Hackers of India

Evolution of SIM Card Security

By  Ravishankar Borgaonkar  on 18 Mar 2014 @ Troopers

Abstract

Since its creation in 1991, the SIM card is still a vital component in cellular communications systems. It plays a critical role in authentication and in generating key material to protect our sensitive data (call, SMS, mobile data) transmitted over-the-air. Recent years, they have changed in sizes from Full-Size (FF) to Nano-SIM (4FF) to embedded-SIM. While modifying sizes, 3GPP/GSMA also changed various security parameters such as security algorithms, provisioning architecture etc. In this talk, we discuss the new security architecture of embedded SIM which is recently proposed by the GSMA in December 2013. Pros and Cons of the new security changes will be presented along with different attacking vectors.