Pass authentication process

[morningboy]

Hi,

in GSM/GPRS architecture, there is authentication process prior to use Operator's GSM Services. Is there any chance to pass the authentication process by configuring the hardware or something ?.

Maybe the one who work in tellecommunication field can answer this.

Thanks

[DRNewcomb]

Quote:

Originally Posted by morningboy

in GSM/GPRS architecture, there is authentication process prior to use Operator's GSM Services. Is there any chance to pass the authentication process by configuring the hardware or something ?.

The authentication requires that the SIM provide a proper answer to a semi-random query sent by the home network. The code used to provide the response is known only to the home network operator. I would not like to speculate if it is possible to spoof or not but I'm sure that too many false responses will result in the account being blocked.

[morningboy]

Quote:

Originally Posted by morningboy

Hi,

in GSM/GPRS architecture, there is authentication process prior to use Operator's GSM Services. Is there any chance to pass the authentication process by configuring the hardware or something ?.

Maybe the one who work in tellecommunication field can answer this.

Thanks

Hi,

in GSM/GPRS architecture, there is authentication process prior to use Operator's GSM Services. Is there any chance to pass the authentication process by configuring the hardware or something ?.

authentication what i mean is Real authentication between Mobile Station and MSC/SGSN with RAND, Kc, Ki, SRES method. So the MSC/SGSN accept directly my MObile Station (Phone) without ask any authentication.

I know this is unsecure, but can we actually do it ?. by configuring MSC hardware or SGSN hardware maybe ?

Maybe the one who work in tellecommunication field can answer this.

Thanks

[DRNewcomb]

Quote:

Originally Posted by morningboy

I know this is unsecure, but can we actually do it ?. by configuring MSC hardware or SGSN hardware maybe ?

I'm not sure I really understand your question. I will assume that you are not looking for a way to scam the system. Once upon a time someone developed a form of roaming called "Zebra". The idea was that a visitor could register his existing SIM with a local carrier for temporary roaming. After paying he would receive call credit and a local number. This would allow him to place and receive calls but it had very poor security because the SIM number was all that was used for authentication. The idea, as I remember, was that getting a temporary local account would not involve the cost of buying a SIM. I could be wrong on this. It's been a very long time. Maybe someone else recalls the details.