ETSI ETS 300 920 ed.3 (2000-08)

SLOVENSKI STANDARD
SIST ETS 300 920 E3:2003
01-december-2003
'LJLWDOQLFHOLþQLWHOHNRPXQLNDFLMVNLVLVWHPID]D±9DUQRVWQLYLGLNL*60
UD]OLþLFDL]GDMD
Digital cellular telecommunications system (Phase 2+) (GSM); Security aspects (GSM
02.09 version 5.2.1 Release 1996)
Ta slovenski standard je istoveten z: ETS 300 920 Edition 3
ICS:
33.070.50 Globalni sistem za mobilno Global System for Mobile
telekomunikacijo (GSM) Communication (GSM)
SIST ETS 300 920 E3:2003 en
2003-01.Slovenski inštitut za standardizacijo. Razmnoževanje celote ali delov tega standarda ni dovoljeno.

---------------------- Page: 1 ----------------------

SIST ETS 300 920 E3:2003

---------------------- Page: 2 ----------------------

SIST ETS 300 920 E3:2003
EUROPEAN ETS 300 920
TELECOMMUNICATION August 2000
STANDARD Third Edition
Source: SMG Reference: RE/SMG-010209QR2
ICS: 33.020
Key words: Digital cellular telecommunications system, Global System for Mobile communications (GSM)
R
GLOBAL SYSTEM FOR
MOBILE COMMUNICATIONS
Digital cellular telecommunications system (Phase 2+);
Security aspects
(GSM 02.09 version 5.2.1 Release 1996)
ETSI
European Telecommunications Standards Institute
ETSI Secretariat
Postal address: F-06921 Sophia Antipolis CEDEX - FRANCE
Office address: 650 Route des Lucioles - Sophia Antipolis - Valbonne - FRANCE
Internet: secretariat@etsi.fr - http://www.etsi.org
Tel.:+334 92944200- Fax:+334 93 654716
Copyright Notification: No part may be reproduced except as authorized by written permission. The copyright and the
foregoing restriction extend to reproduction in all media.
© European Telecommunications Standards Institute 2000. All rights reserved.

---------------------- Page: 3 ----------------------

SIST ETS 300 920 E3:2003
Page 2
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
Whilst every care has been taken in the preparation and publication of this document, errors in content,
typographical or otherwise, may occur. If you have comments concerning its accuracy, please write to
"ETSI Standards Making Support Dept." at the address shown on the title page.

---------------------- Page: 4 ----------------------

SIST ETS 300 920 E3:2003
Page 3
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
Contents
Foreword .5
1 Scope .7
1.1 Normative references .7
1.2 Abbreviations .7
2 General.8
3 Security features provided in a GSM PLMN .8
3.1 Subscriber identity confidentiality .8
3.1.1 Definition .8
3.1.2 Purpose .8
3.1.3 Functional requirements.9
3.2 Subscriber identity authentication.9
3.2.1 Definition .9
3.2.2 Purpose .9
3.2.3 Functional requirements.9
3.2.4 Authentication during a malfunction of the network .10
3.3 User data confidentiality on physical connections (Voice and Non-voice) .10
3.3.1 Definition .10
3.3.2 Purpose .10
3.3.3 Functional requirements.10
3.4 Connectionless user data confidentiality .11
3.4.1 Definition .11
3.4.2 Purpose .11
3.4.3 Functional requirements.11
3.5 Signalling information element confidentiality.11
3.5.1 Definition .11
3.5.2 Purpose .11
3.5.3 Functional requirements.11
Annex A (informative): Change History.12
History.13

---------------------- Page: 5 ----------------------

SIST ETS 300 920 E3:2003
Page 4
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
Blank page

---------------------- Page: 6 ----------------------

SIST ETS 300 920 E3:2003
Page 5
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
Intellectual Property Rights
IPRs essential or potentially essential to the present document may have been declared to ETSI. The
information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-
members, and can be found in ETSI SR 000 314: "Intellectual Property Rights (IPRs); Essential, or
potentially Essential, IPRs notified to ETSI in respect of ETSI standards", which is available from the ETSI
Secretariat. Latest updates are available on the ETSI Web server (http://www.etsi.org/ipr).
Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI.
No guarantee can be given as to the existence of other IPRs not referenced in ETSI SR 000 314 (or the
updates on the ETSI Web server) which are, or may be, or may become, essential to the present
document.
Foreword
This European Telecommunication Standard (ETS) has been produced by the Special Mobile Group
(SMG) Technical Committee of the European Telecommunications Standards Institute (ETSI).
This ETS defines security features within the digital cellular telecommunications system.
The specification from which this ETS has been derived was originally based on CEPT documentation,
hence the presentation of this ETS may not be entirely in accordance with the ETSI/PNE Rules.
The contents of the present document may be subject to continuing work within SMG and may change
following formal SMG approval. Should SMG modify the contents of the present document it will then be
re-submitted for formal approval procedures by ETSI with an identifying change of release date and an
increase in version number as follows:
Version 5.x.y
where:
5 GSM Phase 2+ Release 1996.
x the second digit is incremented for changes of substance, i.e. technical enhancements,
corrections, updates, etc.;
y the third digit is incremented when editorial only changes have been incorporated in the
specification.
Proposed transposition dates
Date of adoption of this ETS: 14 July 2000
Date of latest announcement of this ETS (doa): 31 October 2000
Date of latest publication of new National Standard
or endorsement of this ETS (dop/e): 30 April 2001
Date of withdrawal of any conflicting National Standard (dow): 30 April 2001

---------------------- Page: 7 ----------------------

SIST ETS 300 920 E3:2003
Page 6
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
Blank page

---------------------- Page: 8 ----------------------

SIST ETS 300 920 E3:2003
Page 7
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
1 Scope
Bearer and Teleservices, as respectively defined in GSM 02.02 and GSM 02.03, are the objects which
the GSM PLMN operators offer to their customers. Besides these basic telecommunications services,
features which aim at up-grading these basic services need also to be offered. Due to the use of
radiocommunications in a PLMN, which are of a special nature compared to classical distribution
transmission techniques used in the fixed networks, such a category of features is related to security
aspects.
In a GSM PLMN, both the users and the network operator have to be protected against undesirable
intrusion of third parties. However, measures should be provided for in order to insure maximum
protection of the rights of the individuals concerns. As a consequence, a security feature is either a
supplementary service to Tele or Bearer services, which can be selected by the subscriber, or a network
function involved in the provision of one or several telecommunication services.
The purpose of this European Telecommunication Standard (ETS) is to define the security features which
are to be available in a GSM PLMN, together with the associated levels of protection. This ETS is only
concerned with those security features which aim at the up-grading of the security in a GSM PLMN. In
particular, end-to-end security is outside the scope of this ETS.
The implementation aspects of security features are described in GSM 03.20.
1.1 Normative references
This ETS incorporates by dated and undated reference, provisions from other publications. These
normative references are cited at the appropriate places in the text and the publications are listed
hereafter. For dated references, subsequent amendments to or revisions of any of these publications
apply to this ETS only when incorporated in it by amendment or revision. For undated references, the
latest edition of the publication referred to applies.
[1] GSM 01.04 (ETR 350): "Digital cellular telecommunications system (Phase 2+);
Abbreviations and acronyms".
[2] GSM 02.02 (ETS 300 904): "Digital cellular telecommunications system
(Phase 2+); Bearer Services (BS) supported by a GSM Public Land Mobile
Network (PLMN)".
[3] GSM 02.03 (ETS 300 905): "Digital cellular telecommunications system
(Phase 2+); Teleservices supported by a GSM Public Land Mobile Network
(PLMN)".
[4] GSM 03.20 (ETS 300 929): "Digital cellular telecommunications system
(Phase 2+); Security related network functions".
[5] GSM 11.11 (ETS 300 977): "Digital cellular telecommunications system
(Phase 2+); Specification of the Subscriber Identity Module - Mobile Equipment
(SIM - ME) interface".
1.2 Abbreviations
Abbreviations used in this ETS are listed in GSM 01.04.

---------------------- Page: 9 ----------------------

SIST ETS 300 920 E3:2003
Page 8
ETS 300 920 (GSM 02.09 version 5.2.1 Release 1996): August 2000
2 General
The use of radiocommunications for transmission to the mobile subscribers m
...