On Saturday, October 13, 2001, at 01:54 , Ben Hutchings wrote:
> On Fri, Oct 12, 2001 at 06:49:42PM +0900, Benjamin Kowarsch wrote:
> <snip>
>> What's interesting about the "visited network charges" model is that a
>> network does not rely on any other network to support the scheme (at
>> least that's the case with ZEBRA). The network that deploys wins a
>> competitive advantage in their country by fetching business from
>> tourists. On the other hand, they have no guarantee that if they hold
>> back that another network elsewhere or one of their competitors will
>> not
>> deploy either.
> <snip>
>
> If I understand the GSM authentication and encryption protocols
> correctly
> then it is impossible for a visited network to authenticate a visiting
> handset or even to generate the correct keystreams for encryption and
> decryption without the cooperation of the home network. (They could
> do a
> weak kind of authentication by using the same challenge every time and
> checking that the response matches the one received when the account was
> created, but that doesn't solve the keystream problem.) So a network
> operator could threaten to withdraw such cooperation from other
> operators if
> they use ZEBRA.
1) if they did that, then they would instantly loose their roaming
income from traditional roaming with that network as all their roamers
could not roam anymore in that network. Reason being that they can only
switch off all or nothing.
2) ZEBRA includes an alternative authentication system called Secure
Visitor Authentication (SVA) which is based on public key encryption and
allows the visited network to authenticate the handset directly for the
duration of the visit.
rgds
BK
[ Need archives? How to unsubscribe? http://www.appelsiini.net/keitai-l/ ]
Received on Fri Oct 12 20:00:43 2001