Is it possible to hack a SIM?

DES hack exposes millions of SIM cards

In Germany alone, millions of SIM cards could be hijacked via SMS messages that the user never gets to see; worldwide it should be around half a billion.

If you give companies three encryption methods to choose from within the framework of a standard, one of which has actually been cracked long ago, trouble is inevitable. This is exactly what happened with the so-called "Over The Air" communication between the mobile phone provider and the SIM card. The issuer of the card can provide it with updates, applications and new keys via SMS. To ensure this, the messages are digitally signed, optionally with DES, 3DES or AES. All manufacturers started with DES when it was introduced - and an alarming number are still relying on this procedure, which has long since been cracked

With a conventional PC it takes about a year to crack a 56-bit DES key; Special hardware such as the FPGA-based Copacabana for around 10,000 euros can do it in about a week. For a specially signed error message as known plain text, however, Nohl was able to calculate large tables with intermediate results for the encryption within a year, so that he is able to crack a DES key on a SIM card within a few minutes (known plain text attack). All he has to do is send an incorrectly signed OTA SMS to the target mobile phone and analyze its response. In a specific demo for heise Security, this also worked completely smoothly.

Nohl was then able to use all the regular functions of the SIM card on his victim cell phone - in particular to install new apps on it via OTA. These could then, for example, send SMS messages to foreign premium services, as is currently the case with Android Trojans. With this, criminals could steal real money within a short period of time. Other functions such as permanent location of the cell phone are also possible.

But it gets even worse: The SIM card programs are small Java apps that are actually sealed off in a Java VM. But Nohl's hair stood on end when he analyzed the security functions of these Java VMs: Even elementary security concepts, such as the monitoring of array boundaries to intercept unauthorized memory access, could be circumvented in two implementations from different card manufacturers - including that of the Market leader Gemalto. The result: It is almost trivial to write a SIM card trojan that breaks out of the Java sandbox and can then operate without restriction. In particular, it can read out the card's master key Ki, which the SIM card uses to log on to the network and from which all other keys, for example for encryption of calls and data, are derived. Of course, it would also be possible for the root Trojan to specifically spy on other SIM card apps or their secrets. This means that the SIM card is completely hijacked.

Nohl demonstrated this attack very impressively by calling heise Security with a cell phone without a SIM card. The caller was the number of the SIM card previously hijacked via SMS, the master key of which he had transferred to his SIM card simulator.

The threat posed by these vulnerabilities is considerable. This not only includes the possibility of abuse when making calls and texting messages. If the cell phone providers have their way, SIM cards will also become the basis for contactless payment methods via NFC. A Paypal, Visa or Mastercard app on the SIM card then authorizes payment transactions. In developing countries in particular, where, unlike in Germany, it is not possible to withdraw and pay almost everywhere with EC cards, paying by mobile phone has already become widespread and is therefore acutely at risk.

The number of vulnerable SIM cards is enormous: Nohl estimates that several million SIM cards in Germany, but up to half a billion worldwide, are susceptible to the problems he pointed out. However, at least in Germany, no mobile phone provider has been using the easily crackable DES for new cards for a number of years. However, things are already looking very different in nearby European countries. Such DES cards are still being sold there.

However, Nohl informed the manufacturers and network operators concerned about his findings months ago and - here comes the positive aspect of the whole thing - they reacted promptly. The mobile network providers are beginning to filter the OTA SMS messages in their networks. After all, a normal mobile device does not have to send such OTA SMSs; if you do, you risk blocking your SIM card. Nohl, who conducts such security research as a hobby alongside his actual work at SRLabs, can tell you a thing or two about it, as he already has a number of blocked cards. For his exclusive demo for heise Security, he already had to switch to a foreign network. (ju)