SIM Evolution. Klaus Vedder. Presented by: 10 July 2018 ETSI th Sigos Conference

Transcription

1 SIM Evolution Presented by: Klaus Vedder For: 20 th Sigos Conference 10 July 2018 ETSI 2018

2 The Subscriber Identity Module in 1988 "A SIM is the physically secured module which contains the IMSI, an authentication algorithm, the authentication key and other (security related) information and functions. The basic function of the SIM is to authenticate the subscriber identity in order to prevent misuse of the MS (Mobile Station) and the network." From the report of SIMEG#1 in January 1988 GSM System Requirement: provide the same level of security as the fixed network Plug-in SIM with carrier Telemig, Brazil, 2005 The question at the time: Wouldn't it be sufficient to have a functional specification and let every operator specify its own interface (except for the form factor)? ETSI

3 3 The Form Factors in 1988 Option 1: "IC card" The ID-1 card used by Deutsche Telekom in their analogue network Option 2: "Fixed" = Software SIM fully incorporated into the handset Rejected due to security concerns and less flexibility - would require operator specific personalisation of the handset Option 3 (Plug-in SIM): "Removable" a vs 24 pin DIL with 8 pins connected ETSI

4 The SIM card: The key to gain access to your customer Some Early SIMs Used for the first call in June 1991 The contact area well integrated into the design Signature strip Plastic not suitable for embossing and use as a credit card ETSI

5 Security, Technology and Services The SIM: Providing the security Issuer specific authentication algorithm Issuer specific algorithm for cipher key generation Security management specified by issuer Attacks 1998 black box attack against Comp Chosen plaintext-ciphertext attack to calculate the secret authentication key 2013 Black Hat Conference Las Vegas: Faulty SW implementations This talk ends this myth of unbreakable SIM cards and illustrates that the cards - like any other computing system are plagued by implementation and configuration bugs. Karsten Nohl The SIM card: Providing universal plastic roaming The SIM card: Fostering the mass market by Freeing the Mobile of the subscription The SIM: Driving Technology and Applications Leading to new generations of micro-controllers Memory requirements for smart cards were driven solely by GSM High temperature card material to satisfy the new environment The SIM Application Toolkit The world's first global platform for secure Value Added Services ETSI

6 Fire walls between applications From the SIM to the UICC or from mono -application to multi-application 1999/2000 Split of all SIM specifications and responsibility A generic part (UICC) to form the multi-application platform (ETSI) An application specific part, the SIM application (3GPP) The UICC consists of (all) application independent functions and features Separation of lower layers and applications Up to 20 logical channels to run applications in parallel USB, NFC, security, part of UICC specification ID Ticketing Specified by the respective industry sector Specified by ETSI TC SCP USIM SIM Toolkit Public Transport UICC the multi-application smart card platform Electr. Purse ETSI

7 7 Some Thoughts on Standardisation Standardisation can create a mass market GSM vs Telepoint ("Birdie", "Rabbit, ) Standardisation can drive technology Standardisation is a way to achieve interoperability There is, however, more needed than just the specification containing the technical realisation of the requirement specification Standardisation shall not prevent technical, commercial and market progress Backwards compatibility is not always a desired feature Advancing from 2G to 3G and ignoring total backwards compatibility would have provided a huge improvement on the technical side with a high potential for the commercial side in the mid to long term Using a standards body to delay or block a topic may prove counterproductive and lead to a fragmented market Standardisation for the sake of standardisation is a waste of time and money ETSI

8 The What s Machine a Title to? Machine UICC March 2010: ETSI TC SCP approves a new specification for UICCs inm2m (TS Smart Cards, Machine to Machine UICC, Physical and logical characteristics) M2M specific constraints such as data retention, temperature, memory update cycles, vibration resistance, humidity MFF1 (M2M Form Factor 1) socketable 8 pin solution MFF2 : a non-removable, to-be-soldered package (SON8) Plug-in SIM card 15mm x 25 mm SON8 5mm x 6mm SON8 5mm x 6mm Can the use of M2M Form Factors really be restricted to Machine-to-Machine applications? ETSI

9 Some Impacts of a Solderable UICC No more "plastic roaming " Need to change the operator after deployment Ownership of an embedded UICC In some countries the end user will own the "black beetle No point in stealing a mobile device with an embedded UICC Lifetime issues of the chip - as long as the device (?) Lifecycle management - personalisation and distribution Future role of the MNOs and service providers (car manufacturers, energy suppliers, ) ETSI

10 Managing an embedded UICC Today: HW, SW, security data out of one and the same source The SIM manufacturer develops OS including security optimised algorithms The SIM manufacturer generates personalisation data (serial numbers, keys, MNO credentials, ), loads them into the chip in its premises, together with an MNO specific profile, and sends SIMs and data to the MNO Tomorrow: Split system OEMs (device vendors) are provided with chips containing OS and algorithms Subscription Manager (SIM manufacturer) generates personalisation data (serial numbers, keys, MNO credentials. ) and sends these data to MNO and OEM OEM loads data on its premises in a secure way into the UICCs Two questions: How to handle the case that the device is not specifically produced for a specific MNO (in particular in the case of M2M devices) How to change the subscription of a device in the field 10 ETSI

11 Challenges Provisioning of subscriptions over-the-air or over-the-wire after production, outside of factory New ecosystem with dynamic subscription management (changing of subscriptions and profiles in the field) ETSI

12 The Road to embedded UICCs, the Loss of the Fast Interface and Other Form Factors "Today's SIM card is the most expensive piece of real estate on a PCB" (OEM manufacturer in 2012) The ID-1 Card (1FF, 1988) Plug-in Card (2FF, 1989) 3FF (2003) 4FF (2012) MFF2 (2010) ~ 2016 Non-standardised packages - size of the package down to chipscale VCC RST GND SWP The 4th form factor does not provide the space for the USB interface which had taken years to be approved Courtesy Giesecke & Devrient CLK USB I/O USB SWP (Single Wire Protocol) is the standardised interface for NFC-applications ETSI

13 Secure Elements: From Separate to Integrated The traditional SIM needs to be re-considered in the context of new mobile communication challenges, including machine to machine communications.* euicc** The UICC becomes an integrated, though dedicated piece of hardware of the device (e.g.,mff2) Provides the possibility of dematerialising the issuance of the SIM SSP (Smart Secure Platform) First informal discussions at SCP#71 in Cupertino in October 2015 Idea: Get rid of the UICC transport protocol (T=0), APDUs,.. Create a new high level interface application - independent of lower levels * Prof. Mike Walker when presenting the work of Deutsche Telekom, G&D, Telefónica O2 UK and Vodafone on the management of embedded UICCs at the ETSI Security Conference in January 2011 ** An embedded UICC or euicc is a "UICC which is not easily accessible or replaceable, is not intended to be removed or replaced in the terminal, and enables the secure changing of subscriptions" (ETSI TS ) ETSI

14 The Smart Secure Platform Objective: better integration of the UICC into the specific use case while retaining its characteristics Layout of the SSP protocol stack SSP is designed to be a modular platform offering a core set of features as well as a number of options that need to be selected at the time of implementation based on the intended application (e.g., a system of sensors in an IoT application will most likely not require full fledged UICCs in every sensor). An open platform for multiple applications Clear separation of layers Choice of protocols (SPI, I2C, ) Faster and flexible Choice of hardware New filesystem Support of existing features Contactless, Toolkit, Figure taken from ETSI TS v ETSI

15 The New SSP Specifications The SSP classes issp: the UICC (and thus the SIM) becomes an integrated part of the chipset (SoC) essp: SSP version of the euicc; rssp: SSP version of the (removable) UICC Priority on integrated SSP; essp and rssp to follow Requirements split into generic requirements for all classes and class specific requirements (currently only for issp) TS Smart Secure Platform; Requirements Status: under change control The technical realisations TS Smart Secure Platform; General characteristics TS Smart Secure Platform; Integrated SSP (issp) characteristics Status: both are approaching completion ETSI

16 The issp Concept Integration of the functionality of the UICC into a System on Chip (SoC) solution. The issp is an independent secure processor within the SoC Advantage lies in the reduction of the number of chips, deeper integration and thus reduced amount of space Several bundles may co-exist in the SoC; one being executed within the Tamper Resistant Element (TRE) and the rest stored securely outside the TRE, ready to be swapped in and executed as required Bundle 1 Telecoms Bundle 2 Payment Bundle 3 Identity Bundle 4 DRM Bundle 5 IoT Primary Platform Interface Primary Platform * (underlying HW, low level OS, ) Technology & use ase independent *For details and a diagram depicting an SoC solution see GlobalPlatform Technology VPP Concepts and Interfaces Version 1.0 (March 2018) ETSI

17 Multiple Industry Sector SSP Device Payment Bundle Management Entity* Connections forbidden? Under discussion 3GPP Functions Connects to the enabled and active Telecom Bundle(s)** Telecom Bundle Management Entity* ** (s) or no (s), that s the question SSP Bundle 1 Bundle 2 Family Identifier: Family Identifier: Payment Payment Bundle 3 Family Identifier: XYC Bundle 4 Bundle 5 Bundle 6 Family Identifier: Family Identifier: Family Identifier: Telecom Bundle Telecom Bundle Telecom Bundle *Not yet specified; rules up to the specific industry sector Primary Platform Interface Primary Platform ETSI

18 Conclusion The standardised SIM packages will (largely) disappear and x SoC a new logical interface will replace today s rather old interface for use by all industry sectors. ETSI

19 Where is this Trip Really Leading Us? The meeting which started the concept of the UICC at the total eclipse of the sun in 1999 ETSI

20 Thank You nearly Dr. Klaus Vedder Chairman ETSI TC SCP Zeata Security Ltd. ETSI TC Smart Card Platform Home of the UICC The most widely deployed Secure Element in the world Next ETSI TC SCP Plenary Meeting Paris, France September 2018 see: ETSI

21 ETSI TC SCP Home of the UICC the most widely deployed Secure Element with more than 5 billion pieces going into the market every year 30 years of dedication and real-life experience Scope Creation of a series of specifications for a Secure Element platform on which bodies from inside and outside the telecom-world can base their system specific applications to achieve compatibility between all applications resident on the Secure Element Development and maintenance of interface, procedures and protocol specifications between the Secure Element and entities (remote or local) used in the management of that Secure Element. This includes interfaces, procedures and protocol specifications used between such entities for the secure provisioning and operation of services making use of that Secure Element Output Over fifty specifications and reports on Secure Elements encompassing for every topic the whole range from requirements via the technical solution to the related test specification; topics range from administrative commands to APIs, browsers, Internet connectivity, Machine-to-Machine, new interfaces for high speed and NFC as well as remote management All specifications can be downloaded free of charge from the ETSI website The specifications are application agnostic. ETSI