How is CPIT Changa

09ec092 Sim

Guide: Prof. Keyur Mahant


Assistant Professor, V. T. Patel Department of EC, CSPIT, CHARUSAT-Changa

By: Bhautik H Popat


(09EC092) 5th semester, B.Tech. (EC), CSPIT, CHARUSAT - Changa

Overview of Presentation
Types Of Smart Cards Introduction What is SIM card? History Design Data on SIM Advantages of SIM Threats to SIM Future Evolution Conclusion References

V.T. Patel Department of EC CSPIT, CHARUSAT

14/11/2011

SIM 09EC092

Types of smart card

V.T. Patel Department of EC CSPIT, CHARUSAT

Crypto Card

USB token

SIM card

Memory card
14/11/2011

JAVA Card SIM 09EC092


3

Introduction

V.T. Patel Department of EC CSPIT, CHARUSAT

A Subscriber Identity Module or Subscriber Identification Module (SIM) is an integrated circuit that securely stores the service subscriber key (IMSI) used to identify a subscriber on mobile telephony devices (such as mobile phones and computers). A SIM is held on a removable SIM card, which can be transferred between different mobile devices.

14/11/2011

SIM 09EC092

What is SIM Card?

V.T. Patel Department of EC CSPIT, CHARUSAT

The Subscriber Identity Module (SIM) is a small smart card which contains both programming and information. SIM card is a smart card with a microprocessor and it consists of the following modules:

--- CPU --- Program memory (ROM) --- Working memory (RAM) --- Data memory (EPROM or E2PROM) --- Serial communication module These five modules must be integrated into an Integrated Circuit (IC), otherwise their safety would be threatened. This is because the chip connections may become illegal access and misappropriation of SIM cards important clues.
14/11/2011

SIM 09EC092

History

V.T. Patel Department of EC CSPIT, CHARUSAT

The first SIM card was made in 1991 by Munich smart card maker Giesecke & Devrient, who sold the first 300 SIM cards to Finnish wireless network operator Radiolinja. SIM cards were first made the same size as a credit card (85.60 mm 53.98 mm 0.76 mm). The development of physically smaller mobile devices prompted the development of a smaller SIM card, the mini-SIM card. Mini-SIM cards have the same thickness as full-size cards, but their length and width are reduced to 25 mm 15 mm.

14/11/2011

SIM 09EC092

design
Vcc (C1): supply voltage

V.T. Patel Department of EC CSPIT, CHARUSAT

There are three operating voltages for SIM cards: 5 V, 3 V and 1.8 V (ISO / IEC 7816-3 classes A, B and C, respectively). RST (C2): Reset input. CLK (C3): Clock input delivers an external clock signal (1.10 MHz) that is used as a system clock for the smart card microcontroller. GND (C5): Ground. Vpp (C6): EEPROM programming voltage. Not used any more since modern cards programming voltage on-chip using a charge pump fed by Vcc. generate the I / O (C7): input / output for serial communication AUX1 (C4): auxiliary contact; AUX2 (C8): Auxiliary contact
14/11/2011

SIM 09EC092

Data on SIM

V.T. Patel Department of EC CSPIT, CHARUSAT

SIM cards store network specific information used to authenticate and identify subscribers on the network, the most important of these are the ICCID, IMSI, Authentication Key (Ki), Local Area Identity (LAI) and Operator Specific Emergency Number.

1. ICC-ID (Integrated Circuit Card - ID) Each SIM is Internationally identified by its ICC-ID. ICC IDs are stored in the SIM cards and are also engraved or printed on the SIM card body during a process called personalization. The ICC-ID number is composed of the following subparts: a. Issuer identification number (IIN) b. Individual account identification c. Check digit
14/11/2011

SIM 09EC092

Data on SIM (Contd ..)


2. International mobile subscriber identity (IMSI):

V.T. Patel Department of EC CSPIT, CHARUSAT

The IMSI (International mobile subscriber identity) programmed on the SIM card, is the identity of a subscriber. Each IMSI is mapped to a mobile number and provisioned on the HLR to allow a subscriber to be identified. Mobile operators connect mobile phone calls and communicate with their market SIM cards using their IMSIs.

14/11/2011

SIM 09EC092

Data on SIM (Contd ..)


3. Authentication key (Ki):

V.T. Patel Department of EC CSPIT, CHARUSAT

The Ki is a 128-bit value used in authenticating the SIMs on the mobile network. Each SIM holds a unique Ki assigned to it by the operator during the personalization process. The Ki is also stored in a database (known as Authentication Center or AuC) on the carrier's network. The SIM card is designed not to allow the Ki to be obtained using the smart-card interface. Instead, the SIM card provides a function, Run GSM Algorithm, that allows the phone to pass data to the SIM card to be signed with the Ki. This, by design, makes usage of the SIM card mandatory unless the Ki can be extracted from the SIM card, or the carrier is willing to reveal the Ki. 14/11/2011

SIM 09EC092

10

Data on SIM (Contd ..)


4. Storage: To store phone numbers and SMS. 5. Location Area Identify:

V.T. Patel Department of EC CSPIT, CHARUSAT

Operator networks are divided into location areas, each having a unique LAI number. When the mobile changes its location from one location area to another it stores its new LAI in SIM and sends it to the operator network to inform network with its new location. If the handset is turned off and back on again it will take data off the SIM and search for the LAI it was in. This saves time by avoiding having to search the whole list of frequencies that the telephone normally would.
14/11/2011 11

SIM 09EC092

Advantages
1. Installation:

V.T. Patel Department of EC CSPIT, CHARUSAT

The SIM card allows users to change phones by simply removing the SIM card from one mobile phone and inserting it into another mobile phone. 2. Cost and Memory: The typical low cost SIM card has little memory, 2-3 KB as described. Such data storage is used by the phone directly. There are also Large Memory SIMs, on the order of 128-1024 megabytes. In future we can expect SIM cards having megabytes of capacity.

14/11/2011

SIM 09EC092

12

Advantages (Contd ..)
3. Security: SIM card is very secure and provides: i) the secure loading of the applications.

V.T. Patel Department of EC CSPIT, CHARUSAT

ii) Secure data storage for the application data and application cryptographic keys. iii) Secure Crypto operation support. The other factors which make the SIM secure are. PIN and PUK: PIN Personal Identification Number 2 PINs exist (PIN 1 and PIN2) Limited attempts on PIN access PUK PIN Unblocking Code Resetting PUK, resets PIN and the attempt counter Too many attempts on PUK blocks use permanently
15/11/2011

SIM 09EC092

13

Threats to SIM
1. SIM cloning:

V.T. Patel Department of EC CSPIT, CHARUSAT

SIM cloning consists of duplicating the GSM Subscriber Identity Module identification and placing calls or using other charged services using the account of the cloned SIM.

SIM cloning is also a great concern of security services because of its GSM location-based service undependable if more than one handset is using the same SIM card.

2. Attacks to COMP128: COMP128 is a popular algorithm and a published standard. COMP128 design was completely private. A leaked document led to the publication of COMP128. That document produced the majority of the code, and what was missing (about 4-6 lines) and was reverse engineered. It exploits the weakness in diffusion of the second round in the compression
14/11/2011

SIM function. This is commonly referred to as a narrow pipe. 09EC092

14

Future evolution
1. UNIVERSAL SUBSCRIBER IDENTITY MODULE (USIB):

V.T. Patel Department of EC CSPIT, CHARUSAT

It is an application for UMTS mobile telephony running on a UICC smart card which is inserted in a 3G mobile phone. There is a common misconception to call the UICC card itself a USIM, but the USIM is merely a logical entity on the physical card. It stores user subscriber information, authentication information and provides storage space for text messages and phone book contacts. For authentication purposes, the USIM stores a long-term pre-shared secret key K, which is shared with the Authentication Center (AuC) in the network.
14/11/2011

SIM 09EC092

15

Conclusion

V.T. Patel Department of EC CSPIT, CHARUSAT

SIM is a smart card which forms an unavoidable part in GSM mobile phones. It stores several user-defined information such as phonebook entries and other subscriber information like IMSI. SIM may be moved from one Mobile Station to another which forms an advantage for the GSM architecture. This makes upgrades very simple for the GSM telephone user.

14/11/2011

SIM 09EC092

16

References
with contacts, International Standard, Parts 1-15.

V.T. Patel Department of EC CSPIT, CHARUSAT

1. [ISO7816] ISO: Identification Cards - Integrated circuit cards

2. [SIMME] 3GPP, 2005a, Specification of the Subscriber Identity Module Mobile Equipment (SIM - ME) interface, 3rd Generation Partnership Project, TS 11.11 V8.13.0 (Release 1999), Technical Specification, (2005-06). 3. http://en.wikipedia.org/wiki/Subscriber_Identity_Module

14/11/2011

SIM 09EC092

17

V.T. Patel Department of EC CSPIT, CHARUSAT

Thank you.
(You may ask.)
14/11/2011

SIM 09EC092

18