Karsten Nohl, the security researcher who broke into SIM cards with a single text, has told The Register he is dismayed by the mobile industry’s lukewarm response to his revelations – and has revealed, for the first time, exactly how he did it.
Nohl thought exposing the flaws in SIM security would force the telcos to fix them. Theoretically, the two flaws would have worked in tandem to intercept calls and threaten the security of wireless NFC applications – such as pay-by-wave and other contactless payments.
The German expert now claims that the most serious of the two flaws has been deliberately ignored by an industry that wants to, allegedly, keep the backdoor ajar so that it can silently roll out software updates to handsets… a gaping access route that may not be closed until it’s too late.
Nohl discovered he could infiltrate SIM cards by sending specially formatted SMS messages, and found a flaw that would enable him to break out from the cards’ inbuilt security sandbox. Yet he was astonished to discover that despite publicly announcing patches and giving every impression of caring, the industry had – according to Nohl – actually done nothing to fix the problems.
“We thought our story was one of white-hat hacking preventing criminal activities,” Nohl told El Reg, lamenting that “as there is no crime, so no investigation”. Despite CNN reporting that his own flaw had been used to distribute a fix, Nohl told us that the JavaCard bug was “here to stay” and was so “obvious” that it has to be “a backdoor, gross negligence, or both”.
Safety by numbers
The first exploit, enabling an attacker to install an application in the secure storage area of a SIM card, has been examined in these pages before, but that only represents a threat if the injected software can break out of the JavaCard sandbox. Nohl claimed that was possible, but until now hasn’t explained exactly how.
JavaCard is an operating system, sharing only a name and some syntax with the Java language. JavaCard licensees get a reference implementation from Oracle and then add their own secret source code to differentiate their products, so not all manufacturers’ SIMs had this flaw – but many did.
Java, even the version used by JavaCard, is supposed to be “memory safe” in that there are no pointers with which one can read, or write to, arbitrary locations in memory. Cardlets (as JavaCard apps are known) can only reference data structures they create themselves, and there’s no mechanism for inter-cardlet communications.
What Nohl discovered was that by referencing a variable which referenced a variable which referenced an array he could bypass the bounds check that JavaCard is supposed to perform. Create an array of 10 elements, reference it from a distance and address the eleventh location, and secured memory is yours to explore – and rewrite – as you wish. Exploiting this to malicious ends is left as an exercise for the reader.
Nohl says he warned Gemalto, the world’s largest SIM card manufacturer – which is among those SIM-makers whose cards exhibit the flaw – about the existence of the bug. Gemalto, Nohl alleges, told him that it didn’t matter – only signed applications could be run so their ability to breach the sandbox was irrelevant.
But the researcher points out that in 2010 Gemalto was able to upgrade bank cards in the field after a calendar bug broke millions of German cards. Bank cards are not designed to be upgraded after being issued, and Nohl contends that a similar flaw was exploited then.
The Register put both of Nohl’s allegations to Gemalto, but it had not responded at the time of publication.
It’s the combination of SMS exploit (to gain the application key) and JavaCard flaw (to break out of the sandbox) that makes the situation worrying, along with Nohl’s contention that network operators have become overly reliant on the GSM standard and are losing the skills necessary to secure their systems.
“Smaller networks don’t even know what the SIM cards are configured to do,” he told us. He claimed that in the US, network operator Sprint isn’t authenticating or encrypting SIM updates at all, and that both Vodafone and Telefonica are still issuing SIM cards with the insufficiently secure 56DES cryptography.
We’ve asked Voda and Telefonica about Nohl’s claims, but only had a response from Vodafone UK by the time of publication: the telco said that (in the UK at least) strong encryption has been mandated for “many, many, years”.
This is still quite an obscure attack, requiring a hacker familiar with the memory layout (the soft mask) of the SIM, and one prepared to send the multiple SMS messages necessary to crack the software update key. For the moment the effort probably outweighs the payoff, but that will change as SIMs increasingly host banking and loyalty apps (as well as popular social networking services like Facebook Chat), making them a more attractive hacker target.
As Nohl put it: “Skills are underdeveloped because the crimes are underdeveloped … crime is even more convincing than anything.”
Until there’s a serious crime using this insecurity, the vulnerabilities in our SIM cards will probably remain.
A quarter of mobiles phones using DES encryption rather than the newer triple-DES for their SIM cards are vulnerable to an attack via SMS that results in a complete takeover of the phone.
German security researcher Karsten Nohl, founder of Berlin’s Security Research Labs, who previously busted GPRS encryption and cracked transport smartcard encryption keys with a microscope, has told the New York Times and Forbes about the attack, which he will outline to the August Black Hat conference in Las Vegas.
While Nohl is holding back some details of the attack until his Black Hat convention talk, he says he has developed a technique that allows him to obtain the 56-bit DES encryption key of a SIM by sending a text message that spoofs the phone’s operator. With the key in hand, a second text message will install software on the target device that takes over the phone completely – including eavesdropping and impersonation attacks.
“We can spy on you. We know your encryption keys for calls. We can read your SMSs. More than just spying, we can steal data from the SIM card, your mobile identity, and charge to your account”, Nohl told the NYT.
Forbes’ report suggests Java Card, an Oracle product Big Red says “provides a secure environment for applications that run on smart cards and other devices with very limited memory and processing capabilities”, is the source of the vulnerability.
Of the six billion mobiles currently in service, about half still use DES encryption. In a sample of 1,000 SIMs tested over two years, Nohl said one-quarter were vulnerable – which suggests as many as 750 million vulnerable devices are in the field.
Nohl has disclosed the vulnerability in full to the GSM Association, and the ITU is planning an advisory to all mobile phone operators