ETSI ETS 300 175-7 ed.1 (1992-10)

SLOVENSKI STANDARD
01-julij-2005
5DGLMVNDRSUHPDLQVLVWHPL5(6'LJLWDOQHL]EROMãDQHEUH]YUYLþQH
WHOHNRPXQLNDFLMH'(&76NXSQLYPHVQLN&,GHO9DUQRVWQHODVWQRVWL
Radio Equipment and Systemy (RES); Digital Enhanced Cordless Telecommunications
(DECT); Common Interface (CI); Part 7: Security features
Ta slovenski standard je istoveten z: ETS 300 175-7 Edition 1
ICS:
33.070.30 'LJLWDOQHL]EROMãDQH Digital Enhanced Cordless
EUH]YUYLþQHWHOHNRPXQLNDFLMH Telecommunications (DECT)
'(&7
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN ETS 300 175-7
TELECOMMUNICATION October 1992
STANDARD
Source: ETSI TC-RES Reference: DE/RES-3001-7
ICS: 33.060
DECT
Key words:
Radio Equipment and Systems (RES);
Digital European Cordless Telecommunications (DECT)
Common interface
Part 7: Security features
ETSI
European Telecommunications Standards Institute
ETSI Secretariat
F-06921 Sophia Antipolis CEDEX - FRANCE
Postal address:
650 Route des Lucioles - Sophia Antipolis - Valbonne - FRANCE
Office address:
c=fr, a=atlas, p=etsi, s=secretariat - secretariat@etsi.fr
X.400: Internet:
Tel.: +33 92 94 42 00 - Fax: +33 93 65 47 16
Copyright Notification: No part may be reproduced except as authorized by written permission. The copyright and the
foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 1992. All rights reserved.
New presentation - see History box

Page 2
ETS 300 175-7: October 1992
Whilst every care has been taken in the preparation and publication of this document, errors in content,
typographical or otherwise, may occur. If you have comments concerning its accuracy, please write to
"ETSI Editing and Committee Support Dept." at the address shown on the title page.

Page 3
ETS 300 175-7: October 1992
Contents
Foreword.9
Introduction .9
1 Scope.12
2 Normative references .12
3 Definitions and abbreviations.14
3.1 Definitions .14
3.2 Abbreviations .15
4 Security architecture .17
4.1 Background.17
4.2 Security services .17
4.2.1 Authentication of a PT.17
4.2.2 Authentication of an FT .17
4.2.3 Mutual authentication .18
4.2.4 Data confidentiality .18
4.2.5 User authentication .18
4.3 Security mechanisms .18
4.3.1 Authentication of a PT.18
4.3.2 Authentication of an FT .19
4.3.3 Mutual authentication .20
4.3.4 Data confidentiality .20
4.3.4.1 Derived Cipher Key (DCK).20
4.3.5 User authentication .21
4.4 Cryptographic parameters and keys.21
4.4.1 Overview .21
4.4.2 Cryptographic parameters.22
4.4.3 Cryptographic keys.23
4.4.3.1 Authentication key K.23
4.4.3.2 Authentication session keys KS and KS'.24
4.4.3.3 Cipher key CK .25
4.5 Security processes .25
4.5.1 Overview .25
4.5.2 Derivation of authentication key, K .25
4.5.2.1 K is derived from UAK . 26
4.5.2.2 K is derived from AC.26
4.5.2.3 K is derived from UAK and UPI .26
4.5.3 Authentication processes.26
4.5.3.1 Processes for the derivation of KS and KS'.26
4.5.3.2 Processes for the derivation of DCK, RES1 and RES2 .27
4.5.4 Key stream generation.27
4.6 Combinations of security services .28
5 Algorithms for security processes.28
5.1 Background.28
5.1.1 A algorithm.29
5.2 Derivation of session authentication key(s).29
5.2.1 A11 process. 29
5.2.2 A21 process. 29
5.3 Authentication and cipher key generation processes.30
5.3.1 A12 process. 30

Page 4
ETS 300 175-7: October 1992
5.3.2 A22 process.30
6 Integration of security.31
6.1 Background.31
6.2 Association of keys and identities.31
6.2.1 Authentication key.31
6.2.1.1 K is derived from UAK .31
6.2.1.2 K derived from AC.31
6.2.1.3 K derived from UAK and UPI.32
6.2.2 Cipher keys.32
6.3 Network layer procedures .32
6.3.1 Background.32
6.3.2 Authentication exchanges .33
6.3.3 Authentication procedures .34
6.3.3.1 Authentication of a PT .34
6.3.3.2 Authentication of an FT.34
6.3.4 Transfer of Cipher Key, CK .34
6.4 MAC layer procedures .35
6.4.1 Background.35
6.4.2 MAC layer field structure.35
6.4.3 Data to be encrypted .36
6.4.4 Encryption process .36
6.4.5 Initialisation and synchronisation of the encryption process.39
6.4.6 Encryption mode control.39
6.4.6.1 Background .39
6.4.6.2 MAC layer messages .40
6.4.6.3 Procedures for switching to encrypt mode.40
6.4.6.4 Procedures for switching to clear mode .43
6.4.7 Handover of the encryption process .44
6.4.7.1 Bearer handover, uninterrupted ciphering .44
6.4.7.2 Connection handover, uninterrupted ciphering.44
6.4.7.3 External handover - handover with interrupted ciphering .45
6.4.8 Modifications for half slot specifications .45
6.4.8.1 Background .45
6.4.8.2 MAC layer field structure .45
6.4.8.3 Data to be encrypted.46
6.4.8.4 Encryption process.46
6.4.8.5 Initialisation and synchronisation of the encryption process.46
6.4.8.6 Encryption mode control .46
6.4.8.7 Handover of the encryption process.46
6.4.9 Modifications for double slot specifications.46
6.4.9.1 Background .46
6.4.9.2 MAC layer field structure .47
6.4.9.3 Data to be encrypted.47
6.4.9.4 Encryption process.47
6.4.9.5 Initialisation and synchronisation of the encryption process.48
6.4.9.6 Encryption mode control .48
6.4.9.7 Handover of the encryption process.48
6.4.10 Modifications for Multi-Bearer Specifications.48
6.5 Security attributes.49
6.5.1 Background.49
6.5.2 Authentication protocols .50
6.5.2.1 Authentication of a PT .51
6.5.2.2 Authentication of an FT.52
6.5.3 Confidentiality protocols .53
6.5.4 Access-rights protocols.55
6.5.5 Key numbering and storage.56
6.5.5.1 Authentication keys .56
6.5.5.2 Cipher keys .56
6.5.6 Key allocation.57

Page 5
ETS 300 175-7: October 1992
6.5.6.1 Introduction .57
6.5.6.2 UAK allocation .57
7 Use of security features.59
7.1 Background.59
7.2 Key management options.59
7.2.1 Overview of security parameters relevant for key management.59
7.2.2 Generation of authentication keys .60
7.2.3 Initial distribution and installation of keys.61
7.2.4 Use of keys within the fixed network.61
Annex A (informative): Security threats analysis .65
A.1 Introduction .65
A.2 Threat A - impersonating a subscriber identity.66
A.3 Threat B - illegal use of a handset (PP) .66
A.4 Threat C - illegal use of a base station (FP).67
A.5 Threat D - impersonation of a base station (FP).67
A.6 Threat E - illegally obtaining user data and user related signalling information.67
A.7 Conclusions and comments.68
Annex B (informative): Security features and operating environments.70
B.1 Introduction .70
B.2 Definitions . 70
B.3 Enrolment options.71
Annex C (informative): Reasons for not adopting public key techniques .72
Annex D (informative): Overview of security features.73
D.1 Introduction.73
D.2 Authentication of a PT.73
D.3 Authentication of an FT .73
D.4 Mutual authentication of a PT and an FT.74
D.4.1 Direct method .74
D.4.2 Indirect method 1 .74
D.4.3 Indirect method 2 .74
D.5 Data confidentiality .74
D.5.1 Cipher key derivation as part of authentication.74
D.5.2 Static cipher key .75
D.6 User authentication .75
D.7 Key management in case of roaming.75
D.7.1 Introduction.75
D.7.2 Use of actual authentication key K .76
D.7.3 Use of session keys .77

Page 6
ETS 300 175-7: October 1992
D.7.4 Use of precalculated sets.78
Annex E (informative): Limitations of DECT security.79
E.1 Introduction .79
E.2 Protocol reflection attacks .79
E.3 Static cipher key and short Initial Vector (IV).79
E.4 General considerations regarding key management.80
E.5 Use of a predictable challenge in FT authentication.80
Annex F (informative): Security features related to target networks.81
F.1 Introduction.81
F.1.1 Notation and DECT reference model .81
F.1.2 Significance of security features and intended usage within DECT .81
F.1.3 Mechanism/algorithm and process requirements .82
F.2 PSTN reference configurations.83
F.2.1 Domestic telephone .83
F.2.2 PBX.85
F.2.3 Local loop .87
F.3 ISDN reference configurations.88
F.3.1 Terminal equipment.88
F.3.2 Network termination 2 .90
F.3.3 Local loop .90
F.4 X.25 reference configuration .90
F.4.1 Data terminal equipment.90
F.4.2 PAD equipment.90
F.5 GSM reference configuration .91
F.5.1 Base station substation .91
F.5.2 Mobile Station .91
F.6 IEEE.802 reference configuration.91
F.6.1 Bridge.91
F.6.2 Gateway.91
F.7 Public access service reference configurations .91
F.7.1 Fixed public access service reference configuration.91
Annex G (informative): Compatibility of DECT and GSM authentication .93
G.1 Introduction.93
G.2 SIM and DAM functionality .93
G.3 Using an SIM for DECT authentication.94
G.4 Using a DAM for GSM authentication.94
Annex H (informative): DECT standard authentication algorithm .95
Annex I (informative): DECT standard cipher.96

Page 7
ETS 300 175-7: October 1992
Annex J (informative): Bibliography.97
History.98

Page 8
ETS 300 175-7: October 1992
Blank page
Page 9
ETS 300 175-7: October 1992
Foreword
This European Telecommunication Standard (ETS) has been produced by the Radio Equipment and
Systems (RES) Technical Committee of the European Telecommunications Standards Institute (ETSI), and
was adopted, having passed through the ETSI standards approval procedure (Public Enquiry 23: 1991-09-
02 to 1991-12-27, Vote 22: 1992-05-25 to 1992-07-17).
Annexes A to J to this ETS are informative.
The following cryptographic algorithms are subject to controlled distribution:
a) DECT standard cryptographic algorithms;
b) DECT standard cipher.
These algorithms are distributed on an individual basis. Further information and details of the current
distribution procedures can be obtained from the ETSI Secretariat at the address on the first page of this
ETS.
Further details of the DECT system may be found in the ETSI Technical Reports ETR 015 [16], and ETR
043 [15], and also in draft ETSI Technical Report: "Digital European Cordless Telecommunications System
description document" [17].
Introduction
This ETS contains a detailed specification of the security features which may be provided by DECT
systems. An overview of the processes required to provide all the features detailed in this ETS is
presented in figure 1.
The ETS consists of four main Clauses (Clauses 4 - 7), together with a number of informative and
important Annexes (A - J). The purpose of this introduction is to briefly preview the contents of each of the
main Clauses and the supporting Annexes.
Each of the main Clauses starts with a description of its objectives and a summary of its contents. Clause
4 is concerned with defining a security architecture for DECT. This architecture is defined in terms of the
security services which may be offered (subclause 4.2), the mechanisms which must be used to provide
these services (subclause 4.3), the security parameters and keys required by the mechanisms (challenges,
keys etc.), and which must be passed across the air interface or held within DECT portable parts, fixed
parts or other network entities (e.g. management centres) (subclause 4.4), the processes which are
required to provide the security mechanisms (subclause 4.5), and the recommended combinations of
services (subclause 4.6).
Clause 3 is concerned with specifying how certain cryptographic algorithms are to be used for the security
processes. Two algorithms are required: a key stream generator and an authentication algorithm. The key
stream generator is only used for the encryption process, and this process is specified in subclause 4.4.
The authentication algorithm may be used to derive authentication session keys and cipher keys, and is the
basis of the authentication process itself. The way in which the authentication algorithm is to be used to
derive authentication session keys is specified in subclause 3.2. The way in which the algorithm is to be
used to provide the authentication process and derive cipher keys is specified in subclause 3.3.
Neither the key stream generator nor the authentication algorithm are specified in this ETS. Only their input
and output parameters are defined. In principle, the security features may be provided by using
appropriate proprietary algorithms. The use of proprietary algorithms may, however, limit roaming in the
public access service environment, as well as the use of PPs in different environments.
For example, for performance reasons, the key stream generator will need to be implemented in hardware
in portable and fixed parts. The use of proprietary generators will then limit the interoperability of systems
provided by different manufacturers. Two standard algorithms have been specified. These are the DECT
Standard Authentication Algorithm (DSAA, see Annex H) and the DECT Standard Cipher (DSC, see
Annex I).
Page 10
ETS 300 175-7: October 1992
Because of the confidential nature of the information contained in them, these documents are not submitted
for Public Enquiry. However, the algorithms will have to be made available to DECT equipment
manufacturers. The DSAA may also need to be made available to public access service operators who, in
turn, may need to make it available to manufacturers of authentication modules. Clause 4 is concerned with
integrating the security features into the DECT system. Four aspects of integration are considered. The
first aspect is the association of user security parameters (in particular, authentication keys) with DECT
identities. This is the subject of subclause 4.2. The second aspect of integration is the definition of the
network layer protocol elements and message types needed for the exchange of authentication
parameters across the air interface. This is dealt with in subclause 4.3. The MAC layer procedures for the
encryption of data passed over the air interface are the subject of subclause 4.4. Finally, subclause 4.5 is
concerned with security attributes which DECT systems may support, and the network layer messages
needed to enable PPs and FPs to identify which security algorithms and keys will be used to provide the
various security services.
Clause 5 is concerned with key management issues. Careful management of keys is fundamental to the
effective operation of a security system, and subclause 5.2 is intended to provide guidance on this subject.
The subclause includes an explanation of how the DECT security features may be supported by different
key management options. For example, schemes which allow authentication keys to be held in a central
location within a public access service network are described, as are schemes which allow authentication
keys to be derived locally in public access service base stations. The subclause is very much less specific
than the other subclauses in the report. This is because the key management issues discussed are not an
integral part of the common interface. In the end it is up to network operators and service providers to
decide how they are going to manage their cryptographic keys. This ETS can at best provide some
suggestions and guidelines.
The main text is supplemented by a set of informative Annexes. There are two types of Annex. Those of
the first type provide background information justifying the inclusion of a particular service, or the use of a
particular type of mechanism in the security features. Those of the second type provide guidance on the
use and management of certain of the security features. The content of each of the appendices is briefly
reviewed below.
Annex A contains the results of a security threats analysis which ETSI RES 3S (EG-1) undertook prior to
designing the DECT security features. This Annex, and the security requirements document ETSI RES-
3S(89)DAS 3/Rev 3 (see bibliography in Annex J), formed the basis for all subsequent work.
Annex B is concerned with the impact of the security features on roaming, in particular with the concurrent
use of a PP in public access service, wireless PBX and residential environments.
Annex C is provided for background information. It contains a justification for some of the decisions taken
by EG-1, e.g. why symmetric rather than public key (asymmetric) cryptographic mechanisms were
selected.
Annex D provides an overview of the DECT security features specified in this ETS.
No security system is perfect, and Annex E discusses the limitations of the DECT security features.
Annex F relates the security features specified in this ETS to the DECT environments identified in the
DECT reference model [17]. Each of the local networks identified in the reference model is considered in
turn. For each of these networks a security profile is suggested. The networks considered are PSTN,
ISDN, X.25, GSM, LANs and public access service.
Annex G consists of a brief discussion of the compatibility of DECT and GSM authentication. In particular,
the concept of a DECT Authentication Module (DAM) is considered and its functionality compared with the
functionality of the GSM Subscriber Interface Module (SIM).
Annex H refers to the DECT standard authentication algorithm.
Annex I refers to the DECT standard cipher.

Page 11
ETS 300 175-7: October 1992
Figure 1: Overview of DECT security processes
AC      Authentication Code
IV      Initialisation Value obtained from frame counter
CK     Cipher Key
SCK    Static Cipher Key
KS     Session Authentication Key
Authentication
KS'     Reverse Authentication Key
UAK [128]
Key Selection
RAND F Value generated and transmitted by FP
B2
RAND P Value generated and transmitted by PP
UPI [e.g. 128]
RES 1   Value computed and transmitted by PP
RES 2   Value computed and transmitted by FP
RS     Value transmitted by FP in authentication protocol
UAK    User authentication Key
UPI     User Personal Identity
UAK [128] DCK    Derived Cipher Key
B1
K       Authentication Key
A11, A12 Authentication Processes
A21, A22 Authentication Processes
B1, B2  Authentication Key Stream Processes
KSG    Key Stream Generator
AC [e.g. 16-32]
B1
K [128]
Authentication of
PP processes
A11 RES1 [32]
KS [128]
RS [64]
A12
RAND F [64] DCK
CK [64]
Key
SCK
SCK [64] KSG
Stream
IV [28]
Key Stream generation
for encryption process
Authentication of
FP processes
A21
KS' [128]
A22
RES2 [32]
RAND P [64]
Page 12
ETS 300 175-7: October 1992
1 Scope
This part of the Digital European Cordless Telecommunications (DECT) Common Interface specifies the
security architecture, the types of cryptographic algorithms required, the way in which they are to be used,
and the requirements for integrating the security features provided by the architecture into the DECT
Common Interface. It also describes how the features can be managed and how they relate to certain
DECT fixed systems and local network configurations.
The security architecture is defined in terms of the security services which are to be supported at the
common interface, the mechanisms which are to be used to provide the services, and the cryptographic
parameters, keys and processes which are associated with these mechanisms.
The security processes specified in this part are each based on one of two cryptographic algorithms: an
authentication algorithm and a key stream generator. The architecture is, however, algorithm independent,
and either the DECT standard algorithms, or appropriate proprietary algorithms, or indeed a combination
of both can, in principle, be employed. The use of the employed algorithm is specified in this part.
Integration of the security features is specified in terms of the protocol elements and processes required at
the network and MAC layers of the common interface.
The relationship between the security features and various network elements is described in terms of
where the security processes and management functions may be provided.
This part does not address implementation issues. For instance, no attempt is made to specify whether the
DECT Standard Authentication Algorithm (DSAA) should be implemented in the Portable Part (PP) at
manufacture, or whether the DSAA or a proprietary authentication algorithm should be implemented in a
detachable module. Similarly, the ETS does not specify whether the DECT Standard Cipher (DSC) should
be implemented in hardware in all PPs at manufacture, or whether special PPs should be manufactured
with the DSC or proprietary ciphers built into them. The security architecture supports all these options,
although the use of proprietary algorithms may limit roaming and the concurrent use of PPs in different
environments.
2 Normative references
This European Telecommunication Standard (ETS) incorporates, by dated or undated reference,
provisions from other publications. These normative references are cited at the appropriate places in the
text and the publications are listed hereafter. For dated references, subsequent amendments to, or
revisions of, any of these publications apply to this ETS only when incorporated in it by amendment or
revision. For undated references the latest edition of the publication referred to applies.
[1] ETS 300 175-1: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 1: Overview".
[2] ETS 300 175-2: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 2: Physical layer".
[3] ETS 300 175-3: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 3: Medium
access control layer".
[4] ETS 300 175-4: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 4: Data link
control layer".
[5] ETS 300 175-5: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 5: Network layer".
[6] ETS 300 175-6: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 6: Identities and
addressing".
Page 13
ETS 300 175-7: October 1992
[7] ETS 300 175-7: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 7: Security
features".
[8] ETS 300 175-8: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 8: Speech coding
and transmission".
[9] ETS 300 175-9: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Common interface Part 9: Public access
profile".
[10] Reserved.
[11] Reserved.
[12] I-ETS 300 176: "Radio Equipment and Systems (RES); Digital European
Cordless Telecommunications (DECT) Approval test specification".
[13] Reserved for future ETS version of [12].
[14] CEPT Recommendation T/SGT SF2 (89) 6/0: "Draft Recommendation T/SF
Services and Facilities of Digital European Cordless Telecommunications".
[15] ETR 048: "Radio Equipment and Systems; Digital European Cordless
Telecommunications (DECT) Common interface Services and facilities
requirements specification".
[16] ETR 015: "Digital European Cordless Telecommunications Reference
Document".
[17] Draft ETSI Technical Report: "Digital European Cordless Telecommunications
System description document".
[18] ETR 042: "Radio Equipment and Systems (RES); Digital European Cordless
Telecommunications (DECT) A guide to the DECT features that influence the
traffic capacity and the maintenance of high radio link quality, including the
results of simulations".
[19] Reserved for future DECT related document.

Page 14
ETS 300 175-7: October 1992
3 Definitions and abbreviations
3.1 Definitions
For the purpose of this ETS, the following definitions, which are listed in alphabetical order apply:
Algorithm: a mathematical process or function that transforms an input into an output. In cryptographic
applications an algorithm is a process used for encipherment, decipherment or non-reversible
encipherment under control of a key.
Algorithm identifier: a designator to show which algorithm is in use, so that the correct one may be
chosen.
Asymmetric algorithm: see Public Key Algorithm
Authentication: the corroboration that an entity is the one that is claimed.
Cipher Key (CK): a value that is used to determine the transformation of plaintext to ciphertext in a
cryptographic algorithm.
Cipher Key Generation: a process for generating cryptographic keys.
Ciphertext: the output of a cryptographic algorithm. Ciphertext is not intelligible unless (in a reversible
algorithm) the reverse transformation is performed.
Confidentiality: rendering information secret as ciphertext unless the capability is possessed to recover
the plaintext from ciphertext.
Countermeasure: a device, instrument or procedure used to counteract or defend against a threat.
Cryptography: literally secret writing. Used to describe the hiding of information.
Data Encryption Standard (DES): United States Federal data encryption standard.
Decipherment: the rendering of ciphertext into plaintext.
DECT Standard Authentication Algorithm (DSAA): an algorithm used for authentication in DECT.
DECT Standard Cipher (DSC): an algorithm used for data encryption in DECT.
Encipherment: the rendering of plaintext into ciphertext.
FEAL Algorithm: fast Encryption Algorithm; a particular encryption algorithm in the public domain.
GSM: a pan-European standard for digital mobile telephones in the 900 - 1 000 MHz band.
Impersonation: where one identity claims the part of another identity.
Integrated Services Digital Network (ISDN): a digital telecommunications infrastructure to the
Consultative Committee on International Telegraphy and Telephony (CCITT) standards.
Key management: the way in which cryptographic keys are generated, distributed and used.
Key Stream Generator: a cryptographic algorithm which produces a stream of binary digits which can be
used for encipherment and decipherment.
Local Area Network (LAN): electronic systems which are interconnected and in physical proximity to each
other.
Page 15
ETS 300 175-7: October 1992
Masquerading: where one identity plays the part of or acts as another identity.
Mutual Authentication: where two entities corroborate the identity of each other.
Personal Identity Number (PIN): a short sequence of numbers (usually 4 - 8 digits) which may be used in
an authentication process to prove identity. The term User Personal Identity (UPI) may also be used.
Plaintext: information or data which is intelligible to everyone.
Proprietary Algorithm: an algorithm which is the intellectual property of a legal entity.
Public Access Service: a service that provides access to a public network for the general public.
Public Key Algorithm: a cryptographic algorithm in which a different key is used for encipherment and for
decipherment. Also known as an asymmetric algorithm.
Random Number: a number generated by a non-deterministic process.
RS: a value used to establish authentication session keys, as defined in subclause 4.4.3
RSA (Rivest, Shamir & Adleman) Algorithm: a public key algorithm.
Security Attribute: a protocol element indicating security services, mechanisms, processes or algorithms
that are supported.
Session Key (KS): a key which is used only for a single session; a session may be a single connection or
call, or it may be a number of calls made by a particular user through a particular system (e.g. the calls
made by a roaming portable with a particular visited network).
Subscriber Interface Module (SIM): a smart card used for authentication in GSM.
Stream Cipher: an algorithm in which the output is combined bit by bit with plaintext to produce the
ciphertext.
Symmetric Algorithm: a cryptographic algorithm in which the same key is used for both encipherment and
decipherment.
Synchronisation: methods used to ensure that time correspondence exists between processes to ensure
that data is not repeated or lost.
Threat: an indication of coming evil.
User Authentication Key (UAK): a cryptographic key held by a user to prove identity. May also be
combined wi
...