The Universal Mobile Telecommunications System (UMTS) is one of the new ‘third generation’ 3G mobile cellular communication systems. UMTS builds on the success of the ‘second generation’ GSM system. One of the factors in the success of GSM has been its security features. New services introduced in UMTS require new security features to protect them. In addition, certain real and perceived shortcomings of GSM security need to be addressed in UMTS.
UMTS provides mutual authentication between the UMTS subscriber, represented by a smart card application known as the USIM (Universal Subscriber Identity Module), and the network in the following sense 'Subscriber authentication': the serving network corroborates the identity of the subscriber and 'Network authentication': the subscriber corroborates that he is connected to a serving network that is authorised, by the subscribers home network, to provide him with services.
Signalling data integrity and origin authentication
Integrity algorithm agreement: the mobile station and the serving network can securely negotiate the integrity algorithm that they use.
Integrity key agreement: the mobile and the network agree on an integrity key that they may use subsequently; this provides entity authentication.
User traffic confidentiality
Ciphering algorithm agreement: the mobile and the station can securely negotiate ciphering algorithm that they use.