3

When I talk over 3G without a SIM, for which the only example I see is 911 emergency calling, is any encryption used? In other words, can a 3G eavesdropper understand any content of my 911 call? I assume the network provider (who provides the link from my phone to the 911 operator) can understand this content if they wanted to, but am curious about outside parties.

Additionally, does my phone somehow authenticate the 911 center? If not, does it at least authenticate the network provider selected for this emergency link?

(The above questions assume that no SIM is used. I do realize that SIM protocols themselves are not perfect, but am wondering how much weaker encyption and authentication becomes with no SIM.)

Community
  • 1
bobuhito
  • 230
  • 1
  • 8

1 Answers1

1

Without the USIM application running on your UICC (the smartcard colloquially known as "SIM"), there's no crypto provider, so yes, I think the network and phone must then agree on unencrypted transmission.

So, first of all: whether emergency calls without a SIM are possible or not is up to local legislation. They work in many countries, but not all.

Also note that you'd have to assume you're in a hostile network if you're operating without a SIM, anyway, because there's nothing to authenticate the network. So, even if there was any possibility for basestation-handset crypto, you might be talking through your adversaries channels, so you've won nothing.

Marcus Müller
  • 5,843
  • 2
  • 16
  • 27
  • "There's nothing to authenticate the network" sounds fair. I asked the question because it alternatively seemed possible that my phone could know some public keys (with trust certificates) for network providers to allow authentication without SIM. – bobuhito Feb 25 '17 at 19:29