OP: Operator Code : It is allotted to an operator and used in key generation algorithms of 3G and 4G. It is not shown as a part of input, because it is not specific to a user/Subscriber/SIM. It remains fix for all Subscriber/SIM of an operator that is why it is not used as an input to key generation algorithms. This OP (a 128-bits Operator
Variant Algorithm Configuration Field )value is passed to an encryption algorithm ("RijndaelEncrypt") to generate OPc and OPc is used in all f1,f2,f3,f4,f5 functions internally to generate various keys.
As OP value is single, same to all subscriber/SIM. If someone knows it then there can be a possibility of spoofing of all SIM, because all SIMs are using the same value of OP. So Operator come up with the solution that they shall provision OPc rather than OP in AuC or HLR/HSS. When f1,f2....f5 get the OPc they doesn't generate it from OP; received OPC is used in vector generation. There is no reverse engineering for OP from OPC.
Basically OPc was the ultimate key that is generated from OP and KEy (secret Key) by using ("RijndaelEncrypt") algorithm which is specific to SIM. if some one able to theft OPc then it can spoof only single SIM not all the SIMs.
OPc=Encypt-Algo(OP,Key)
OPc -[128 Bits]
OPc -[128 Bits]
Transport Key (64-Bits) : This key is used as a Lock to KEY (secret key) and OPc. When authentication credentials are to be provisioned at AuC or HLR/HSS; then they are provisioned in encrypted form rather then plain and this encryption is done by Transport Key.
When authentication credentials are to be used in Authentication Generation then; all fields are decrypted to plain key by transport key; and now plain key is used f1,f2,f3,f4,f5 algorithms.
Encypted-Key= Encypt-Algo(Plain-Key,Trans-Key)
General Procedure is as follow:
1) Plain Keys /OPC are in-Fused in SIM.
2) Now Vendor shall Encrypt KEY and OPC with Transport Key.
3) Encrypted Data to be given to Operator's AuC and Operator provision at AuC
4) AuC Stores Encrypted data.
5) Request for Authentication Comes from network; Now AuC generates Plain Key using Transport Key before generating Authentication Vectors.
Your Comments /Suggestions and Questions are always welcome.we would try to clarify your doubts with best of our knowledge. So feel free to put Query.
Your Comments /Suggestions and Questions are always welcome.we would try to clarify your doubts with best of our knowledge. So feel free to put Query.
Thanks for the information. Can you elaborate about the algorithm for generation of OPC from OP and K.
ReplyDeleteA standard algorithm Milenage shall be applied to compute OPC.
Delete3gpp-35206 have implementation of it
Thanks for your query.
Happy to help you again.
Team-Diameter
Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Now
Delete>>>>> Download Full
Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download LINK
>>>>> Download Now
Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Full
>>>>> Download LINK op
How long is the Operator Code (OP)?
ReplyDeleteWho assigns the OP?
Hi Dave,
DeleteOperator Code (OP) is 128 bit long.
It is left to each operator to select a value for OP.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hello, can you help me of how to find the OP and OPC codes please?
DeleteThank you.
Hi Pat,
DeleteWe are not able to understand your question. From where you want to find. It is available with Operator only.
Thanks for your query.
Happy to help you again
Hi Team D;
ReplyDeleteplease how long is the A4 Key. is it mondatory to be config to 32 HEX ?
Hi mohamed Hathat,
DeleteWill please elaborate on A4 key, because we have first time came across this key name in authentication.
Thanks for your query.
Happy to help you again.
Team-Diameter
A4Key is ana lterntive name of Transport Key
DeleteThanks Omer
DeleteRegards,
Team-Diameter
@ mohamed Hathat
DeleteLength of A4 key is decided by vendor because A4 key is not transported over the Network.
Main purpose to hide PLAIN KEYs.
Thanks for your query.
Team-Diameter
@ All,
DeleteThis A4 key is never transported but instead of this its index value is used. For example: A telecom company have 5 sim vendor. Each vendor may use different A4 keys. Telecom company and each vendor will share internally a list in which A4 KEYS and index value linking with the A4 key. So if index 01 represent a A4 key value(12AF4E4....) then both will be sharing information by using index 01.
Thank you Ashish Jain for elaborating concept.
DeleteTeam-Diameter
This comment has been removed by the author.
ReplyDeleteHi Njiva
DeleteThanks for your query.
But why do you need OP and Transport Key?
[Because it is not human readable data, not like profile and very confidential, doesn't come in picture in day to day things. It would help us to provide you better solution, if we know purpose behind knowing OP and Transport Key]
OP and A4 are stored in two places, first HSS/HLR and other is SIM. Either you can get it from HSS vendor who is provisioning the subscriber in Database or SIM vendor who has infused authentication credential in SIM. Because exactly same values are stored at both place.
****Best way is to ask your SIM vendor to send some fresh SIMs with already shared credentials then Vendor shall give you Fresh SIMs along with all authentication Credentials such as KEY, OP/OPC, AMF, IMSI, ICCID etc.*****
By giving new OP and A4 key to already provisioned subscriber doesn't work.
Creating New OP and Transport Key is very Easy Just give any value of 32HEX for OP and and Length of A4 key is decided by vendor/operator because A4 key is not transported over the Network.
Creating New KEYs wouldn't solve the purpose. Because it shall only apply to new SIM, you need to first share new KEYs to SIM vendor that shall infuse fresh authentication credentials to SIMs and then need to give these credentials to HSS/HLR vendor that might need to create new License (just for business purpose on name for providing security).
We hope our suggestion shall help you.
Happy to help you again.
Team-Diameter
Thanks for your prompt feedback.
DeleteWe have not receive any response from our SIM vendor then we are forced to create a new key.
Can you also explain your comments about *** best way....ICCID etc.***
Regards,
Njiva
Hi Njiva
DeleteWe have given above statement because we were not sure whether Ericsson is your SIM Vendor or HSS vendor. That's why we have given you a suggestion, To go to your SIM vendor. Usually SIM vendor is the first person with Authentication Credentials.
Do share any issue where we can precisely help you?
Thanks for your query.
Team- Diameter
Nice and Well explained
ReplyDeleteI have doubt,
ReplyDeleteLets consider there is a Operator A who has only 2G N/W. But has partnership with "Operator B" for 3G services. There is also an USIM card of operator A which can work in 2G as well as 3GN/W (mean both OPc and KI are loaded to the SIM card). If the user tries to latch with Operator B will the authentication happen as per 2G process or 3G process. If it is a 3G process then OP code will be saved in Operator A or at Operator B HSS?
Or if possible, can you explain, how the LU happens in case of partner N/W involved. it will be of great help.
DeleteDear avismad,
DeleteHSS is always been ONE in a network. And it is of home (Operator A) that is why it is called as HOME Subscriber Server (HSS).
All keys that used (including OP/OPc and Shared Key) are stored in HSS of operator who has issued the SIM.
Thanks for your query.
Happy to help you again.
Team-Diameter
Thanks a lot for the clarification.
DeleteCan a transport key (K4ID) be used for multiple SIM Vendors? Also let us know if there is any limitation/issue in transport key re-use.
ReplyDeleteHi Satish,
DeleteYou can use the same Transport Key for all vendors. Just think of main IDEA of using Transport key that is, Transport Key is used to Hide a plain key(Secret Key). If you feel all vendors should use the same key to encrypt data then you can use or you can have different Transport Key for different vendors.
It totally depend on your technical solution.
Thanks for your query.
Happy to help you again.
Team-Diameter
@all,
DeleteGenerally the vendors get more than one transport keys.Circle wise (state wise) they use them.
Thank you Ashish Jain for sharing real time implementation
DeleteTeam-Diameter
I have one query. Now a days few operators are storing the Ciphered Ki in the HSS. What exactly this ciphered Ki? whether the UE key i.e. K with some encryption is stored? It will be a great help if anyone can through some light on this and provide the specification info.
ReplyDeleteThere is no specification. it is up to vendor. Instead of storing plain key in database. it is good practice to use some encryption. So that if any unintended person got database dump, should not get transport key/any other plain stored key. So it is just extra security constraint.
DeleteHi,
ReplyDeleteCan anyone provide specification reference which describes the use of Transport Key/A4 Key. I could not find any spec for this and a quick help is really appreciated.
So if you wanted to set up a test bed, with a private EPC and a private eNodeB.
ReplyDeleteHow would you get a SIM card to work on your private network?
You have access to spectrum.
Hi Robert Ivers
DeletePlease explain to us what exactly you are looking for, In test setup there are various flexibility options are provided, even you can stop the authentication process.
following link shall be helpful
http://diameter-protocol.blogspot.in/p/telecom-authentication-process.html
Thanks for your query.
Happy to help you again
Team-Diameter
I have been tasked to fill a form for first ever batch of sim cards. I am CS Core Engineer but haven't had much experience in HLR/HSS. Been mainly tsaked with MSS/MGW. I am told to define Transport Key and OP Key.
ReplyDeletePlease let me know f there are specifics of these keys or I can pull out any from the back of my head. I want to know whether they are hex numbers, specific number length etc. Thanks.
Hi Basheer Chilungo
DeleteFollowing link shall help you for length of KEY and Hex value during authentication
http://diameter-protocol.blogspot.in/p/telecom-authentication-process.html
Feel free to revert.
Thanks for your query.
Happy to help you again.
Team-Diameter
I followed the link, only Transport Key is specified as 64bit but the OP is not specified.
ReplyDeleteHi Basheer,
DeleteThanks for helping us as we have not mentioned size of OP, as it is of 128-bits.
Thanks for your query.
Happy to help you again.
Team-Diameter
Very informative discussion
ReplyDeleteThank you for your information.
ReplyDeleteWell explain!
advise on the procedure of generation on OP/K4 and impact of having 2/3 Op/K4 in the network
ReplyDeleteHi
ReplyDeleteI try generate M2M sim profile. For network authentication I got OP and transport key from our customer. As an output they are expecting Opc and Ki. What is Ki exactly? Is it related to Milenage algorithm or something else?
Hi Nurullah Genc
DeleteMay be the case (Practically ) OPc is encrypted and that Ki is the key to encrypt or decrypt. Because Pain OPC is not shared in practical scenario to vendor/customer as explained above.
Your Customer/Vendor expects encrypted OPC value.
Thanks for your query.
Happy to help you again.
Team-Diameter
Hello, I am trying to understand how to use the SIMs from my original SIM vendor in nextEPC in my lab. A few years back we tested a ECP by Athonet. The SIMs do have a Tansport Key and I was able to make them work by loading in the Tansport Key. I am trying to make them work in NextEPC now and just can't figure out where to put the Tansport Key into the NextEPC hss. Anyone have any experience with NextECP or Freediameter?
ReplyDeleteHi Scott Foster,
DeleteSIM encryption usually be in purview of operator and sim vendor, their agreement of security process.
Thanks for your query.
Happy to help you again.
Team-Diameter
How do I generate OP/OPc as I only have KI (Secret Key) for T-Mobile Sim? I used KI 32 HEX code as the OP code also and it auto-generated an OPc code automatically in software but my new written sim shows up as China Mobile instead of T-Mobile.
ReplyDeleteHi
DeleteKindly cross check on OP code that you are using. because there are only 2 input to generate OP and Secret Key.
Thanks for your query.
Happy to help you again.
Team-Diameter
Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Now
ReplyDelete>>>>> Download Full
Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download LINK
>>>>> Download Now
Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Full
>>>>> Download LINK Wz
thnks
ReplyDeleteHi
ReplyDeleteHope You Are Doing Well!
i want to clone my sim card i have physical acces of my sim card i have (KI Key) IMSI,ICCID,PIN,PUK and sim card reader or writer but i can't clone my sim card because i don't know the right method of sim card cloning...
i humbly request to you please tell me how to clone 4G Sim Card In Pakistan?
I'm very thankful to you
please reply how to clone 4G sim card
ReplyDeleteHi Team,
ReplyDeleteCan someone help in enabling the encryption using Transport Key . May be a process or technology should be used from code perspective. I have a requirement to encrypt the SIMs using Transport Key
Hii Guys..
ReplyDeleteI see your blog, your blog is very impressive. and it is very useful for my project. I have more Details of this Sim Card Series. Click below.
Sim Card Adapter
Hello,
ReplyDeleteI am seeking assistance with the generation of keys for a SIM card operator. The operator has provided a K4-ID value of xxx (e.g., 135) and an OP-ID value of xxx (like 335). I would like to know the process of generating OP (128-bit) and K4 (256-bit) based on the provided data. Additionally, I would like to determine if the provided data can be used for generating OP and K4. Finally, I need assistance in obtaining OPC and EKI for my SIM cards.
Thank you for your help.
Hi @Simon,
DeleteWe hope specification 3gpp 35.206 and 35.205 shall help you.
Thanks for your query.
Happy to help you again.