XRES

Expected Response

Security →
Introduced in Rel-4

XRES is the expected authentication response value generated by the network to verify a user's SIM by comparing it against the user's computed response during 3G authentication.

Category
Security
Introduced
Rel-4
Where
Security
Specifications
9 specs
XRES Description Purpose Related Classification Detected Changes Specifications

Description

The Expected Response (XRES) is a critical component within the 3GPP authentication and key agreement (AKA) framework, specifically for 3G (UMTS) networks. It is generated by the Home Location Register/Authentication Center (HLR/AuC) alongside other authentication vectors (AV), which include a random challenge (RAND), a network authentication token (AUTN), and ciphering/integrity keys (CK/IK). This vector is sent to the serving network node, such as the Visitor Location Register (VLR) or Serving GPRS Support Node (SGSN). The core function of XRES is to serve as the network's reference value for verifying the user's identity. When a user equipment (UE) attempts to attach to the network, the VLR/SGSN forwards the RAND and AUTN to the UE. The UE's Universal Subscriber Identity Module (USIM) uses the shared secret key (K) with the HLR/AuC to process these inputs. It independently computes a response value, called RES. The UE then sends this RES back to the VLR/SGSN. The network node performs a direct comparison: if the received RES matches the pre-stored XRES from the authentication vector, the user is authenticated. A mismatch indicates authentication failure, and access is denied. This process ensures that only a UE possessing the correct secret key K can generate the correct RES, thereby validating the subscriber's identity and protecting against impersonation attacks. The XRES is a temporary value, valid for a single authentication procedure, which enhances security by preventing replay attacks. Its generation and verification are central to the mutual authentication process in 3G, where the network authenticates the UE and the UE authenticates the network (via the AUTN).

Purpose & Motivation

XRES was introduced to address security weaknesses in the 2G (GSM) authentication system, which only provided one-way authentication (network to user). The primary purpose of XRES is to enable robust mutual authentication in 3G UMTS networks. It solves the problem of verifying that a user is who they claim to be, based on a cryptographically secure challenge-response mechanism. By having the network generate an expected value (XRES) derived from a secret key known only to the home network and the user's SIM, the system can definitively confirm a user's identity before granting network access. This was a significant evolution from GSM's use of the SRES (Signed Response), as part of a more comprehensive AKA procedure that also provided stronger encryption keys (CK/IK) and network authentication. The creation of XRES was motivated by the need for enhanced security in mobile communications to protect against fraud, eavesdropping, and unauthorized access, which became increasingly critical with the advent of mobile data services. It forms the verification cornerstone within the UMTS AKA protocol, a standard that has influenced all subsequent 3GPP security architectures.

Classification

Part ofRES
Related approachesAKA

Detected Changes Across Releases

from 3GPP Change Requests

Specific changes extracted from the „Change history“ tables of 3GPP specifications (29 CRs across 5 releases). Complements the general historical overview above with the evidence-based evolution of this function.

Studied in Rel-4, normative work from Rel-15.

Rel-15 6 changes

In Release 15, updates to USIM management procedures for 5GS were introduced, which encompass the broader authentication framework where the XRES function operates. These enhancements included allowing the configuration of Mission Critical Services data and updating the USIM Service Table to support PDU session call control. Furthermore, the release provided for an enhanced USIM OPL configuration to support 3-byte TAC values when connected to an NG-RAN.

  • USIM Service Table update for PDU session call control support TS 31.102CR0786
  • Allow configuration of MCS (Access Identity 2) via USIM. TS 31.102CR0794
  • Mission Critical Services configuration data update to USIM TS 31.102CR0808
  • Enhance USIM OPL configuration to support 3 bytes TAC when in NG-RAN. TS 31.102CR0818
  • Updates to USIM management procedures for 5GS TS 31.102CR0806
  • Clarification about presence of EFIMSConfigData in ISIM and USIM TS 31.102CR0833
Rel-16 10 changes

In Release 16, the XRES function itself was not directly modified; however, several new USIM configuration capabilities were introduced that influence the authentication and network selection context in which XRES is used. These include the USIM-based configuration of lists for the RLOS PLMN, a separate KSEAF for non-3GPP access, and trusted non-3GPP access networks. Additionally, enhancements were made for storing URSP rules, a PS Data Off list, and support for non-IMSI based SUPI types via a dedicated AID.

  • Support for USIM configuration of RLOS PLMN list TS 31.102CR0847
  • URSP storage in USIM TS 31.102CR0861
  • Specify storage for a potentially separate KSEAF for non-3gpp access on the USIM TS 31.102CR0864
  • USIM configuration of RLOS allowed MCC list TS 31.102CR0881
  • Support for Trusted non-3GPP access networks list by USIM TS 31.102CR0891
  • Dedicated AID for USIM Applications with non-IMSI based SUPI Types TS 31.102CR0897

+ 4 more changes

Rel-17 8 changes

In Release 17, the XRES function itself was not directly modified; however, several new USIM configuration files were introduced that influence network selection and access procedures where authentication using XRES occurs. These additions include files for pre-configured CAG information, parameters for Steering of Roaming (SOR-CMCI) with and without rule storage, and configurations for disaster roaming, 5G NSWO, and warning messages in SNPNs. These enhancements allow the USIM to store more network policy data, which can affect the conditions under which a UE initiates authentication procedures involving the Expected Response.

  • Introduce a USIM file to store pre-configured CAG information list TS 31.102CR0904
  • SOR-CMCI storage in USIM TS 31.102CR0917
  • Addition of USIM files for the indication of whether disaster roaming is enabled in the UE, disaster roaming wait range, disaster return wait range and applicability indicator for disaster roaming PLMNs list provided by VPLMN. TS 31.102CR0938
  • Adding eDRX parameters in the USIM for NG-RAN TS 31.102CR0943
  • 5G NSWO (Non-Seamless WLAN Offload) configuration support in the USIM compromised proposal. TS 31.102CR0946
  • Support of 'No E-UTRA Disabling In 5GS' in USIM TS 31.102CR0947

+ 2 more changes

Rel-18 4 changes

In Release 18, the XRES function itself was not directly modified, but the security context for authentication was enhanced by mandating extended storage of 5G security parameters on the USIM. This was achieved by requiring that a specific USIM service (n°133) be enabled whenever another foundational service (n°123) is enabled, ensuring the secure retention of authentication data. These changes strengthen the underlying security framework that utilizes the Expected Response.

  • 5G Security Parameters extended storage on USIM (Mandating Service n°133 to be enabled when Service n°123 is enabled) Rel18. TS 31.102CR1014
  • Add EF of Access Control to GBA_U_APIs to the USIM TS 31.102CR1007
  • Add EF of IMS Data Channel configuration to the USIM TS 31.102CR1006
  • Clarification of NID coding in the response data of GET IDENTITY TS 31.102CR1040
Rel-19 1 change

In Release 19, a specific enhancement was introduced for the XRES function concerning backward compatibility handling for USIMs that lack extended security parameter storage in the EF_5GAuthKeys file. This update ensures proper authentication procedures can be completed when interacting with these legacy USIM applications. The change addresses the scenario where the USIM, as the network access application on the UICC, does not support the newer key storage mechanism.

  • Backward compatibility handling of USIM without extended security parameter storage in EF_5GAuthKeys - Rel19 TS 31.102CR1074

Explore further

Broader topics and technologies where XRES plays a role.

Topics
SON (Self-Organizing Networks)Authentication (5G-AKA, EAP)Encryption & IntegrityMEC (Edge Computing)Lawful InterceptUMTS / WCDMA

Defining Specifications

3GPP specifications that define or reference XRES, with the latest known release. Sourced from the 3GPP document catalog — see methodology.

SpecificationTitleRelease
TR 21.905 vj00 3GPP Technical Terms and Definitions Rel-19
TS 24.109 vj00 HTTP Digest AKA & GAA Stage 3 Rel-19
TS 29.109 vj00 GAA Bootstrapping Interfaces (Zh, Dz, Zn, Zpn) Rel-19
TS 31.102 vj40 USIM Application Specification Rel-19
TR 31.900 vj00 3GPP TS 31.900: Security Interworking Guidance Rel-19
TS 33.102 vj10 3G Security Architecture Specification Rel-19
TS 33.105 vj00 3G Security: Cryptographic Algorithm Requirements Rel-19
TS 33.401 vj10 EPS Security Architecture Rel-19
TR 35.909 vj00 3GPP MILENAGE Algorithm Design Report Rel-19