What algorithm is utilized for key generation in GSM networks?

The key generation algorithm used in the GSM system is known as the A8 algorithm.

Most GSM network operators utilize the a version of the COMP128 algorithm as the implementation of the A8 algorithm.

A8's task is to generate the 64-bit Session Key (Kc), from the 128-bit random challenge (RAND) received from the Mobile Services Switching Center (MSC) and from the 128-bit Individual Subscriber Authentication Key (Ki) from the Mobile Station's Subscriber Identity Module (SIM) or the Home Location Register (HLR).

One Session Key (Kc) is used until the MSC decides to authenticate the MS again. This might take days.

A8 actually generates 128 bits of output. The last 54 bits of those 128 bits form the Session Key (Kc). Ten zero-bits are appended to this key before it is given as input to the A5 algorithm.

The A8 algorithm is implemented in the Subscriber Identity Module (SIM).

GSM Security FAQ

• How is encryption utilized in GSM?
• What algorithm is utilized for authentication in GSM networks?
• What algorithm is utilized for encryption in GSM networks?
• What algorithm is used for key generation in GSM networks?
• What are the components of a GSM network
• What are Ki, Kc, RAND, and SRES?
• How do Authentication and Key generation work in a GSM network?
• Have the A3 and A8 algorithms been broken?
• Have the A5 algorithms been broken?
• What are locking and unlocking?
• What is an IMEI?
• How can I find my IMEI?
• What is an IMSI?
• What is a TIMSI?
• What are the PIN and PUK?
• How do I change my PIN and PUK?
• How do I use CallerID?
• What is a Subscriber Identity Module (SIM)?