January 19, 2016

SIM cards: attack of the clones


In the first part of our story we covered the history of SIM cards. Now let us get down to their security. One of the first vulnerabilities in SIM cards that was ever discovered was the possibility of cloning. In this case, cloning means reading the contents of a SIM card and writing them into the memory of another SIM card. It is quite understandable, given the fact that a SIM card, from the hardware perspective, is just an ordinary smart card, the likes of which are available anywhere and are cheap as chips.

SIM cards. Part II: SIM card cloning and security

When phones with multiple SIM cards were science fiction, cloning was used as a solution for those in need of several SIM cards. To avoid a painstaking process of swapping SIM cards, the so-called MultiSIM format was created. MultiSIM is, essentially, a smart card with extended memory to accommodate the data typically stored on several SIM cards.

One could easily switch between SIM cards with no need to physically swap the SIM modules. The approach was based on a simple trigger: on each reboot, a sequence of cells corresponding to the next SIM card was selected. Of course, in this case SIM cards can not work simultaneously: a handset would think it’s been turned off to swap a SIM card, and then turned on again.

This solution proved to be of no particular use (even now it’s much more convenient to purchase an alternative SIM card and a cheap phone than to use a full-fledged two-SIM-enabled handset). However, multiSIMs were in active use 10 years ago. Curiously, even DIY kits were available; those included a smart card dummy, a PC adapter for reading and writing smart cards, and corresponding software.

However, the opportunity to clone SIM cards could be used for malicious activities. Having received short-term access to the victim’s SIM card, an adversary could clone it and thus compromise the legitimate SIM card. If a cloned SIM card is active during the time when the legitimate subscriber is registered in the mobile network, the latter would get its connection cut off and still remain totally unaware of it. In that case, all inbound calls and messages will be directed to the adversary, and they, in turn, would be able to make calls, send messages and browse the Internet on the victim’s behalf.

The unsuspecting victim would even see the normal network indicators and the name of the carrier on the screen, which would create the illusion of connection, however, the targeted subscriber would not be able to make calls until the handset is rebooted or the mobile network obligatory refreshes the registration status — this typically happens automatically once every few hours.

At first, a clone could be registered basically anywhere, even on another continent. Then carriers did their homework and introduced some primitive means of security: if a subscriber suddenly registers far from the location he was registered recently, administrators would get a corresponding notification: hey, guys, somebody has just invented a teleporter.

Still a culprit may register in a location pretty close to that of the victim, which renders the abovementioned security approach useless.

Here comes the question: why is SIM cloning possible, after all? Maybe this feature should be banned or revoked?

The Ki key (Key Identification), which is used to authorize a subscriber in the network, is normally never read from the SIM card. A SIM card processor calls it on the ‘inside’, so the key is not meant to be shared over the air. It is stored in a protected segment of the memory and there are no APIs which could read it.

But here is where cryptic analysis methods come into use. If an adversary employs a software which repeatedly runs the A3 algorithm on a SIM card, making it process random RAND passwords and produce SRES responses in return, certain dependencies could be discovered and thus the Ki key could be calculated.

Even 10 years ago, PC performance levels were enough to complete such a task in just a few minutes. However, it is not that simple. Any SIM card has a kind of self-destruction timer counting how often the algorithm is run. For instance, the card’s limit may be 65,536 times. As soon as this limit is reached, the SIM card processor would stop calculating SRES responses.

If one has not succeeded in calculating Ki, the SIM card becomes totally useless and should be replaced. Sometimes it happens in real life with a legitimate SIM card, provided that it was used for quite a while and the value of the limit was initially low.

One more optimistic thing: cryptic analysis can be used to obtain Ki value only on those SIM cards which support the most obsolete version of A3 algorithm – COMP128v1. Those are still used by some carriers, and such cards can indeed be cloned. More advanced carriers have already switched to COMP128v2 and COMP128v3 algorithms which increase the number of RAND-SRES bundles so the Ki key cannot be calculated with the use of the abovementioned method.

If a culprit gets access to the carrier’s SIM card database, or to the special look-up tables send to a carrier by a SIM card producer, they might be able to lay hands on a set of keys for a number of SIM cards at once. To perform this trick, the adversary needs an accomplice on the carrier’s or SIM vendor’s side who would compromise the available information.

Besides, certain urban legends tell us about key being hijacked over the air and today’s PC totally able to decrypt them on the fly. But let us remind you that the Ki keys are not transmitted over the air and are stored locally on the SIM card. So, what is the data that could be hijacked? Well, that’s what we’ll discuss in the next issue.