ISIM不得表明任何语言偏好。它应该使用UICC上激活的其他应用使用语言。或者 使用 MF目录下的EF_PL文件中指定的语言。
终端执行 管理信息请求。如果这些过程被成功直接性， ISIM会话应该开始， 否在会话不应该开始。
1） IMPI 请求
2） IMPU 请求
3） SIP 域名请求
4) ISIM 服务表 请求，如果不存在6F07(IST)文件，那么应该假定不存在任何可用 ist定义的服务
在初始化完成后， 应该发送一个特殊的STATUS命令，来表明 ISIM成功初始化， 可以开始ISIM会话了。
The Terminal uses the AUTHENTICATE command in GBA security context (Bootstrapping Mode) (see 7.1.1). The
response is sent to the Terminal.
After a successful GBA_U Procedure, the Terminal shall update the B-TID field and the Key Life Time field in
The Terminal shall first read EFGBABP. The Terminal then uses the AUTHENTICATE command in GBA security
context (NAF Derivation Mode) (see 7.1.1). The response is sent to the Terminal.
Requirement:Service n°8 “available”.
Request:the ME performs the reading procedure with EFPSISMSC.
Update:The ME performs the updating procedure with EFPSISMSC.
The function can be used in several different contexts:
-an IMS AKA security context during the procedure for authenticating the ISIM to its HN and vice versa when
IMS AKA authentication data are available. The function shall be used whenever an IMS context shall be
established, i.e. when the terminal receives a challenge from the IMS. A cipher key and an integrity key are
calculated. For the execution of the command the ISIM uses the subscriber authentication key K, which is stored
in the ISIM.
-a HTTP Digest security context, when HTTP Digest authentication data are available. Digest authentication
operations are described in IETF RFC 2617 .
-a GBA_U security context, when a GBA bootstrapping procedure is requested. In this context the function is
used in two different modes:
a) Bootstrapping Mode: during the procedure for mutual authenticating of the ISIM and the Bootstrapping
Server Function (BSF) and for deriving Bootstrapped key material from the AKA run.
b) NAF Derivation Mode: during the procedure for deriving Network Application Function (NAF) specific keys
from previous bootstrapped key material.
a Local Key Establishment security context, when a Local Key Establishment procedure is requested.
The function is related to a particular ISIM and shall not be executable unless the ISIM application has been selected
and activated, and the current directory is the ISIM ADF or any subdirectory under this ADF and a successful PIN
verification procedure has been performed (see clause 5).
IMS AKA security context
The ISIM first computes the anonymity key AK = f5K (RAND) and retrieves the sequence number
SQN = (SQN ⊕ AK) ⊕ AK.
Then the ISIM computes XMAC = f1K (SQN || RAND || AMF) and compares this with the MAC which is included in
AUTN. If they are different, the ISIM abandons the function.
Next the ISIM verifies that the received sequence number SQN is previously unused. If it is unused and its value is
lower than SQNMS, it shall still be accepted if it is among the last 32 sequence numbers generated. A possible
verification method is described in TS 33.102 .
This implies that the ISIM has to keep a list of the last used sequence numbers and the length of the list is
at least 32 entries.
If the ISIM detects the sequence numbers to be invalid, this is considered as a synchronisation failure and the ISIM
abandons the function. In this case the command response is AUTS, where:
-AUTS = Conc(SQNMS ) || MACS;
-Conc(SQNMS) = SQNMS ⊕ f5*K(RAND) is the concealed value of the counter SQNMS in the ISIM; and
-MACS = f1*K(SQNMS || RAND || AMF) where:
-RAND is the random value received in the current user authentication request;
the AMF assumes a dummy value of all zeroes so that it does not need to be transmitted in clear in the
If the sequence number is considered in the correct range, the ISIM computes RES = f2K (RAND), the cipher key
CK = f3K (RAND) and the integrity key IK = f4K (RAND) and includes these in the command response. Note that if
this is more efficient, RES, CK and IK could also be computed earlier at any time after receiving RAND.
The use of AMF is HN specific and while processing the command, the content of the AMF has to be interpreted in the
appropriate manner. The AMF may e.g. be used for support of multiple algorithms or keys or for changing the size of
lists, see TS 33.102 .
GBA security context (Bootstrapping Mode)
ISIM operations in GBA security context are supported if service n°2 is “available”.
The ISIM receives the RAND and AUTN*. The ISIM first computes the anonymity key AK = f5K (RAND) and
retrieves the sequence number SQN = (SQN ⊕ AK) ⊕ AK.
The ISIM calculates IK = f4K (RAND) and MAC (by performing the MAC modification function described in
TS 33.220 ). Then the ISIM computes XMAC = f1K (SQN || RAND || AMF) and compares this with the MAC
previously produced. If they are different, the ISIM abandons the function.
Then the ISIM performs the remaining checking of AUTN* as in IMS security context. If the ISIM detects the sequence
numbers to be invalid, this is considered as a synchronisation failure and the ISIM abandons the function. In this case
the command response is AUTS, which is computed as in ISIM security context.
If the sequence number is considered in the correct range, the ISIM computes RES = f2K (RAND) and the cipher key
CK = f3K (RAND).
The ISIM then derives and stores GBA_U bootstrapped key material from CK, IK values. The ISIM also stores RAND
in the RAND field of EFGBABP
The ISIM stores GBA_U bootstrapped key material from only one bootstrapping procedure. The previous bootstrapped
key material, if present, shall be replaced by the new one. This key material is linked with the data contained in EFGBABP
: RAND, which is updated by the ISIM and B-TID, which shall be further updated by the ME.
6F02 SFI=02 IMS Private user identity '8000FF...FF' 6F03 SFI=05 Home Network Domain Name '8000FF...FF' 6F04 SFI=04 IMS public user identity '8000FF...FF' 6FAD SFI=03 Administrative Data 全0 6F06 SFI=06 Access Rule Reference 有些基带，也把 SFI=0x17 也映射到这个文件 6FD5 GBA Bootstrapping parameters 'FF...FF' 推荐存在 ---为全FF 6F07 SFI=07 ISIM Service Table 6F09 P-CSCF address----在t-mobile中为全FF 6F3C Short messages 6F42 SMS parametrers 6F43 02 FF 6F47 UICC IARI 00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF 6FD7 GBA NAF List 'FF...FF'----全FF 6FDD NAF Key Centre Address 'FF...FF' 6FE5 Public Service Identity of the SM-SC 6FE7 UICC IARI--------------------------全 FF 6FF7 From Preferred '00' 6FF8 IMSConfigData 6FFC XCAP Configuration Data--------可以不存在 6FFA WebRTC URI 6FFE MuD and MiD Configuration Data
Generic Bootstrapping Architecture (GBA) is a technology that enables the authentication of a user. This authentication is possible if the user owns a valid identity on an HLR (Home Location Register) or on an HSS (Home Subscriber Server).
3GPP TS 33.220
The user authentication is instantiated by a shared secret, one in the smartcard, for example a SIM card inside the mobile phone and the other is on the HLR/HSS.
GBA authenticates by making a network component challenge the smartcard and verify that the answer is the one predicted by the HLR/HSS.
Instead of asking the service provider to trust the BSF and relying on it for every authentication request, the BSF establishes a shared secret between the simcard card and the service provider. This shared secret is limited in time and for a specific domain.