As many as 750 million mobile phones could be vulnerable to an encryption flaw on certain types of SIM cards, a German cryptographer and researcher warned over the weekend.
Karsten Nohl, the founder of Security Research Labs in Berlin, unveiled preliminary research on his blog behind the flaw in advance of a presentation he plans to give at the annual Black Hat security conference next week in Las Vegas.
Nohl believes the panel, “Rooting SIM Cards,” will end the “myth” of the unbreakable SIM card.
The flaw basically allows attackers to obtain the SIM card’s digital key –a 56-bit DES OTA key – and tweak the card to their liking. With the key, the attacker could send malware to the SIM card via text message that can let them listen to calls, make purchases and impersonate the phone’s owner.
After an attacker sends an improperly signed over the air (OTA) update command, the SIM card responds with an error code carrying a cryptographic signature. After an attacker puts that error code through a table used to break cryptographic hash functions, they can boil the code down to reveal its DES key “within two minutes on a standard computer.”
Once they have access to the key, attackers are free to send what the device sees as a “properly signed binary SMS,” which compromises the device and allows the attacker to download specialized Java applets to the card.
These applets can “send SMS, change voicemail numbers, and query the phone location, among many other predefined functions,” according to Nohl’s blog entry.
Nohl and his research team tested about 1,000 SIM cards on European and North American networks over the course of two years and found about a quarter of the cards were vulnerable.
While Nohl notes that chips have the option to use the AES or 3DES algorithms, many, many phones still rely on DES encryption, an archaic cipher whose history can be traced back to the early ’70s. About three billion devices – half of the world’s cell phone population, still use DES encryption daily, according to the New York Times.
That needs to change, according to Nohl.
“Cards need to use state-of-art cryptography with sufficiently long keys, should not disclose signed plaintexts to attackers, and must implement secure Java virtual machines,” he recommends.
The researcher told Forbes over the weekend that at least two carriers are currently trying to patch the vulnerability – and that those fixes should be live before it spreads further. Since Nohl’s research is just now beginning to go public, he believes it will likely take hackers about six months to crack it.
Once those fixes are available, they’ll be shared with the GSMA, the British-based association in charge of standards for the mobile device industry worldwide.
The group is familiar with Nohl’s research and has begun to notify any applicable carriers in order to resolve the issue.
“We have been able to consider the implications and provide guidance to those network operators and SIM vendors that may be impacted,” GSMA spokeswoman Claire Cranton said in a statement over the weekend.