Authentication Information Screen

Last updated: July 22, 2008

This section is only applicable to the lab application and to a test application with the required feature license.

The Authentication Information screen provides the detailed test results for the Global Challenge, Unique Challenge and SSD Update when performed, as well as the authentication parameters associated with the last authentication.

To access the Authentication Information screen, press the Authentication ( F2 ) on the Call Control 3 of 3 (in the Test Application) or Call Control 3 of 5 (in the Lab Application). It consists of four windows:

Global Challenge Information

The Global Challenge Information window provides the detailed test results associated with a Global Challenge Operation .

Global Challenge Type
Indicates the type of the Global Challenge authentication that is performed. It is determined according to the access channel messages received. It can be Origination, Page Response, Data Burst, or Registrations (such as Power Up, Timer based, Zone based registrations) Global Challenge.

GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:TYPE?
Global Challenge Overall Result
Indicates the overall pass/fail result for the Global Challenge authentication that is performed. The Global Challenge result indicates Pass only when all of the AUTHR, RANDC, Call History and AUTH_MODE results are Pass (see Result values (pass/fail) ).

GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:RESult?
Expected values
This column provides the global challenge authentication data calculated and maintained by the test set. They are compared with the Received values to verify whether the global challenge authentication passes or fails.
- Expected AUTHR (Hex)
  Indicates the value of authentication response AUTHR, which is calculated by the test set in the same manner that the MS does, but using its internal stored parameters such as SSD_A value, RAND, etc. See Computation of AUTHR .
  
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:RESPonse:EXPected?
- Expected RANDC (Hex)
  Indicates the eight most significant bits (first two hexadecimal digits) of the RAND you specified on the Global Challenge Random (RAND) (Hex) field.
  
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:CRANdom:EXPected?
- Expected Call History (COUNT)
  Indicates the expected value of call history parameter. It is empty (non-available) when the test set powers up or fully preset.
  
  When the Global Challenge is set to On, each time a registration is performed, the test set compares the received COUNT with the Expected COUNT to determine the COUNT pass/fail result. After the comparison, the test set will set the Expected COUNT value to the Received COUNT value for the next global challenge.
  
  NOTE
  The Expected COUNT is empty (non-available) in the first registration global challenge. The COUNT result indicates Fail until the next registration when an Expected COUNT value is available.
  
  When Global Challenge is set to On, each time a call is established, the test set sends a Parameter Update Order message to the MS. Upon receiving the Parameter Update Order message, the MS increases its internal stored COUNT value by one. If the test set receives the Parameter Update Confirmation Order message from the MS, the test set increases its internal stored COUNT value by one.
  
  NOTE
  The test set does not prompt a warning message if the MS rejects the Parameter Update Order message or the test set fails to receive the response before timeout expires. This may cause the next global challenge authentication fails due to the mismatched COUNT values stored in the test set and MS.
  
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:CHIStory:EXPected?
- Expected AUTH_MODE: Indicates the authentication mode specified in the test set. When the Global Challenge is set to On, this value equals 1. When the Global Challenge is set to Off, this value equals 0 (zero).
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:MODE:EXPected?
Received values
This column provides the global challenge authentication data received in the Registration Message , Origination Message , Page Response Message , or the Data Burst Message from the MS. They are used to compare with the Expected values to verify whether the global challenge authentication passes or fails.
- Received AUTHR (Hex)
  Indicates the value of authentication response AUTHR, calculated by the MS using the Auth_Signature procedure with its internal stored parameters such as the SSD_A, ESN, IMSI_S1 or Dialed Digits, and RAND as the input parameters. See Computation of AUTHR .
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:RESPonse:RECeived?
- Received RANDC (Hex)
  Indicates the eight most significant bits of the RAND which is obtained in the Access Parameters Message or ANSI-41 RAND Message from the test set.
  
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:CRANdom:RECeived?
- Received Call History (COUNT)
  Indicates the value of call history parameter (COUNT), which is a modulo-64 event counter maintained by the MS used for clone detection. It is updated by the MS when a Parameter Update Order is received. See Expected Call History (COUNT) for details.
  
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:CHIStory:RECeived?
- Received AUTH_MODE: Indicates the authentication mode used by the MS.
  GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:MODE:RECeived?
Result values (pass/fail)
This column provides the pass/fail.result for each global challenge authentication data: AUTHR, RANDC, COUNT and AUTH_MODE, indicating whether each received value matches the expected value. The Global Challenge Overall Result indicates Pass only when all of these results indicate Pass.

GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:RESPonse:RESult? , CALL:SECurity:AUTHenticate:GCHallenge:CRANdom:RESult? , CALL:SECurity:AUTHenticate:GCHallenge:CHIStory:RESult? , CALL:SECurity:AUTHenticate:GCHallenge:MODE:RESult?

Unique Challenge Information

The Unique Challenge Information window provides the detailed test results associated with a Unique Challenge Operation .

Unique Challenge Type
Indicates the type of the Unique Challenge authentication. It is determined according to the channel on which the Authentication Challenge Message is set. It can be Paging Channel, Control Channel or Traffic Channel Unique Challenge.
- If the Unique Challenge Operation is performed in idle state, the Authentication Challenge Message is sent on the paging channel if the current control channel is F-PCH/R-ACH or on the common control channel if the current control channel is F-BCCH/F-CCCH/R-EACH (see Control Channel Configuration ).
- If the Unique Challenge Operation is performed while in a call, the Authentication Challenge Message is sent on the traffic channel.
GPIB Command: CALL:SECurity:AUTHenticate:UCHallenge:TYPE?
Unique Challenge Result
Indicates the pass/fail result of the associated Unique Challenge authentication. It indicates Pass when the AUTHU Result is Pass.

GPIB Command: CALL:SECurity:AUTHenticate:UCHallenge:RESult?
Expected AUTHU CALL:SECurity:AUTHenticate:UCHallenge:RESPonse:RESult?
Indicates the value of AUTHU, which is calculated by the test set in the same manner that the MS does, but using its internal stored parameters (RANDU, SSD_A, ESN, IMSI_S1 and IMSI_S2). See Computation of AUTHU .

GPIB Command: CALL:SECurity:AUTHenticate:UCHallenge:RESPonse:EXPected?
Received AUTHU
Indicates the value of AUTHU, which is calculated by the MS using the Auth_Signature procedure with its internal stored parameters (RANDU, SSD_A, ESN, IMSI_S1 and IMSI_S2). It is sent to the test set in the Authentication Challenge Response Message during a Unique Challenge Operation .

GPIB Command: CALL:SECurity:AUTHenticate:UCHallenge:RESPonse:RECeived?
AUTHU Result
Indicates whether the Received AUTHU matches the Expected AUTHU . If the values match, the AUTHU result indicates Pass. Otherwise, the result is Fail.

GPIB Command: CALL:SECurity:AUTHenticate:UCHallenge:RESPonse:RESult?

SSD Update Information

The SSD Update Information window provides the detailed test results associated with an SSD Update Operation .

SSD Update Type - Indicates the type of the SSD Update operation. It is determined according to the channel on which the SSD Update Message is sent. It can be Paging Channel, Control Channel or Traffic Channel SSD Update.
- If the SSD Update Operation is performed in idle state, the SSD Update Message is sent on the paging channel if the current control channel is F-PCH/R-ACH or on the common control channel if the current control channel is F-BCCH/F-CCCH/R-EACH (see Control Channel Configuration ).
- If the SSD Update Operation is performed while in a call, the SSD Update Message is sent on the traffic channel.
GPIB Command: CALL:SECurity:AUTHenticate:SUPDate:TYPE?
SSD Update Result: Indicates whether the SSD Update Operation is performed successfully.
GPIB Command: CALL:SECurity:AUTHenticate:SUPDate:RESult?

Authentication Parameters

This window provides the authentication parameters that are used by the test set to calculate the expected AUTHR, expected AUTHU, or the AUTHBS for the related authentication operations. The A-Key, RAND, RANDU, RANDSSD can be set from the Setting Authentication Parameters menu.

A-Key/Check Digits (Dec)
Indicates the A-Key you entered on the test set (see A-Key (Dec) ) and the Check Digits generated by the test set.
- If the current Cell Band is Korean PCS, the test set will generate the correct 6 decimal check digits based on the A_key using LGIC algorithm.
- If the current Cell Band is not Korean PCS:
  - if the "Normal" check digits algorithm is in use:
    - the test set will generate the correct 6 decimal check digits based on the A_Key and ESN using the CAVE algorithm;
    - the check digits will be regenerated whenever the A_Key or the ESN is updated.
  - If the "Alternate" check digits algorithm is in use:
    - the test set will generate the correct 6 decimal check digits based on the A_Key and MEID using the CAVE algorithm;
    - the check digits will be regenerated whenever the A_Key or the MEID is updated.
  - switching the check digits algorithm between "Normal" and "Alternate" results in the check digits regeneration;
  - If the ESN is not available, the check digits will be Null.
- Switching the Cell Band between Korean PCS and other bands results in the check digits regeneration.
The check digits are part of the A-Key and provide a method for checking A-Key validity. For example, compare the check digits generated by the test set with the last 6 digits of the MS's A-Key. If they do not match, one of the A-Key is invalid.

GPIB Command: CALL:SECurity:AUTHenticate:SUPDate:AKEY , CALL:SECurity:AUTHenticate:SUPDate:CDIGits? )
SSD_A = 0
When the SSD_A value in the test set is zero, the SSD_A=0 indicates True. Otherwise, it will be False.
- When the test set powers up or fully presets, or whenever you enter a new A-Key value (see A-Key (Dec) ) into the test set, the SSD_A value in the test set is initialized to zero and SSD_A=0 indicates True.
- When an SSD Update Operation is successfully performed, SSD_A is updated to a new value and the SSD_A=0 indicates False.
GPIB Command: CALL:SECurity:AUTHenticate:SSDA:ZERO?
RAND (Hex)Indicates the random challenge data used in the Global Challenge Operation . It is corresponding to what you set on the Global Challenge Random (RAND) (Hex) field.
GPIB Command: CALL:SECurity:AUTHenticate:GCHallenge:RANDom
RANDU (Hex)
Indicates the random challenge data used in the Unique Challenge Operation . It is corresponding to what you set on the Unique Challenge Random (RANDU) (Hex) field.

GPIB Command: CALL:SECurity:AUTHenticate:UCHallenge:RANDom
RANDSSD (Hex)
Indicates the random data used in SSD Update Operation . It is corresponding to what you set on the SSD Update Random (RANDSSD) (Hex) field.

GPIB Command: CALL:SECurity:AUTHenticate:SUPDate:RANDom
ESN (Hex)
Indicates the MS's electronic serial number (ESN) obtained via MS registration (see Mobile Reported Information ). Authentication procedures rely on ESN to generate valid A-Keys and other values used for checking the validity of the SSD_A.

GPIB Command: CALL:MS:REPorted:ESNumber:HEX?
IMSI_S2/IMSI_S1 (Dec)
An IMSI_S, a 10-digit (34-bit) number, consists of 3- and 7-digit parts that are called IMSI_S2 and IMSI_S1 respectively.

The IMSI_S2 and IMSI_S1 are used for AUTHR, AUTHU and AUTHBS calculations during the Global Challenge Operation , Unique Challenge Operation , and SSD Update Operation .

IMSI_S is derived from the IMSI. When the MS registers to the test set, the IMSI is displayed on the Mobile Reported Information screen. When an IMSI has ten or more digits, IMSI_S is equal to the last ten digits. When an IMSI has fewer than ten digits, the least significant digits of IMSI_S are equal to the IMSI and zeros are added to the most significant side to obtain a total of ten digits.

GPIB Command: CALL:STATus:PAGing:IMSI:S1? , CALL:STATus:PAGing:IMSI:S2?

Authentication Information Screen

Global Challenge Information

Unique Challenge Information

SSD Update Information

Authentication Parameters

Related Topics