B.2 Entities and security information

3GPP43.020Release 17Security related network functionsTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

B.2.1 Home Location Register (HLR)

If required, sets of Kc, RAND and SRES coupled to each IMSI are stored in the HLR.

B.2.2 Visitor Location Register (VLR)

Sets of Kc, RAND and SRES coupled to each IMSI are stored in the VLR. In addition the CKSN, LAI and TMSI are stored together with the presumed valid Kc.

After a new TMSI is generated, both the old and the new TMSI are stored. When the old TMSI is no longer valid, it is removed from the database.

B.2.3 Mobile services Switching Centre (MSC)/Base Station System (BSS)

Encryption algorithm A5 is stored in the MSC/BSS.

Call related information stored in the MSC includes the ciphering key Kc and CKSN associated with the identity of the mobile engaged in this call.

After a new TMSI is generated, both the old and the new TMSI are stored. When the old TMSI is no longer valid, it is removed from the database.

B.2.4 Mobile Station (MS)

The mobile station stores permanently:

– authentication algorithm A3;

– encryption algorithm A5;

– ciphering key generating algorithm A8;

– individual subscriber authentication key Ki;

– ciphering key Kc;

– ciphering key sequence number;

– TMSI.

The mobile station generates and stores:

– ciphering key Kc.

– ciphering key Kc₁₂₈ (if a 128-bit ciphering algorithm is used).

The mobile station receives and stores:

– ciphering key sequence number;

– TMSI;

– LAI.

B.2.5 Authentication Centre (AuC)

In the authentication centre are implemented:

– authentication algorithm(s) A3;

– ciphering key generating algorithm(s) A8.

The secret individual authentication keys Ki of each subscriber are stored in an authentication centre.

Annex C (normative):
External specifications of security related algorithms