3 Definitions, symbols, abbreviations and conventions

33.1033G security3GPPIntegration guidelinesTS

3.1 Definitions

For the purposes of the present document, the following definitions apply:

Authentication vector: either a quintet or a triplet.

Confidentiality: The property that information is not made available or disclosed to unauthorised individuals, entities or processes.

Data integrity: The property that data has not been altered in an unauthorised manner.

Data origin authentication: The corroboration that the source of data received is as claimed.

Entity authentication: The provision of assurance of the claimed identity of an entity.

GSM Entity authentication and key agreement: Entity authentication according to GSM 03.20.

GSM security context: a state that is established between a user and a serving network domain usually as a result of the execution of GSM AKA. At both ends "GSM security context data" is stored, that consists at least of the GSM cipher key Kc and the cipher key sequence number CKSN.

GSM subscriber: a mobile station that consists of user equipment with a SIM inserted.

Key freshness: A key is fresh if it can be guaranteed to be new, as opposed to an old key being reused through actions of either an adversary or authorised party.

Mobile station, user: the combination of user equipment and a user access module.

Quintet, UMTS authentication vector: temporary authentication data that enables an MSC/VLR or SGSN to engage in UMTS AKA with a particular user. A quintet consists of five elements: a) a network challenge RAND, b) an expected user response XRES, c) a cipher key CK, d) an integrity key IK and e) a network authentication token AUTN.

SIM – GSM Subscriber Identity Module. In a security context, this module is responsible for performing GSM subscriber authentication and key agreement. This module is not capable of handling UMTS authentication nor storing UMTS style keys.

Temporary authentication data: either UMTS or GSM security context data or UMTS or GSM authentication vectors.

Triplet, GSM authentication vector: temporary authentication data that enables an MSC/VLR or SGSN to engage in GSM AKA with a particular user. A triplet consists of three elements: a) a network challenge RAND, b) an expected user response SRES and c) a cipher key Kc.

User access module: either a USIM or a SIM

USIM – User Services Identity Module. In a security context, this module is responsible for performing UMTS subscriber and network authentication and key agreement. It should also be capable of performing GSM authentication and key agreement to enable the subscriber to roam easily into a GSM Radio Access Network.

UMTS Entity authentication and key agreement: Entity authentication according to this specification.

UMTS security context: a state that is established between a user and a serving network domain as a result of the execution of UMTS AKA. At both ends "UMTS security context data" is stored, that consists at least of the UMTS cipher/integrity keys CK and IK and the key set identifier KSI.

UMTS subscriber: a mobile station that consists of user equipment with a USIM inserted.

3.2 Symbols

For the purposes of the present document, the following symbols apply:

|| Concatenation

Å Exclusive or

f1 Message authentication function used to compute MAC

f1* Message authentication function used to compute MAC‑S

f2 Message authentication function used to compute RES and XRES

f3 Key generating function used to compute CK

f4 Key generating function used to compute IK

f5 Key generating function used to compute AK in normal operation

f5* Key generating function used to compute AK for re-synchronisation

f6 Encryption function used to encrypt the IMSI

f7 Decryption function used to decrypt the IMSI (=f6-1)

f8 Integrity algorithm

f9 Confidentiality algorithm

f10 Deriving function used to compute TEMSI

K Long-term secret key shared between the USIM and the AuC

3.3 Abbreviations

For the purposes of the present document, the following abbreviations apply:

AK Anonymity Key

AKA Authentication and key agreement

AMF Authentication management field

AUTN Authentication Token

AV Authentication Vector

CK Cipher Key

CKSN Cipher key sequence number

CS Circuit Switched

DSK(X)(data) Decryption of "data" with Secret Key of X used for signing

EKSXY(i)(data) Encryption of "data" with Symmetric Session Key #i for sending data from X to Y

EPK(X)(data) Encryption of "data" with Public Key of X used for encryption

EMSI Encrypted Mobile Subscriber Identity

EMSIN Encrypted MSIN

Hash(data) The result of applying a collision-resistant one-way hash-function to "data"

HE Home Environment

HLR Home Location Register

IK Integrity Key

IMSI International Mobile Subscriber Identity

IV Initialisation Vector

KACX Key Administration Centre of Network X

KSXY(i) Symmetric Session Key #i for sending data from X to Y

KSI Key Set Identifier

KSS Key Stream Segment

LAI Location Area Identity

MAP Mobile Application Part

MAC Message Authentication Code

MAC-A The message authentication code included in AUTN, computed using f1

MS Mobile Station

MSC Mobile Services Switching Centre

MSIN Mobile Station Identity Number

MT Mobile Termination

NEX Network Element of Network X

PS Packet Switched

P-TMSI Packet-TMSI

Q Quintet, UMTS authentication vector

RAI Routing Area Identifier

RAND Random challenge

RNDX Unpredictable Random Value generated by X

SQN Sequence number

SQNUIC Sequence number user for enhanced user identity confidentiality

SQNHE Sequence number counter maintained in the HLR/AuC

SQNMS Sequence number counter maintained in the USIM

SGSN Serving GPRS Support Node

SIM (GSM) Subscriber Identity Module

SN Serving Network

T Triplet, GSM authentication vector

TE Terminal Equipment

TEMSI Temporary Encrypted Mobile Subscriber Identity used for paging instead of IMSI

Text1 Optional Data Field

Text2 Optional Data Field

Text3 Public Key algorithm identifier and Public Key Version Number (eventually included in Public Key Certificate)

TMSI Temporary Mobile Subscriber Identity

TTP Trusted Third Party

UE User equipment

UEA UMTS Encryption Algorithm

UIA UMTS Integrity Algorithm

UIDN User Identity Decryption Node

USIM User Services Identity Module

VLR Visitor Location Register

X Network Identifier

XEMSI Extended Encrypted Mobile Subscriber Identity

XRES Expected Response

Y Network Identifier

3.4 Conventions

All data variables in this specification are presented with the most significant substring on the left hand side and the least significant substring on the right hand side. A substring may be a bit, byte or other arbitrary length bitstring. Where a variable is broken down into a number of substrings, the leftmost (most significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant.