Advertisement

Smart Cards and Security for Mobile Communications

  • Keith MayesEmail author
  • Tim Evans
Chapter

Abstract

There are around 6 billion smart cards issued every year for use within mobile communications devices. The cards, known as Subscriber Identity Modules (SIM), represent some of the most technically advanced smart cards that have ever been deployed. Their original role was to safeguard the system security by providing authentication and supporting confidentiality , but they have evolved to support additional security and value added functionality. The success of SIMs has been largely due to the efforts of a number of standardisation bodies and indeed the technical evolution and standardisation is still progressing. There have been some exciting developments in the form of Near Field Communication (NFC), high-speed interfaces and high capacity smart cards that could expand the role of the SIM . However, developments within mobile devices and service provision, as well as struggles for dominance in the business environment, will likely constrain the SIM’s role and affect its physical implementation , ownership , and management. By convention, SIM is commonly used to represent both GSM and 3G/UMTS SIMs, in this chapter, we use USIM when we specifically wish to refer to a SIM for 3G/UMTS.

Keywords

SIM USIM UICC R-UIM SIM toolkit CAT STK JSR177 USB Authentication Mileage NFC Menu GSM UMTS BIP VAS 

References

  1. 1.
    3GPP, TR 35.935: Universal Mobile Telecommunications System (UMTS); LTE; Performance evaluation of the Tuak algorithm set, version 12.0.0 Release (2015)Google Scholar
  2. 2.
    3GPP TS 35.206: 3G Security; Specification of the MILENAGE algorithm set: An example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 2: Algorithm specification (2014)Google Scholar
  3. 3.
    3GPP, TS 35.231: 3G Security; Specification of the TUAK algorithm set: A second example algorithm set for the 3GPP authentication and key generation functions f1, f1*, f2, f3, f4, f5 and f5*; Document 1: Algorithm specification (2014)Google Scholar
  4. 4.
    3GPP2, Removable User Identity Module (RUIM) for Spread Spectrum Systems, 3GPP2 CS0023-C V2.0 October 2008Google Scholar
  5. 5.
    G. Bertoni, J. Daemen, M. Peeters, and G. van Aasche, The KECCAK Reference, version 3.0, 14 (2011)Google Scholar
  6. 6.
    CC, Common criteria for information technology security evaluation part1: Introduction and general model, version 3.1 release 4, (2012)Google Scholar
  7. 7.
    Comprion, IT3 Move 2 Datasheet, http://www.comprion.com/en/products/monitoring/move_2/overview, cited 25 Apr 2016
  8. 8.
    Damien Giry (2015), Cryptographic Key Length Recommendations, Keylength.com, http://www.keylength.com/en/3/, cited 25 Apr 2016
  9. 9.
    David Wagner and Ian Goldberg (1998), GSM Cloning, ISAAC Berkley, http://www.isaac.cs.berkeley.edu/isaac/gsm.html, cited 25 Apr 2016
  10. 10.
    ETSI SCP Group, SCP Specifications, https://portal.etsi.org/tb.aspx?tbid=534&SubTB=534,639,640,714, cited 25 Apr 2016
  11. 11.
    ETSI, TS 102 221, Smart Cards; UICC-Terminal interface; Physical and logical characteristics, Release 8 (2009)Google Scholar
  12. 12.
    European Technical Standards Institute (ETSI), http://www.etsi.org/, cited 25 Apr 2016
  13. 13.
    Garg V.K, IS-95 CDMA and cdma 2000, Prentice Hall 2000Google Scholar
  14. 14.
    GSM Association, http://www.gsma.com/, cited 25 Apr 2016
  15. 15.
    F. Hillebrand, GSM & UMTS - The Creation of Global Mobile Communication, Wiley 2002Google Scholar
  16. 16.
    International Organization for Standardisation, ISO 7816 Parts 1-4, http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=54089, cited 25 Apr 2016
  17. 17.
    International Standards Organisation, http://www.iso.org/, cited 25 Apr 2016
  18. 18.
    Java Community Process (JCP), http://jcp.org/en/home/index, cited 25 Apr 2016
  19. 19.
    Java Community Process, JSR177, https://jcp.org/en/jsr/detail?id=177, cited 25 Apr 2016
  20. 20.
    M. Mouly, M-B Pautet, The GSM System for Mobile Communications, Cell & Sys. Correspondence 1992Google Scholar
  21. 21.
    Mayes K and Markantonakis K On the potential of high density smart cards, Elsevier Information Security Technical Report Vol 11 No 3 2006Google Scholar
  22. 22.
    K. Mayes, S. Babbage, and A. Maximov, Performance Evaluation of the new TUAK Mobile Authentication Algorithm, ICONS16/EMBEDDED2016 p 38–44 (2016)Google Scholar
  23. 23.
    Near Field Communication (NFC) Forum http://www.nfc-forum.org/, cited 25 Apr 2016
  24. 24.
    NIST, Announcing Draft Federal Information Processing Standard (FIPS) 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, and Draft Revision of the Applicability Clause of FIPS 180-4, Secure Hash Standard, and Request for Comments, (2004)Google Scholar
  25. 25.
    Open Mobile Alliance OMA, http://www.openmobilealliance.org/, cited 25 Apr 2016
  26. 26.
    Security Algorithms Group of Experts (SAGE), https://portal.etsi.org/TBSiteMap/Sage/ActivityReport, cited 25 Apr 2016
  27. 27.
    The Javacard Forum https://javacardforum.com/, cited 25 Apr 2016
  28. 28.
    Third Generation Partnership project (3GPP), http://www.3gpp.org/, cited 25 Apr 2016
  29. 29.
    Third Generation Partnership Project, Digital cellular telecommunications system (Phase 2+); Subscriber Identity Modules (SIM);Functional characteristics (GSM 02.17 version 8.0.0 Release 1999)Google Scholar
  30. 30.
    Third Generation Partnership Project, Security mechanisms for the SIM application toolkit; Stage 2 (Release 1999) TS 03.48 V8.9.0 Jun 2005Google Scholar
  31. 31.
    Third Generation Partnership Project, Security related network functions (Release 1999) TS 03.20 V8.6.0 Dec 2007Google Scholar
  32. 32.
    Third Generation Partnership Project, Specification of the Subscriber Identity Module-Mobile Equipment (SIM - ME) interface (Release 1999) TS 11.11 V8.14.0 Jun 2007Google Scholar
  33. 33.
    Third Generation Partnership Project, Specification of the SIM Application Toolkit for the Subscriber Identity Module - Mobile Equipment (SIM - ME) interface (Release 1999) 3GPP TS 11.14 V8.18.0 Jun 2007Google Scholar
  34. 34.
    Third Generation Partnership Project, Technical Specification Group Core Network and Terminals, USIM and IC card requirements, (Release 13) TS 21.111 V13.0.0 Jan 2016Google Scholar
  35. 35.
    Third Generation Partnership Project, Technical Specification Group Core Network and Terminals, UICC-terminal interface; Physical and logical characteristics, (Release 13) TS 31.101 V13.1.0 Jan 2016Google Scholar
  36. 36.
    Third Generation Partnership Project, Technical Specification Group Core Network and Terminals, Characteristics of the Universal Subscriber Identity Module (USIM) application, (Release 13) TS 31.102 V13.3.0 Mar 2016Google Scholar
  37. 37.
    Third Generation Partnership Project, Technical Specification Group Core Network and Terminals, Universal Subscriber Identity Module (USIM) Application Toolkit (USAT) (Release 13) TS 31.111 V13.3.0 Mar 2016Google Scholar
  38. 38.
    Third Generation Partnership Project, Technical Specification Group Core Network and Terminals, Security mechanisms for the SIM application toolkit; Stage 2, (Release 5) TS 23.048 V5.9.0 Jun 2005Google Scholar
  39. 39.
    Third Generation Partnership Project, Technical Specification Group Core Network and Terminals, 3G Security; Security architecture, (Release 13) TS 33.102 V13.0.0 Jan 2016Google Scholar
  40. 40.
    Third Generation Partnership Project 2 (3GPP2), http://www.3gpp2.org/, cited 25 Apr 2016
  41. 41.
    Universal Serial Bus (USB) Forum, http://www.usb.org/, cited 25 Apr 2016
  42. 42.
    Vodafone, SIM/USIM Cards Applications & Security for Mobile Telephony, Masters Lecture Slides at Royal Holloway University of London 2006Google Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.Director of the Information Security Group, Head of the School of Mathematics and Information SecurityRoyal Holloway, University of LondonEghamUK
  2. 2.VodafoneLondonUK

Personalised recommendations