Simple and powerfull GSM + LTE Authentication Calculator: TUAK
, Milenage, COMP128-1, 2, 3, Xor
Visualyze and Analyze all APDUs between handset and RUIM, (U)SIM
All you need to work with SIM, USIM, R-UIM card: build card tree, read, write, export
GSM 03.48 compliant solutions for Over-The-Air campaign
DES, 3DES, AES, MD5, and other encryptions and hashes
Parse an ISO 7816-3 ATR online
A collection of Java Card projects in source
A simple tool to convert CAP files into IJC format
International Roaming Using CDMA
Courtesy of: CNP-Wireless
International roaming allows users of CDMA wireless phones to travel to a foreign country and enjoy many of the same services there that they can at home.
While there are still many challenges to obtain fully seamless international roaming, CDMA subscribers can enjoy some of the finest international roaming available. And, it will only get better in the future.
What is Roaming?
Roaming is the ability of a system to provide the same services to customers ('roamers') from other systems, even from other countries. This involves the resolution of a number of business and technical challenges. Some of the major services that can be provided are:
- The ability to make a call ('Mobile Origination'). While this sounds simple, this fundamental service requires a wireless system to verify that the customer's subscription is valid, that the phone is not stolen, that it is not illegally emulating another phone, and to ensure that the type of call being made is not restricted.
- The ability to receive a call ('Mobile Termination' or 'Call Delivery'). This is technically much more complex, and requires the roamer's phone to first register in the system in which it wishes to receive calls. This is done automatically, and causes an exchange of information over the SS7/ANSI-41 network to the home system. When a call comes in to the home system it already knows where the mobile is, and can route a call to it.
- Inter-system handoff. This allows a mobile call to continue uninterrupted when the mobile crosses the boundary between two cellular systems.
- Short Message Service. When an SMS message comes in to the home system it will be forwarded to the mobile, wherever it is.
- Calling Name/Number Presentation. When receiving a call, the number of the caller or even their name will be displayed on their handset.
- International dialing. Some phones provide a "+" key or equivalent menu option that makes it easy to place an international call without knowing the local access number.
What Makes CDMA Roaming Work?
A standard known as ANSI-41 (aka TIA/EIA-41 or IS-41) provides roaming services for AMPS and CDMA systems. It is a good example of a Mobile Application Protocol (MAP), which is a high-level protocol that allows major elements of the wireless network to communicate. The major network elements are:
- Base Station. Contains the radio equipment for one or more cells.
- MSC (Mobile Switching Center). Connects mobiles to other mobiles or to phones in the telephone network or on other cellular systems.
- HLR (Home Location Register). Contains information about a subscription, including the types of services which are to be provided.
- AC (Authentication Center). Contains cryptographic information that allows the network to determine that a mobile is valid. Usually contained within an HLR.
- MC (Message Center). Stores and forwards short messages.
Some of the more important roaming capabilities that are provided by ANSI-41 are:
- Authentication, Registration and Location Management
- Call Delivery
- Short Message Service (SMS)
- Mobile Originations
Internationalization of ANSI-41
ANSI-41 is often criticized for its international roaming capabilities. This was a valid criticism in the mid-1990's, but since then ANSI-41 has been upgraded with international roaming capabilities that make it fully equivalent with GSM. Some of the capabilities that have been added are:
- Support for international digit strings in IS-41 Revision C (1996)
- Support for International Mobile Subscription Identifiers (IMSI) in TIA/EIA/IS-751 (1998).
- Assignment of International Roaming MIN's by IFAST (1998).
- Support for SS7 global titles in TIA/EIA/IS-807 (1999).
- Enhancements for calling number identification, '+' code dialing and callback (2001).
Although the roaming capabilities of ANSI-41 and GSM are largely comparable, there are some ways in which ANSI-41 is superior:
- Call forward no-answer/busy can be handled more efficiently by ANSI-41 systems. Calls are forwarded from the home system, with the connection to the serving system being released. GSM systems forward from the serving system, often resulting in calls looping from home system to serving system and back to the home system.
- Inter-system handoff is supported more efficiently in ANSI-41. It is performed directly by neighboring MSC's, without requiring a special gateway MSC, as in GSM.
- ANSI-41 supports mobiles that can operate in multiple technologies (e.g. analog and CDMA).
- Authentication of mobiles can be done locally. In GSM authentication calculations must be performed by the AC, requiring one transfer of authentication data for every call. In practice, GSM carriers often avoid this, which reduces the level of security that their systems provide.
What is SS7?
Telephony networks contain many highly computerized elements, that need to communicate by sending messages. This is known as signaling. SS7 (Signaling System Number 7) is a digital signaling system that connects the telephony network together. It has largely replaced older, tone-based signaling systems, particularly in the core network. SS7 is ideally suited for transporting ANSI-41 messages. It has the ability to transport messages between any two points on the network (e.g. between an MSC and an HLR) quickly, reliably and because it is purely packet oriented, without setup delay. SS7 messages are addressed either by point-code (a unique numeric address assigned to every telephony network) or by global title (use of a telephony-oriented address, such as a calling card number, IMSI or phone number). The point-code corresponds to the IP address on the internet (it even has a subsystem number that corresponds to the port number used by TCP and other higher-level IP protocols) and the global title corresponds to a domain name.
Most ANSI-41 networks either use the ANSI SS7 network, or have a method of directly addressing ANSI point codes. Use of global titles is a future development.
Roaming with GSM
The other major network standard in the world is the GSM MAP, that supports the GSM radio interface. GSM roaming is usually done with a SIM, a Subscriber Identity Module, also known as UIM or 'Smart Card'. Originally, the SIM was credit-card sized, but now it is just a computer chip packaged so that it can be safely removed. Roaming with a SIM requires removing it from your phone at home and then placing it in a rented phone at your destination. Because your subscription identity (IMSI) is on the SIM, billing will be to the same account. Taking your phone would seem to be more convenient, but is not possible if the destination country uses different frequencies, or even requires different plugs or voltages for your charger.
Many CDMA companies are implementing SIM-roaming with GSM systems, or even putting a SIM in their own phones. If a CDMA phone does not support a SIM, the CDMA carrier can still provide them to their customers for use when they roam in countries that only support GSM systems.
No system is perfect, and although ANSI-41 international roaming provides a high level of service, there are still has some improvements that should be made. Most of these have already been incorporated in standards, but still remain to be implemented by carriers. Some of the major future challenges for this network are:
- Transition to global title. This will simplify routing between network elements in different countries. Current international roaming systems work well, but cannot use standard international SS7 signaling gateways.
- International TLDN (Temporary Local Directory Number). This is very important to routing and should be an internationally formatted phone number, as allowed by IS-41-C and TIA/EIA-41-D. The use of national numbers requires some complex digit translations.
- Transition to IMSI (International Mobile Station Identity). The use of IMSI will allow each country to assign identifiers to its mobile phones independently. The use of the IRM (International Roaming MIN) requires coordination of each block of one million mobile identifiers through the International Forum on ANSI-41 Standards Technology (IFAST) organization.
- Roaming with GSM. Several groups are working at improving the services that can be provided to subscribers who roam from a CDMA area, including the GSM Global Roaming Forum (GGRF) G-95 group. This involves interworking of signaling (ANSI-41 and GSM MAP's) as well as billing issues and many business and implementation issues.
How did ANSI-41 Evolve?
ANSI-41 has grown incrementally through a number of major revisions. Between each revision a number of application-specific interim standards (IS's) have been produced. The major revisions are:
- 1983 - AMPS analog cellular started commercial service as standalone systems in Chicago and Washington/Baltimore. It quickly spread throughout the US, into Canada and into other countries. This provided a single standard cellular protocol while Europe had a large number of incompatible standards, each available in only a handful of countries.
- 1988 - IS-41 Rev. 0 provided inter-system handoff and subscriber validation capabilities. These capabilities were not, in the grand scheme of things, all that important. What was important was that inter-system operations were a reality. They worked and worked well. This standard was published in 1988 and the first field trials were in 1989.
- 1991 - IS-41 Rev. A added true networking, through the use of SS7 protocols, and the all-important capabilities of location management (letting the HLR know where a mobile is), call delivery, subscriber validation and profile transfer. It was published in January, 1991.
- 1991 - IS-41 Rev. B was an incremental release over Revision A. The most important advance was to add forward/backward compatibility capabilities to ensure that a mixture of revision levels could co-exist. This was published in December, 1991 and is still in widespread use in systems that just did basic roaming capabilities - making and receiving calls.
- 1993 - The first CDMA digital standard (IS-95 Revision 0) was published. IS-41 was quickly adapted to provide support for CDMA systems. Although there were now two different digital systems in North America (CDMA and TDMA), nationwide coverage was ensured by dual-mode analog/digital phones, with seamless roaming provided by IS-41.
- 1996 - IS-41 Rev. C was a major advance over previous revisions, including the ability to incorporate 'Intelligent Network'-like capabilities. This allows the development of services such as PBX-dialing extended worldwide. By querying the HLR, an MSC anywhere can translate an office extension into the real telephone number on a subscriber-by-subscriber basis. Itwas published in 1996. This version incorporated further support for CDMA digital systems.
- 1997 - TIA/EIA-41 Rev. D was the first version to be approved by ANSI. It included only incremental improvements over IS-41-C. It was published in 1997.
- 2002 - TIA/EIA-41 Rev. E is nearing completion. Several parts of this very large standard are already being balloted. It further extends the international capabilities of ANSI-41. It includes many enhancements, but notably incorporates IS-751 (IMSI) and IS-807 (global title recommendations), as well as the Wireless Intelligent Network (WIN), Calling Name presentation, data services, over-the-air programming and other capabilities that are currently available as separate IS documents
- 2002/3 - TIA/EIA-41 Rev. F is being planned. It is likely that this will have enhancements to support better interworking with GSM, packet data support and location-based services.
About the Author
David Crowe is the editor of Cellular Networking Perspectives and Wireless Security Perspectives, monthly technical bulletins available by subscription. He is a well known wireless standards consultant, and is a columnist for the Canadian Wireless Telecommunications Association's magazine Wireless Telecom.