SIST ETS 300 823 E1:2003

SLOVENSKI STANDARD
01-december-2003
6YHWRYQHRVHEQHWHOHNRPXQLNDFLMH837±837ID]D±)XQNFLMVNDVSHFLILNDFLMD
YPHVQLNDþLSQHNDUWLFH,&&VLVWHPD837LQMDYQHJDNRPXWLUDQHJDWHOHIRQVNHJD
RPUHåMD3671GLJLWDOQHJDRPUHåMD]LQWHJULUDQLPLVWRULWYDPL,6'1LQ
JOREDOQHJDVLVWHPDPRELOQLKNRPXQLNDFLM*60HQNUDWQDLQYHþNUDWQD
DYWHQWLNDFLMD
Universal Personal Telecommunication (UPT); UPT phase 2; Functional specification of
the interface of a UPT Integrated Circuit Card (ICC) and Public Switched Telephone
Network (PSTN), Integrated Services Digital Network (ISDN) and Global System for
Mobile communications (GSM) terminals (one pass and multiple pass authentication)
Ta slovenski standard je istoveten z: ETS 300 823 Edition 1
ICS:
33.040.35 Telefonska omrežja Telephone networks
33.070.50 Globalni sistem za mobilno Global System for Mobile
telekomunikacijo (GSM) Communication (GSM)
33.080 Digitalno omrežje z Integrated Services Digital
integriranimi storitvami Network (ISDN)
(ISDN)
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

EUROPEAN ETS 300 823
TELECOMMUNICATION December 1997
STANDARD
Source: NA Reference: DE/NA-064010
ICS: 33.020
Key words: UPT, CARD, PSTN, GSM, ISDN
Universal Personal Telecommunication (UPT);
UPT phase 2;
Functional specification of the interface of a UPT
Integrated Circuit Card (ICC) and
Public Switched Telephone Network (PSTN),
Integrated Services Digital Network (ISDN) and
Global System for Mobile communications (GSM) terminals
(one pass and multiple pass authentication)
ETSI
European Telecommunications Standards Institute
ETSI Secretariat
Postal address: F-06921 Sophia Antipolis CEDEX - FRANCE
Office address: 650 Route des Lucioles - Sophia Antipolis - Valbonne - FRANCE
X.400: c=fr, a=atlas, p=etsi, s=secretariat - Internet: secretariat@etsi.fr
Tel.: +33 4 92 94 42 00 - Fax: +33 4 93 65 47 16
Copyright Notification: No part may be reproduced except as authorized by written permission. The copyright and the
foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 1997. All rights reserved.

Page 2
ETS 300 823: December 1997
Whilst every care has been taken in the preparation and publication of this document, errors in content,
typographical or otherwise, may occur. If you have comments concerning its accuracy, please write to
"ETSI Editing and Committee Support Dept." at the address shown on the title page.

Page 3
ETS 300 823: December 1997
Contents
Foreword .5
1 Scope .7
2 Normative references.8
3 Definitions, symbols and abbreviations.8
3.1 Definitions .8
3.2 Symbols .8
3.3 Abbreviations .8
4 Physical characteristics.8
5 Electronic signals and transmission protocols .8
6 Logical model .9
7 Security services and facilities .9
7.1 Authentication key.9
7.2 Algorithms and processes .9
7.2.1 Card Holder Verification (CHV) .9
7.2.2 Strong authentication .9
7.3 File access conditions.9
7.4 Function access condition .10
7.5 Identification, keying and algorithm information.10
8 Description of the functions.10
9 Description of the commands.10
10 Contents of the EFs.10
11 Application protocol .11
11.1 General procedures .11
11.2 PIM management procedures .11
11.3 CHV related procedures .11
11.4 UPT security related procedures .11
11.4.1 Two-pass strong authentication (M).11
11.5 Telecommunication procedures .12
11.6 General information procedures .12
Annex A (normative): Plug-in UPT card .13
Annex B (normative): Implementation Conformance Statement (ICS) for the PIM2.14
B.1 ICS proforma for the PIM2 .14
B.2 Identification of the implementation, product supplier and test laboratory client.14
B.3 Identification of the standard .14
B.4 Global statement of conformance .15
B.5 Interpretation of the tables.15
B.6 Physical characteristics.15

Page 4
ETS 300 823: December 1997
B.6.1 ID-1 size . 16
B.6.2 Plug-in size. 16
B.6.3 Contacts . 16
B.7 Electronic signals and transmission protocols. 17
B.7.1 Supply voltage VCC (contact C1). 17
B.7.2 Reset RST (contact C2). 17
B.7.3 Clock CLK (contact C3).17
B.7.4 I/O (contact C7). 18
B.7.5 States . 18
B.7.6 Answer To Reset (ATR). 19
B.8 Logical model. 20
B.9 Security features and facilities. 20
B.10 Description of functions . 21
B.11 Contents of the EFs. 21
Annex C (normative): Implementation Conformance Statement (ICS) for the CAD . 22
UPT
C.1 ICS proforma for the CAD . 22
UPT
C.2 Identification of the implementation, product supplier and test laboratory client . 22
C.3 Identification of the standard. 22
C.4 Global statement of conformance . 23
C.5 Interpretation of the tables. 23
C.6 Physical characteristics . 24
C.7 Electronic signals and transmission protocols. 24
C.7.1 Supply voltage VCC (contact C1). 25
C.7.2 Reset RST (contact C2). 25
C.7.3 Clock CLK (contact C3).25
C.7.4 I/O (contact C7). 25
C.7.5 States . 26
C.7.6 Answer To Reset (ATR). 26
C.8 Security features and facilities. 26
C.9 Coding of the commands. 27
C.10 Application protocol . 27
History. 28

Page 5
ETS 300 823: December 1997
Foreword
This European Telecommunication Standard (ETS) has been produced by the Network Aspects (NA)
Technical Committee of the European Telecommunications Standards Institute (ETSI).
Transposition dates
Date of adoption: 21 November 1997
Date of latest announcement of this ETS (doa): 31 March 1998
Date of latest publication of new National Standard
or endorsement of this ETS (dop/e): 30 September 1998
Date of withdrawal of any conflicting National Standard (dow): 30 September 1998

Page 6
ETS 300 823: December 1997
Blank page
Page 7
ETS 300 823: December 1997
1 Scope
This European Telecommunication Standard (ETS) in combination with ETS 300 477 [1] defines the
interface between the Universal Personal Telecommunication (UPT) card and the Card Accepting Device
(CAD) for the operational phase. It also defines those aspects of the internal organization of the UPT card
which are related to the operational phase.
This ETS relates to the interface between a UPT card and Public Switched Telephone Network (PSTN),
Integrated Services Digital Network (ISDN) and Global System for Mobile (GSM) communications
terminals. These interfaces are completely described by ETS 300 477 [1] plus the additions and
modifications contained in this ETS; i.e. this ETS is a delta document.
The following clauses from ETS 300 477 [1] are amended or modified in this ETS:
- logical model (combined PIM1/PIM2);
- security (two pass strong authentication);
- functions (internal authentication);
- commands (internal authentication);
- Elementary Files (EF , EF );
SEQ DIR
- Application Protocol (AP) (two pass strong authentication);
- Implementation Conformance Statement (ICS) proformas.
The clause numbering of ETS 300 477 [1] is kept in order to ease comparisons. Unmodified clauses and
subclauses are marked appropriately.
This ETS together with ETS 300 477 [1] defines:
- the requirements for the physical characteristics of the UPT card, the electrical signals and the
transmission protocol;
- the model which shall be used as a basis for the design of the logical structure of the UPT card;
- the security features;
- the interface functions;
- the commands for operating the interface functions;
- the contents of the files required for the UPT application;
- the service set to be supported in the UPT card;
- the application protocol (security, services, etc.);
- the Implementation Conformance Statement (ICS) proformas.
This ETS does not specify any aspects related to the administrative management phase. Any internal
technical realization of either the UPT card or the CAD are only specified where these reflect over the
interface. This ETS does not specify any of the security algorithms which may be used.
The information flow between the CAD and the network is outside the scope of this ETS.
UPT
Page 8
ETS 300 823: December 1997
2 Normative references
This ETS incorporates by dated and undated reference, provisions from other publications. These
normative references are cited at the appropriate places in the text and the publications are listed
hereafter. For dated references, subsequent amendments to or revisions of any of these publications
apply to this ETS only when incorporated in it by amendment or revision. For undated references the latest
edition of the publication referred to applies.
[1] ETS 300 477: "Universal Personal Telecommunication (UPT); UPT Phase 2;
Functional specification of the interface of a UPT Integrated Circuit Card (ICC)
and Card Accepting Devices (CADs); UPT card accepting Dual Tone Multiple
Frequency (DTMF) device".
[2] ETS 300 790: "Universal Personal Telecommunication (UPT); Security
architecture for UPT phase 2; Specification".
[3] CCITT Recommendation E.164: "Numbering plan for the ISDN era".
3 Definitions, symbols and abbreviations
3.1 Definitions
For the purposes of this ETS, the following definitions apply, together with those contained in
ETS 300 477 [1]:
PIM1: Personal Identification Module according to ETS 300 477 [1].
PIM2: Personal Identification Module according to this ETS.
3.2 Symbols
For the purposes of this ETS, the symbols contained in ETS 300 477 [1] apply.
3.3 Abbreviations
For the purposes of this ETS, the following abbreviations apply, together with those of ETS 300 477 [1]:
AE Application Entity
AP Application Protocol
CT Cordless Telephone
ICS Implementation Conformance Statement
ISDN Integrated Services Digital Network
PSTN Public Switched Telephone Network
RAND Random challenge sent by the network to be used for authentication
4 Physical characteristics
The same text as in ETS 300 477 [1] is valid.
5 Electronic signals and transmission protocols
The same text as in ETS 300 477 [1] is valid.

Page 9
ETS 300 823: December 1997
6 Logical model
The same text as in ETS 300 477 [1] is valid with the following modifications:
In subclause 6.4, "DF " is replaced by "DF ", and the following note is added:
UPT UPT2
NOTE: Both PIM1 and PIM2 can be implemented in one card, each representing its own
application.
7 Security services and facilities
The same text as in ETS 300 477 [1], clause 7 is valid with the following modifications:
PIM is replaced by PIM2, and "ETS 300 391-1" is replaced by "ETS 300 790 [2]".
7.1 Authentication key
The same text as in ETS 300 477 [1] subclause 7.1 is valid with the following addition:
If both PIM1 and PIM2 are implemented in the same card, then they shall use a different authentication
key.
7.2 Algorithms and processes
The same text is valid with reference "ETS 300 790 [2]" instead of "ETS 300 391-1".
7.2.1 Card Holder Verification (CHV)
The same text as in ETS 300 477 [1] subclause 7.2.1 is valid, with the addition of the following note:
NOTE: If both PIM1 and PIM2 are implemented in the same card, for security reasons, two
different CHVs should be used for PIM1 and PIM2.
7.2.2 Strong authentication
The two pass strong authentication process works as follows:
1) a successful card holder verification is performed;
2) a timer is started in the CAD . If a time-out occurs the PIM shall be RESET by the CAD . No
UPT UPT
further authentication attempts can be made until a new card holder verification has been
performed;
3) the authentication procedure is activated by the user (if the time-out has not been reached),
whereby the following steps take place;
4) the PUI and the CT are obtained from the PIM and are sent to the Authenticating Entity (AE) in an
authentication request;
5) the AE sends a random number RAND to the CAD in an authentication request;
UPT
6) the RAND is given to the PIM, which calculates an Authentication Code (AC) and returns it to the
CAD ;
UPT
7) the CAD sends the PUI, CT and AC to the authenticating entity;
UPT
8) if the authentication fails, steps 3) to 7) can be repeated, as long as the time-out has not been
reached.
7.3 File access conditions
The same text as in ETS 300 477 [1] subclause 7.3 is valid.

Page 10
ETS 300 823: December 1997
7.4 Function access condition
The same text as in ETS 300 477 [1] subclause 7.4 is valid.
7.5 Identification, keying and algorithm information
The following data used for identification and secret keys are stored in the PIM:
- PUI (for identification of a UPT subscriber);
- LPIN (for card holder verification);
- SLPIN (for unblocking of the relevant CHV1);
- K (secret key for the authentication algorithm).
8 Description of the functions
The same text as in ETS 300 477 [1] is valid with the following modifications:
- "DF " is replaced by "DF ".
UPT UPT2
In subclause 8.10, the input is "challenge (RAND)" instead of "challenge (n)".
9 Description of the commands
The same text as in ETS 300 477 [1] is valid with the following modification:
- In subclause 9.3.10, "challenge (sequence number)" is replaced by "challenge (RAND)".
10 Contents of the EFs
The same text as in ETS 300 477 [1] is valid with the following modifications:
- "DF " is replaced by "DF ".
UPT UPT2
-EF is deleted from figure 9.
SEQ
In subclause 10.2.3, "UPT application" is replaced by "PIM2 application".
In subclause 10.2.3, the following note is added:
NOTE 1: The PIM2 application identifier is different from the UPT application identifier.
Subclause 10.3.3 is deleted.
In subclause 10.4, note 2 is replaced by the following text:
NOTE 2: The CAD should interpret the TON and NPI information.
UPT
As EF is part of the DF it may be used by UPT and also other applications
ADN TELECOM
in a multi-application card. If the other application does not recognize the use of TON
and NPI, then the information relating to the national dialling plan should be held within
the data item dialling number and the TON and NPI fields set to UNKNOWN. This
format would be acceptable for UPT operation and also for the other application where
the TON and NPI fields should be ignored.

Page 11
ETS 300 823: December 1997
EXAMPLE: PIM storage of an International Number using CCITT
Recommendation E.164 [3] numbering plan.
TON NPI Digit field
UPT application 001 0001 abc.
Other application compatible with UPT 000 0000 xxx.abc.
where "abc." denotes the subscriber number digits (including its country code), and
"xxx." denotes escape digits or a national prefix replacing TON and NPI.
11 Application protocol
The same text as in ETS 300 477 [1], clause 11, is valid except that "one-pass strong authentication" is
replaced by "two-pass strong authentication".
11.1 General procedures
The same text as in ETS 300 477 [1], subclause 11.1, is valid.
11.2 PIM management procedures
The same text as in ETS 300 477 [1], subclause 11.2, is valid except that "one-pass strong authentication"
is repl
...