, and terminations. Authentication: A procedure used by base stations to validate a mobile station s identity at system access. AUTHU: Unique Challenge Authentication Response (AUTHU). An 18-bit pattern generated by the authentication algorithm. AUTHU is used to support the Unique Challenge Response procedures. AUTHU Procedure: Unique Challenge Response Procedure is an exchange of information between a mobile station and a base station for the purpose of confirming the mobile station s identity. The procedure is initiated by the base station and is characterized by the use of a challenge-specific random number instead of the random variable broadcast globally. COUNTs-p: COUNTs-p is a modulo-64 count held in the mobile station. COUNTs-p is maintained during power off. RANDBS: Base Station Random Variable (RANDBS). A 32-bit random number generated by the mobile station for use in authenticating base station orders to update the Shared Secret Data (SSD). RAND: Random Variable (RAND). A 32-bit random number issued periodically by the base station in two, 16-bit pieces: RAND1_A and RAND1_B. The mobile station stores and uses the most recent version of RAND in the authentication process. RANDC: Random Variable Confirmation (RANDC). An 8-bit number used to confirm the last RAND received by the mobile station. RANDSSD: Shared Secret Data Random Variable (RANDSSD). A 56-bit random number generated by the mobile station s home system. RANDSSD is used in conjunction with the mobile station s A-Key and ESN to generate its Shared Secret Data. RANDU: Unique Random Variable (RANDU). A 24-bit random number generated by the base station in support of the Unique Challenge Response procedure. SSD: Shared Secret Data (SSD). A 128-bit pattern stored in the mobile station (in semipermanent memory) and known by the base station. SSD is a concatenation of two 64-bit subsets; SSD-A, which is used to support the authentication procedures, and SSD-B, which is utilized in the message encryption process, SSD is maintained during power off. November Revision 3.2

9 November Revision 3.2

10 2.1 Setup Item 1: System Parameters Definition Section 2 Setup Items The initial setup stage describes the bit settings used to establish a simulated control channel. Described are the Overhead System Parameters used to establish a communication link. A mobile station will retrieve the systems capabilities, which include authentication, from the system parameters Procedure 1. Using the authentication software the test equipment will be setup for a Control Channel as defined by the user (333 or 334) at a power level of -45 dbm. With the correct NAM and system programming, ensure that the MS is servicing a HOME system. 2. The emulating Base Station (BS) shall setup the System Parameter Overhead Message (SYSPAR) as follows: SYSPAR Word #1 T1T2 M 2 11 DCC M 2 01 System ID M Extended Protocol (EP) M 1 0 AUTH M 1 1 RSVD M 1 0 NAWC M OHD M SYSPAR Word #2 T1T2 M 2 11 DCC M 2 01 Serial (S) M 1 1 Extended Address (E) M 1 1 REGH M 1 1 REGR M 1 1 DTX M 2 00 Number Paging M Channels-1 RCF M 1 1 CPA M 1 1 CMAX-1 M END M 1 1 November Revision 3.2

11 OHD M Unless otherwise re-defined the above table represents the SYSPAR used throughout the evaluation. 2.2 Setup Item 2: Mobile Registration Definition A mobile registration will be performed in order to obtain the mobile s ESN and MIN. This information will be used by the authentication software to calculate a mobile specific Authentication Key (A-Key) Procedure 1. The IFR Authentication Software shall create an A-Key in accordance with the requirements of the Common Cryptographic Algorithm, Revision B. 2. Building upon the SYSPAR Words 1 and 2, as defined in Test Item 1, the emulating Base Station (BS) shall configure the System Parameter Overhead Message (SYSPAR) as follows: Switches to SYSPAR Words 1 & 2 NAWC (Word 1) M END (Word 2) M 1 0 SYSPAR Word #3 T1T2 M 2 11 DCC M 2 01 Registration ID M 20 Random num. (0-1000) END M 1 1 OHD M November Revision 3.2

12 Section 3 Test Items 3.1 Test Item 1: Test Cycles Definition Test Cycles detail the different test configurations used by CTIA during the evaluation of a mobile station for authentication capabilities. Individual test cases have been derived in order to evaluate a mobile station s interpretation and implementation of authentication under various possibilities. To verify each possibility, multiple runs of the IFR Authentication software routine must be performed Procedure 1. The first (1) evaluation shall be used to judge a mobile station s performance while servicing a Home system and to verify the factory assigned default A-Key. The equipment configurations shall be setup in such a manner to ensure that the mobile station is servicing a Home system. This will result in the need to program the mobile s NAM and SID numbers in addition to setting the SID within the simulated base station. To verify the factory set A-Key, the A- Key within the mobile shall remain unchanged. Refer to Test Item 3, Part one. 2. The second (2) evaluation shall be used to judge a mobile station s performance when subjected to authentication incompatibilities and failures. The equipment configurations shall remain equal to the settings during the first evaluation with the exception of ensuring that the A-Key values within the base and mobile station are not equal. When prompted by the simulated base station to enter an A-Key, during Test Item 3, ensure that the A-Key values are unequal. It may be necessary to change the A-Key within the simulated base station to some random value. 3. The third (3) evaluation shall be used to judge a mobile station s performance and ability to correctly incorporate a random A-Key. The equipment configurations shall be setup in such a manner to ensure that the mobile station is servicing a Home system. This will result in the need to program the mobile s NAM and SID numbers in addition to setting the SID within the simulated base station. The A-Key value within the simulated base station shall also be set to some random 20-digit number. Following the prompts within the Authentication Software, program the mobile station to the value calculated. The mobile s A-Key must be altered/changed to the value indicated by the IFR Authentication Software. Refer to Test Item 3, Part two. November Revision 3.2

13 4. The fourth (4) evaluation shall be used to judge a mobile station s performance in a Roam environment. The equipment configurations shall be setup in such a manner to ensure that the mobile station is servicing a Roam system. This can typically be accomplished by changing the SID value within the simulated base station to a value not equal to that within the mobile station. There should be no need to change the mobile s A-Key during this evaluation. Therefore, Test Item 3 can be skipped. 5. With the mobile station set for the different configurations, all Test Items (except those defined) shall be repeated and the mobile s performance noted. 6. Due to a mobile station s ability to incorporate several individual NAM numbers, the need arises for the evaluation of authentication using multiple A-Keys. If a mobile station maintains two NAM numbers, the above evaluations shall be performed for both NAM1 and NAM2. If the mobile station maintains more then two NAM numbers, the first two NAM numbers (NAM1 and NAM2) shall be evaluated, and the remaining NAM numbers evaluated by the verification of the mobile s ability to differentiate between A-Keys and NAM number assignments. 7. CTIA will typically program a mobile station with a NAM1 equal to 202/ , a NAM2 equal to 202/ , and a System Identification (SID) equal to 13 and 14 respectively. If a mobile station incorporates more then two NAM numbers, random numbers will be derived for the remaining NAM locations. 3.2 Test Item 2: General Security & the Authentication Key Definition The Authentication Key (A-Key) is a 6 to 26-digit (including the checksum) mobile specific number typically generated by the mobile s manufacturer at the factory. Due to its specific and secretive nature, its storage locations have been restricted to two specific areas, the specific mobile station and the mobile station s home location register (HLR). Using both common and mobile specific information, a HLR and mobile will have the ability to simultaneously and independently update a mobile-tocarrier shared secret data sequence. The independent outcome and use of the mobile specific Shared Secret Data (SSD) will verify a mobile s identity by acting as a mobile fingerprint Security Understanding that a mobile s A-Key and SSD are specific and unique to a mobile, certain security procedures must be followed. Like a mobile s Electronic Serial Number (ESN), which is also a secured mobile specific number, an A-Key and SSD should not be alterable or electronically removable from a mobile unit. In contrast, November Revision 3.2

14 unlike an ESN, provisions have been incorporated that allow for an A-Key to be updated and changed. Despite this provision, the effort must be undertaken to ensure the mobile s A-Key and SSD integrity. 1) An A-Key value shall not be visible/readable through a mobile s display, or electronically removable through a mobile s data port. 2) An A-Key shall adhere to the same tampering guidelines as defined for ESN security. 3) A secure method of transferring a mobile s manufacturer assigned A-Key to the mobile s Home Location Register/Authentication Center (HLR/AC) must be observed. 4) A mobile s SSD value shall not be accessible to an external device; visible through a mobile s display; or electronically removable or programmable through a mobile s data port A-Key Value In the effort to utilize an A-Key s maximum potential, CTIA encourages the use of a random 20-digit A-Key value. For the purpose of CTIA Certification, a mobile s authentication capability will be judged using both a random and a default (zeros) A- Key. 3.3 Test Item 3: A-Key Entry Definition Mobile stations must provide a means for A-Key entry using the mobile s keypad and display. In addition, mobile stations must discontinue and disable transmission during the A-Key entry. The preferable means of entering the A-Key into the mobile is defined in TSB 50, User Interface for Authentication Key Entry. A mobile station will be evaluated using both the mobile s default A-Key, as assigned by the manufacturer, and with a 20-digit random value assigned from CTIA Procedure Part one: 1. During the initial evaluation, set the A-Key value within the IFR Authentication Software to the value originally assigned by the mobile manufacturer, and start the software routine. November Revision 3.2

15 2. Verify that the IFR Authentication software calculated an A-Key checksum equal to the A-Key stored in the mobile station. If the values are equal, skip the remaining A-Key entry procedure. Part two: 1. After the initial evaluation run, set the A-Key value within the IFR Authentication Software to any 20-digit random number, and restart the authentication routine. 2. Once the A-Key and checksum have been calculated, enter the calculated value into the mobile station. 3. The key sequence should be as follows; (TSB 50) Press 2, 5, 3, 9, function, function. It is desirable (but not required) that the mobile displays the NAM associated to the specific A-Key. Enter the A-Key and calculated checksum. Once entered, press store, store. The MS shall internally verify the A-Key and upon completion indicate a valid A-Key entry. 4. Using the same entry procedure, attempt to re-enter a random 26-digit A-Key. 5. Verify that the MS internally verifies the A-Key and upon completion indicates an invalid A-Key entry. 6. Start the software routine. 7. Once the authentication software routine is complete, use the IFR test equipment to setup the proper messaging sequence to establish a normal conversation on any channel. 8. Verify that upon an attempt to enter into the A-Key programming mode, the mobile station either ignores the attempt, or powers down its transmitter to allow entry Results: Test Item Valid A-Key Entry Invalid A-Key Entry Transmitter Off During A-Key Entry Results PASS/FAIL PASS/FAIL YES/NO 3.4 Test Item 4: SSD Update Definition A SSD Update, as commanded by the base station, is initialized with mobile specific November Revision 3.2

16 information, random data, and the mobile station s A-Key. In order to eliminate security risk and the need to pass an A-Key itself from system to system as the mobile Roams, the SSD update procedure must be carried out only in the mobile station and its associated Home Location Register (HLR). Serving systems can obtain a copy of the SSD computed by the Home Location Register/Authentication Center (HLR/AC) via intersystem communications (IS-41) Procedure 1. The emulating BS shall setup the appropriate messaging to order the MS to perform a SSD Update. Refer to Figure 1 for a detailed block diagram. Figure 1 Authentication SSD Update Message MOBILE STATION AIR BASE STATION ESN (32-BITS) A-KEY (64-BITS) RANDSSD (56-BITS) INTERFACE RANDSSD (56-BITS) RANDSSD ESN A-KEY (64-BITS) (32-BITS) CAVE ALGORITHM CAVE ALGORITHM (128-BITS) (NEW) (128-BITS) (128-BITS) (64-BITS) SSD-B SSD-A (64-BITS) (64-BITS) SSD-A SSD-B (64-BITS) MIN1 RANDBS RANDBS RANDBS MIN1 (32-BITS) (32-BITS) CAVE ALGORITHM CAVE ALGORITHM (18-BITS) (18-BITS) AUTHBS ( = ) AUTHBS AUTHBS AUTHBS RESULT COMPARED RESULTS COMPARED RESULTS 2. Building on the SYSPAR Words 1 and 2, as defined in Setup Item 1, the emulating Base Station (BS) shall append/configure the following mobile station control messages as follows: Mobile Control Message Word 1 November Revision 3.2

17 T1T2 M 2 01 DCC M 2 01 MIN1 M Mobile Control Message Word 2 T1T2 M 2 10 SCC M 2 11 MIN2 M EF M 1 0 LOCAL M ORDQ M ORDER M Mobile Control Message Word 3 T1T2 M 2 10 SCC M 2 11 RANDSSD1 M 24 Random (2 N ) Mobile Control Message Word 4 T1T2 M 2 10 SCC M 2 11 RANDSSD2 M 24 Random (2 N ) Mobile Control Message Word 5 T1T2 M 2 10 SCC M 2 11 RANDSSD3 M 8 Random (2 N ) 3. On sending the SSD Update order to the MS, the BS will calculate a temporary SSD, SSD-A_NEW and SSD-B_NEW, using the transmitted RANDSSD. It will then wait for the mobile station s transmission of a base station challenge order. 4. On receiving a SSD Update order, the MS shall calculate its temporary SSD, SSD-A_NEW and SSD-B_NEW, using the transmitted RANDSSD. The MS November Revision 3.2

18 may at anytime transmit back to the BS a base station challenge order which will include RANDBS. RECC Message Word 1 F M 1 1 NAWC M T M 1 1 S M 1 1 E M 1 1 ER M 1 0 SCM M 4 mobile depended MIN1 M November Revision 3.2

19 RECC Message Word 2 F M 1 0 NAWC M LOCAL M ORDQ M ORDER M LT M 1 0 EP M 1 0 RSVD M 1 0 RSVD M 2 00 RECC Message Word 2 (cont) SDCC1 M 2 00 SDCC2 M 2 00 MIN2 M RECC Message Word 3 (Serial) F M 1 0 NAWC M SERIAL M 32 MS ESN RECC Message Word 4 (RANDBS) F M 1 0 NAWC M RANDBS M 32 MS 32-bit random number 5. Using the RANDBS and its temporary SSD-A_NEW, the BS shall calculate AUTHBS and send the results back to the MS. 6. Building upon the SYSPAR Words 1 and 2, as defined in Setup Item 1, the emulating Base Station (BS) shall append/configure the following mobile station control messages as follows: Mobile Control Message Word 1 T1T2 M 2 01 November Revision 3.2

20 DCC M 2 01 MIN1 M Mobile Control Message Word 2 T1T2 M 2 10 SCC M 2 11 MIN2 M EF M 1 0 LOCAL M ORDQ M ORDER M Mobile Control Message Word 3 T1T2 M 2 10 SCC M 2 11 RSVD M 2 00 AUTHBS M bit CAVE result RSVD M On receiving the BS AUTHBS, the MS shall compare its internally calculated AUTHBS to the calculated BS AUTHBS and transmit back a confirmation order which indicates either a SSD Update success or failure. 8. As configured, either with the MS in the HOME or ROAM mode, the MS must respond with a SSD Update successful indication. 9. On a SSD Update successful indication, the BS and MS shall set their SSD-A and SSD-B values to SSD-A_NEW and SSD-B_NEW Results Mobile in Home Mode Test Item Mobile HOME MS AUTHBS BS AUTHBS PASS /FAIL Results November Revision 3.2

21 Mobile in Roam Mode Test Item Mobile ROAM MS AUTHBS BS AUTHBS PASS /FAIL Results 3.5 Test Item 5: Unique Challenge Response Definition A Unique Challenge-Response procedure is initiated by the base station and can be carried out over any channel combination. If the base station s AUTHU is not equal to the mobile station s AUTHU, the base station may deny further access by the mobile station Procedure 1. The emulating BS shall setup the appropriate messages to order the MS to perform a Unique Challenge. Refer Figure 2 for a detailed block diagram. November Revision 3.2

22 Figure 2 Unique Challenge Response MOBILE STATION AIR INTERFACE BASE STATION ESN (32-BITS) MIN2 (8-BITS) RANDU (24-BITS) RANDU (24-BITS) MIN2 (8-BITS) ESN (32-BITS) MIN1 (24-BITS) SSD-A (64-BITS) RANDU MIN1 (24-BITS) SSD-A (64-BITS) CAVE ALGORITHM CAVE ALGORITHM AUTHU (18-BITS) AUTHU AUTHU (18-BITS) AUTHU (18-BITS) IF COMPARISON FAILS, BMI MAY DENY FURTHER ACCESS, OR SEE SSD UPDATE. The following defines the messaging protocol. 2. Building on the SYSPAR Words 1 and 2, as defined in Setup Item 1, the emulating Base Station (BS) shall append/configure the following messages: Change to SYSPAR Word 1 NAWC M Change to SYSPAR Word 2 END M 1 0 SYSPAR Word 3 T1T2 M 2 11 DCC M 2 01 ACT M November Revision 3.2

23 RAND1_A M 16 random (2 N ) END M 1 0 OHD M SYSPAR Word 4 T1T2 M 2 11 DCC M 2 01 ACT M RAND1_B M 16 random (2 N ) END M 1 1 OHD M Mobile Control Message Word 1 T1T2 M 2 01 DCC M 2 01 MIN1 M Mobile Control Message Word 2 T1T2 M 2 10 SCC M 2 11 MIN2 M EF M 1 0 LOCAL M ORDQ M ORDER M Mobile Control Message Word 3 T1T2 M 2 10 SCC M 2 11 RANDU M 24 random (2 N ) 3. On receiving the Unique Challenge order, the MS must internally calculate AUTHU using its internally stored SSD-A and the RANDU received from the BS. November Revision 3.2

24 4. On completion, the MS must transmit the results back to the BS for AUTHU comparison. As configured, the MS and BS AUTHU shall be equal Results Mobile in Home Mode Test Item MS AUTHU BS AUTHU PASS /FAIL Mobile in Roam Mode Test Item MS AUTHU BS AUTHU PASS /FAIL Results Results 3.6 Test Item 6: Origination with Authentication Definition Base stations and mobile stations utilizing authentication capabilities will attempt to perform authentication upon a mobile station s origination. When upon a successful base station comparison of the AUTHR, a mobile station will receive the appropriate channel assignment. If the comparison fails, the base station may deny service, initiate a Unique Challenge-Response, or initiate a SSD Update Procedure 1. The emulating BS shall setup the appropriate messaging in order to allow the MS to perform an origination. Refer to Figure 3 for a detailed block diagram. November Revision 3.2

25 Figure 3 Origination with Authentication RAND (32-BITS) MOBILE STATION ESN (32-BITS) AIR INTERFACE RANDC COUNT s-p BASE STATION DIGITS (24-BITS) SSD-A (64-BITS) RANDC COUNT s-p AUTHR CAVE ALGORITHM AUTHR (18-BITS) AUTHENTICATION MESSAGE VALUES STORED = VALUES RECEIVED RAND (32-BITS) DIGITS (24-BITS) SSD-A ESN (32-BITS) (64-BITS) RANDC COUNT s-p AUTHR CAVE ALGORITHM AUTHR (18-BITS) AUTHR (18-BITS) IF COMPARISON FAILS, BMI MAY DENY SERVICE INITIATE UNIQUE CHALLENGE RESPONSE, OR PERFORM SSD UPDATE 2. The system parameters will be set as defined in Test Item 5, Unique Challenge. 3. An origination from the mobile shall be attempted using a dialing sequence of any 10 digits. 4. Taking the last 6 digits dialed, the MS shall internally calculate AUTHR using its internally stored SSD-A. Upon completion, the MS must transmit the calculated AUTHR, RANDC, COUNTs-p, and the origination request back to the BS. RECC Message Word 1 F M 1 1 NAWC M T M 1 1 S M 1 1 E M 1 1 ER M 1 0 SCM M 4 MS depended MIN1 M November Revision 3.2

26 11 RECC Message Word 2 F M 1 1 NAWC M LOCAL M ORDQ M ORDER M LT M 1 0 EP M 1 0 RSVD M 1 0 RSVD M 2 00 SDCC1 M 2 00 SDCC2 M 2 00 MIN2 M RECC Message Word 3 (Serial Number) F M 1 0 NAWC M SERIAL M 32 MS ESN RECC Message Word 3 Authentication)) F M 1 0 NAWC M COUNT M 6 MS modulo-64 count RANDC M 8 derived number AUTHR M bit CAVE result RECC Message Word 4 F M 1 0 NAWC M st Digit M 4 dialed digit etc... M 4 repeat for digits th Digit M 4 dialed digit November Revision 3.2

27 RECC Message Word 5 F M 1 0 NAWC M th Digit M 4 dialed digit etc... M 4 repeat for digits th Digit M 4 dialed digit 5. Using the data supplied by the MS, the BS shall calculate AUTHR using its internally stored SSD-A. 6. As configured, the MS and BS AUTHU shall be equal Results Mobile in Home Mode Test Item MS AUTHR BS AUTHR PASS /FAIL Results Mobile in Roam Mode Test Item MS AUTHR BS AUTHR PASS /FAIL Results 3.7 Test Item 7: Termination with Authentication Definition Base stations and mobile stations utilizing authentication capabilities will attempt to perform authentication upon a mobile station s page match. When upon a successful base station comparison of the AUTHR, a mobile station will receive the appropriate channel assignment. If the comparison fails, the base station may deny service, initiate a Unique Challenge-Response, or initiate a SSD Update. November Revision 3.2

28 3.7.2 Procedure 1. The emulating BS shall setup the appropriate messaging in order to successfully complete a two word page with the MS. 2. With the AUTH bit set to 1, and a Page match established, the MS shall internally calculate AUTHR using its internally stored SSD-A. Refer to Figure 4 for a detailed block diagram. Figure 4 Origination with Authentication MOBILE STATION AIR INTERFACE BASE STATION PAGE MATCH PAGE RANDC COUNT s-p RAND (32-BITS) MIN1 (24-BITS) ESN (32-BITS) SSD-A (64-BITS) RANDC COUNT s-p AUTHR VALUES STORED = VALUES RECEIVED RAND (32-BITS) ESN (32-BITS) CAVE ALGORITHM AUTHR (18-BITS) AUTHENTICATION MESSAGE MIN1 SSD-A (24-BITS) (64-BITS) CAVE ALGORITHM RANDC COUNT s-p AUTHR AUTHR (18-BITS) AUTHR (18-BITS) IF COMPARISON FAILS, BMI MAY DENY SERVICE, PERFORM UNIQUE CHALLENGE-RESPONSE, OR PERFROM SSD UPDATE 3. On completion, the MS shall transmit back to the BS the calculated AUTHR, RANDC, COUNTs-p, and Page Match confirmation as follows: RECC Message Word 1 F M 1 1 NAWC M T M 1 0 S M 1 1 November Revision 3.2

29 E M 1 1 ER M 1 0 SCM M 4 MS depended MIN1 M RECC Message Word 2 F M 1 1 NAWC M LOCAL M ORDQ M ORDER M LT M 1 0 EP M 1 0 RSVD M 1 0 RSVD M 2 00 SDCC1 M 2 00 SDCC2 M 2 00 MIN2 M RECC Message Word 3 (Serial Number) F M 1 0 NAWC M SERIAL M 32 MS ESN RECC Message Word 3 Authentication)) F M 1 0 NAWC M COUNT M 6 MS modulo-64 count RANDC M 8 derived number AUTHR M bit CAVE result 4. Using the received data, the BS shall calculate AUTHR using its internally stored SSD-A. 5. As configured, the MS and BS AUTHR shall be equal. November Revision 3.2

30 3.7.3 Results Mobile in Home Mode Test Item MS AUTHR BS AUTHR PASS /FAIL Mobile in Roam Mode Test Item MS AUTHR BS AUTHR PASS /FAIL Results Results 3.8 Test Item 8: Registration with Authentication Definition Base stations and mobile stations utilizing authentication capabilities will attempt to perform authentication upon a mobile station s attempt to register. If the base station s comparison of AUTHR fails, the base station may deny service, initiate a Unique Challenge-Response, or initiate a SSD Update Procedure 1. The emulating BS shall setup the appropriate messaging in order to successfully complete a registration with the MS. Refer to Setup Item 1, Initial Setup for SYSPAR settings. 2. With the AUTH bit set to 1, any MS attempt to register shall cause the MS to internally calculate AUTHR using its internally stored SSD-A. Refer to Figure 5 for a detailed block diagram. November Revision 3.2

31 Figure 5 Registration with Authentication RAND (32-BITS) MOBILE STATION ESN (32-BITS) AIR INTERFACE RANDC COUNT s-p BASE STATION MIN1 (24-BITS) CAVE SSD-A (64-BITS) AU TH EN TIC ATI ON ME SS AG E RANDC COUNT s-p AUTHR VALUES STORED = VALUES RECEIVED RAND (32-BITS) ESN (32-BITS) AUTH (18-BITS) MIN1 (24-BITS) SSD-A (64-BITS) RANDC COUNT s-p AUTHR CAVE AUTH (18-BITS) AUTH (18-BITS) if COMPARISON FAILS, SEE UNIQUE CHALLENGE RESPONSE, OR SSD UPDATE. 3. On calculation, the MS shall transmit to the BS the calculated AUTHR, RANDC, and COUNTs-p as defined in Test Item 7, Termination. 4. Using the received data, the BS shall calculate AUTHR using its internally stored SSD-A. 5. As configured, the MS and BS AUTHR shall be equal Results Mobile in Home Mode Test Item MS AUTHR BS AUTHR PASS /FAIL Mobile in Roam Mode Test Item Results Results November Revision 3.2

32 MS AUTHR BS AUTHR PASS /FAIL 3.9 Test Item 9: SSD Update on a FVC Definition An SSD Update, as commanded by the base station, is initialized with mobile specific information, random data, and the mobile station s A-Key. In order to eliminate the need to pass the A-Key itself from system to system as the mobile ROAMS, the SSD update procedure must be carried out only in the mobile station and its associated Home Location register (HLR). Serving system obtains a copy of the SSD computed by the Home Location Register/Authentication Center (HLR/AC) via intersystem communications (IS-41) Procedure 1. The emulating BS shall setup the appropriate messaging in order to successfully establish a normal conversation on an analog voice channel. 2. Once a FVC has been established, the following mobile station control messages will be sent. Mobile Station Control Message Word 1 T1T2 M 2 10 SCC M 2 11 PSCC M 2 01 EF M 1 0 RSVD M LOCAL M ORDQ M ORDER M Mobile Station Control Message Word 2 T1T2 M 2 01 RANDSSD_1 M 24 Random (2 N ) RSVD M 2 00 Mobile Station Control Message Word 3 November Revision 3.2

33 T1T2 M 2 01 RANDSSD_2 M 24 Random (2 N ) RSVD M 2 00 Mobile Station Control Message Word 4 T1T2 M 2 01 RANDSSD_3 M 8 Random (2 N ) RSVD M On the BS transmission of a SSD Update order, it shall calculate and create a temporary SSD, SSD-A_NEW and SSD-B_NEW. 4. On the MS receiving a SSD Update order, it shall calculate and create a temporary SSD, SSD-A_NEW and SSD-B_NEW. 5. The MS may at any time during the initial stage of a SSD Update transmit back to the BS a base station challenge order which will include RANDBS. Base Station Challenge Order Message Word 1 F M 1 1 NAWC M 2 01 T M 1 1 LOCAL M ORDQ M ORDER M RSVD M Base Station Challenge Order Message Word 2 F M 1 0 NAWC M 2 00 T M 1 1 RANDBS M 32 random number 6. Using RANDBS and its internally calculated temporary SSD-A_NEW, the BS shall calculate AUTHBS and transmit the results back to the MS. Mobile Station Control Message Word 1 November Revision 3.2

34 T1T2 M 2 10 SCC M 2 11 PSCC M 2 01 EF M 1 0 RSVD M LOCAL M ORDQ M ORDER M Mobile Station Control Message Word 2 T1T2 M 2 01 RSVD M AUTHBS M bit CAVE result RSVD M On receiving AUTHBS from the BS, the MS shall compare the result to its internally calculated AUTHBS in which it used its temporary SSD, SSD- A_NEW. 8. On a successful SSD Update indication, the MS and BS shall set their SSD-A and SSD-B to the values of SSD-A_NEW and SSD-B_NEW. With a failure indication, the SSD values shall remain unchanged Results Mobile in Home Mode Test Item MS AUTHBS BS AUTHBS PASS /FAIL Mobile in Roam Mode Test Item MS AUTHBS BS AUTHBS PASS /FAIL Results Results November Revision 3.2

35 3.10 Test Item 10: Unique Challenge on a FVC Definition A Unique Challenge-Response procedure is initiated by the base station and can be carried out over any channel combination. If the base station s AUTHU is not equal to the mobile station s AUTHU, the base station may deny further access by the mobile station Procedure 1. The emulating BS shall setup the appropriate messaging in order to successfully establish a normal conversation on an analog voice channel. 2. Once a FVC has been established, the following mobile station control messages will be sent. Mobile Station Control Message Word 1 T1T2 M 2 10 SCC M 2 11 PSCC M 2 01 EF M 1 0 RSVD M LOCAL M ORDQ M ORDER M Mobile Station Control Message Word 2 T1T2 M 2 01 RSVD M 2 00 RANDU M 24 random number 3. On the MS receiving the Unique Challenge Order, the MS shall calculate AUTHU using its internally stored SSD-A. 4. On completion, the MS shall transmit back to the BS the calculated AUTHU as follows: November Revision 3.2

36 Reverse Voice Channel Word 1 F M 1 1 NAWC M 2 00 T M 1 1 LOCAL M ORDQ M ORDER M AUTHU M bit CAVE result RSVD M Using the received data, the BS shall calculate AUTHU using its internally stored SSD-A and compare the two. The result shall be a successful indication Results Mobile in Home Mode Test Item Results MS AUTHR BS AUTHR PASS /FAIL Mobile in Roam Mode Test Item Results MS AUTHR BS AUTHR PASS /FAIL November Revision 3.2

37 APPENDIX A Revision History Date Revision Description July 1996 Clarified the procedures and included additional information in all areas Introduced area detailing mobile submission procedures Added language governing multiple certifications Changed format, introduced Setup Items section Renumbered sections Introduced Authentication Key test item, and A- Key security Modified test criteria July 1997 Changed NAWC fields in FOCC Messages Changed NAWC fields in FOCC Messages July 1998 Revision 3.1 Reformatted all sections November 2002 Revision 3.2 Reformatted all sections Added references to CTIA Certification Program Test Plan for AMPS Mobile Stations and CTIA Certification Program Management Document Removed references to CTIA Authentication Seal and CTIA Authentication Certification November Revision 3.2