1、 ETSI TS 155 236 V15.0.0 (2018-07) Digital cellular telecommunications system (Phase 2+) (GSM); Specification of A8_V MILENAGE Algorithm: An example algorithm for the key generation function A8_V (3GPP TS 55.236 version 15.0.0 Release 15) TECHNICAL SPECIFICATION GLOBAL SYSTEM FOR MOBILE COMMUNICATIO
2、NSRETSI ETSI TS 155 236 V15.0.0 (2018-07)13GPP TS 55.236 version 15.0.0 Release 15Reference RTS/TSGS-0355236vf00 Keywords GSM,SECURITY ETSI 650 Route des Lucioles F-06921 Sophia Antipolis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association
3、but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice The present document can be downloaded from: http:/www.etsi.org/standards-search The present document may be made available in electronic versions and/or in print. The content of any electronic and/or print versi
4、ons of the present document shall not be modified without the prior written authorization of ETSI. In case of any existing or perceived difference in contents between such versions and/or in print, the only prevailing document is the print of the Portable Document Format (PDF) version kept on a spec
5、ific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at https:/portal.etsi.org/TB/ETSIDeliverableStatus.aspx If you f
6、ind errors in the present document, please send your comment to one of the following services: https:/portal.etsi.org/People/CommiteeSupportStaff.aspx Copyright Notification No part may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microf
7、ilm except as authorized by written permission of ETSI. The content of the PDF version shall not be modified without the written authorization of ETSI. The copyright and the foregoing restriction extend to reproduction in all media. ETSI 2018. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the
8、ETSI logo are trademarks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare trademarks of ETSI registered for the benefit of its Members and of the 3GPP Organizational Partners. oneM2M logo is protected for the benefit of its Members. GSMand the GSM logo are trademarks registered
9、 and owned by the GSM Association. ETSI ETSI TS 155 236 V15.0.0 (2018-07)23GPP TS 55.236 version 15.0.0 Release 15Intellectual Property Rights Essential patents IPRs essential or potentially essential to normative deliverables may have been declared to ETSI. The information pertaining to these essen
10、tial IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates
11、 are available on the ETSI Web server (https:/ipr.etsi.org/). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server)
12、 which are, or may be, or may become, essential to the present document. Trademarks The present document may include trademarks and/or tradenames which are asserted and/or registered by their owners. ETSI claims no ownership of these except for any which are indicated as being the property of ETSI,
13、and conveys no right to use or reproduce any trademark and/or tradename. Mention of those trademarks in the present document does not constitute an endorsement by ETSI of products, services or organizations associated with those trademarks. Foreword This Technical Specification (TS) has been produce
14、d by ETSI 3rd Generation Partnership Project (3GPP). The present document may refer to technical specifications or reports using their 3GPP identities, UMTS identities or GSM identities. These should be interpreted as being references to the corresponding ETSI deliverables. The cross reference betwe
15、en GSM, UMTS, 3GPP and ETSI identities can be found under http:/webapp.etsi.org/key/queryform.asp. Modal verbs terminology In the present document “shall“, “shall not“, “should“, “should not“, “may“, “need not“, “will“, “will not“, “can“ and “cannot“ are to be interpreted as described in clause 3.2
16、of the ETSI Drafting Rules (Verbal forms for the expression of provisions). “must“ and “must not“ are NOT allowed in ETSI deliverables except when used in direct citation. ETSI ETSI TS 155 236 V15.0.0 (2018-07)33GPP TS 55.236 version 15.0.0 Release 15Contents Intellectual Property Rights 2g3Foreword
17、 . 2g3Modal verbs terminology 2g3Foreword . 4g31 Scope 5g32 References 5g33 Definitions, symbols and abbreviations . 5g33.1 Definitions 5g33.2 Symbols 5g33.3 Abbreviations . 5g34 Introductory information 6g34.1 Introduction 6g34.2 Notation 6g34.2.1 Bit/byte ordering . 6g34.2.2 List of symbols . 6g34
18、.3 List of variables 6g34.4 Algorithm inputs and outputs . 6g35 The A8_V MILENAGE algorithm . 6g36 Test data for A8_V MILENAGE . 7g36.1 Introduction 7g36.2 Format 7g36.3 Test Sets . 8g3Annex A (informative): Change history . 12g3History 13g3ETSI ETSI TS 155 236 V15.0.0 (2018-07)43GPP TS 55.236 versi
19、on 15.0.0 Release 15Foreword This Technical Specification has been produced by the 3rdGeneration Partnership Project (3GPP). The contents of the present document are subject to continuing work within the TSG and may change following formal TSG approval. Should the TSG modify the contents of the pres
20、ent document, it will be re-released by the TSG with an identifying change of release date and an increase in version number as follows: Version x.y.z where: x the first digit: 1 presented to TSG for information; 2 presented to TSG for approval; 3 or greater indicates TSG approved document under cha
21、nge control. y the second digit is incremented for all changes of substance, i.e. technical enhancements, corrections, updates, etc. z the third digit is incremented when editorial only changes have been incorporated in the document. ETSI ETSI TS 155 236 V15.0.0 (2018-07)53GPP TS 55.236 version 15.0
22、.0 Release 151 Scope The present document contains an example algorithm which may be used as the VSTK key generation function A8_V as described in TS 43.020 4. (It is not mandatory that the particular algorithm specified in this document is used - the A8_V function is operator-specifiable rather tha
23、n being fully standardised.) Clause 4 introduces the algorithm and describes the input and output parameters. Clause 5 defines the algorithm. Clause 6 provides test data. 2 References The following documents contain provisions which, through reference in this text, constitute provisions of the prese
24、nt document. - References are either specific (identified by date of publication, edition number, version number, etc.) or non-specific. - For a specific reference, subsequent revisions do not apply. - For a non-specific reference, the latest version applies. In the case of a reference to a 3GPP doc
25、ument (including a GSM document), a non-specific reference implicitly refers to the latest version of that document in the same Release as the present document. 1 3GPP TS 35.206: “3G Security; Specification of the MILENAGE algorithm set: An example algorithm Set for the 3GPP Authentication and Key G
26、eneration functions f1, f1*, f2, f3, f4, f5 and f5*; Document 2: Algorithm specification“. 2 3GPP TS 35.207: “3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 3: Imple
27、mentors test data“. 3 3GPP TS 35.208: “3G Security; Specification of the MILENAGE Algorithm Set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 4: Design conformance test data“. 4 3GPP TS 43.020: “ Security related network
28、functions“. 5 3GPP TR 21.905: “Vocabulary for 3GPP Specifications“. 3 Definitions, symbols and abbreviations 3.1 Definitions For the purposes of the present document, the terms and definitions given in TR 21.905 5, TS 35.206 1 and TS 43.020 4, and the following apply. A term defined in the present d
29、ocument takes precedence over the definition of the same term, if any, in TR 21.905 5, TS 35.206 1 or TS 43.020 4. 3.2 Symbols = The assignment operator. | The concatenation of the two operands. Xi The ithbit of the variable X. (X = X0 | X1 | X2 | ). 3.3 Abbreviations For the purposes of the present
30、 document, the abbreviations given in TR 21.905 5, TS 35.206 1 and TS 43.020 4, and the following apply. An abbreviation defined in the present document takes precedence over the definition of the same abbreviation, if any, in TR 21.905 5, TS 35.206 1 or TS 43.020 4. VBS Voice Broadcast Service ETSI
31、 ETSI TS 155 236 V15.0.0 (2018-07)63GPP TS 55.236 version 15.0.0 Release 15VGCS Voice Group Call Service 4 Introductory information 4.1 Introduction For VGCS and VBS ciphering in the GSM system the security function A8_V has been specified. The operation of this function falls completely within the
32、domain of an individual operator, and the function is therefore to be specified by each operator rather than being fully standardized. The algorithm specified in this document is an example that may be used by an operator which does not wish to design its own. The inputs and outputs of the function
33、A8_V is defined in clause 4.4. 4.2 Notation 4.2.1 Bit/byte ordering All data variables in this specification are presented with the most significant bit (or byte) on the left hand side and the least significant bit (or byte) on the right hand side. Where a variable is broken down into a number of su
34、bstrings, the leftmost (most significant) substring is numbered 0, the next most significant is numbered 1, and so on through to the least significant. When a variable, with bit length L, is shown in hexadecimal format, bit 0 is the most significant bit of the leftmost hexadecimal digit, and bit L-1
35、 is the least significant bit of the rightmost hexadecimal digit. 4.2.2 List of symbols See clause 3.2 4.3 List of variables For V_Ki, VSTK_RAND and VSTK see TS 43.020 4 For all f3-function related variables see TS 35.206 1 4.4 Algorithm inputs and outputs The inputs to the algorithm are given in ta
36、ble 1, the output in table 2 below. Table 1: Inputs to A8_V Parameter Size (bits) Comment V_Ki 128 Group key V_Ki0V_Ki127 VSTK_RAND 36 Random challenge VSTK_RAND0VSTK_RAND35 Table 2: Outputs from A8_V Parameter Size (bits) Comment VSTK 128 Cipher key VSTK0VSTK127 5 The A8_V MILENAGE algorithm An exa
37、mple algorithm set for UMTS, called MILENAGE (see Note 1), is specified in TS 35.206 1. A8_V MILENAGE makes use of MILENAGE. Specifically, the function f3 from the UMTS MILENAGE is making use of (all input and output names are prefixed by “MIL3G-“ to distinguish them clearly from the inputs and outp
38、uts of A8_V MILENAGE): ETSI ETSI TS 155 236 V15.0.0 (2018-07)73GPP TS 55.236 version 15.0.0 Release 15Function Inputs Output f3 MIL3G-K0MIL3G-K127 MIL3G-RAND0MIL3G-RAND127 MIL3G-CK0MIL3G-CK127 The A8_V MILENAGE functions are defined as follows: - Let (MIL3G-K0MIL3G-K127) = (V_Ki0V_Ki127) - Let (MIL3
39、G-RAND0MIL3G-RAND127) = (EXP_RAND0EXP_RAND127) Whereby EXP_RANDbits 0,1, . . .126,127 = EXPANDbits 0,1, . . .39 | EXPANDbits 0,1, . . .39 | EXPANDbits 0,1, . . .39 | 11111111 EXPAND bits 0,1, . . .39 = 1111 | VSTK_RANDbits 0,1, . . .35 - Compute MIL3G-CK from MIL3G-K and MIL3G-RAND, using the MILENA
40、GE function f3 - Set (VSTK0VSTK127) = (MIL3G-CK0MIL3G-CK127) NOTE 1: MILENAGE uses a 128-bit operator-specific constant OP; a value has to be assigned to this constant for MILENAGE to be fully specified. 6 Test data for A8_V MILENAGE 6.1 Introduction The test data sets presented here have been deriv
41、ed from the MILENAGE test sets in 3. 6.2 Format The format of each test data set is as follows: Test Set n V_Ki secret group key VSTK_RAND 36-bit random challenge MIL3G-RAND 128-bit expansion of VSTK_RAND according to clause 4 OP operator-specific MILENAGE constant OPc derived from OP and V_Ki see 1
42、 MIL3G-CK (VSTK) MILENAGE f3 output, that equals the Short Term Key for use in VGCS and VBS ciphering All test data in this tabular format is shown in hexadecimal representation. The first test set is also shown in binary, to show explicitly the relationship between the binary data and the hexadecim
43、al representation. ETSI ETSI TS 155 236 V15.0.0 (2018-07)83GPP TS 55.236 version 15.0.0 Release 156.3 Test Sets Test Set 1 in binary format V_Ki 01000110 01011011 01011100 11101000 10110001 10011001 10110100 10011111 10101010 01011111 00001010 00101110 11100010 00111000 10100110 10111100 VSTK_RAND 0
44、0100011 01010101 00111100 10111110 1001 MIL3G-RAND 11110010 00110101 01010011 11001011 11101001 11110010 00110101 01010011 11001011 11101001 11110010 00110101 01010011 11001011 11101001 11111111 OP 11001101 11000010 00000010 11010101 00010010 00111110 00100000 11110110 00101011 01101101 01100111 011
45、01010 11000111 00101100 10110011 00011000 OPc 11001101 01100011 11001011 01110001 10010101 01001010 10011111 01001110 01001000 10100101 10011001 01001110 00110111 10100000 00101011 10101111 MIL3G-CK (VSTK) 11010111 01110011 11000111 11111111 11000110 01000000 11001101 00100100 10000001 11110101 0001
46、0010 11011100 10111101 01011100 11000000 11110110 Test Set 1 V_Ki 465b5ce8 b199b49f aa5f0a2e e238a6bc VSTK_RAND 23553cbe 9 MIL3G-RAND f23553cb e9f23553 cbe9f235 53cbe9ff OP cdc202d5 123e20f6 2b6d676a c72cb318 OPc cd63cb71 954a9f4e 48a5994e 37a02baf MIL3G-CK (VSTK) d773c7ff c640cd24 81f512dc bd5cc0f6
47、 Test Set 2 V_Ki fec86ba6 eb707ed0 8905757b 1bb44b8f VSTK_RAND 9f7c8d02 1 MIL3G-RAND f9f7c8d0 21f9f7c8 d021f9f7 c8d021ff OP dbc59adc b6f9a0ef 735477b7 fadf8374 OPc 1006020f 0a478bf6 b699f15c 062e42b3 MIL3G-CK (VSTK) a0b28afe ca802828 c324eb86 a7b06903 Test Set 3 V_Ki 9e5944ae a94b8116 5c82fbf9 f32db
48、751 VSTK_RAND ce83dbc5 4 MIL3G-RAND fce83dbc 54fce83d bc54fce8 3dbc54ff OP 223014c5 806694c0 07ca1eee f57f004f OPc a64a507a e1a2a98b b88eb421 0135dc87 MIL3G-CK (VSTK) f2abba4c 9d52cf6b 99b43d2a 799e9470 Test Set 4 V_Ki 4ab1deb0 5ca6ceb0 51fc98e7 7d026a84 VSTK_RAND 74b0cd60 3 MIL3G-RAND f74b0cd6 03f7
49、4b0c d603f74b 0cd603ff OP 2d16c5cd 1fdf6b22 383584e3 bef2a8d8 OPc dcf07cbd 51855290 b92a07a9 891e523e MIL3G-CK (VSTK) d4500866 a11b5b7d 3d89d485 d25e14da ETSI ETSI TS 155 236 V15.0.0 (2018-07)93GPP TS 55.236 version 15.0.0 Release 15Test Set 5 V_Ki 6c38a116 ac280c45 4f59332e e35c8c4f VSTK_RAND ee6466bc 9 MIL3G-RAND fee6466b c9fee646 6bc9fee6 466bc9ff OP 1ba00a1a 7c6700ac 8c3ff3e9 6ad08725 OPc 3803ef53 63b947c6 aaa225e5 8fae3934
copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1