3GPP Work Item description

This page contains informal descriptive text only.  See master WID page for further details.

Feature: Key establishment between a UICC and a terminal

The smart card, tamper resistant device, has a primary role of storing credentials and performing sensitive cryptographic computations, it also provides portability of the user credentials. The smart card is rarely a stand-alone device; it usually interacts with a terminal. Sensitive applications are often split between a smart card and a terminal with sensitive data exchanged between the two. Therefore, the need to establish a secure channel between a UICC and a terminal that may host the UICC or be connected to the device hosting the UICC via a local interface has been identified by different standardization groups in order to protect the communication between the UICC and the terminal.

ETSI SCP approved a Work Item on “Secure channel between a UICC and an end-point terminal” to specify the secure channel protocol. However, the definition of a key establishment mechanism is out of ETSI SCP’s scope. There is a need for SA3 to specify key establishment between a UICC and a terminal so that a complete solution could be used by 3GPP and others standardization bodies.

The main objective of this work item is to define how to provision a shared key between a UICC and a terminal that may host the UICC or be connected to the device hosting the UICC via a local interface.

Authorisation (e.g. determining which terminal can securely connect to which UICC) is to be studied as part of the work.

Service Aspects: