IFSC

Information Field Size for the UICC

Protocol
Introduced in Rel-4
A subset of Information Field Sizes specifically defining the maximum lengths of data fields used in communications with the Universal Integrated Circuit Card (UICC), including the SIM/USIM. It standardizes commands and responses between the mobile terminal and the UICC for secure authentication, subscription management, and application toolkit operations.

Description

Information Field Size for the UICC (IFSC) is a specialized specification within the 3GPP framework that dictates the maximum bit or byte lengths for data fields exchanged between the Mobile Equipment (ME) and the Universal Integrated Circuit Card (UICC), which houses the Subscriber Identity Module (SIM) or Universal Subscriber Identity Module (USIM) application. These sizes are defined in specifications like TS 21.905 and are critical for the precise operation of the interface (the electrical and logical connection) defined by ETSI/3GPP standards such as TS 31.101. The IFSC governs fields in Application Protocol Data Units (APDUs), which are the command-response packets used for all interactions with the UICC. This includes commands for file access, authentication challenge-response procedures (using the MILENAGE or TUAK algorithms), profile management, and the SIM Application Toolkit (SAT/USAT).

Architecturally, the IFSC ensures that the Terminal (the ME's UICC interface layer) and the UICC itself agree on the structure of every message. For example, it defines the maximum size for the RAND (random challenge) used in authentication, the length of the ciphering key (CK) and integrity key (IK), or the size of a SMS-PP download command envelope. When the ME sends a command APDU to the UICC, it must format each data field according to the IFSC. The UICC, upon receipt, parses the command based on these same size definitions, processes it (e.g., computes a authentication response SRES), and returns a response APDU with its fields also conforming to the IFSC. This precise sizing is essential for the correct functioning of low-level T=0 or T=1 communication protocols and for the security algorithms that depend on fixed-length inputs.

The role of IFSC is paramount for security and interoperability. By standardizing the sizes of sensitive fields like cryptographic keys and authentication parameters, it prevents buffer overflow attacks and ensures that security computations are performed on correctly sized data. It also allows UICCs from one vendor to work seamlessly in mobile devices from any other vendor. Furthermore, as UICC capabilities evolved to support larger phonebooks, multiple applications, and embedded SIM (eSIM) remote provisioning, the IFSC definitions were updated to accommodate larger file identifiers and data objects. In the context of eSIM and the Remote SIM Provisioning (RSP) architecture, IFSC for commands related to profile download and management (via the SM-DP+ and SM-DS) are crucial for secure and reliable over-the-air updates. Thus, IFSC forms the unheralded but essential grammatical rules for the secure dialogue between the phone and its smart card.

Purpose & Motivation

IFSC was created to address the specific need for reliable and secure communication between the mobile terminal and the removable smart card (UICC). In early GSM systems, without standardized field sizes for SIM commands, interoperability issues could arise, leading to failed authentication, corrupted phonebook entries, or even card lock-ups. The definition of IFSC provided a strict contract for this critical interface, ensuring that all manufacturers' handsets and SIM cards could communicate predictably. This was vital for the global roaming ecosystem, where a subscriber's SIM card must work in any compliant handset worldwide.

The primary problems solved by IFSC are data integrity and security assurance in the ME-UICC dialogue. By fixing the sizes of fields used in authentication vectors and key generation, it eliminates ambiguities that could weaken cryptographic operations. It also enables efficient implementation of the APDU handling software in both the terminal's baseband processor and the UICC's operating system. As services stored on the UICC grew more complex (from simple SIM phonebooks to Java-based applets and network authentication for 3G/4G/5G), the IFSC definitions evolved to support larger data objects and new command sets, facilitating this innovation without breaking existing functionality. It is a cornerstone of the trusted, hardware-based security foundation that underpins subscriber identity and service portability in mobile networks.

Key Features

  • Defines maximum sizes for data fields in ME-to-UICC (SIM/USIM) APDU commands
  • Ensures interoperability between any mobile device and any UICC/SIM card
  • Critical for the correct operation of authentication and key agreement procedures
  • Supports file access, application toolkit, and remote provisioning commands
  • Provides foundation for secure element communication and data integrity
  • Evolves to support new UICC applications and eSIM capabilities

Evolution Across Releases

Rel-4 Initial

Introduced as part of the UMTS specifications, formalizing field sizes for USIM applications and the enhanced authentication and key agreement (AKA) protocol used for 3G security, including sizes for quintets (RAND, XRES, CK, IK, AUTN).

TS 21.905
Rel-7

Extended IFSC to support new USAT commands and larger file structures for multimedia messaging and enhanced phonebook entries, reflecting the growing storage and application capabilities of UICCs.

TS 21.905
Rel-13

Updated IFSC to accommodate requirements for Machine-Type Communication (MTC) and the initial phases of embedded SIM (eSIM) for IoT devices, including fields for remote provisioning and management commands.

TS 21.905
Rel-16

Enhanced IFSC definitions to support 5G AKA and related security parameters for the 5G USIM, as well as refined fields for eSIM Remote SIM Provisioning (RSP) advanced operations and profile management.

TS 21.905

Defining Specifications

SpecificationTitle
TS 21.905 3GPP TS 21.905