8 ISIM

33.2033G Security3GPPAccess security for IP-based servicesTS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

8.0 General

For the purposes of this document the ISIM is a term that indicates the collection of IMS security data and functions on a UICC. The following implementation options are permitted:

– Use of a distinct ISIM application on a UICC which does not share security functions with the USIM;

– Use of a distinct ISIM application on a UICC which does share security functions with the USIM;

– Use of a USIM application on a UICC.

NOTE 1: For later releases other implementations of ISIM are foreseen to be permitted.

NOTE 2: The distinction between the terms “ISIM” and “ISIM application” is useful for the purpose of describing the IMS security architecture. However, in other 3GPP specifications these terms are used as synonyms, i.e. the term “ISIM” always refers to the ISIM application in the UICC, as defined in [51]. The case of using a USIM application is always handled separately in other specifications.

If there is an ISIM application and a USIM application on a UICC, then the ISIM application shall always be used for IMS authentication.

There shall only be one ISIM for each IMPI. The IMS subscriber shall not be able to modify or enter the IMPI. The IMS subscriber shall not be able to modify or enter the Home Domain Name.

8.1 Requirements on the ISIM application

This clause identifies requirements on the ISIM application to support IMS access security. It does not identify any data or functions that may be required on the ISIM application for non-security purposes.

The ISIM application shall include:

– The IMPI;

– At least one IMPU;

– Home Network Domain Name;

– Support for sequence number checking in the context of the IMS Domain;

– The same framework for algorithms as specified for the USIM applies for the ISIM;

– An authentication Key.

The ISIM shall deliver the CK to the UE although it is not required that SIP signalling is confidentiality protected.

At UE power off the existing SAs in the MT shall be deleted. The session keys and related information in the SA shall never be stored on the ISIM.

8.2 Sharing security functions and data with the USIM

When an ISIM application is used for IMS access, only the following options for sharing security functions and data are permitted:

– No security functions or data are shared;

– Only the sequence number checking mechanism is shared;

– Only the algorithm is shared;

– Only the algorithm and sequence number checking mechanism are shared;

– The authentication key, authentication functions and the sequence number checking mechanism are shared.

When a USIM is used for IMS access, only the following option is applicable:

– The authentication key, authentication functions and the sequence number checking mechanism are shared.

NOTE: If the authentication keys and functions are shared, the cipher/integrity key sets generated during authentication are used with different cipher/integrity algorithms in CS/PS domain and IMS. Note that the same cipher/integrity key set is never used for both CS/PS domain and IMS because the authentication and key agreement protocol is run independently between CS/PS domain and IMS. Therefore there is no danger that the compromise of the cipher/integrity algorithm in one domain would lead to vulnerabilities in the other domain.

If the mechanism and data for checking sequence numbers are shared then it shall be required for the authentication failure rate due to synchronization failures to be kept sufficiently low. In particular, the mechanism shall be required to support interleaving authentication in three domains (CS, PS and IMS). Example methods to achieve this are described in Annex G.