SIM Application Toolkit
Have you ever use Mobile Banking menu in your Mobile Phone ? In your Mobile Phone there are some interactive menus which let your Mobile Phone 'talk' with the network. This menus displayed in your Mobile Phone screen in a 'scroll down' menu. By entering one menu, then you will come into the sub menus. This capability is provided by two direction communication between SIM Card and Mobile Phone and just a part of mechanism named SIM Application Toolkit (SAT). SAT provide mechanism which reside in the SIM Card to communnicate and interact with Mobile Phone. SAT action is initiated by Mobile Phone. SAT can only work during the network operation phase of GSM.
Some simple facts of SAT are :
- SAT applications is a set of commands inside SIM Card which define how the SIM Card interact with the outside world through Mobile Phone.
- SAT is designed as client server application. SIM Card act as a client and network act as a sever. As A server, network provide services to SIM Card which previously asked by the SIM Card. If the SIM Card indicating that it support SAT commands, then Mobile Phone will execute the next command.
- Mobile Phone act as interface to trigger SAT commands.
- SIM Card send command to Mobile Phone in TLV format.
SAT Mechanism
Profile Download
This mechanism allow MObile Phone to ask to SIM Card what SAT capability it can provide. The Mobile Phone knows SIM Card SAT capability by reading EF Phase. One of the initialization steps on the Mobile Phone is by reading this EF. By using initialization, a Mobile Phone can get information about capabilities those can be provided by SIM Card inside it.
Proactive SIM
Proactive SIM give order mechanism to the SIM Card so it can ask Mobile Phone to execute certain actions. These actions include :
- Displaying text from SIM Card to Mobile Phone's screen.
- Sending a Short Message
- Make a voice call to a number that held by the SIM Card.
- Make a data call to a number and bearer capabilities that held ny the SIM Card.
- Playing tone.
- Provide a dialogue with the user.
- SIM initialization request and change notification to EFs.
- Provide local information from the Mobile Phone to the SIM Card.
Data Download to SIM
This command allow network to use SMS or cell broadcast to transfer information to the SIM Card.
Information transfer over SIM- ME uses the ENVELOPE command. If the Mobile Phone receive SMS with
protocol identifier equal to SIM Data Download and coding scheme equals to class 2 message, then the Mobile Phone will pass the SMS directly to the SIM Card without intervension of Mobile Phone's user.
Menu Selection
A set of menu entries is provided by the SIM Card in Proactive SIM command. The menu shows some menu applications so the user can enter the menu appliaction and then this menu selection will transfer command to the SIM Card.
Call Control by the SIM
When this SAT service activated in a Mobile Phone, whena user make a call, it will result in a phone number, supplementary service, and unstructured supplementary service data (USSD) strings first sent to the SIM Card. The SIM Card can decide wether it will alow this action or selectively bar it.
Mobile Originated Short Message Control by SIM
This SAT service use the same mechanism like Call Control. But this service applied to the SMS. Before a Mobile Phone sending any SMS, it will ask SIM Card authorization. The SIM Card will return with an answer which can be authorization or refusal.
Event Download
A set to monitor for is supplied by SIM Card in proactive SIM command. This mechanism is used to transfer details of event to the SIM. Events that a Mobile Phone can report to the SIM card area include incoming calls, location status, and availability of the screen for applications.
Security
Multiple Card
One event and a set of proactive commands are supplied to monitor card behaviour.
Timer Expiration
SIM Card has capability to manage timers which running physically in the Mobile Phone with proactive command. This mechanism is used to inform the SIM when a timer exprires.
Bearer Independent Protocol
Reference : 3GPP TS 11.14 , Specification of SIM Application Toolkit (SAT) for the SIM -ME Interface
Kamis, 13 November 2008
Selasa, 06 Mei 2008
Inside Your SIM Card
Today many GSM Network subscribers have SIM Cards inside their Mobile Phones in order to be authenticated to GSM Network. Well, in other words, you need a SIM card to connect to your GSM Network then make a call and utilizing Mobile Services such as Short Message Services (SMS), or Content Browsing.
SIM card basically is an EPROM which has Operating System (OS) and Applications inside it. This can be compared to your PC which has OS such as MS Windows, UNIX, etc and many Applications. But you can not imagine that SIM Card also has Applications just like MS Office or Image Editor. Applications inside the SIM Card are more simple. Most of the Applications that owned by SIM Card are to support SIM Card so it can be connected to the GSM Network and to make SIM Card communicate with your Mobile Phone. One example of SIM Card Application is when you use content browsing some drag drop menus displayed on your Mobile Phone's screen.
Files and Directories
SIM Card has many files inside it which needed by SIM Card to connect to GSM Network.
File Structure of SIM Card can be compared to UNIX hierarcial file system which in UNIX
many Applications and information of devices stored as files. The UNIX file structure
can be represented by this file tree structure :
\root
|
|
+---- \etc
|
+---- \bin
|
+---- \usr
|
+---- \tmp
Similar to UNIX, we will find Files and Directories inside a SIM Card in a hierarcial structure. A file contain information or data, and a directory contain files. How a Mobile Phone or a Card Reader access these files and directories is related to the security features which managed by SIM Card Operating System. Every file and directory have their
owned security feature based on some technical requirements.
SIM Card also manages files and directories inside it in hierarcial structure. The logical model of files and directories is related with how Operating System inside the SIM Card manage them. If in UNIX every file and directory has it's name, in SIM Card logical model, every files and directory have it's file ID. File ID used to addresed or identify
the file. The first byte of File ID identify the file's type.
The Logial Model of a SIM Card devided into :
Master File (MF)
An MF can be compare to /root directory in UNIX. An MF act as a "root" for DF and EF. The File ID of an MF is 3F.
Dedicated File (DF)
DF can be refer to directory which contain files inside it. Some EF which have related functional purpose grouped into the same DF. So the functional grouping of a DF refer to it self and all it's complete EF subtree. A DF also act as a 'second door' to access an EF. So to access an EF you need to access the MF and the 'main door' and then DF as the 'second door'. This is quite similar to UNIX file system. For example files that handle device configuration grouped into /dev directory. Because of it's function, a DF does not contain data, it only contain header part.
File ID of DF are :
7F -> First level Dedicated File
5F -> Second level Dedicated File
The are several DFs inside the SIM Card, but in this article I will describe only two DFs which mandatory
for GSM subscriber requirements :
| File Name | File ID | Function |
| DF Telcom | 7F10 | Contain EFs those hold telecom service features |
| DF GSM | 7F20 | Contain applications for both GSM and/or DCS 1800 |
Elementary File (EF)
An EF consist of header and body part. The body part contain data which have attributes related to the security aspects, file size, record length, and how the data can be accessed. The first information that read from an EF is it's File Structure. Starting from the File Structure then can be known the file type, record length, and access method of an EF. The total data length that stored in the body of an EF is indicated in it's header.
File ID of EF are :
2F -> EF under Master File
6F -> EF under first level DF
4F -> EF under second level EF
EF grouping
Inside the SIM Card, EFs grouped under MF and DF. This grouping based on functional purpose of an EF. For example EF that support or hold data for telecom service features will be grouped under DF Telecom (7F10). The existing of these EF are may Mandatory or Optional. Mandatory EF means that this EF should be exist inside the SIM Card for the minimum requirement based on 3GPP TS 11.11 document. Optional EF means that this EF maybe
exist inside the SIM Card based on the Network Operator specific requirement. Below, I will describe all of EFs those have Mandatory requirement based on 3GPP TS 11.11 document. Well, here they are :
EF under Master File
| File Name | File ID | Size |
| EF ICCID | 2FE2 | 10 bytes |
EF under DF GSM
| File Name | File ID | Size |
| EF LP | 6F05 | 1-n bytes n = nth language code |
| EF IMSI | 6F07 | 9 bytes |
| EF KC | 6F20 | 9 bytes |
| EF HPPLMN | 6F31 | 1 byte |
| EF SST | 6F38 | X bytes X >= 2 |
| EF BCCH | 6F74 | 16 bytes |
| EF ACC | 6F78 | 2 bytes |
| EF FPLMN | 6F7B | 12 bytes |
| EF LOCI | 6F7E | 11 bytes |
| EF AD | 6FAD | 3 + X bytes |
| EF Phase | 6FAE | 1 byte |
EF under DF Telecom
| File Name | File ID | Size |
| EF ADN | 6F3A | X + 14 bytes |
| EF FDN | 6F0B | X + 14 bytes |
| EF SMS | 6F3C | 176 bytes |
| EF MSISDN | 6F40 | X + 14 bytes |
The File Structure of EF are :
Elementary Files usually has attributes that related with file size, how the file can be accessed, record length, etc. File Structure of an EF represent security feature of EF and how it will be managed.
Transparent
An EF with Transparent File Structure consist of a sequence of bytes. This sequence of bytes used when the file need to be updated or read which indicates the starting bytes position and the number of bytes to be updated or read. Starting bytes position known as relative address (offset). The first byte in a Transparent EF has an offset '00 00'
Linier Fixed
An EF with Linier Fixed File Structure consist of sequence of records which have the same fixed record length. The first record is starting from record number 1.
Cyclic
An EF with Cyclic File Strucutre used to store records in chronological order. When all records have used to store data, then the next data will be overwrite the oldest information. All records in a Cyclic EF has a fixed number of quantity and the fixed record length. In a Cyclic EF there is a link between record number 1 and the last record (n). When the pointer is set to the last record (n), then the next record would be record number 1.
Security Features
SIM Card which reside inside your Mobile Phone contain data that needed to logon to the network then after that you can make your call or sending your SMS. The Security Features supported by SIM Card utilized to enable the following :
SIM Card authentication to the network
After your Mobile Phone turned on, then the network send Random Signal or RAND (128 bit) to your Mobile Phone, then your Mobile Phone pass the RAND to your SIM Card using RUM GSM ALGORITHM command. Other value for the input of RAND calculation is KI (128 bit). The calculation of RAND and KI utilized A38 Algorithm. In this process, IMSI is used to retrived KI in the network.
The result of RAND and KIcalculation that done by SIM Card is Signal Respond or SRES (32 bit) and Kc.
SRES passed to the Mobile Phone and then to the network. The network will compare this SRES with SRES that
owned by the network. The comparison of these SRES values provide authentication. The Kc value will be used
by SIM Card for any future enchipered communication.
File Access Condition.
Every EF has it's own specific access condition for each command. The differentiation of access condition for each command based on the security level of each file. File access condition will limit your access to an EF. For example for several EFs, READ command will have ALWAYS access condition for READ command which mean that you can READ this EF with input any parameter key. But for some EFs, they have NEVER access condition for READ command which mean you can not READ this EF.
Level Access Condition
------------- ----------------------------
Level 0 ALWAYS
Level 1 CHV1
Level 2 CHV2
Level 3 RFU
Level 4 ADM 1
..... ......
Level 14 ADM 14
Level 15 NEVER
For more complete and detail SIM Card specification, please refer to 3GPP RS 11.11 Digital Cellular Tellecommunication System (Pahse 2+), Specification of SIM-ME Interface. But this document is quite hard to understand, except for you those has been long period involved in smart card industries.
Reference : 3GPP RS 11.11 Digital Cellular Tellecommunication System (Pahse 2+), Specification of SIM-ME Interface, en.wikipedia.org
Jumat, 25 April 2008
CDMA Authentication
The first digital cellular technology is known as Interim Standard 95 (IS- 95) which was introduced by Qualcomm. It is a 2G Mobile Tellecommunication Standard that use CDMA technology which has multiple access scheme for digital radio, to send voice, data, and signalling.
Today many of the CDMA subscribers use Removeable User Identity Module or RUIM card inside their Mobile Phones. RUIM Card hold data those needed by subscriber to be authenticated into the network. Authentication is process to validate subscribers that done by the network. Just like if you go back home from a long vacation in the midnight, maybe your parrents, or your wife will ask you some questions to you before they really sure that it is really you and then let you in.
Subscriber Authentication
IMSI_M is an MIN based IMSI which uses the lower 10 digits to store the MIN. IMSI_M is used in IS-95A system. IMSI_M is a true IMSI which similar to IMSI for GSM which used in IS-95B system. In the authentication process if IMSI_M is personalized, the "MIN" part of IMSI_M will be used as parameter input for authentication calculation. Together with A-Key and RANDSSD, ESN is input for CAVE Algorithm (Cellular Authentication and Voice Encryption)
to generate 128 bit SSD (Shared Secret Data). SSD has two parts which is 64 bit SSD_A for creating authentication signatures, and 64 bit SSD_B for creating keys to encrypt voice and data message.
In CDMA network, the Mobile Station use SSD_A and the broadcast RAND as input for CAVE Algorithm to generate 18 bit Authentication Signature (AUTH_SIGNATURE), and send it to the Base Station. Base on this Authentication Signature, the Base Station will verify that the subscriber is authorized.
If IMSI_T is personalized, the 32 bit subset of IMSI_T will be used for authentication. IMSI is usually 15 digits long.
The following data is the minimum requirement for a RUIM card to be authenticated into the network :
IMSI_M, International Mobile Subscriber Identifier
MIN based IMSI, using the lower 10 digits to store MIN. Mobile Identification Number (MIN) it self is 34 bit number of digital representation of 10 bit number that assigned to a Mobile Phone.
IMSI_T
This is the true IMSI no associated with MIN. Just like IMSI in GSM system it contain 15 digits or fewer.
CDMA Home SID/ NID, System ID/ Network ID
This 5 bytes identifies SID and NID when the Mobile Station operates in CDMA mode. This is a unique number to identify a network in a wireless system.
PRL (Preferred Roaming List)
PRL is a database used during the CDMA Subscriber authentication into the network. It contain additional parameters such as bands, sub bands, and network provider identifier.
A-Key
A-Key is a 64 bit key stored in the RUIM and HLR/ AuC. It's used to generate or update Mobile Phone's Shared Secret Data.
References :
3GPP2 C.S0023-C, Removeable User Identity Module for Spread Spectrum System, Version 1.0, May 2006
www.gsm-security.net
Today many of the CDMA subscribers use Removeable User Identity Module or RUIM card inside their Mobile Phones. RUIM Card hold data those needed by subscriber to be authenticated into the network. Authentication is process to validate subscribers that done by the network. Just like if you go back home from a long vacation in the midnight, maybe your parrents, or your wife will ask you some questions to you before they really sure that it is really you and then let you in.
Subscriber Authentication
IMSI_M is an MIN based IMSI which uses the lower 10 digits to store the MIN. IMSI_M is used in IS-95A system. IMSI_M is a true IMSI which similar to IMSI for GSM which used in IS-95B system. In the authentication process if IMSI_M is personalized, the "MIN" part of IMSI_M will be used as parameter input for authentication calculation. Together with A-Key and RANDSSD, ESN is input for CAVE Algorithm (Cellular Authentication and Voice Encryption)
to generate 128 bit SSD (Shared Secret Data). SSD has two parts which is 64 bit SSD_A for creating authentication signatures, and 64 bit SSD_B for creating keys to encrypt voice and data message.
In CDMA network, the Mobile Station use SSD_A and the broadcast RAND as input for CAVE Algorithm to generate 18 bit Authentication Signature (AUTH_SIGNATURE), and send it to the Base Station. Base on this Authentication Signature, the Base Station will verify that the subscriber is authorized.
If IMSI_T is personalized, the 32 bit subset of IMSI_T will be used for authentication. IMSI is usually 15 digits long.
The following data is the minimum requirement for a RUIM card to be authenticated into the network :
IMSI_M, International Mobile Subscriber Identifier
MIN based IMSI, using the lower 10 digits to store MIN. Mobile Identification Number (MIN) it self is 34 bit number of digital representation of 10 bit number that assigned to a Mobile Phone.
IMSI_T
This is the true IMSI no associated with MIN. Just like IMSI in GSM system it contain 15 digits or fewer.
CDMA Home SID/ NID, System ID/ Network ID
This 5 bytes identifies SID and NID when the Mobile Station operates in CDMA mode. This is a unique number to identify a network in a wireless system.
PRL (Preferred Roaming List)
PRL is a database used during the CDMA Subscriber authentication into the network. It contain additional parameters such as bands, sub bands, and network provider identifier.
A-Key
A-Key is a 64 bit key stored in the RUIM and HLR/ AuC. It's used to generate or update Mobile Phone's Shared Secret Data.
References :
3GPP2 C.S0023-C, Removeable User Identity Module for Spread Spectrum System, Version 1.0, May 2006
www.gsm-security.net
Selasa, 01 April 2008
GSM Authentication
Most of us have been very familiar with a gagdet named Mobile Phone, or many of us called it Hand Phone (well of course you have to grab your phone with your hand, not with your feet), or Cellular Phone. Also most of us have been very familiar with the Cellular Services those provided using our Cell Phone such SMS, HSDPA, Video Call, etc.
But have we ever wonder, how our Cell Phone can be authenticated, and log-on to the cellular network, and your cellular operator Logo displayed ? Well authetication process in GSM Network follow several steps below :
Mobile Phone turned on, of course you have to turned it on first.
Mobile Service Switching Center (MSC) requests 5 tripples from the Home Location Register (HLR). HLR creates 5 tripples using A8 algorithm. These 5 tripples each contain a 128 bit Random Challenge (RAND), a 32 bit matching Signed Response (SRES), and a 64 bit chipering key used as Session Key (Kc).
HLR sends 5 tripples to MSC. MSC sends 5 tripples to the Base Transceiver Station (BTS). BTS sends RAND to the Mobile Phone.
Mobile Phone receives RAND from BTS and pass it to SIM Card using RUN GSM ALGORITHM command. As a calculation result, SIM Card return the SRES and Kc value. SRES Kc passed to the Mobile Phone. Kc will be kept for any future enchiphered communication. Subscriber Authentication Key (Ki) is used in this process. Ki used as one input parameter in A3 algorithm which authenticate Mobile Phone to the network, and for A8 algorithm calculation to generate the encryption key.
Mobile Phone sends SRES to BTS, and SRES forwarded to MSC. MSC receive SRES and verify it. This verification process provide authentication.
Terms
A3, authentication algorithm. Used for authenticating the subscriber.
A8, chiper key algorithm. Used to generate Kc.
A5, chiper algorithm. Used to enchipering/ dechipering data.
HLR, Home Location Register. An entity of GSM Network which handling database contain subscriber data that authorized to authentication to the network. HLRs are devided based on each area.
Ki, Subscriber Authentication Key, a 128 bit key stored inside SIM card. Used as one input parameter for authentication and chiper key algorithm.
MSC, Mobile Service Switching Center. An entity of GSM Network that responsible to handling voice call and SMS.
RAND, Random Challenge, a 128 bit value result from A8 algorithm calculation that provided by MSC
SRES, Signed Respond. A 32 bit value that provided by MSC as a result of A8 algorithm calculation.
References :
3GPP TS11.11 Digital Cellular Tellecommunication System ( Phase 2+ ) Specification of Subscriber Identity Module - Mobile Equipment Interface, version 8.14.0, release 1999.
www.gsm-security.net
But have we ever wonder, how our Cell Phone can be authenticated, and log-on to the cellular network, and your cellular operator Logo displayed ? Well authetication process in GSM Network follow several steps below :
Mobile Phone turned on, of course you have to turned it on first.
Mobile Service Switching Center (MSC) requests 5 tripples from the Home Location Register (HLR). HLR creates 5 tripples using A8 algorithm. These 5 tripples each contain a 128 bit Random Challenge (RAND), a 32 bit matching Signed Response (SRES), and a 64 bit chipering key used as Session Key (Kc).
HLR sends 5 tripples to MSC. MSC sends 5 tripples to the Base Transceiver Station (BTS). BTS sends RAND to the Mobile Phone.
Mobile Phone receives RAND from BTS and pass it to SIM Card using RUN GSM ALGORITHM command. As a calculation result, SIM Card return the SRES and Kc value. SRES Kc passed to the Mobile Phone. Kc will be kept for any future enchiphered communication. Subscriber Authentication Key (Ki) is used in this process. Ki used as one input parameter in A3 algorithm which authenticate Mobile Phone to the network, and for A8 algorithm calculation to generate the encryption key.
Mobile Phone sends SRES to BTS, and SRES forwarded to MSC. MSC receive SRES and verify it. This verification process provide authentication.
Terms
A3, authentication algorithm. Used for authenticating the subscriber.
A8, chiper key algorithm. Used to generate Kc.
A5, chiper algorithm. Used to enchipering/ dechipering data.
HLR, Home Location Register. An entity of GSM Network which handling database contain subscriber data that authorized to authentication to the network. HLRs are devided based on each area.
Ki, Subscriber Authentication Key, a 128 bit key stored inside SIM card. Used as one input parameter for authentication and chiper key algorithm.
MSC, Mobile Service Switching Center. An entity of GSM Network that responsible to handling voice call and SMS.
RAND, Random Challenge, a 128 bit value result from A8 algorithm calculation that provided by MSC
SRES, Signed Respond. A 32 bit value that provided by MSC as a result of A8 algorithm calculation.
References :
3GPP TS11.11 Digital Cellular Tellecommunication System ( Phase 2+ ) Specification of Subscriber Identity Module - Mobile Equipment Interface, version 8.14.0, release 1999.
www.gsm-security.net
Langganan:
Postingan (Atom)