L.3 Finding the GBA key Ks during or after the Ub protocol run

33.2203GPPGeneric Authentication Architecture (GAA)Generic Bootstrapping Architecture (GBA)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

For BSF-to-UE authentication and for establishment of the key Ks, the solution relies on both, GSM security and TLS security. The attacker needs to know all the parameters of the GSM triplet, in particular Kc, and additionally break the TLS security, as the attacker also needs to know the Ks-input parameter confidentially transmitted by the BSF over TLS. Breaking GSM security after the Ub protocol run alone does not provide sufficient information to break 2G GBA.