03.483GPPRelease 1999Security mechanisms for SIM application toolkitStage 2TS

3.1 Definitions

For the purposes of the present document, the following terms and definitions apply.

Application Layer: The layer above the Transport Layer on which the Application Messages are exchanged between the Sending and Receiving Applications.

Application Message: The package of commands or data sent from the Sending Application to the Receiving Application, or vice versa, independently of the transport mechanism. An Application Message is transformed with respect to a chosen Transport Layer and chosen level of security into one or more secured packets.

Command Header: The Security Header of a Command Packet. It includes all fields except the Secured Data.

Command Packet: A Secured Packet transmitted by the Sending Entity to the Receiving Entity, containing a secured Application Message.

Counter: A mechanism or data field used for keeping track of a message sequence. This could be realised as a sequence oriented or time stamp derived value, maintaining a level of synchronisation between the Sending Entity and the Receiving Entity.

Cryptographic Checksum: A string of bits derived from some secret information, (e.g. a secret key), part or all of the Application Message, and possible further information (e.g. part of the Security Header). The secret key is known to the Sending Entity and to the Receiving Entity. The Cryptographic Checksum is often referred to as Message Authentication Code.

DES: A standard cryptographic algorithm specified as DEA in ISO 8731-1 [9].

Digital Signature: A string of bits derived from some secret information, (e.g. a secret key), the complete Application Message, and possible further information (e.g. part of the Security Header). The secret information is known only to the Sending Entity. Although the authenticity of the Digital Signature can be proved by the Receiving Entity, the Receiving Entity is not able to reproduce the Digital Signature without knowledge of the secret information owned by the Sending Entity.

Message Identifier: A two-octet field used to identify the source and type of the message.

Page Parameter: A single octet field used to represent the CBS page number in the sequence and the total number of pages in the SMS-CB message.

Receiving Application: This is the entity to which the Application Message is destined.

Receiving Entity: This is the entity where the Secured Packet is received (e.g. SMS‑SC, SIM, USSD entry point, or dedicated SIM Toolkit Server) and where the security mechanisms are utilised. The Receiving Entity processes the Secured Packets.

Redundancy Check: A string of bits derived from the Application Message and possible further information for the purpose of detecting accidental changes to the message, without the use of any secret information.

Response Header: The Security Header of a Response Packet.

Response Packet: A Secured Packet transmitted by the Receiving Entity to the Sending Entity, containing a secured response and possibly application data.

Secured Data: This field contains the Secured Application Message and possibly padding octets.

Secured Packet: The information flow on top of which the level of required security has been applied. An Application Message is transformed with respect to a chosen Transport Layer and chosen level of security into one or more Secured Packets.

Security Header: That part of the Secured Packet which consists of all security information (e.g. counter, key identification, indication of security level, checksum or Digital Signature).

Sender Identification: This is the simple verification of the identity of the Sending Entity by the Receiving Entity comparing the sender identity with an apriori stored identity of the sender at the Receiving Entity.

Sending Application: The entity generating an Application Message to be sent.

Sending Entity: This is the entity from which the Secured Packet originates (e.g. SMS‑SC, SIM, USSD entry point, or dedicated SIM Toolkit Server) and where the security mechanisms are invoked. The Sending Entity generates the Secured Packets to be sent.

Serial Number: A two octet field which identifies a particular message. It is linked to the Message Identifier and is altered every time the message is changed.

Short Message: Information that may be conveyed by means of the SMS Service as defined in TS 23.040 [3].

Status Code: This is an indication that a message has been received (correctly or incorrectly, indicating reason for failure).

Transport Layer: This is the layer responsible for transporting Secured Packets through the GSM network. The transport layer implements one or more transport mechanisms, (e.g. SMS or USSD).

Unsecured Acknowledgement: This is a Status Code included in a response message.

3.2 Abbreviations

In addition to those below, abbreviations used in the present document are listed in TR 21.905 [1].

CBC Cipher Block Chaining

CBS Cell Broadcast Service

CC Cryptographic Checksum

CNTR Counter

CHI Command Header Identifier

CHL Command Header Length

CPI Command Packet Identifier

CPL Command Packet Length

DAP Data Authentication Pattern

DES Data Encryption Standard

DCS Data Coding Scheme

DS Digital Signature

ECB Electronic codebook

IEI Information Element Identifier

IEIDL Information Element Identifier Data Length

IED Information Element Data

KIc Key and algorithm Identifier for ciphering

KID Key and algorithm Identifier for RC/CC/DS

KIK Key Identifier for protecting KIc and KID

MID Message IDentifier

MO-SMS Mobile Originated Short Message

MT-SMS Mobile Terminated Short Message

OP Open Platform

PCNTR Padding Counter

PLMN Public Land Mobile Network

PoR Proof of Receipt

PP Page Parameter

RA Receiving Application

RC Redundancy Check

RE Receiving Entity

RHI Response Header Identifier

RHL Response Header Length

RPI Response Packet Identifier

RPL Response Packet Length

SA Sending Application

SE Sending Entity

SIM Subscribers Identity Module

SM Short Message

SMS Short Message Service

SMS-PP Short Message Service – Point to Point

SMS-CB Short Message Service – Cell Broadcast

SMS-SC Short Message Service – Service Centre

SN Serial Number

SPI Security Parameters Indication

TAR Toolkit Application Reference

TLV Tag – Length – Value (data structure)

UDH User Data Header

UDHI User Data Header Indicator

UDHL User Data Header Length

UDL User Data Length

USSD Unstructured Supplementary Services Data