This command can be used with an EVEN or an ODD instruction (INS) code. The EVEN instruction code can be used when the challenge data provided by the terminal is not TLV encapsulated data and the length of the challenge data provided by the terminal is less than 256 bytes.
The ODD instruction code shall be used with the security context specified in Table 2, when challenge and response data is TLV encapsulated regardless of their length. Terminals and UICCs that do not support security context requiring TLV format (e.g. MBMS), do not have to support AUTHENTICATE command with ODD instruction code.
Specific reference data (e.g. DF specific/application dependant key)
All other codings are RFU.
ODD INS code
The authentication data and the authentication response data are encapsulated in BER-TLV objects structured using tag '73' for BER-TLV structured data and tag '53' otherwise.
How this command can chain successive blocks of authentication data, or authentication response data is described in TS 31.101.
If P1 indicates "First block of authentication data" or "Next block of authentication data":
Authentication data encapsulated in a BER-TLV data object.
Parameter present if and only if in 3G/EPS/5G security context.
The coding of AUTN is described in TS 33.102. The most significant bit of RAND is coded on bit 8 of byte 2. The most significant bit of AUTN is coded on bit 8 of byte (L1+3).
Response parameters/data, case 1, 3G/EPS/5G security context, command successful:
"Successful 3G authentication" tag = 'DB'
Length of RES (L3)
3 to (L3+2)
Length of CK (L4)
(L3+4) to (L3+L4+3)
Length of IK (L5)
(L3+L4+5) to (L3+L4+L5+4)
Length of KC (= 8) (see note)
KC (see note)
Parameter present if and only if Service No. 27 is "available".
The most significant bit of RES is coded on bit 8 of byte 3. The most significant bit of CK is coded on bit 8 of byte (L3+4). The most significant bit of IK is coded on bit 8 of byte (L3+L4+5).
Response parameters/data, case 2, 3G/EPS/5G security context, synchronisation failure:
"Synchronisation failure" tag = 'DC'
Length of AUTS (L1)
3 to (L1+2)
The coding of AUTS is described in TS 33.102. The most significant bit of AUTS is coded on bit 8 of byte 3.
Response parameters/data, case 3, GSM security context, command successful:
Length of SRES (= 4)
2 to 5
Length of KC (= 8)
7 to 14
The most significant bit of SRES is coded on bit 8 of byte 2. The most significant bit of Kc is coded on bit 8 of byte 7.
Vservice_Id is coded in the same way as the octets 2-5 in the Descriptive group or broadcast call reference information element as defined in TS 24.008.
An Example for the coding of Vservice_Id can be found in Annex K.
The coding of VK_Id is as follows:
Coding of VK_Id
Corresponds to the 1st group key
Corresponds to the 2nd group key
The coding of VSTK_RAND is described in TS 43.020. The VSTK_RAND shall be inserted left-aligned into the L1 bytes, with unused bits to the right set to zero.
Response parameters/data, VGCS/VBS security context, command successful:
MIKEY message or Key Domain ID || MSK ID Key Group part or MUK ID TLV
Only the MIKEY message shall be transmitted in the MBMS security context mode '01' or '02'.
Only the Key Domain ID (coded on 3 bytes as described in TS 33.246) concatenated with the Key Group part of the MSK ID (coded on two bytes as described in TS 33.246 where the last transmitted byte represents the least significant byte of the Key Group part) shall be transmitted in the MBMS security context mode '03'.
Only the MUK ID TLV shall be transmitted in the MBMS security context mode '04'. The MUK ID TLV, containing the MUK Idr and MUK Idi only, shall be encoded as described in clause 4.2.81.
Parameter MBMS Security Context Mode specifies the MBMS mode in which MBMS security procedure is performed as follows:
Coding of MBMS Security Context Mode
The Local Key Establishment Control TLV is included in the command data to indicate the security context mode. The Local Key Establishment Control TLV is also included in the response data to indicate the operation status.
The length is coded according to ISO/IEC 8825-1 .
The Key Identifier TLV is a constructed TLV containing the following primitive TLVs: NAF_ID, Terminal_ID, Terminal_appli_ID, UICC_appli_ID and RANDx. E is the length of the constructed Key Identifier value.
The most significant bit of the request MAC is coded on bit 8 of the first byte following the MAC Length.
The most significant bit of the RANDx is coded on bit 8 of the first byte following the RANDx Length.