5 Security features

3GPP42.017Functional characteristicsSubscriber Identity Module (SIM)TS

The security aspects of GSM are defined in GSM 02.09 [5] and GSM 03.20 [9].

This clause defines the security attributes to be supported by the SIM which are:

– authentication algorithm (A3);

– subscriber authentication key (Ki);

– cipher key generation algorithm (A8);

– cipher key (Kc);

– control of access to data stored, and functions performed, in the SIM.

An algorithm A38 may perform the combined functions of A3 and A8.

5.1 SIM interface

Other commands than those specified in GSM 11.11 [12] and GSM 11.14 [17] are only allowed to be executed if they do not interfere with the correct functioning of the GSM application. The execution of GSM commands as specified in GSM 11.11 [12] shall always take precedence over any SIM Application Toolkit commands as specified in GSM 11.14 [17].

If the GSM application is one of several applications on a multi-application IC card, then the other applications shall have no means of unauthorized access to the GSM application.

5.2 SIM data

Actions, e.g. read, update, on SIM data shall be controlled by access conditions, which shall be satisfied before the action can be performed. The access conditions and the data to which they apply are defined in GSM 11.11 [12].

5.3 Algorithms and subscriber authentication key

All reasonable steps shall be taken to ensure that the algorithms (A3 and A8) and subscriber authentication key (Ki) cannot be read, altered, manipulated or bypassed in such a way as to reveal secret information.

All MS processes which require the use of the subscriber authentication key shall be performed internally by the SIM.

5.4 Administrative management phase

The present document does not define the security requirements of the administrative phase but precautions shall be taken to protect the integrity of subscriber related secret information.

5.5 Subscriber data stored in ME

Subject to the exception below, all subscriber related information transferred into the ME during GSM network operations shall be deleted from the ME after removal of the SIM, deactivation of the MS, or following an electrical reset of the SIM. This includes any data that was transferred to the ME by SIM Application Toolkit commands.

Subscriber related security codes (e.g. CHV and Unblock CHV) may be kept in the ME during the execution of the appropriate SIM/ME interface procedure (e.g. verifying or changing a CHV). They shall be deleted from the ME immediately after completion of the procedure.

Optionally, an ME may retain some less security critical data at SIM removal or MS switch-off. Such data are SMS, ADN/SSC, FDN/SSC, LND etc. These data, when stored in the ME, shall only be readable/retrievable if the same SIM is reactivated (as determined by the IMSI). If the IMSI is retained in the ME for this purpose it shall be stored securely and shall not be able to be read out.

Storage for other data such as ADN/SSC, SMS etc., storage may also exist in the ME. These data stored in the ME, which have not been transferred from a SIM during a card session, are not subject to the above security restriction.

5.6 CHV management

The GSM SIM shall support the use of Card Holder Verifications (CHV) to authenticate the user to the card e.g. to provide protection against the use of stolen cards. For the SIM the CHV information takes the form of a numeric CHV of 4 to 8 decimal digits. An initial CHV is loaded during the administrative management phase.

A CHV disabling function may exist. This function may be inhibited at card issue. In this case the subscriber shall always use the CHV. Otherwise the subscriber may decide whether or not to make use of the CHV function. If disabled, the CHV remains disabled until the subscriber specifically re-enables CHV checking.

Depending on the requirements of the SIM issuer, and subject to the features incorporated in the SIM, e.g. FDN, a second Subscriber CHV (CHV2) may be provided. Like CHV, CHV2 shall also consist of 4 to 8 (decimal) digits loaded during the administrative phase. There shall be no provision for the subscriber to disable CHV2.

Following correct CHV or CHV2 presentation, the ME may perform functions, and actions on SIM data, protected by the relevant CHV access condition.

If an incorrect CHV or CHV2 is entered, an indication is given to the user. After three consecutive incorrect entries the relevant CHV is blocked, i.e. functions, and actions on data, protected by the CHV access condition are no longer possible, even if between attempts the SIM has been removed or the MS has been switched off. Once a CHV is blocked, further CHV verifications cannot be performed.

There shall be two possible methods of handling CHVs that are blocked. Cards may, if the CHV is disabled, allow the CHV to become blocked without re-enabling the CHV, such that use of the GSM service is still possible. Conversely, cards may, if the CHV is disabled, re-enable the CHV if it becomes blocked. The method chosen is a matter for the card issuer.

The SIM shall support a mechanism for unblocking a blocked CHV. Unblocking of a CHV is performed using the relevant function defined in GSM 11.11 [12] in association with the relevant CHV Unblocking Key (Unblock CHV/Unblock CHV2).

CHV and CHV2 (length and value) shall be changeable by the subscriber following correct entry of either the current CHV/CHV2 or Unblock CHV/Unblock CHV2 as appropriate.

On a SIM handling both CHV and CHV2, there is no hierarchical relationship between them, e.g. correct presentation of CHV2 does not allow actions to be performed which require presentation of CHV, and vice versa.

The Unblock CHVs shall consist of 8 decimal digits loaded during the administrative management phase and are not changeable by the user. If an incorrect Unblock CHV is presented, an indication is given to the user. After 10 consecutive incorrect entries, the Unblock CHV is itself blocked, even if between attempts the SIM has been removed or the MS has been switched off. Unblocking of the relevant CHV is now impossible.

It shall not be possible to read the CHV(s) or Unblock CHV(s).

5.7 SIM removal

If the SIM is removed from the MS during a call, the call shall be terminated immediately as defined in GSM 11.11 [12].