3 Definitions, abbreviations and symbols

31.1133GPPRelease 8TSUniversal Subscriber Identity Module Application Toolkit (USAT) interpreter byte codes

3.1 Definitions

For the purposes of the present document, the following terms and definitions apply:

anchor: named location on a page to which references can be made and at which rendering by the USAT Interpreter is initiated

NOTE: Anchors can be referenced by anchor reference TLVs.

attribute: A property assigned to a TLV. The attribute can consist of a single bit or of a sequence of consecutive bits within the attribute bytes of a TLV.

attribute byte(s): sequence of consecutive bytes in the value part of a TLV containing the attributes of that TLV

current page: page which is currently rendered by the USAT Interpreter

current terminal response handler configuration: terminal response handler configuration currently valid

external system entity: any entity outside the USAT Interpreter, able to communicate with the USAT Interpreter (e.g. USAT Gateway, content/application system)

default terminal response handler configuration: the terminal response handler configuration as specified in clause 4.3.2

general result range: general result range is a range of general results in the terminal response of an USAT command (refer to TS 31.111 [1] )

navigation unit: block of a service description that can be referenced (by its anchor) and hence independently activated

page: context of an USAT Interpreter rendering, the default scope of USAT Interpreter variables and the unit of transmission between an external system entity and the USAT Interpreter

protected variable: shared variable, which is protected by an one time password

service: collection of pages that defines an unitary capability of the mobile equipment from the point of view of the user. Examples include remote database access, electronic mail, and alerts

service ID: unique ID to identify a service on the external system entity

shared variable: variable to be shared with the following page

NOTE: Shared variables can be provided to the next page in a protected or non protected manner.

string pool: list of predefined variables provided by the current page within the page TLV

NOTE: The string pool is mainly used for optimisation purposes.

system terminal response handler configuration: default terminal response handler configuration possibly modified by personalisation

terminal response handler configuration: configuration used by the terminal response handler mechanism to allow the mapping of actions to general results of USAT commands (see

variable ID: identifier to reference a variable within a variable usage area

wait state: state which is possibly entered by the USAT Interpreter to wait for a response from the external system entity after information has been submitted to the external system entity

3.2 Abbreviations

For the purposes of the present document, the following abbreviations apply:

3DES Triple DES

AKI Asymmetric Key Index

AD Asymmetric Decryption Plug-in

ASN.1 Abstract Syntax Notation One (1)

C Conditional

CA Certification Authority

CBC Cipher Block Chaining (Mode)

CHV Card Holder Verification

CP Change PIN Plug-in

DCS Data Coding Scheme

DD Triple DES Decrypt Plug-in

DE Triple DES Encrypt Plug-in

DER Distinguished Encoding Rules of ASN.1

DES Data Encryption Standard

DS Triple DES Sign Plug-in

DU Triple DES Unwrap Plug-in

ECB Electronic Code-book (mode)

EDE Encrypt-Decrypt-Encrypt

FP Fingerprint Plug-in

IANA Internet Assigned Numbers Authority

ICCID Integrated Circuit Card IDentification

ID IDentifier

IV Initialisation Vector

LSB Least Significant Bit

M Mandatory

MAC Message Authentication Code

MDC Modification Detection Code

MSB Most Significant Bit

NCI Native Code Identifier

NU Navigation Unit

O Optional

OID Object Identifier

OTA Over-the-Air

OTP One Time Password

P7 PKCS#7 Signature Plug-in

PIN Personal Identification Number

PKCS Public-Key Cryptography Standards

PS Plug-in Status Code

PUK PIN Unblocking Key

RFU Reserved for Future Use

RP Reset PIN Plug-in

RSA Algorithm invented by Rivest, Adleman and Shamir

SHA-1 Secure Hash Algorithm 1

SMS Short Message Service

SW1/SW2 Status Word 1 / Status Word 2

TLV Tag Length Value

TR Terminal Response

TS Technical Specification

TTBS Text To Be Signed

UCS2 Universal two byte coded Character Set

UE User Equipment

URL Uniform Resource Locators

USAT USIM Application Toolkit

USIM Universal Subscriber Identity Module

WAP Wireless Application Protocol

WIM Wireless Identity Module

WTLS Wireless Transport Layer Security

XML eXtensible Markup Language

3.3 Symbols

For the purposes of the present document, the following symbol applies:

‘0’ to ‘9’ and ‘A’ to ‘F’ The sixteen hexadecimal digits

Single bits are identified by b1 to b8, where b1 is the LSB and b8 is the MSB of the byte containing the bit.

RFU bits and bytes are to be set to ‘0’.

Symbols used in annexes:


Sub-string extraction operator. Extracts bytes i through j. 1  i  j.

X || Y

Concatenation of byte-strings X and Y (in that order).

|| .||

Byte length operator.


Individual bit in a byte. Range from bit 1 (least significant), denoted b1, to bit 8 (most significant), denoted b8.


Individual byte in a byte-string. Range from byte 1 (leftmost), denoted B1, to byte n (rightmost), denoted Bn.


Ciphertext representative. An integer between 0 and n-1.


Ciphertext. Input parameter to the AD plug-in.


Decrypted PIN data.


Data-to-be-signed. Input parameter to the FP plug-in.


Encrypted message.


Decrypted message.


PKCS#1 encoding function. See [9] for further reference


Encrypted PIN data.


Integer-to-Octet-String conversion primitive. See [9] for further reference.


Raw ICCID. 10 bytes length.


ISO/IEC 9797 MAC algorithm 3. See [10] for further reference.


ISO/IEC 9797 padding method 2. See [10] for further reference.


Length in bytes of the modulus.


RSA private key.

K1, K2, K , K’

DES keys.


An 8 byte key checksum.


SHA-1 hash of the public key. The hash shall be computed from the unsigned modulus to be in line with WAP WTLS and WAP WIM.


Message representative. An integer between 0 and n-1.


Message, a byte string.


A ISO/IEC 9797 message authentication code


A SHA-1 hash value.


Modulus. An integer.


Octet-String-to-Integer conversion primitive. See [9] for further reference.


An 8 byte PIN checksum.


PKCS#5 padding function. See [16] for further reference.


Inverse of PKCS5_PAD. See [16] for further reference.


A padded message.


Random nonce. 8 bytes length.


RSA decryption primitive. See [9] for further reference.


RSA signature primitive. See [9] for further reference.


PKCS#1 signature generation function. See [9] for further reference.


Raw signature of byte length k.


SHA-1 hash function. See [12] for further reference.


Triple DES decryption algorithm. See [8] for details regarding the algorithm.


Triple DES encryption algorithm. See [8] for details regarding the algorithm.


Text-to-be-signed. Byte string. Input parameter to P7 plug-in.