AIR (Authentication Information Request)

Last updated on Feb 24, 2023

Authentication Information Request (AIR) is a protocol used by mobile network operators (MNOs) to authenticate and authorize users accessing their network. The protocol is part of the 3GPP (Third Generation Partnership Project) specifications for the Universal Mobile Telecommunications System (UMTS) and its successor, Long-Term Evolution (LTE) networks. In this article, we will explain the concept of AIR in detail.

Introduction to AIR

When a mobile device attempts to connect to a mobile network, the network must authenticate and authorize the user before allowing access. Authentication is the process of verifying the user's identity, while authorization is the process of verifying that the user is allowed to access the network resources they are requesting.

In the case of mobile networks, authentication and authorization are performed by a protocol known as the Authentication and Key Agreement (AKA) protocol. The AKA protocol involves a series of messages exchanged between the mobile device and the network to establish a shared secret key that is used to encrypt and decrypt communication between the two.

One of the messages exchanged during the AKA protocol is the Authentication Information Request (AIR) message. The AIR message is sent by the mobile device to the network to request authentication and authorization.

The AIR message contains the following information:

The International Mobile Subscriber Identity (IMSI) of the mobile device
A random number generated by the mobile device, known as the challenge
The network name

The network uses the IMSI to look up the subscriber's authentication information in its database. The challenge is used to create a unique response that is sent back to the mobile device. The response is encrypted using the shared secret key established during the AKA protocol.

AIR Messages in Detail

The AIR message is part of the AKA protocol and is used to initiate the authentication and authorization process. The message contains the following elements:

The International Mobile Subscriber Identity (IMSI)
The network name
A random number generated by the mobile device, known as the challenge

The IMSI is a unique identifier for each mobile device and is used to look up the subscriber's authentication information in the network's database. The network name is included in the message to indicate which network the mobile device is attempting to connect to.

The challenge is a random number generated by the mobile device and is used to create a unique response that is sent back to the mobile device. The response is encrypted using the shared secret key established during the AKA protocol.

Once the network receives the AIR message, it verifies the IMSI and looks up the subscriber's authentication information in its database. The network then creates a response to the challenge by performing a series of calculations using the authentication information and the challenge.

The response is encrypted using the shared secret key established during the AKA protocol and is sent back to the mobile device.

Security Measures in AIR

The AIR message is part of the AKA protocol, which is designed to provide secure authentication and authorization for mobile devices accessing mobile networks. The AKA protocol uses several security measures to ensure the security of the communication between the mobile device and the network.

One of the key security measures used in the AKA protocol is the use of a shared secret key. The shared secret key is established during the AKA protocol and is used to encrypt and decrypt communication between the mobile device and the network. The shared secret key is only known to the mobile device and the network, and is never transmitted over the air. This ensures that even if an attacker intercepts the communication between the mobile device and the network, they will not be able to decipher the messages.

Another security measure used in the AKA protocol is the use of challenge-response authentication. The mobile device sends a random challenge to the network, which is used to create a unique response that is sent back to the mobile device. The response is encrypted using the shared secret key, which ensures that only the mobile device can decrypt it. This prevents attackers from intercepting and replaying previous authentication messages to gain unauthorized access to the network.

In addition to these measures, the AKA protocol also uses mutual authentication, which ensures that both the mobile device and the network authenticate each other before allowing access to the network. This helps prevent attacks such as man-in-the-middle attacks, where an attacker intercepts and alters the communication between the mobile device and the network.

Conclusion

In conclusion, the Authentication Information Request (AIR) message is a crucial part of the Authentication and Key Agreement (AKA) protocol used by mobile network operators (MNOs) to authenticate and authorize mobile devices accessing their network. The AIR message contains the International Mobile Subscriber Identity (IMSI), the network name, and a random challenge generated by the mobile device.

The network uses the IMSI to look up the subscriber's authentication information in its database, and creates a response to the challenge by performing a series of calculations. The response is encrypted using the shared secret key established during the AKA protocol and is sent back to the mobile device.

The mobile device receives the response, decrypts it using the shared secret key, and sends it back to the network. The network verifies the response and, if it is valid, authorizes the mobile device to access the network. The AKA protocol uses several security measures to ensure the security of the communication between the mobile device and the network, including the use of a shared secret key, challenge-response authentication, and mutual authentication.