Content for TS 33.105 Word version: 18.0.0

3.1 Definitions 3.2 Symbols 3.3 Abbreviations 3.4 Conventions 4.1 Resilience 4.2 World-wide availability and use
...

1 Scope p. 6

This specification constitutes a requirements specification for the security functions which may be used to provide the network access security features defined in [1].

The specification covers the intended use of the functions, the technical requirements on the functions and the requirements as regards standardization.

For those functions that require standardization, it also covers the intended use of the algorithm specification, the requirements on test data, and quality assurance requirements on both the algorithm and its documentation.

2 References p. 6

The following documents contain provisions which, through reference in this text, constitute provisions of the present document.

References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific.
For a specific reference, subsequent revisions do not apply.
For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document.

[1]

TS 33.102: "3rd Generation Partnership Project (3GPP); Technical Specification Group (TSG) SA; 3G Security; Security Architecture".

[2]

Wassenaar Arrangement, December 1998.

[3]

ISO/IEC 9797: "Information technology - Security techniques - Data integrity mechanism using a cryptographic check function employing a block cipher algorithm".

3 Definitions, symbols, abbreviations and conventions p. 6

3.1 Definitions p. 6

For the purposes of the present document, the following definitions apply:

Confidentiality:

The property that information is not made available or disclosed to unauthorised individuals, entities or processes.

Data integrity:

The property that data has not been altered in an unauthorised manner.

Data origin authentication:

The corroboration that the source of data received is as claimed.

Entity authentication:

The provision of assurance of the claimed identity of an entity.

Key freshness:

A key is fresh if it can be guaranteed to be new, as opposed to an old key being reused through actions of either an adversary or authorised party.

3.2 Symbols p. 7

For the purposes of the present document, the following symbols apply:

Concatenation

⊕

Exclusive or

random challenge generating function

network authentication function

f1*

the re-synchronisation message authentication function;

user authentication function

cipher key derivation function

integrity key derivation function

anonymity key derivation function for normal operation

f5*

anonymity key derivation function for re-synchronisation

UMTS encryption algorithm

UMTS integrity algorithm

3.3 Abbreviations p. 7

For the purposes of the present document, the following abbreviations apply:

3GPP

3rd Generation Partnership Project

Anonymity key

AuC

Authentication Centre

AUTN

Authentication token

COUNT-C

Time variant parameter for synchronisation of ciphering

COUNT-I

Time variant parameter for synchronisation of data integrity

Cipher key

Integrity key

IMSI

International Mobile Subscriber Identity

IPR

Intellectual Property Right

MAC

Medium access control (sublayer of Layer 2 in RAN)

MAC

Message authentication code

MAC-A

MAC used for authentication and key agreement

MAC-I

MAC used for data integrity of signalling messages

PDU

Protocol data unit

RAND

Random challenge

RES

User response

RLC

Radio link control (sublayer of Layer 2 in RAN)

RNC

Radio network controller

SDU

Signalling data unit

SQN

Sequence number

User equipment

USIM

User Services Identity Module

XMAC-A

Expected MAC used for authentication and key agreement

XMAC-I

Expected MAC used for data integrity of signalling messages

XRES

Expected user response

3.4 Conventions p. 7

All data variables in this specification are presented with the most significant substring on the left hand side and the least significant substring on the right hand side. A substring may be a bit, byte or other arbitrary length bitstring. Where a variable is broken down into a number of substrings, the leftmost (most significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant.

4 General algorithm requirements p. 8

4.1 Resilience p. 8

The functions should be designed with a view to its continued use for a period of at least 20 years. Successful attacks with a work load significantly less than exhaustive key search through the effective key space should be impossible.

The designers of above functions should design algorithms to a strength that reflects the above qualitative requirements.

4.2 World-wide availability and use p. 8

Legal restrictions on the use or export of equipment containing cryptographic functions may prevent the use of such equipment in certain countries.

It is the intention that UE and USIMs which embody such algorithms should be free from restrictions on export or use, in order to allow the free circulation of 3G terminals. Network equipment, including RNC and AuC, may be expected to come under more stringent restrictions. It is the intention is that RNC and AuC which embody such algorithms should be exportable under the conditions of the Wassenaar Arrangement [2].