Usage of OP/OPc and Transport Key

OP: Operator Code : It is allotted to an operator and used in key generation algorithms of 3G and 4G. It is not shown as a part of input, because it is not specific to a user/Subscriber/SIM. It remains fix for all Subscriber/SIM of an operator that is why it is not used as an input to key generation algorithms. This OP (a 128-bits Operator Variant Algorithm Configuration Field )value is passed to an encryption algorithm ("RijndaelEncrypt") to generate OPc and OPc is used in all f1,f2,f3,f4,f5 functions internally to generate various keys.

As OP value is single, same to all subscriber/SIM. If someone knows it then there can be a possibility of spoofing of all SIM, because all SIMs are using the same value of OP. So Operator come up with the solution that they shall provision OPc rather than OP in AuC or HLR/HSS. When f1,f2....f5 get the OPc they doesn't generate it from OP; received OPC is used in vector generation. There is no reverse engineering for OP from OPC.

Basically OPc was the ultimate key that is generated from OP and KEy (secret Key) by using  ("RijndaelEncrypt") algorithm which is specific to SIM. if some one able to theft OPc then it can spoof only single SIM not all the SIMs.

OPc=Encypt-Algo(OP,Key)
OPc -[128 Bits]

Transport Key (64-Bits) : This key is used as a Lock to KEY (secret key) and OPc. When authentication credentials are to be provisioned at AuC or HLR/HSS; then they are provisioned in encrypted form rather then plain and this encryption is done by Transport Key. 
When authentication credentials are to be used in Authentication Generation then; all fields are decrypted  to plain key by transport key; and now plain key is used f1,f2,f3,f4,f5 algorithms.

Encypted-Key= Encypt-Algo(Plain-Key,Trans-Key)



General Procedure is as follow:
1) Plain Keys /OPC are in-Fused in SIM.
2) Now Vendor shall Encrypt KEY and OPC with Transport Key.
3) Encrypted Data to be given to Operator's AuC and Operator provision at AuC
4) AuC Stores Encrypted data.
5) Request for Authentication Comes from network; Now AuC generates Plain Key using Transport Key before generating Authentication Vectors.



Your Comments /Suggestions and Questions are always welcome.we would try to clarify your doubts with best of our knowledge. So feel free to put Query.

53 comments:

  1. Thanks for the information. Can you elaborate about the algorithm for generation of OPC from OP and K.

    ReplyDelete
    Replies
    1. A standard algorithm Milenage shall be applied to compute OPC.
      3gpp-35206 have implementation of it

      Thanks for your query.

      Happy to help you again.
      Team-Diameter

      Delete
    2. Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Now

      >>>>> Download Full

      Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download LINK

      >>>>> Download Now

      Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Full

      >>>>> Download LINK op

      Delete
  2. How long is the Operator Code (OP)?

    Who assigns the OP?

    ReplyDelete
    Replies
    1. Hi Dave,

      Operator Code (OP) is 128 bit long.
      It is left to each operator to select a value for OP.

      Thanks for your query.

      Happy to help you again.
      Team-Diameter

      Delete
    2. Hello, can you help me of how to find the OP and OPC codes please?

      Thank you.

      Delete
    3. Hi Pat,

      We are not able to understand your question. From where you want to find. It is available with Operator only.


      Thanks for your query.
      Happy to help you again

      Delete
  3. Hi Team D;

    please how long is the A4 Key. is it mondatory to be config to 32 HEX ?

    ReplyDelete
    Replies
    1. Hi mohamed Hathat,

      Will please elaborate on A4 key, because we have first time came across this key name in authentication.


      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
    2. A4Key is ana lterntive name of Transport Key

      Delete
    3. Thanks Omer


      Regards,
      Team-Diameter

      Delete
    4. @ mohamed Hathat

      Length of A4 key is decided by vendor because A4 key is not transported over the Network.

      Main purpose to hide PLAIN KEYs.


      Thanks for your query.
      Team-Diameter

      Delete
    5. @ All,

      This A4 key is never transported but instead of this its index value is used. For example: A telecom company have 5 sim vendor. Each vendor may use different A4 keys. Telecom company and each vendor will share internally a list in which A4 KEYS and index value linking with the A4 key. So if index 01 represent a A4 key value(12AF4E4....) then both will be sharing information by using index 01.

      Delete
    6. Thank you Ashish Jain for elaborating concept.

      Team-Diameter

      Delete
  4. This comment has been removed by the author.

    ReplyDelete
    Replies
    1. Hi Njiva

      Thanks for your query.

      But why do you need OP and Transport Key?

      [Because it is not human readable data, not like profile and very confidential, doesn't come in picture in day to day things. It would help us to provide you better solution, if we know purpose behind knowing OP and Transport Key]


      OP and A4 are stored in two places, first HSS/HLR and other is SIM. Either you can get it from HSS vendor who is provisioning the subscriber in Database or SIM vendor who has infused authentication credential in SIM. Because exactly same values are stored at both place.

      ****Best way is to ask your SIM vendor to send some fresh SIMs with already shared credentials then Vendor shall give you Fresh SIMs along with all authentication Credentials such as KEY, OP/OPC, AMF, IMSI, ICCID etc.*****

      By giving new OP and A4 key to already provisioned subscriber doesn't work.

      Creating New OP and Transport Key is very Easy Just give any value of 32HEX for OP and and Length of A4 key is decided by vendor/operator because A4 key is not transported over the Network.

      Creating New KEYs wouldn't solve the purpose. Because it shall only apply to new SIM, you need to first share new KEYs to SIM vendor that shall infuse fresh authentication credentials to SIMs and then need to give these credentials to HSS/HLR vendor that might need to create new License (just for business purpose on name for providing security).


      We hope our suggestion shall help you.

      Happy to help you again.
      Team-Diameter

      Delete
    2. Thanks for your prompt feedback.
      We have not receive any response from our SIM vendor then we are forced to create a new key.
      Can you also explain your comments about *** best way....ICCID etc.***

      Regards,
      Njiva

      Delete
    3. Hi Njiva

      We have given above statement because we were not sure whether Ericsson is your SIM Vendor or HSS vendor. That's why we have given you a suggestion, To go to your SIM vendor. Usually SIM vendor is the first person with Authentication Credentials.

      Do share any issue where we can precisely help you?

      Thanks for your query.
      Team- Diameter

      Delete
  5. I have doubt,

    Lets consider there is a Operator A who has only 2G N/W. But has partnership with "Operator B" for 3G services. There is also an USIM card of operator A which can work in 2G as well as 3GN/W (mean both OPc and KI are loaded to the SIM card). If the user tries to latch with Operator B will the authentication happen as per 2G process or 3G process. If it is a 3G process then OP code will be saved in Operator A or at Operator B HSS?

    ReplyDelete
    Replies
    1. Or if possible, can you explain, how the LU happens in case of partner N/W involved. it will be of great help.

      Delete
    2. Dear avismad,

      HSS is always been ONE in a network. And it is of home (Operator A) that is why it is called as HOME Subscriber Server (HSS).

      All keys that used (including OP/OPc and Shared Key) are stored in HSS of operator who has issued the SIM.

      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
    3. Thanks a lot for the clarification.

      Delete
  6. Can a transport key (K4ID) be used for multiple SIM Vendors? Also let us know if there is any limitation/issue in transport key re-use.

    ReplyDelete
    Replies
    1. Hi Satish,

      You can use the same Transport Key for all vendors. Just think of main IDEA of using Transport key that is, Transport Key is used to Hide a plain key(Secret Key). If you feel all vendors should use the same key to encrypt data then you can use or you can have different Transport Key for different vendors.

      It totally depend on your technical solution.


      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
    2. @all,
      Generally the vendors get more than one transport keys.Circle wise (state wise) they use them.

      Delete
    3. Thank you Ashish Jain for sharing real time implementation

      Team-Diameter

      Delete
  7. I have one query. Now a days few operators are storing the Ciphered Ki in the HSS. What exactly this ciphered Ki? whether the UE key i.e. K with some encryption is stored? It will be a great help if anyone can through some light on this and provide the specification info.

    ReplyDelete
    Replies
    1. There is no specification. it is up to vendor. Instead of storing plain key in database. it is good practice to use some encryption. So that if any unintended person got database dump, should not get transport key/any other plain stored key. So it is just extra security constraint.

      Delete
  8. Hi,
    Can anyone provide specification reference which describes the use of Transport Key/A4 Key. I could not find any spec for this and a quick help is really appreciated.

    ReplyDelete
  9. So if you wanted to set up a test bed, with a private EPC and a private eNodeB.
    How would you get a SIM card to work on your private network?
    You have access to spectrum.

    ReplyDelete
    Replies
    1. Hi Robert Ivers

      Please explain to us what exactly you are looking for, In test setup there are various flexibility options are provided, even you can stop the authentication process.


      following link shall be helpful
      http://diameter-protocol.blogspot.in/p/telecom-authentication-process.html


      Thanks for your query.
      Happy to help you again
      Team-Diameter

      Delete
  10. I have been tasked to fill a form for first ever batch of sim cards. I am CS Core Engineer but haven't had much experience in HLR/HSS. Been mainly tsaked with MSS/MGW. I am told to define Transport Key and OP Key.
    Please let me know f there are specifics of these keys or I can pull out any from the back of my head. I want to know whether they are hex numbers, specific number length etc. Thanks.

    ReplyDelete
    Replies
    1. Hi Basheer Chilungo


      Following link shall help you for length of KEY and Hex value during authentication

      http://diameter-protocol.blogspot.in/p/telecom-authentication-process.html

      Feel free to revert.

      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
  11. I followed the link, only Transport Key is specified as 64bit but the OP is not specified.

    ReplyDelete
    Replies
    1. Hi Basheer,

      Thanks for helping us as we have not mentioned size of OP, as it is of 128-bits.


      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
  12. Thank you for your information.
    Well explain!

    ReplyDelete
  13. advise on the procedure of generation on OP/K4 and impact of having 2/3 Op/K4 in the network

    ReplyDelete
  14. Hi

    I try generate M2M sim profile. For network authentication I got OP and transport key from our customer. As an output they are expecting Opc and Ki. What is Ki exactly? Is it related to Milenage algorithm or something else?

    ReplyDelete
    Replies
    1. Hi Nurullah Genc

      May be the case (Practically ) OPc is encrypted and that Ki is the key to encrypt or decrypt. Because Pain OPC is not shared in practical scenario to vendor/customer as explained above.

      Your Customer/Vendor expects encrypted OPC value.


      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
  15. Hello, I am trying to understand how to use the SIMs from my original SIM vendor in nextEPC in my lab. A few years back we tested a ECP by Athonet. The SIMs do have a Tansport Key and I was able to make them work by loading in the Tansport Key. I am trying to make them work in NextEPC now and just can't figure out where to put the Tansport Key into the NextEPC hss. Anyone have any experience with NextECP or Freediameter?

    ReplyDelete
    Replies
    1. Hi Scott Foster,

      SIM encryption usually be in purview of operator and sim vendor, their agreement of security process.

      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
  16. How do I generate OP/OPc as I only have KI (Secret Key) for T-Mobile Sim? I used KI 32 HEX code as the OP code also and it auto-generated an OPc code automatically in software but my new written sim shows up as China Mobile instead of T-Mobile.

    ReplyDelete
    Replies
    1. Hi

      Kindly cross check on OP code that you are using. because there are only 2 input to generate OP and Secret Key.


      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
  17. Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Now

    >>>>> Download Full

    Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download LINK

    >>>>> Download Now

    Diameter Protocol Explained: Usage Of Op/Opc And Transport Key >>>>> Download Full

    >>>>> Download LINK Wz

    ReplyDelete
  18. Hi
    Hope You Are Doing Well!
    i want to clone my sim card i have physical acces of my sim card i have (KI Key) IMSI,ICCID,PIN,PUK and sim card reader or writer but i can't clone my sim card because i don't know the right method of sim card cloning...
    i humbly request to you please tell me how to clone 4G Sim Card In Pakistan?
    I'm very thankful to you

    ReplyDelete
  19. please reply how to clone 4G sim card

    ReplyDelete
  20. Hi Team,

    Can someone help in enabling the encryption using Transport Key . May be a process or technology should be used from code perspective. I have a requirement to encrypt the SIMs using Transport Key

    ReplyDelete
  21. Hii Guys..

    I see your blog, your blog is very impressive. and it is very useful for my project. I have more Details of this Sim Card Series. Click below.

    Sim Card Adapter

    ReplyDelete
  22. Hello,

    I am seeking assistance with the generation of keys for a SIM card operator. The operator has provided a K4-ID value of xxx (e.g., 135) and an OP-ID value of xxx (like 335). I would like to know the process of generating OP (128-bit) and K4 (256-bit) based on the provided data. Additionally, I would like to determine if the provided data can be used for generating OP and K4. Finally, I need assistance in obtaining OPC and EKI for my SIM cards.

    Thank you for your help.

    ReplyDelete
    Replies
    1. Hi @Simon,

      We hope specification 3gpp 35.206 and 35.205 shall help you.

      Thanks for your query.
      Happy to help you again.

      Delete