Flaw in SIM encryption leaves millions of old phones at risk

The physical shape of SIM cards has changed a lot in only a few years, with the new Micro and Nano sizes being extremely small. A weakness in the encryption of older cards means that hackers could potentially control a phone in only two minutes.

Phones using the DES security standard – approximately 750 million of them – can be controlled by hackers, who can listen in on conversations, send SMS messages and even clone the entire card. While not entirely comforting for users of DES SIM cards, it seems that newer technologies cannot be controlled in the same way.

IBM's Data Encryption Standard dates back to 1977, and brute force attacks have damaged its popularity. For the most part it has been superseded by the likes of Triple DES encryption, which you're far more likely to find in use.

While inconvenient, there is little that can be done to prevent weaknesses being found. The possibility of this security loophole being fixed is not certain, so it could be a worthwhile endeavor to replace ancient SIM cards.

Source: Standard

Report a problem with article
Previous Story

Verizon FiOS reveals new 500 Mbps download speed tier

Next Story

Microsoft Research working on embedding coded tags in 3D printed objects

33 Comments

Commenting is disabled on this article.

From what I read yesterday when the thing blew up, it has nothing to do with the phones themselves, but the SIMs

The the "older phones" at risk moniker that you guys got from the Evening Standard (can't you really rice any other reputable TECH source?) is rather misleading.

How can people NOT change their SIM cards? I've had to have at least 3 changes because my super ancient one(s) weren't compatible with the newer networks - no idea why. But putting a new SIM in fixed it straight away.

I've had the same one for 5 years now because I just keep swapping it from throw away phone to throw away phone. I don't want a fancy phone that I can't even use because of ergonomic reasons.

I was talking about the SIM card, not the phone. But you'll find your phone (any type) may run better with a new/er SIM card.

Same here, but I rely on the more advanced networks, hence I had to get a new SIM card (free). But hey, if it works and you can make calls then that's your uhhm... call.

Considering how many services are pushing users towards use of their phone as part of their two step authentication I'd say it could easily be used as part of something more nefarious than free phone calls. Not likely based on the rarity of an intended victim having a SIM from the stone age but not impossible.

Free phone calls can be quite the earner if you're set up right as well.

It was presented what, 5 years ago about using $500 worth of radio equipment to defeat GSM encryption and listen in to calls and read messages OTA.
Now it's on about SIM card vulns. and I'm not really believing it if I'm honest, SIM card is a java card? Wouldn't have thought the majority are. 'You can query the phones location' oh yeah and how's that going to work? On GSM only the network knows where your phone is because they have the antennas and they know where they are, your phone nor the SIM card doesn't know squat about them.

This article misses a very important point. Phones are not at risk, it's really SIM-deep.

A very brief explanation of the principle: Operators can send configuration codes that are encrypted with a SIM-specific key. Some older SIM-cards respond with the DES-encrypted key when you send a configuration code with the wrong authentication. Using DES rainbow tables you can then get the original SIM key and then you have the same level of control over a SIM as the operators.

However, most operators have their SIM's configured to not respond with the DES-encrypted key, which makes them secure against this attack. And newer SIM-cards tend to use 3DES encryption which is still secure.

So you're only at risk if your SIM meets both of these criteria
- SIM's from your operator reply with their DES-encrypted key
- Your SIM uses DES encryption.

Since this is getting widespread attention it won't take long for operators to respond. As far as I know they can even stop the SIM's from answering with their DES-encrypted key remotely, using those configuration messages.

This feels like half a news story. Important information has been left out; it's as though it hasn't been run past an editor before being published. It is either very poor journalism, or simply sensationalism.

Killer_Z said,
Time to change my SIM. I just checked and I activated it on July 20, 1999.

And I thought having my last one for 7 years was a long time!

Yeah in Italy we usually change the sim only if we switch the carrier. I can modify my plan whenever I want with a small fee (I switched last week: 4.50 euros). And we usually buy our phones, in my case I also have fiscal benefits paying for it myself. Since my Galaxy S2 has a mini sim slot I didn't have to change anything. It's a good excuse to buy a new phone with a micro sim...

good old karsten nohl. I knew right away he was the security researcher that they were talking about right when I saw the headlines the other day. I had the privilege of seeing his talk at blackhat 2010,and he showed how A5/1 can be defeated with some storage space and some gpu power a lot of people already have.

what he does is crack into chips, like sim cards, physically using microscopes and focus ion beam workstation sometimes, then he can read out the chips,all its information, then find holes or bugs in software, then use that to exploit from the outside,without needing to open the chip again. and the scary thing is, a lot of this stuff can be done using inexpensive tools available to the average hobbyist. people don't know,but a lot of these security chips used today are 180nm +, so expensive tools like the FIB or a SEM are mostly not needed to break these chips.

gameboy1977 said,
does it mean I will buy a new sim card since my old sim is a 2 years old like May 2011?

No need to buy one just report it lost/stolen/broken.

So does this only affect GSM networks? In the US, Verizon and Sprint are on CDMA networks, and don't use SIM cards, so are they unaffected?

Also, I wonder if you could use this as a reason to upgrade your phone to a phone that doesn't suffer from this weakness? (Or get out of a 2-year agreement)

greensabath said,
So does this only affect GSM networks? In the US, Verizon and Sprint are on CDMA networks, and don't use SIM cards, so are they unaffected?

Also, I wonder if you could use this as a reason to upgrade your phone to a phone that doesn't suffer from this weakness? (Or get out of a 2-year agreement)


No. I don't doubt you could insist on a new SIM when we know how old the SIMs have to be to be affected but getting out of your contract? Virtually zero.

I'd guess you may have a chance if you had an old SIM and they refused to provide you with a new one but frankly what are the chances of that happening? They happily hand out new ones if yours is lost/stolen/broken so its highly unlikely they'd refuse over this issue.

Correct. Title leaves it unclear, assuming that it people use the same phone and same number for many years to call and text and not to diddle about, but phones aren't the problem, SIM cards themselves are.

Also, there's another SIM vulnerability, something to do with Java Card applet isolation, but no details are being disclosed at this time.

OK, I thought it may have been an issue w/ Phones that use those SIM cards as well. I didn't realize it was just the SIM cards themselves.

May have been mentioned somewhere, but no news site I've looked seem to know it.

I figure it's not really possible to tell - consider how many operators are there in the whole world and who makes SIM cards for them and how they are used. Especially in less developed countries where older tech will be more prevalent and records lost into chaos.

20legend said,
flaws in GSM encryption have been known since at least 1998

Yea, learned about this in college when I was learning about wireless operations for cell phones.

If the white paper isn't out yet it should be stated so in the article.

That's awesome that your school taught that. I had been trying to get my university's CS department to do a special topic course in cellular the whole time I was there.