The full form of GSM was Groupe Special Mobile, but this abbreviation has been changed to be known as Global System for Mobile Communications. The group that made the decision to do this and the group that controls the promotion of the GSM standard are interestingly called the GSM Association.
Security provided by GSM
The limitation of security in cellular communications is the result of the fact that all cellular communications are wirelessly transmitted and pose a threat from eavesdroppers with appropriate receivers. With this in the account, security controls were integrated into GSM, making the system as secure as the public switched telephone network. The security functions are as follows.
This means that it is not easy to track users of the system. According to Srinivas (2001), when a new GSM subscriber calls for the first time, IMSI (real identity) is used and Temporary Mobile Subscriber Identity (TMSI) is issued. Subscribers are always in the forward direction from that time on. The use of this TMSI prevents the GSM user’s perception by potential eavesdroppers.
After verifying the identity of the owner of the smart card, decide whether the mobile station is allowed on a specific network. Network authentication is done in response and challenge methods. A random 128-bit number (RAND) is generated by the network and transmitted to the mobile.
User data and signaling protection
Srinivas (2001) states that GSM uses cryptographic keys to protect both user data and signaling. After authenticating the user, the A8 encryption key generation algorithm (stored in the SIM card) is used. If RAND and Ki are input, the encryption key Kc is transmitted. This Kc (54 bits) is used with the A5 encryption algorithm to encrypt or decrypt the data. This algorithm is included in the mobile phone’s hardware to encrypt and decrypt data during roaming.