Monday, July 22, 2013

After 20 years in service, the SIM card has been hacked

Sebastian Anthony explains a brilliant attack:

For the longest time, I thought that SIM cards were merely a piece of laminated memory that stored the data that your phone needs to connect to a cellular network (ICCID, Ki, etc.), along with enough space to store a few phone numbers. In actuality, the SIM card in your phone is actually a small computer, with memory, a processor, and even an operating system. As you can see in the diagram below, there is a chip beneath those gold contacts, and on that chip there is a processor, ROM (firmware that stores the OS and SIM apps), EEPROM (which stores your phone book, settings, patches), and RAM (for use by the SIM’s OS and apps). In the photo below of a disassembled SIM card, you can clearly see that this is quite a complex computer chip.

And, unfortunately, like any computer chip that runs an operating system and apps, a SIM card can be hacked. In this case, modern SIM cards run a very simple OS that loads up Java Card — a version of the Java virtual machine for smart cards (of which SIMs are a variety of). Java Card essentially runs small Java applets, and each applet is encapsulated and firewalled (sandboxed) by the Java VM, preventing sensitive data from leaking to other apps. Your phone interacts with these apps via the SIM Application Toolkit (STK) to display information on your screen, and to interact with the outside world. To load apps onto the SIM or to update them, hidden text messages are sent by the carrier, containing over-the-air (OTA) programming in binary form. These messages are signed with a cryptographic key, so that the SIM knows that these messages have originated from a trusted source.

Now, German security researcher Karsten Nohl has discovered a way of finding out that all-important cryptographic key. By sending his own OTA SMSes that aren’t signed with the correct key, he discovered that some phones pop up an error message that contains a cryptographic signature. Then, using rainbow tables (a list of plaintext keys/passwords and their encrypted equivalent), Nohl found he could discover the SIM card’s cryptographic key in about one minute. Once he had this key, he could send apps and viruses to the SIM card that can send premium text messages (racking up huge bills), re-route or record calls, collect location data — you name it, with access to the SIM, you can do just about anything.

Nohl estimates that more than 12 percent of mobile phones are vulnerable to the attack. The older DES encryption standard has since been replaced by its stronger cousin Triple DES. Verizon and AT&T say that they're not vulnerable, but if you have an older SIM card it would make sense to get it upgraded. Most carriers will do it for free.

Hat tip: BadBlue Tech News.


Woody said...

Wow, so the kiddies today are finally catching up to us old-timers who were using the exact same hacking method to scare bank vice-presidents about their Master File Keys on the cryptographic devices used for PIN encryption in their online ATM networks back 20 years ago.

So now someone tried this method on a SIM Chip with JAVACard OS and discovered {shazam} that he can find the App encryption key used.

Wow I am sooooooo amazed!!!

Sorry, in case you missed it, that was sarcasm and I am NOT impressed. It seems that yet again everything old is new again at some point.

Anonymous said...

Triple DES isn't actually any more secure than DES. It's no comfort. The OS needs to be redesigned to not generate that traffic. Even then, plenty can be done with signature analysis of power-spectra.