Members of the 3rd-Generation Partnership Project (3GPP) are currently developing Release 9 improvements to the family of standards for the Universal Mobile Telecommunications System (UMTS). As part of this work, new encryption algorithms have been introduced, including the A5/4 algorithm for GSM circuit-switched services and the GEA4 for GSM GPRS (packet-switched) services. These algorithms are defined in the 3GPP document 3GPP TS 55.226, “3G Security; Specification of the A5/4 Encryption Algorithms for GSM and ECSD, and the GEA4 Encryption Algorithm for GPRS.” As specified in that document, the new encryption algorithms A5/4 and GEA4 each require a full 128-bit ciphering key.
A key derivation function to derive a 128-bit ciphering key (Kc-128) in the mobile equipment and in the network has been defined in the 3GPP document 3GPP TS 33.102, “3G security; Security architecture,” for Release 9. The Kc-128 is derived from the UMTS security keys (i.e., the ciphering key, CK, and the integrity key, IK), which are associated with the corresponding 64-bit GSM ciphering key in the current setting. Therefore, since the UMTS security keys are needed to derive the 128-bit key, the user must have a Universal Subscriber Identity Module (USIM) in use in the user equipment (UE) and the network needs to initiate the UMTS AKA (authentication) procedure towards the UE, in order to be able to use the encryption algorithms A5/4 and GEA4 for GSM and GSM GPRS services.
3GPP TS 33.102 has also specified that the Kc-128 is stored only in the mobile equipment (ME) and not in the USIM, and that this ciphering key is deleted when the ME is powered down as well as when the USIM is removed from the UE.
FIG. 7 is taken from 3GPP TS 33.102, and illustrates the scenarios in which a Kc-128 is derived from CK and IK by the ME and network. While the 3GPP specifications outline the basis usage scenarios for the Kc-128, complete analysis and specification of the handling of the Kc-128 by the ME has not been performed prior to the development of the present invention.