1

As I am using an old (10-15 years) SIM-card, I was asking myself if the hardware and software on the sim-card is equivalent to the newer sim-cards.

Are the old-sim-cards (10-15years) the same as the new ones ?

Are usim-cards already in use ?

As Example the encryption, how to know if my card supports A5/1 or A5/3 ?

• A stream cipher known as the A5 algorithm.

– A5/0: no encryption.

– A5/1: original A5 algorithm used in Europe.

– A5/2: weaker encryption algorithm created for export, in
removal.

– A5/3: strong encryption algorithm created as part of the 3rd Generation Partnership Project (3GPP)

Does some People (scriptkiddies-criminals...) be able to these Threats ?

Threats to SIM Data

• GSM SIMs can be cloned because authentication protocol has flaw

–COMP128 is popular algorithm and a published standard

• Leaks information at every connect attempt.

• Chosen-plaintext attack

–Approximately 150,000 queries required takes about 8-11 hours with a suitable smart card reader

From here

Tech-IO
  • 259
  • 2
  • 11
  • usim have been in use for about the last 15 years. – Marcus Müller Jan 06 '17 at 21:20
  • and yes, it's easy to decrypt a5/1 and it has been publicly demonstrated – Marcus Müller Jan 06 '17 at 21:21
  • The provider didn't ask to get a new one. How to know if it's a usim, it is printed in front, because they seem outside the same ? Thanks – Tech-IO Jan 06 '17 at 21:36
  • usim is one of the kind of softwares that can run on the card; you're mixing up terminology. If you can use it to connect to 3G, it contains USIM capabilities. – Marcus Müller Jan 06 '17 at 21:40
  • Means, if the hardware of my old sim was able to update it to usim or it was already. I never used it with Internet over mobile (3G). I use just a normal last generation nokia mobilephone. Maybe there are some codes to call to test it or in short I just ask for a new one. – Tech-IO Jan 06 '17 at 21:51
  • you almost certainly never update a UICC (which probably is what the card you have at hand is). As said, SIM and USIM are just *applications running on that card*. And, I've never seen a in-the-field software upgrade on the software running on these cards. – Marcus Müller Jan 06 '17 at 21:54
  • Perhaps it depends also on the phone-hardware and software. – Tech-IO Jan 06 '17 at 21:55
  • No. Please get your terminology straight, if you want to discuss cellular phone security, because it's impossible to discuss anything when you bring in new concepts and use the wrong words. What you call "SIM Card" is actually a UICC (Universal Integrated Circuit Card) running a SIM application (so that your phone can use the card to speak to the GSM network), and possibly a USIM application (so that your phone can use the card to talk to the UMTS network), along with a couple of other applications. With this knowledge, are your questions still the same? – Marcus Müller Jan 06 '17 at 21:58
  • Yes I understand that sim and usim are applications running on a uicc card. You think my phone that have no 3G capabilities may have uicc with usim ? – Tech-IO Jan 06 '17 at 22:07
  • it has nothing to do with your phone, and I can use my prophetic abilities just to inspect your UICC from afar. – Marcus Müller Jan 06 '17 at 22:22
  • Thank you Marcus. Just one question, is the sim standard still avaiable ? – Tech-IO Jan 06 '17 at 22:28
  • Documents rarely completely disappear from the web. The Wikipedia article has all the links. – Marcus Müller Jan 06 '17 at 22:48

0 Answers0