Universal Mobile Telecommunications System (UMTS) and High-Speed Packet Access (HSPA)  177

               monitoring attacks. The values of the expiry timers are variable and are sent to the
               mobile device during connection establishment. Upon expiry, a new set of ciphering
               and IKs are generated with a reauthentication between the mobile device and the
               network.
                Authentication, ciphering and integrity checking are performed independently for
               circuit‐switched and packet‐switched connections. This is because the MSC handles
               circuit‐switched calls while the SGSN is responsible for packet sessions. As these
               devices are independent they have to use different sets of authentication vectors and
               sequence numbers.
                UMTS also introduces new algorithms to calculate the different parameters used for
               authentication, ciphering and integrity checking. These are referred to as f0–f9. Details
               on the purpose and use of these algorithms can be found in 3GPP TS 33.102 [9].
                On the user side all actions that require the secret key are performed on the SIM card,
               to protect the secret key. As older GSM SIM cards cannot perform the new UMTS
               authentication procedures, a backward compatibility mode has been specified to enable
               UMTS‐capable mobile devices to use UMTS networks with an old GSM SIM card. The
               UMTS ciphering and IKs are then computed by the mobile device based on the GSM
               CK (note: not the secret key!) that is returned by the SIM card. A drawback of this fall-
               back method is, however, that although the network can still properly authenticate the
               mobile device, the reverse is not possible as the validation of the AUTN on the user’s
               device requires the secret key, which is only stored in the SIM card. On the network
               side, the HLR is aware that the subscriber uses a non‐UMTS‐capable SIM card and
               generates an adapted authentication vector without an AUTN.



               3.10   High‐Speed Downlink Packet Access (HSDPA) and HSPA+

               UMTS networks today no longer use DCHs for high‐speed packet transfer. With 3GPP
               Release 5, HSDPA was introduced to allow more flexibility for bursty data transmis-
               sions and to deliver much higher datarates per cell and per user than before. Datarates
               that could be achieved in practice at first ranged between 1 and 8 Mbit/s depending on
               the radio signal conditions and distance to the base station. With further extensions to
               HSDPA in the subsequent versions of the 3GPP specifications described in this chapter
               and used in practice today, even higher datarates are possible, exceeding 30 Mbit/s
               under ideal radio signal conditions.
                Important standards documents that were created or enhanced for HSDPA are the
               overall system description Stage 2 in 3GPP TS 25.308 [10], the physical layer descrip-
               tion TR 25.858 [11], physical layer procedures in TS 25.214 [12], Iub and Iur interface
               enhancements in TR 25.877 [13], RRC extensions in TS 25.331 [2] and signaling proce-
               dure examples in TS 25.931 [14].

               3.10.1  HSDPA Channels
               Figures 3.38 and 3.39 show how HSDPA combines the concepts of dedicated and shared
               channels. For user data in the downlink direction one or more High‐Speed Physical
               Downlink Shared Channels (HS‐PDSCH) are used. These can be shared between
                 several users. Hence, it is possible to send data to several subscribers simultaneously or