All system elements are 3G, except for the terminal and the radio interface, which are 2G. This applies when a 3G UICC in a 2G ME roams into a 2G radio access network, which is connected to a 3G VLR/SGSN (e.g. when in the start phase of a 3G network not yet all existing 2G BSS are replaced by 3G technology, while the VLR/SGSN is already 3G).
The 2G ME with USIM support or the Rel-5 2G ME and the 2G BSS are transparent for 3G authentication parameters. To derive the ciphering key Kc for the 2G BSS, the 3G VLR/SGSN and the 3G ICC have to compute Kc from CK, IK with conversion function c3 and send it to the BSS and to the ME. Despite a 2G radio access network is involved, 3G security context is established.
The USIM receives parameters RAND and AUTN and calculates RES, CK and IK. If service no. 27 is available, Kc is generated by conversion function c3 and additionally included in the response. The keys CK and IK are not needed in this security scenario and can be discarded by the ME. If the USIM does not support service no. 27, network access is not possible.