[liberationtech] IDG: Vodafone Protects Smartphone Communications With 'Secure SIM'
Fabio Pietrosanti (naif)
lists at infosecurity.ch
Tue Mar 6 06:12:12 PST 2012
On 3/6/12 2:24 PM, Cyrus Farivar wrote:
> http://www.pcworld.com/printable/article/id,251262/printable.html
>
> Any security opinions on this?
I don't know how it works, but i expect it will use:
- STK (Sim Application Toolkit) for application running on SIM
- SMS or USSD for communication with the network
In theory it can be done in a very secure way as the SIM card is a
tamper-proof hardware, the application execution run on SIM processor in
a sealed environment.
For the risks:
- It ensemble the Certification Authority issue, you are fully
delegating trust to a third party, that in that case is not Verisign but
Vodafone.
- STK Applications cannot be verified independently
- STK application delivery methods are typically proprietary and rely on
methods provided by the SIM manufacturers (such as GEMPlus)
With the Osmocom SIMTrace it should be possible to analyze "how it
works" and which kind of data goes trough the SIM card quite easily.
It would be nice to put the hands on that SIM cards and publish an
analysis and dump of SIM<->ME traffic:
- 1st time the SIM card is powered on (it probably get some provisioning
update)
- When it's operated for the "Secure login" services
With that we may have a better idea of the zombies that may live inside
the SIM cemetary.
-naif
More information about the liberationtech
mailing list