ETSI TS 101 181-2005 Digital cellular telecommunications system (Phase 2+) Security mechanisms for SIM application toolkit Stage 2 (3GPP TS 03 48 Version 8 9 0 Release 1999)《数字蜂窝通信.pdf

1、 ETSI TS 101 181 V8.9.0 (2005-06)Technical Specification Digital cellular telecommunications system (Phase 2+);Security mechanisms for SIM application toolkit;Stage 2(3GPP TS 03.48 version 8.9.0 Release 1999)GLOBAL SYSTEM FOR MOBILE COMMUNICATIONSRETSI ETSI TS 101 181 V8.9.0 (2005-06) 1 3GPP TS 03.4

2、8 version 8.9.0 Release 1999 Reference RTS/TSGC-060348v890 Keywords GSM ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N

3、7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference v

4、ersion is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of

5、status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/status/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notif

6、ication No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction extend to reproduction in all media. European Telecommunications Standards Institute 2005. All rights reserved. DECTTM, PLUGTESTSTM and UMTSTM are Trade Marks of ETSI registered

7、for the benefit of its Members. TIPHONTMand the TIPHON logo are Trade Marks currently being registered by ETSI for the benefit of its Members. 3GPPTM is a Trade Mark of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. ETSI ETSI TS 101 181 V8.9.0 (2005-06) 2 3GP

8、P TS 03.48 version 8.9.0 Release 1999 Intellectual Property Rights IPRs essential or potentially essential to the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in E

9、TSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/webapp.etsi.org/IPR/home.asp). Pursuant to the ETSI

10、 IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword

11、This Technical Specification (TS) has been produced by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the correspo

12、nding ETSI deliverables. The cross reference between GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp . ETSI ETSI TS 101 181 V8.9.0 (2005-06) 3 3GPP TS 03.48 version 8.9.0 Release 1999 Contents Intellectual Property Rights2 Foreword.2 Foreword.5 1 Scope

13、6 2 References 6 2.1 Normative references .6 2.2 Informative references7 3 Definitions and abbreviations.7 3.1 Definitions7 3.2 Abbreviations .8 4 Overview of Security System.9 5 Generalised Secured Packet structure 11 5.1 Command Packet structure.11 5.1.1 Coding of the SPI12 5.1.2 Coding of the KIc

14、 .13 5.1.3 Coding of the KID 13 5.1.4 Counter Management13 5.2 Response Packet structure 14 6 Implementation for SMS-PP 15 6.1 Structure of the UDH of the Security Header in a Short Message Point to Point.15 6.2 A Command Packet contained in a Single Short Message Point to Point 16 6.3 A Command Pac

15、ket contained in Concatenated Short Messages Point to Point16 6.4 Structure of the Response Packet .18 7 Implementation for SMS-CB .19 7.1 Structure of the CBS page in the SMS-CB Message19 7.2 A Command Packet contained in a SMS-CB message.19 7.3 Structure of the Response Packet for a SMS-CB Message

16、 20 8 Standardised SIM toolkit commands for Remote File Management .20 8.1 Behaviour of the Remote File Management Application .20 8.2 Coding of the commands20 8.2.1 Input Commands.21 8.2.2 Output Commands 21 8.3 SIM specific behaviour for Response Packets (Using SMS-PP)21 9 Open Platform commands f

17、or Remote Applet Management .22 9.1 Remote Applet Management Application behaviour .22 9.1.1 Package Loading.22 9.1.2 Applet Installation 23 9.1.3 Package Removal23 9.1.4 Applet Removal 23 9.1.5 Applet Locking / Unlocking .23 9.1.6 Applet Parameters Retrieval .23 9.2 Commands coding23 9.2.1 Input Co

18、mmands.24 9.2.2 Output Commands 24 9.3 Response Packets .24 Annex A (normative): Applet Management Commands for TS 03.19 compliant cards25 A.1 Commands Description 25 A.1.1 DELETE.25 A.1.2 GET DATA25 ETSI ETSI TS 101 181 V8.9.0 (2005-06) 4 3GPP TS 03.48 version 8.9.0 Release 1999 A.1.2.1 Menu Parame

19、ters 25 A.1.2.2 Card Resources Information .26 A.1.3 GET STATUS26 A.1.4 INSTALL .26 A.1.4.1 Install (Load) 26 A.1.4.2 Install (Install).27 A.1.4.2.1 GSM Applet Specific Parameters .28 A.1.4.2.2 Memory space .28 A.1.4.2.3 Access domain 28 A.1.4.2.3.1 Access Domain Parameter.28 A.1.4.2.3.2 APDU access

20、 mechanism29 A.1.4.2.3.3 3GPP access mechanism .30 A.1.4.2.4 Priority level of the Toolkit applet 30 A.1.5 LOAD.30 A.1.6 SET STATUS.31 A.1.7 PUT KEY .31 A.2 Security Management for Applet Management using APDUs 32 A.2.1 Selection of Card Manager and Security Domain 32 A.2.2 Mutual authentication.32

21、A.2.3 APDUs DAP Computation32 Annex B (informative): Change History 33 History 34 ETSI ETSI TS 101 181 V8.9.0 (2005-06) 5 3GPP TS 03.48 version 8.9.0 Release 1999 Foreword This Technical Specification has been produced by the 3rdGeneration Partnership Project (3GPP). The contents of the present docu

22、ment are subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the present document, it will be re-released by the TSG with an identifying change of release date and an increase in version number as follows: Version x.y.z where:

23、 x the first digit: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under change control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is inc

24、remented when editorial only changes have been incorporated in the document. ETSI ETSI TS 101 181 V8.9.0 (2005-06) 6 3GPP TS 03.48 version 8.9.0 Release 1999 1 Scope The present document specifies the structure of the Secured Packets in a general format and in implementations using Short Message Ser

25、vice Point to Point (SMS-PP) and Short Message Service Cell Broadcast (SMS-CB). Furthermore, the coding is specified for a set of common application commands within the secured packets. This set is a subset of commands specified in TS 11.11 5 and allows remote management of files on the Subscriber I

26、dentity Module (SIM) in conjunction with SMS and the SIM Data Download feature of TS 11.14 6. For SIM cards based on TS 03.19 15, the set of commands used in the remote applet management is defined in the present document. This is based on the Open Platform card management specification 14. For SIM

27、cards based on other technologies, other loading mechanisms may be used. The present document is applicable to the exchange of secured packets between an entity in a GSM PLMN and an entity in the SIM. Secured Packets contain application messages to which certain mechanisms according to TS 02.48 2 ha

28、ve been applied. Application messages are commands or data exchanged between an application resident in or behind the GSM PLMN and on the SIM. The Sending/Receiving Entity in the GSM PLMN and the SIM are responsible for applying the security mechanisms to the application messages and thus turning th

29、em into Secured Packets. 2 References The following documents contain provisions which, through reference in this text, constitute provisions of the present document. References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. For a speci

30、fic reference, subsequent revisions do not apply. For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP document (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present d

31、ocument. 2.1 Normative references 1 3GPP TR 21.905: “Vocabulary for 3GPP Specifications“. 2 3GPP TS 02.48: “Security Mechanisms for the SIM Application Toolkit - Stage 1“. 3 3GPP TS 23.040: “Technical realization of the Short Message Service (SMS) Point-to-Point (PP)“. 4 3GPP TS 24.011: “Point-to-Po

32、int (PP) Short Message Service (SMS) support on mobile radio interface“. 5 3GPP TS 11.11: “Specification of the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface“. 6 3GPP TS 11.14: “Specification of the SIM Application Toolkit for the Subscriber Identity Module - Mobile Equipment (S

33、IM - ME) interface“. 7 ISO/IEC 7816-4: “Identification cards - Integrated circuit cards - Part 4: Organization, security and commands for interchange“. 8 ISO/IEC 7816-6: “Identification cards - Integrated circuit cards - Part 6: Interindustry data elements for interchange“. 9 ISO 8731-1:1987 “Bankin

34、g - Approved algorithms for message authentication - Part 1: DEA“. ETSI ETSI TS 101 181 V8.9.0 (2005-06) 7 3GPP TS 03.48 version 8.9.0 Release 1999 10 ISO/IEC 10116:1997 “Information technology - Security techniques - Modes of operation for an n-bit block cipher“. 11 3GPP TS 23.041: “Technical reali

35、sation of Short Message Service Cell Broadcast (SMSCB)“. 12 3GPP TS 24.012: “Short Message Service Cell Broadcast (SMSCB) support on the mobile radio interface“. 13 3GPP TS 23.038: “Alphabets and language-specific information“. 14 Open Platform Card Specification version 2.0.1 (see http:/www.globalp

36、latform.org/) 15 3GPP TS 03.19: “Subscriber Identity Module Application Programming Interface (SIM API); SIM API for Java Card; Stage 2“. 2.2 Informative references 17 Schneier, Bruce: “Applied Cryptography Second Edition: Protocols, Algorithms and Source code in C“, John Wiley the minimum should be

37、 4 octets. Secured Data variable Contains the Secured Application Message and possibly padding octets used for ciphering. Unless indicated otherwise, the CPL and the CHL shall be coded according to ISO/IEC 7816-6 8. Table 2: Linear Representation of Command Packet CPI CPL CHI CHL SPI KIc KID TAR CNT

38、R PCNTR RC/CC/DS Secured Data with Padding Note 1 Note 1 Note 1 Note 1 Note 3 Note 3 Note 2 Note 2 Note 2 Note 2 Note 2 Note 2 Note 2 NOTE 1: These fields are included in the data to be ciphered if ciphering is indicated in the Security Header. NOTE 2: These fields are included in the calculation of

39、 the RC/CC/DS. NOTE 3: Part or all of these fields may also be included in the calculation of the RC/CC/DS, depending on implementation (e.g. SMS). If ciphering is indicated, first the RC/CC/DS shall be calculated as indicated in Note 2, and then ciphering shall be applied, as indicated in Note 1. E

40、TSI ETSI TS 101 181 V8.9.0 (2005-06) 123GPP TS 03.48 version 8.9.0 Release 1999 If the SPI indicates that a specific field is unused, the Sending Entity shall set the contents of this field to zero, and the Receiving Entity shall ignore the contents. If the SPI indicates that no RC, CC or DS is pres

41、ent in the Command Header, the RC/CC/DS field shall be of zero length. If the Padding Counter content is zero, this shall indicate no padding octets, or no padding is necessary. 5.1.1 Coding of the SPI The SPI is coded as below. First Octet: b8 b7 b6 b5 b4 b3 b2 b1 00: No RC, CC or DS 01: Redundancy

42、 Check 10: Cryptographic Checksum 11: Digital Signature 0 : No Ciphering 1 : Ciphering 00: No counter available (note 1) 01: Counter available; no replay or sequence checking (note 2) 10: Process if and only if counter value is higher than the value in the RE (note 3) 11: Process if and only if coun

43、ter value is one higher than the value in the RE (note 4) Reserved (set to zero and ignored by RE) NOTE 1: In this case the counter field is present in the message. NOTE 2: In this case the counter value is used for information purposes only, (e.g. date or time stamp). If the Command Packet was succ

44、essfully unpacked, the counter value can be forwarded from the Receiving Entity to the Receiving Application. This depends on proprietary implementations and happens in an application dependent way. NOTE 3: The counter value is compared with the counter value of the last received Command Packet. Thi

45、s is tolerant to failures on the transport level (i.e. losses of Command Packets). A possible scenario is a global update. NOTE 4: This provides strict control in addition to security indicated in Note 3. Second Octet: b8 b7 b6 b5 b4 b3 b2 b1 00: No PoR reply to the Sending Entity (SE) 01: PoR requi

46、red to be sent to the SE 10: PoR required only when an error has occured 11: Reserved 00: No security applied to PoR response to SE 01: PoR response with simple RC applied to it 10: PoR response with CC applied to it 11: PoR response with DS applied to it 0 : PoR response shall not be ciphered 1 : P

47、oR response shall be ciphered For SMS only 0 : PoR response shall be sent using SMS-DELIVER-REPORT 1 : PoR response shall be sent using SMS-SUBMIT Reserved (set to zero and ignored by RE) ETSI ETSI TS 101 181 V8.9.0 (2005-06) 133GPP TS 03.48 version 8.9.0 Release 1999 5.1.2 Coding of the KIc The KIc

48、 is coded as below. b8 b7 b6 b5 b4 b3 b2 b1 00: Algorithm known implicitly by both entities 01: DES 10: Reserved 11: proprietary Implementations 00: DES in CBC mode 01: Triple DES in outer-CBC mode using two different keys 10: Triple DES in outer-CBC mode using three different keys 11: DES in ECB mo

49、de indication of Keys to be used (keys implicitly agreed between both entities) DES is the algorithm specified as DEA in ISO 8731-1 9. DES in CBC mode is described in ISO/IEC 10116 10. Triple DES in outer-CBC mode is described in section 15.2 of 17. DES in ECB mode is described in ISO/IEC 10116 10. The initial chaining value for CBC modes shall be zero. For the CBC modes the counter (CNTR) shall be used. If the indication of the key to be used refers to an Open Platform key set version number, the algorithm to be