Project

General

Profile

« Previous | Next » 

Revision 4d3277f0

Added by osmith about 4 years ago

spec: replace should with must

Make it clear that statements like 'the operator should make sure that the
next pseudonymous IMSI SMS cannot be read or modified by third parties'
are not recommendations, but requirements for this specification to
work.

View differences:

docs/imsi-pseudo-spec.adoc
303 303 
Because the SIM applet cannot decide the next pseudonymous IMSI, it would have
304 304 
the same pseudonymous IMSI for a long time. Then it could become feasible for
305 305 
an attacker to track the subscriber by their pseudonymous IMSI. Therefore the
306 
SIM applet should warn the subscriber if the pseudonymous IMSI does not change.
306 
SIM applet must warn the subscriber if the pseudonymous IMSI does not change.
307 307 

  		




  308
  308
  
    
The SIM applet registers to EVENT_EVENT_DOWNLOAD_LOCATION_STATUS (3GPP TS


  		




  309
  309
  
    
03.19, Section 6.2) and increases `imsi_pseudo_lu` by 1 when the event is


  		




  ......




  428
  428
  
    
See <<hlr-imsi-pseudo-i>>.


  		




  429
  429
  
    

  		




  430
  430
  
    
MIN_SLEEP_TIME: 32 bits::


  		




  431
  
  
    
Amount of seconds, which the SIM applet should wait before changing to the new


  		




  
  431
  
    
Amount of seconds, which the SIM applet must wait before changing to the new


  		




  432
  432
  
    
pseudonymous IMSI. Since it is unclear when the SMS will arrive (ME might be


  		




  433
  433
  
    
turned off), this is a minimum amount.


  		




  434
  434
  
    

  		




  ......




  437
  437
  
    
pseudonymous IMSI.


  		




  438
  438
  
    

  		




  439
  439
  
    
PAD: 8 bits::


  		




  440
  
  
    
Padding at the end, should be filled with 1111 as in the TBCD specification.


  		




  
  440
  
    
Padding at the end, must be filled with 1111 as in the TBCD specification.


  		




  441
  441
  
    

  		




  442
  442
  
    
<<<


  		




  443
  443
  
    
== Error Scenarios


  		




  ......




  482
  482
  
    

  		




  483
  483
  
    
=== End to End Encryption of SMS


  		




  484
  484
  
    

  		




  485
  
  
    
When deploying the IMSI pseudonymization, the operator should make sure that


  		




  
  485
  
    
When deploying the IMSI pseudonymization, the operator must make sure that


  		




  486
  486
  
    
the next pseudonymous IMSI SMS (<<sms-structure>>) cannot be read or modified


  		




  487
  487
  
    
by third parties. Otherwise, the next pseudonymous IMSI is leaked, and if the


  		




  488
  488
  
    
pseudonymous IMSI in the SMS was changed, the SIM/USIM would be locked out of the


  		












Also available in:  Unified diff




        
        

    














  

  
  Add picture from clipboard
  (Maximum size: 48.8 MB)