03.483GPPRelease 1999Security mechanisms for SIM application toolkitStage 2TS
For the purposes of the present document, the following terms and definitions apply.
Application Layer: The layer above the Transport Layer on which the Application Messages are exchanged between the Sending and Receiving Applications.
Application Message: The package of commands or data sent from the Sending Application to the Receiving Application, or vice versa, independently of the transport mechanism. An Application Message is transformed with respect to a chosen Transport Layer and chosen level of security into one or more secured packets.
Command Header: The Security Header of a Command Packet. It includes all fields except the Secured Data.
Command Packet: A Secured Packet transmitted by the Sending Entity to the Receiving Entity, containing a secured Application Message.
Counter: A mechanism or data field used for keeping track of a message sequence. This could be realised as a sequence oriented or time stamp derived value, maintaining a level of synchronisation between the Sending Entity and the Receiving Entity.
Cryptographic Checksum: A string of bits derived from some secret information, (e.g. a secret key), part or all of the Application Message, and possible further information (e.g. part of the Security Header). The secret key is known to the Sending Entity and to the Receiving Entity. The Cryptographic Checksum is often referred to as Message Authentication Code.
DES: A standard cryptographic algorithm specified as DEA in ISO 8731-1 .
Digital Signature: A string of bits derived from some secret information, (e.g. a secret key), the complete Application Message, and possible further information (e.g. part of the Security Header). The secret information is known only to the Sending Entity. Although the authenticity of the Digital Signature can be proved by the Receiving Entity, the Receiving Entity is not able to reproduce the Digital Signature without knowledge of the secret information owned by the Sending Entity.
Message Identifier: A two-octet field used to identify the source and type of the message.
Page Parameter: A single octet field used to represent the CBS page number in the sequence and the total number of pages in the SMS-CB message.
Receiving Application: This is the entity to which the Application Message is destined.
Receiving Entity: This is the entity where the Secured Packet is received (e.g. SMS‑SC, SIM, USSD entry point, or dedicated SIM Toolkit Server) and where the security mechanisms are utilised. The Receiving Entity processes the Secured Packets.
Redundancy Check: A string of bits derived from the Application Message and possible further information for the purpose of detecting accidental changes to the message, without the use of any secret information.
Response Header: The Security Header of a Response Packet.
Response Packet: A Secured Packet transmitted by the Receiving Entity to the Sending Entity, containing a secured response and possibly application data.
Secured Data: This field contains the Secured Application Message and possibly padding octets.
Secured Packet: The information flow on top of which the level of required security has been applied. An Application Message is transformed with respect to a chosen Transport Layer and chosen level of security into one or more Secured Packets.
Security Header: That part of the Secured Packet which consists of all security information (e.g. counter, key identification, indication of security level, checksum or Digital Signature).
Sender Identification: This is the simple verification of the identity of the Sending Entity by the Receiving Entity comparing the sender identity with an apriori stored identity of the sender at the Receiving Entity.
Sending Application: The entity generating an Application Message to be sent.
Sending Entity: This is the entity from which the Secured Packet originates (e.g. SMS‑SC, SIM, USSD entry point, or dedicated SIM Toolkit Server) and where the security mechanisms are invoked. The Sending Entity generates the Secured Packets to be sent.
Serial Number: A two octet field which identifies a particular message. It is linked to the Message Identifier and is altered every time the message is changed.
Short Message: Information that may be conveyed by means of the SMS Service as defined in TS 23.040 .
Status Code: This is an indication that a message has been received (correctly or incorrectly, indicating reason for failure).
Transport Layer: This is the layer responsible for transporting Secured Packets through the GSM network. The transport layer implements one or more transport mechanisms, (e.g. SMS or USSD).
Unsecured Acknowledgement: This is a Status Code included in a response message.
In addition to those below, abbreviations used in the present document are listed in TR 21.905 .
CBC Cipher Block Chaining
CBS Cell Broadcast Service
CC Cryptographic Checksum
CHI Command Header Identifier
CHL Command Header Length
CPI Command Packet Identifier
CPL Command Packet Length
DAP Data Authentication Pattern
DES Data Encryption Standard
DCS Data Coding Scheme
DS Digital Signature
ECB Electronic codebook
IEI Information Element Identifier
IEIDL Information Element Identifier Data Length
IED Information Element Data
KIc Key and algorithm Identifier for ciphering
KID Key and algorithm Identifier for RC/CC/DS
KIK Key Identifier for protecting KIc and KID
MID Message IDentifier
MO-SMS Mobile Originated Short Message
MT-SMS Mobile Terminated Short Message
OP Open Platform
PCNTR Padding Counter
PLMN Public Land Mobile Network
PoR Proof of Receipt
PP Page Parameter
RA Receiving Application
RC Redundancy Check
RE Receiving Entity
RHI Response Header Identifier
RHL Response Header Length
RPI Response Packet Identifier
RPL Response Packet Length
SA Sending Application
SE Sending Entity
SIM Subscribers Identity Module
SM Short Message
SMS Short Message Service
SMS-PP Short Message Service – Point to Point
SMS-CB Short Message Service – Cell Broadcast
SMS-SC Short Message Service – Service Centre
SN Serial Number
SPI Security Parameters Indication
TAR Toolkit Application Reference
TLV Tag – Length – Value (data structure)
UDH User Data Header
UDHI User Data Header Indicator
UDHL User Data Header Length
UDL User Data Length
USSD Unstructured Supplementary Services Data