Chapter 3

Global Trend of Mobile Wireless Technology

This chapter presents an outline of the evolution and migration from first-generation (1G) to third-generation (3G) mobile radio technologies, moving rapidly from 1G circuit-switched analog voice-only communications to 2G, 2.5G, and 3G packet-switched voice and data mobile wireless communications.

This chapter covers the technological development of wireless mobile communications in compliance with each iterative generation over the past decade. At present, mobile data service has been rapidly transforming to facilitate and ultimately profit from the increased demand for nonvoice service. Through aggressive 3G deployment plans, the world's major operators boast attractive and homogeneous portal offerings in all of their markets, notably in data, audio, and video multimedia application services. Despite the improbability of any major changes in the next 4–5 years, rapid technological advances have already bolstered talks for 3.5G and even 4G systems. New All-IP Wireless systems to reach a position to compete with current cellular networks; Wi-Fi technology, along with WiMAX (Worldwide Interoperability for Microwave Access) and TDD mode, may make it possible for new entrants to compete with incumbent mobile operators.

The chapter is separated into six parts and progresses in a systematic manner on wireless mobile communications.

3.1 1G Cellular Technology

1G technology refers to the earliest wireless networks. Data rates available for 1G wireless technologies were 9.6 kbps or lower.

3.1.1 AMPS (Advanced Mobile Phone System)

• AT&T's Bell Labs developed the AMPS (Advanced Mobile Phone System) and deployed throughout North America.

3.1.2 NMT (Nordic Mobile Telephone)

• NMT (Nordic Mobile Telephone) is a 1G wireless technology that is the 1981 Nordic countries standard for analog cellular service.

3.1.3 TACS (Total Access Communications System)

• This is an analog FM communication system used in some parts of Europe and Asia (United Kingdom, Malaysia, China, etc.)

3.2 2G Mobile Radio Technology

There are two major 2G mobile telecommunications standards that have been dominating the global wireless market: GSM (Global System for Mobile Communications), developed at the beginning of the 1990s by the ETSI in Western Europe, and TDMA-136/CDMA IS-95 (Code Division Multiple Access), developed by the TIA in North America. Since the GSM standard was originally designed for voice, GSM was ill-suited to data transmission. Although GSM is the most widely used circuit-switched cellular system for voice communications, GSM networks were not optimized for high-speed data, image, and other multimedia applications and services. The ETSI hence upgraded the GSM standard, albeit still in the circuit-switched mode. The High-Speed Circuit-Switched Data (HSCSD) technology was first deployed to enable higher data rates. The General Packet Radio Service (GPRS) soon followed, introducing packet-switched mode. Finally, EDGE (Enhanced Data Rate for GSM Evolution or Enhanced Data Rate for Global Evolution) was introduced to further increase the data speeds provided by GPRS. At present, most GSM-based networks are expected to evolve 3G Universal Mobile Telecommunication System (UMTS).

Qualcomm developed a mobile communication technology based on the CDMA spectrum-sharing technique. This network technology, which is modulated by codes, is called cdmaOne IS-95A/B and was standardized by the TIA. Under the influence of Qualcomm, the IS-95 technology continues to evolve steadily to provide higher data rates, such as 3G CDMA2000 1x networks that were standardized by the 3GPP2 (3rd Generation Partnership Project).

The IS-54, based on the TDMA mode, was the first North American digital telephony standard. This standard was also adapted for use in wideband Personal Communications Systems (PCS) networks under the name TDMA-136. The IS-54 was primarily used by US operators, but limitation in data transfers due to the use of a relatively narrowband stopped its use in December 2001.

In addition, two other proprietary technologies classified as 2G systems include NTT DoCoMo's i-mode in Japan and the Wireless Application Protocol (WAP), the de facto standard created by the WAP Forum, which was founded in 1997 through the initiative of Nokia, Motorola, Ericsson, Phone.com, and other such companies. NTT DoCoMo's i-mode is the mobile Internet access system that provides service over the packet-switched network. The i-mode gives users a new range of capabilities, offering voice and data cellular service in one convenient package. The WAP Forum's initial aim was to establish a universal and open standard to provide wireless users access to the Internet. The WAP was designed to deliver Internet content by adapting to the features and constraints of mobile phones. The WAP technology cannot be exactly defined as a 2G system; it was designed to work with all wireless network technologies, beginning with a majority of 2G (GSM, GPRS, PDC (Personal Digital Cellular), IS-95, TDMA-136) and 3G systems. However, with the commercial failure of the launch of WAP at the beginning of 2000, the European industry missed the mobile data service explosion. Only SMS appeared to offer access to the WAP portal via GSM networks. The MMS technology will make it possible to overcome the technological constraints of SMS and to further enhance existing services with SMS. The i-mode service was started in February 1999; WAP 2.0 was released by the WAP Forum in August 2001; and M-service Phase 2 has been started in GSM-A.

2G technologies are digital in nature and provide improved system performance and security. 2G technology data rates vary from 9.6 to 14.4 kbps.

3.2.1 CDPD (Cellular Digital Packet Data), North American Protocol

• Cellular Digital Packet Data (CDPD) is a TCP/IP-based mobile data-only service that runs on AMPS networks.
• The first service was launched in 1999.
• Since CDPD runs on analog cellular networks, it requires a modem to convert the TCP/IP-based data into analog signals when sending and receiving.

3.2.2 GSM (Global System for Mobile Communications)

Since the GSM standard was originally designed for voice, GSM is ill-switched to data transmission. GSM networks were not optimized for high-speed data, image, and other multimedia applications because GSM is the most widely used circuit-switched cellular system for voice communications. The ETSI hence upgraded the GSM standard, albeit still in circuit-switched mode. Since 2G systems transmit voice traffic over wireless and limit their data handling capacity, evolution is therefore needed for providing high data-rate services.

• First digital cellular system (DCS) (first standard in Europe).
• Most widely deployed digital network in the world to date.
• Not optimized for high-speed data, image, and other multimedia services.

GSM can operate four distinct frequency bands.

• GSM 450. GSM 450 supports very large cells in the 450-MHz band. It was designed for countries with a low user density, such as in Africa. It may also replace the original 1981 NMT 450 analog networks used in the 450-MHz band. NMT is a 1G wireless technology.
• GSM 900. The original GSM system was called GSM 900 because the original frequency band was represented by 900 MHz. To provide additional capacity and to enable higher subscriber densities, two other systems were added afterward, namely, GSM 1800 and GSM 1900.
• GSM 1800. GSM 1800 (or DCS 1800) is an adapted version of GSM 900, operating in the 1800-MHz frequency range. Any GSM system operating in a higher frequency band requires a large number of base stations than that required for an original GSM system. The availability of a wider band of spectrum and a reduction in cell size will enable GSM 1800 to handle more subscribers than GSM 900. The smaller cells, in fact, give improved indoor coverage and low power requirements.
• GSM 1900. GSM 1900 (or PCS 1900) is a GSM 1800 variation designed for use in North America, which uses the 1900-MHz band. Since 1993, phase 2 of the specifications has included both the GSM 900 and DCS 1800 in common documents. The GSM 1900 system has been added to the IS-136 D-AMPS (Digital Advanced Mobile Phone System) and IS-95 CDMA system, both operated at the 1900-MHz band.

The ITU (International Telecommunication Union) has allocated the GSM radio spectrum with the following bands.

• GSM 900. Uplink: 890–915 MHz
  Downlink: 935–960 MHz
• GSM 1800. Uplink: 1710–1785 MHz
  Downlink: 1805–1880 MHz
• GSM 1900. Uplink: 1850–1910 MHz
  Downlink: 1930–1990 MHz

In this list, uplink designates connection from the mobile station to the base station and downlink denotes connection from the base station to the mobile station.

3.2.3 TDMA-136 or IS-54

• It is the first US digital standard developed by the TIA in 1992.
• It was used as the basis for GSM and implemented in North America in some PCS for Personal Communication Services.
• TDMA divides the frequency range into a series of channels that are divided into time slots. Each slot can carry one voice or data transmission. Owing to the limitation in data transfers, its use was stopped in December 2001.

3.2.4 iDEN (Integrated Digital Enhanced Network)

• The Integrated Digital Enhanced Network (iDEN) digital technology developed by Motorola integrates four network communication services into one device: dispatch radio, full-duplex telephone interconnect, 140-character SMS, and data transmission.
• iDEN uses TDMA and is considered a 2G technology.

3.2.5 cdmaOne IS-95A

• Qualcomm developed the CDMA IS-95 standard in 1993, based on the CDMA spectrum-sharing technique. This network technology is called IS-95.
• IS-95 was followed by IS-95A revision in May 1995 and was marketed under the name.
• cdmaOne IS-95A transmits signal over 1.25-MHz channels that are modulated by codes.
• CDMA consistently provides better capacity for voice and data communications.
• It reached 100 million subscribers within only 6 years of commercial deployment.

3.2.6 PDC (Personal Digital Cellular)

• PDC (a Japanese proprietary 2G technology) was developed on a national basis by two of the three mobile carriers.
• PDC is a TDMA-based Japanese standard for digital cellular service.

3.2.7 i-mode

• NTT DoCoMo's i-mode is a mobile Internet access system.
• A significant part of the Japanese market experienced a dynamic growth preferring proprietary systems, but it may have a rather negative effect of absence of roaming between Japan and other countries.
• KDDI is developing the CDMA 1x technology (12 million CDMA 2000 1x subscribers) to provide service over the packet-switched network, thus offering a new range of capabilities for voice and data cellular service.

3.2.8 WAP (Wireless Application Protocol)

• The goal of WAP technology is to find a universal and open standard to provide wireless access to the Internet.
• WAP technology is not exactly classified as a 2G system, but rather designed for working with all wireless network technologies starting from 2G to 3G system.
• With the commercial failure of the launch of WAP at the beginning of 2000, the European industry missed the mobile data service explosion.
• Only SMS appeared to offer access to the WAP portal via GSM networks.

3.3 2.5G Mobile Radio Technology

2G mobile radio technologies enable voice traffic and limited data traffic, such as SMS, to transmit over wireless. Improvements must be made in order to facilitate high data-rate services that ultimately allow transmitting and receiving high-quality data and video to and from the Internet. However, the data handling capabilities of 2G mobile systems are limited.

For 2.5G systems, HSCSD in circuit-switched mode was the first step in GSM evolution in increased data transmission rates, reaching maximum speeds of about 43 kbps (three simultaneous GSM circuits running at 14.4 kbps). The drawback of HSCSD, when compared to GPRS, is the several time slots used in circuit mode, whereas GPRS uses several time slots in packet mode. HSCSD is considered an interim technology to GPRS, which offers instant connectivity at higher speeds.

GPRS is the evolution of GSM for higher data rates within the GSM carrier spacing. GPRS introduces packet transmission for data services, replacing GSM's circuit-switched mode. EDGE (an upgraded version of GPRS) was designed for a network to evolve its current 2G GSM system to support faster throughput and to give operators the opportunity to understand the new technology before the complete 3G rollout. EDGE is a higher-bandwidth version of GPRS, with transmission rates up to 384 kbps. Such high speeds can aptly support wireless multimedia applications.

ITU defined the IMT 2000 program for the 3GPP as well as 3GPP2 as a main part of the 3G technical framework. The primary objective of the standardization activities for IMT 2000 is to develop a globally unified standard for worldwide roaming and mobile multimedia services. In order to achieve these goals, the ITU has strived to create harmonized recommendations supported by technical forums such as the 3GPP and 3GPP2. The ITU-R and ITU-T are the main bodies that produce recommendations for IMT 2000. The 3GPP, created in late 1998, is the group responsible for standardizing UMTS with the Wideband Code Division Multiple Access (WCDMA) technology.

The 3GPP has so far released: Release 99, Release 4, Release 5, and Release 6. Release 99 includes the basic capabilities and functionalities of UMTS. Release 4 was contributed by the CWTS and incorporated as WCDMA/TDD, but it was frozen in 2003. As Release 5 was successfully completed in March 2002, 3GPP is moving toward the next release, Release 6, to further improve performance and to enhance capabilities.

The 3GPP2 specifies an air interface based on cdmaOne technology and the cdma2000 interface to increase capability and to enable faster data communication. The technical area of 3GPP2 is similar to that of the 3GPP.

cdmaOne IS-95B is enhanced through the migration from cdmaOne IS-95A. In the non-GSM regions (notably the United States and South Korea), network operators are preparing next-generation wireless systems based on cdmaOne IS-95A/B. The first phase with IS-95A was fully covered in TIA/EIA/IS-95 + TSB74. In late 1997, the second phase with IS-95B brought about improvements in terms of capacity, allowing data transmission at 64 kbps. The 2.5G equivalent for CDMA operators is a technology called CDMA2000 1x. The IS-95 technology continues to improve to provide higher data rates toward the natural evolution of CDMA2000 1x networks for 3G, that is, CDMA2000 1xEV-DO (1x Evolution Data Only) and 1xEV-DV (1x Evolution Data and Voice), both standardized by 3GPP2, which are covered in Section 3.4.

2G mobile radio systems are originally designed for transmission of voice traffic over wireless, but soon after found some limitation for their data handling capacity. Henceforth, evolution is needed to provide their high rate services.

2.5G systems are aimed to transmit and receive both high-quality images and data to and from the Internet.

3.3.1 ECSD (Enhanced Circuit-Switched Data)

• Enhanced Circuit-Switched Data (ECSD) is implemented over GSM-type systems.

3.3.2 HSCSD (High-Speed Circuit-Switched Data)

• This is a Circuit-Switched protocol based on GSM. Its transmission rates are up to 38.4 kbps, higher than the usual 9.6 kbps of GSM. Even though some of the European operators have already started to offer HSCSD services, the technology still lacks widespread support. It may be considered as an interim technology to GPRS.

3.3.3 GPRS (General Packet Radio Service)

• GPRS is the packet-mode extension of GSM.
• GPRS is an IP-based packet-switched wireless protocol that allows for burst transmission speeds between 30 and 50 kbps, compared to the 10 kbps of GSM.
• The first commercial launch was in 2001.
• Several problems were encountered in services until the end of 2002.
• The number of GPRS users in Western Europe was estimated at 28 million at the end of 2003.

3.3.4 EDGE (Enhanced Data rate for GSM Evolution)

• EDGE is the first stage in the evolution of GSM technology.
• It is the upgraded version of the GPRS System.
• It has a transmission rate of up to 150 kbps, allowing wireless multimedia services.
• It uses 8PSK modulator, compared to GSM's GMSK (Gaussian Minimum-Shift Keying) modulation.
• TDMA-136 and GSM/GPRS operators plan to use in North American deployments.
• A few European operators indicated their interest in EDGE as a complement to UMTS.
• The first EDGE service was marketed at the end of 2004.

3.3.5 cdmaOne IS-95B

• 2.5G IS-95B was followed by 2G IS-95A in late 1997.
• It brought about improvements in terms of capacity and allows data transmission at 64 kbps.
• IS-95B forms compatibility standard for 800-MHz cellular mobile system and 1.8- to 2.0-GHz CDMA PCS.
• They ensure that a mobile station can obtain service in a cellular system or PCS manufactured according to this standard.

3.4 3G Mobile Radio Technology (Situation and Status of 3G)

3G mobile technologies referred to cellular radio systems for mobile technology. ITU defined the 3G technical framework as a part of the IMT 2000 program. The 3GPPis responsible for standardizing UMTS at a global level. It is composed of several international standardization bodies involved with defining 3G technologies. TDMA-136 and GSM/GPRS operators plan to use UMTS (3G), which is an advanced version of EDGE (2.5G). GSM/GPRS operators plan to deploy UMTS with WCDMA technology. Unlike CDMA2000, WCDMA will be deployed in the frequency bandwidths identified for 3G, leading some American operators to adopt EDGE. TDMA networks are steadily being replaced with GSM-evolved technology, that is, from GPRS, to EDGE, and finally to the 3G WCDMA (UMTS) standard.

The 3GPP2 is the international organization in charge of the standardization of CDMA2000, which in turn is the 3G evolution of the IS-95A/B standards. CDMA2000 represents a family of ITU-approved IMT 2000 (3G) standards including, CDMA2000 1x networks, CDMA2000 1xEV-DO, and 1xEV-DV technologies. The first CDMA2000 1x networks were launched in Korea in October 2000 by SK Telecom and LG Telecom. CDMA2000 1xEV-DO was recognized as an IMT 2000 technology with data rates of 2.4 Mbps on 1.25-MHz CDMA carrier. As 1xEV-DO makes use of the existing suite of IP, operating systems, and software applications, it builds on the architecture of CDMA2000 1x network, while preserving seamless backward compatibility with IS-95A/B and CDMA2000 1x. CDMA2000 1xEV-DV provides integrated voice with simultaneous high-speed packet data services at a speed of up to 3.09 Mbps. But 1xEV-DV is still in the developmental stage. The CDMA2000 family of air interfaces operates with an IS-4 network, and an IP network, or a GSM-WAP network. This provides operators with tremendous flexibility with the network and assures backward compatibility with deployed terminal base.

In June 2000, the Ministry of Postal and Transportation of Japan awarded 3G licenses to three mobile operators, namely, NTT DoCoMo, KDDI, and Vodafone KK (J-Phone), via a comparative bidding process. NTT DoCoMo's i-mode (2G) is the first mobile Internet service in the world with 42 million subscribers at the end of March 2004. NTT DoCoMo commercially launched a WCDMA network based on the UMTS standard in Tokyo under the name FOMA. Since the launch of the 3G FOMA service in October 2001, many new and exclusive services have been made accessible to FOMA subscribers, including video telephony and i-motion's video clip distribution service, as well as i-motion's mail messaging service.

KDDI, unlike its two competitors (NTT DoCoMo and Vodafone KK), opted for 3G CDMA2000 technology. In April 2002, KDDI opened its CDMA2000 1x network using 3G bandwidths. KDDI began deployment of the 3G version of 1x. KDDI launched its commercial CDMA2000 1xEV-DO services nationwide in the first quarter of 2004. KDDI has offered WIN services based on CDMA 1xEV-DO technology from November 2003. Since March 2004, KDDI has offered a BREW (a new application platform) terminal with Bluetooth technology.

The three major South Korean mobile operators, namely, SK Telecom, KTF, and LG Telecom, provide 2G and 2.5G mobile services using the Qualcomm-developed CDMA IS-95 system and its successor CDMA2000 1x, thus enabling a maximum bandwidth capacity of 144 kbps. In fact, SK Telecom was the first operator in the world to launch a CDMA2000 1x service in October 2000. As for 3G technologies, the Ministry of Information and Communication of the Korean government decided to grant licenses according to the type of technology, either WCDMA or CDMA2000. The Korean government decided to grant WCDMA licenses to SK Telecom and KTF, and a CDMA2000 license to LG Telecom. Thus, SK Telecom and KTF, holders of 3G WCDMA license, are deploying networks based on the CDMA2000 1xEV-DO standard in their existing frequency bandwidths. This resulting system is capable of providing 3G services with a maximum bandwidth of 2 Mbps.

SK Telecom was the first in the world to launch a CDMA2000 1xEV-DO network in January 2002, followed by KTF in May 2002. It was one of the very first operators in the world, including KDDI (2003), to launch 3G service. It launched the WCDMA service at the end of 2003.

KTF is the mobile subsidiary of KT Corporation. KTF launched services based on CDMA2000 1x technology in June 2001 and on CDMA2000 1xEV-DO technology in May 2002. Deployment uses Qualcomm's BREW platform, but the Java WIPI platform was used by all operators toward the end of 2003. Launch of the WCDMA service started at the end of 2003.

LG Telecom is the subsidiary of LG Corporation. Launch of services using CDMA2000 1x technology was in August 2001. LG Telecom is the holder of a 3G license based on the CDMA2000 standard.

Seven operators control the market for mobile telephony in the United States. Instead of facing open competition between three or even four major mobile operators, the North American market is now structured around two main operators, namely, AT&T Wireless + Cingular wireless announced in February 2004 and the less important merger between Verizon Wireless and Qwest Wireless. In response to this situation, other operators may have to join forces in terms of operations and capital.

Verizon Wireless is a leader in the United States in terms of number of subscribers; it covers 40 of the 50 key markets in the United States. Launched in January 2002, Verizon Wireless was the first major US operator to commercially provide a CDMA2000 1x network. Verizon Wireless launched its DMA2000 1xEV-DO broadband access in Washington, DC and San Diego in 2003, and plans to continue deploying its market on a national level.

Cingular Wireless is the subsidiary of the regional operators SBC and BellSouth. It originally was the operator of a TDMA-136 network, but Cingular Wireless decided to migrate to GPRS, with the launch in March 2001. Cingular Wireless is also the first US operator to launch EDGE in June 2003.

AT&T Wireless is the North American operator that was acquired by Cingular Wireless in February 2004. AT&T Wireless launched GPRS in mid-2001 and coverage of all markets was done by the end of 2002. In April 2002, AT&T Wireless launched an i-mode type service called mMode on the GPRS network. The EDGE deployment plan was established in mid-2002 and nationally launched in November 2003. AT&T Wireless announced its UMTS deployment plan at the beginning of 2003, and on 26 December 2003, the company announced the four markets (San Francisco, San Diego, Seattle, and Dallas) in which the first WCDMA networks were to be deployed by the end of 2004. In partnership with NTT DoCoMo, the first UMTS call between New York and Tokyo was carried out on 12 November 2002.

The Wireless industry worldwide will put their continuous efforts to derive the technology evolution to support even greater data throughput and better network capacity than those offered by 3G. In a 4G environment, an aggressive and iterative generation of all wireless mobile communications (a combination of 2G, 2.5G, and 3G) as well as Bluetooth and IEEE 802.11 could all coexist for attaining faster data throughput and greater network capacity.

As IMT 2000 has just been commercialized, new standardization work should commence for the systems beyond IMT 2000. Those new systems will be expected to provide more sophisticated services to meet the further demands of the wireless community. The overall objectives of the future development of IMT 2000 and of systems beyond IMT 2000 include new radio access capabilities and a new IP-based core network for resulting in another phase of harmonization.

As 3GPP's Release 5 of UMTS was almost completed in March 2002, 3GPP is moving toward Release 6, which aims to further improve performance and to enhance capabilities. The interworking between WLAN and UMTS has been proved to be one of the keys for providing both flexibility when accessing multiple radio resources and mobility between WLAN and the 3G system in various mobile environments.

As one of the major applications, MBMS (Multimedia Broadcast Multicast Service) may pioneer a new service which allows broadcast of multimedia messaging and video/music streaming capabilities. HSDPA (High-Speed Data Packet Access) will represent a change in WCDMA systems and could be compatible with existing networks. HSDPA may enable packet transmission to provide speeds of 8–10 Mbps for the downlink in UMTS channels of 5 MHz. With the MIMO (Multiple Input Multiple Output) function, a speed of 20 Mbps could even be reached for providing the throughput. HSDPA systems will be in a position to compete with Wi-Fi services at certain mobile markets: NTT DoCoMo in Japan, several Western European operators, and Cingular Wireless and Verizon Wireless in the United States.

OFDM (Orthogonal Frequency Division Multiple Access) is being studied as a radio access technology that may drastically increase data rates using a large number of orthogonal frequencies. It is also foreseen that OFDM could be a promising candidate for what is called the 4G mobile system.

The 3GPP2 has been working on an evolution of CDMA technology to enhance new features. CDMA2000, backed by the United States (primarily by Qualcomm), is the direct successor to cdmaOne IS-95A/B networks. There are two phases to deploy CDMA2000, that is, CDMA2000 1x and CDMA2000 1xEV. CDMA2000 1xEV is the final stage in the evolution of cdmaOne network to 3G. The transition from 1x to 1xEV takes place in two phases: CDMA2000 1xEV-DO and 1xEV-DV.

CDMA2000 1xEV-DO is the first phase, which uses a separate carrier for traffic and data. 1xEV-DO may function on a bi-mode operation (1x for voice and EV-DO for data only). By the end of 2000, a specification for High Rate Packet Data (HRPD) was issued to enhance downlink data transmission. HRPD, sometimes called the 1xEV-DO, allows mobile terminals to easily access the IP network through a high-speed data communication link. As the 1xEV-DO was primarily devised for data communication only, another radio channel was required for speed communication, which led to the development of the 1xEV-DV. CDMA2000 1xEV-DV builds on the architecture of CDMA2000 1x while preserving seamless backward compatibility with cdmaOne IS-95A/B and CDMA2000 1x. CDMA2000 1xEV-DV (was approved by the 3GPP2 in June 2000 and was submitted to ITU for approval in July 2002) provides integrated voice with simultaneous high-speed packet data services such as video, videoconferencing, and other multimedia services at speeds of up to 3.09 Mbps. In order to support multimedia services, it is necessary to provide simultaneous speech and data communication using the same carrier frequency.

The systems beyond IMT 2000 include new radio access capabilities and a new IP-based core network to be realized in the future, around 2010. Owing to the tireless efforts of ITU and 3GPPs, a global consensus has been recognized to further develop a worldwide harmonized standard that will make it easier to improve mobile services and stimulate the mobile market.

3G mobile technologies are referred to cellular radio systems for mobile technology. The ITU defined the 3G technical framework as a part of IMT 2000 program.

3.4.1 UMTS (Universal Mobile Telecommunication System)

• UMTS (the name given by ETSI) is the first European implementation of IMT 2000 standard.
• UMTS has a proposed data rate of 2 Mbps using a combination of TDMA and WCDMA operations at 2 GHz.
• UMTS standardization is based on the WCDMA radio interface and a GSM/GPRS core network, allowing easy migration from 2G to 3G for GSM operators.

3.4.2 HSDPA (High-Speed Downlink Packet Access)

HSDPA system of UMTS Release 5 was introduced to provide high-speed data rates in downlink. UMTS (WCDMA) uses fixed modulation and coding scheme, but HSDPA, using HS-DSCH (High-Speed Downlink Shared Channel), helps obtain flexible high-data-rate service by Adaptive Modulation and Coding (AMC) technique. The HS-DSCH operates in an environment where certain cells are updated with HSDPA functionality. HSDPA operational features are based on AMC, HARQ, FCS (Fast Cell Selection), Scheduling at Node B, and MIMO antenna technique. These operational techniques are primarily aimed for increasing throughput, reducing delay, and achieving high peak rates. These functionalities should rely on a new type of HS-DSCH transport channel to which Node B is terminated. HS-DSCH is only applicable to packet-switched-domain Radio Access Bearers (RABs). HSDPA representing a change in WCDMA systems could be compatible with existing networks (Wi-Fi/Bluetooth service markets). HSDPA may enable packet transmission providing speeds of 8–10 Mbps for the downlink in UMTS channels of 5 MHz. With the MIMO function, a speed of 20 Mbps could even be reached for providing faster throughput. New technologies such as Release 6 and Release 7 have been proposed for further enhancement of the HSDPA system.

3.4.3 CDMA2000 1x

• CDMA2000 1x evolved from the IS-95 network in late 1999, and the ITU designated 1x as a 3G technology.
• It provides double voice and an increased data speed of 60–100 kbps, but it can theoretically provide a data speed of up to 144 kbps.
• The natural evolution of the CDMA network for 3G is toward the deployment of CDMA 1xEV-DO and EV-DV, both standardized by 3GPP2.
• CDMA2000 1x technology supports voice and data on a single CDMA channel with a bandwidth of 1.25 MHz and constitutes the migration from CDMA to 3G networks.

3.4.4 CDMA2000 1xEV (1x Evolution)

• CDMA2000 1xEV standardization within 3GPP2 is mostly driven by Qualcomm. 1xEV can be deployed both in the frequency bands used by 2G systems and in IMT 2000 frequency bands.

3.4.5 CDMA2000 1xEV-DO (1x Evolution Data Only)

• CDMA2000 1xEV-DO uses a separate carrier for traffic and data. It offers data speeds of up to 2.4 Mbps on one CDMA 1.25-MHz carrier.
• The 1xEV-DO provides bi-mode functions (1x for voice and 1xEV-DO for data).
• The first CDMA2000 1xEV-DO networks were launched by SK Telecom in January 2002 and by KTF in May 2002 in South Korea.

3.4.6 CDMA2000 1xEV-DV (1x Evolution Data Voice)

• CDMA 1xEV-DV builds on the architecture of CDMA2000 1x while preserving seamless backward compatibility with IS-95A/B and CDMA2000 1x.
• The migration requires only simple upgrades to the BTS (base transceiver station), BSC (base station controller), PNSN, and AAA (authentication, authorization, and accounting).
• CDMA2000 1xEV-DV provides integrated voice with simultaneous high-speed packet data services such as video, videoconferencing, and other multimedia services at a speed of up to 3.09 Mbps.
• The standard was approved by 3GPP2 in June 2002 and was submitted to the ITU for approval in July 2002.

3.5 3G UMTS Security-Related Encryption Algorithm

In spring 2002, the SAGE (Security Algorithms Group of Experts) initiated the task of designing a new encryption algorithm for GSM, ECSD, GPRS, and UMTS encryptions. These new algorithms were intended to implement dual-mode handsets for operating with both GSM and UMTS modes.

The 3GPP Task Force specified three encryption algorithms.

• A5/3 algorithms for GSM and ECSD;
• GEA3 algorithms for GPRS and EDGE;
• f 8 algorithm for UMTS.

The common aspect of all these encryption algorithms is given by the name KGCORE function that is based on the KASUMI block cipher.

3.5.1 KASUMI Encryption Function

KASUMI algorithm is based on a form of output-feedback mode (OFM) as a keystream generator illustrated in Figure 3.1.

The three ciphering algorithms are all very similar and they use KASUMI as a keystream generator. KASUMI, as a keystream generator, is a block cipher that produces a 64-bit output from a 64-bit input under the control of a 128-bit key, as shown in Figure 3.2.

The 64-bit input is divided into 32-bit block and . The outputs of each round are

where denotes the round function with and denotes the round key. The subscript denotes the number of cipher rounds.

At the end of each round, the left 32-bit block and right 32-bit block should be swapped.

The produced ciphertext at the final round 8 should be the 64-bit string from .

Round function is constructed from two associated subfunctions and with their respective subkeys for and () for , followed by a bitwise XOR operation with the previous branch stream ( or ).

In the odd round, the FL subfunction is performed first, followed by the subfunction.

In the even round, the subfunction is performed first, followed by the FL subfunction.

• The function consists of a three-round network with a 16-bit nonlinear function.
• The nonlinear function consists of four-round operations with two S-boxes of S9 and S7. These two S-boxes perform in the binary extension field . Specifically, the S9 performs the in operation and S7 performs the in operation.
• The FL function transforms the 32-bit data with two 16-bit subkeys and by means of AND, OR, and 1-bit cyclic left shift (⋘1) operations.
• The function divides the 32-bit input data into two 16-bit blocks. The left block is XORed with the 16-bit subkey , transferred by function with a 16-bit subkey and XORed with the right block . This routine is iterated three times with swaps of the left and right blocks. A 16-bit data block entering the function is divided into two smaller blocks for S-box transformation. The leftmost 9 bits become one block, and the rightmost 7 bits become another block. Thus, they are transformed twice using the 9-bit S-box S9 and the 7-bit S-box S7, respectively. As the bit length is different, Zero-Extension (ZE) should be done to the 7-bit blocks by adding two 0s, and the two most significant bits of the 9-bit blocks are truncated (TR). In the middle of the four-round network, XOR operation will be done with the 16-bit subkey , where is 7 bits and is 9 bits.
• The 32-bit FL function transforms the 32-bit data, which is divided into two 16-bit blocks and each. These and are processed with two 16-bit subkeys and , respectively, by using AND, OR, XOR, and 1-bit left shift (⋘1), and finally, the two 16-bit blocks L′ and are derived from and .

FL Function

The function comprises a 32-bit data input E and a 32-bit subkey , which is also split into two 16-bit subkeys, and , so that .

The input data is split into two 16-bit data units and so that . If the 32-bit output of the FL function is defined as L′ and , it can then be expressed as

The FL function is a linear function, which is expressed using the following logical definitions:

The FL function is a linear function whose main purpose is to make individual bits harder to track through the rounds by executing scrambling.

FO Function

The function constitutes the nonlinear part of the KASUMI round function. The is a permutation of 32-bit blocks, but due to its three-round structure, it can be distinguished from a randomly chosen permutation when used for given plaintexts. Consideration was given to improving the diffusion properties of a three-round that can be used in an attack on the full eight-round KASUMI.

The input to the function comprises a 32-bit data input and two sets of subkeys, that is, a 48-bit and a 48-bit . The 32-bit data input is split into two halves, and , so that , whereas the 48-bit subkeys are subdivided into three 16-bit subkeys.

For each integer with , the operation of the jth round of the function is defined as

Generally,

The output from the function is defined as the 32-bit data block .

FI Function

The function is depicted in the rightmost block of Figure 3.2.

The function takes a 16-bit data input and a 16-bit subkey . The input is split into two unequal components, a 9-bit left half and a 7-bit right half , so that = 16 bits. Similarly, the subkey is split into a 7-bit component and 9-bit component , so that .

Each function uses two S-boxes, S7 and S9. S7 maps a 7-bit input to a 7-bit output, while S9 maps a 9-bit input to a 9-bit output. The function also uses two additional functions, which are designated by ZE and TR. These functions are defined as follows:

• ZE(d) takes a 7-bit data string d and converts it to a 9-bit data string by appending two 0 bits to the most significant end of d.
• TR(d) takes a 9-bit data string d and converts it to a 7-bit value by discarding the two most significant bits of d.

The functions is defined by the following series of operations:

Finally, the output of the function is the 16-bit data block . The function is the basic randomizing function of KASUMI with 16-bit input and 16-bit output. It is composed of a four-round structure using two nonlinear substitution boxes S7 and S9. The S-boxes S7 and S9 have been designed to avoid linear structures in the functions. The interested reader is recommended to study the f8 algorithm presented in the author's book “Mobile Communication Systems and Security.”